Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Search Conduit Virus

(In Progress)
(!)

Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 04:36 PM #1
Search Conduit Virus
Hello Guys, I need help quick! Somehow I have gotten the Search Conduit Virus. Everything I have read says that this is a High Risk!! Can someone please tell me how to safely remove this for free. Thank you very much for your time.
Mark1956's Avatar
Malware Removal Specialist with 14,109 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
28-Apr-2013, 05:45 PM #2
Hi Rena, please follow these instructions and post all the logs.

Please go Here and follow the instructions to run DDS, then Copy and Paste both the logs into your next reply. You need not run HJT or GMER.

Please run these two scans and post the logs:

SCAN 1
Click on this link to download : ADWCleaner and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and click on this icon on your desktop:

You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post. If the log does not appear you should find it on your C: drive using Windows Explorer as ADWCleaner[S1].





SCAN 2
Download RogueKiller (by tigzy) and save direct to your Desktop.
On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.
  • Quit all running programs.
  • Start RogueKiller.exe by double clicking on the icon.
  • Wait until Prescan has finished.
  • Ensure all boxes are ticked under "Report" tab.
  • Click on Scan.
  • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
  • NOTE: DO NOT attempt to remove anything that the scan detects.

__________________
Please Copy & Paste scan results into your replies, DO NOT send them as attachments or in Code or Quote boxes unless asked to.
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 06:00 PM #3
DDS (Ver_2012-11-20.01) - FAT32_x86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by Sarena Hurt at 17:58:12 on 2013-04-28
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1322 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN14786457461970311&UM=2&ctid=CT3298 570
uURLSearchHooks: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V34 Toolbar: {55B95864-3251-45E9-BB30-1A82589AAFF1} - c:\program files\mixidj_v34\prxtbMixi.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
mRun: [preload] c:\windows\RUNXMLPL.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LaunchAp] "c:\program files\launch manager\LaunchAp.exe"
mRun: [PowerKey] "c:\program files\launch manager\PowerKey.exe"
mRun: [LManager] "c:\program files\launch manager\HotkeyApp.exe"
mRun: [CtrlVol] "c:\program files\launch manager\CtrlVol.exe"
mRun: [LMgrOSD] "c:\program files\launch manager\OSDCtrl.exe"
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [EPM-DM] c:\acer\empowering technology\epower\epm-dm.exe
mRun: [Acer ePower Management] c:\acer\empowering technology\epower\Acer ePower Management.exe boot
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
mRun: [ADMTray.exe] "c:\acer\empowering technology\admtray.exe"
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Sample Toolband Serach - c:\windows\system32\ToolBand.dll/MENUSEARCH.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363637986812
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363638390578
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 66.82.4.8
TCP: Interfaces\{9EFD5CEC-3694-4642-B57D-2C4734E89E5B} : DHCPNameServer = 66.82.4.8
Notify: igfxcui - igfxdev.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
S1 mailKmd;mailKmd; [x]
S2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 POWERKEY;POWERKEY;c:\program files\launch manager\POWERKEY.SYS [2013-3-17 2343]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\rtl81 92su.sys --> c:\windows\system32\drivers\RTL8192su.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-04-28 20:27:20 -------- d-sh--w- C:\FOUND.001
2013-04-28 16:03:29 -------- d-----w- c:\program files\DomaIQ Uninstaller
2013-04-28 16:02:35 -------- d-----w- c:\program files\Tuguu SL
2013-04-28 16:02:35 -------- d-----w- c:\documents and settings\sarena hurt\application data\player
2013-04-28 15:35:28 -------- d-----w- c:\program files\Conduit
2013-04-28 15:35:25 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\MixiDJ_V34
2013-04-28 15:35:21 -------- d-----w- c:\program files\MixiDJ_V34
2013-04-28 15:35:15 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Temp
2013-04-28 15:32:07 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Conduit
2013-04-28 15:30:04 -------- d-----w- c:\documents and settings\sarena hurt\application data\Optimizer Pro
2013-04-28 15:30:03 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\CRE
2013-04-28 15:29:32 -------- d-----w- c:\program files\Optimizer Pro
2013-04-28 15:09:53 6906960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{044caf5d-8053-413c-8cc5-b0e3fccc71d4}\mpengine.dll
2013-04-24 16:06:50 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-20 14:31:56 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Google
2013-04-09 21:32:21 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-04-09 21:32:17 -------- d-----w- c:\program files\W3i
2013-04-09 21:32:17 -------- d-----w- c:\documents and settings\all users\application data\W3i
2013-04-09 21:28:33 -------- d-----w- c:\documents and settings\all users\application data\APN
2013-04-04 16:34:16 -------- d-sh--w- C:\FOUND.000
2013-03-30 15:30:44 -------- d-----w- c:\documents and settings\sarena hurt\application data\ElevatedDiagnostics
2013-03-30 14:52:12 -------- d-----w- c:\windows\system32\XPSViewer
2013-03-30 14:51:38 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-03-30 14:51:23 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-03-30 14:51:23 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-03-30 14:51:23 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-03-30 14:51:23 117760 ------w- c:\windows\system32\prntvpt.dll
2013-03-30 14:51:22 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-03-30 14:51:22 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-03-30 14:51:22 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-03-30 14:51:22 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2013-03-30 09:48:44 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Sun
2013-03-30 08:06:25 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-03-30 08:02:12 -------- d-----w- c:\windows\ie8updates
2013-03-30 02:50:33 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2013-03-30 02:50:33 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-03-30 02:50:31 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2013-03-30 02:50:31 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2013-03-30 02:50:29 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2013-03-30 02:50:29 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2013-03-30 02:50:29 2004992 ------w- c:\windows\system32\dllcache\iertutil.dll
2013-03-30 02:50:25 11111424 ------w- c:\windows\system32\dllcache\ieframe.dll
2013-03-30 02:29:04 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2013-03-30 02:29:04 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2013-03-30 02:29:03 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2013-03-30 02:29:03 110592 ------w- c:\windows\system32\dllcache\services.exe
2013-03-30 02:29:02 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2013-03-30 02:29:02 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2013-03-30 02:29:01 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2013-03-30 02:00:52 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2013-03-30 01:58:03 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2013-03-30 01:46:37 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2013-03-30 01:44:59 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2013-03-30 01:41:10 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2013-03-30 01:33:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2013-03-30 01:30:52 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2013-03-30 01:30:01 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2013-03-30 01:30:01 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2013-03-30 01:29:18 290560 ------w- c:\windows\system32\dllcache\atmfd.dll
2013-03-30 01:24:35 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2013-03-30 01:12:52 105472 ------w- c:\windows\system32\dllcache\mup.sys
2013-03-30 01:10:59 2193408 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-03-30 01:10:59 2149888 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-03-30 01:10:58 2070016 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-03-30 01:10:58 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-03-30 01:06:49 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2013-03-30 01:06:04 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-30 01:06:04 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2013-03-30 01:04:14 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2013-03-30 00:39:33 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2013-03-30 00:35:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2013-03-30 00:33:28 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2013-03-30 00:11:00 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
2013-03-30 00:07:52 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2013-03-30 00:06:19 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2013-03-30 00:05:49 3072 ------w- c:\windows\system32\iacenc.dll
2013-03-30 00:05:49 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2013-03-30 00:04:16 45568 ------w- c:\windows\system32\dllcache\wab.exe
2013-03-30 00:03:43 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2013-03-30 00:03:43 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2013-03-29 23:42:02 275696 ----a-w- c:\windows\system32\mucltui.dll
2013-03-29 23:42:02 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
.
==================== Find3M ====================
.
2013-04-20 14:31:48 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-20 14:31:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-11 14:22:56 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-04-11 14:22:56 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-04-02 10:33:22 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-29 18:45:46 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-29 18:45:46 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06:32 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08:48 385024 ----a-w- c:\windows\system32\html.iec
2013-02-27 07:56:52 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-11 23:32:24 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-11 23:32:24 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
.
============= FINISH: 17:58:51.39 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/17/2013 6:47:39 PM
System Uptime: 4/28/2013 3:32:28 PM (2 hours ago)
.
Motherboard: Acer | | Garda-910
Processor: Intel(R) Celeron(R) M processor 1.50GHz | U1 | 1496/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (FAT32) - 16 GiB total, 4.165 GiB free.
D: is FIXED (FAT32) - 18 GiB total, 17.326 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros AR5005G Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_04181468&REV_01\4&AD1B67F&0&28F0
Manufacturer: Atheros
Name: Atheros AR5005G Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_04181468&REV_01\4&AD1B67F&0&28F0
Service: AR5211
.
==== System Restore Points ===================
.
RP36: 3/31/2013 7:50:31 PM - System Checkpoint
RP37: 4/1/2013 10:48:26 AM - Software Distribution Service 3.0
RP38: 4/2/2013 11:13:05 AM - Software Distribution Service 3.0
RP39: 4/3/2013 11:32:23 AM - System Checkpoint
RP40: 4/4/2013 1:18:16 PM - Software Distribution Service 3.0
RP41: 4/5/2013 1:27:32 PM - System Checkpoint
RP42: 4/6/2013 12:00:50 PM - Software Distribution Service 3.0
RP43: 4/7/2013 6:33:51 PM - Software Distribution Service 3.0
RP44: 4/9/2013 7:39:09 AM - Software Distribution Service 3.0
RP45: 4/10/2013 12:07:10 PM - Software Distribution Service 3.0
RP46: 4/10/2013 2:55:33 PM - Software Distribution Service 3.0
RP47: 4/11/2013 7:53:02 PM - System Checkpoint
RP48: 4/11/2013 8:01:02 PM - Software Distribution Service 3.0
RP49: 4/13/2013 11:11:52 AM - Software Distribution Service 3.0
RP50: 4/14/2013 11:59:11 AM - System Checkpoint
RP51: 4/15/2013 9:52:12 AM - Software Distribution Service 3.0
RP52: 4/16/2013 10:04:56 AM - Software Distribution Service 3.0
RP53: 4/17/2013 10:09:46 AM - System Checkpoint
RP54: 4/18/2013 1:20:07 PM - Software Distribution Service 3.0
RP55: 4/20/2013 9:35:30 AM - Software Distribution Service 3.0
RP56: 4/21/2013 10:16:10 AM - System Checkpoint
RP57: 4/22/2013 9:53:12 AM - Software Distribution Service 3.0
RP58: 4/23/2013 10:24:46 AM - Software Distribution Service 3.0
RP59: 4/24/2013 11:05:57 AM - Installed Java 7 Update 21
RP60: 4/24/2013 11:09:03 AM - Software Distribution Service 3.0
RP61: 4/24/2013 3:23:26 PM - Software Distribution Service 3.0
RP62: 4/25/2013 7:13:47 PM - Software Distribution Service 3.0
RP63: 4/26/2013 8:47:46 PM - Software Distribution Service 3.0
RP64: 4/28/2013 10:09:49 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Acer eDataSecurity Management
Acer eDataSecurity Management 1.00.21
Acer eLock Management
Acer Empowering Technology framework
Acer ePerformance Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer GridVista
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.02)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
ImgBurn
Intel(R) Graphics Media Accelerator Driver for Mobile
Java 7 Update 21
Java Auto Updater
Launch Manager V1.0.9.3
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Download Manager
Microsoft Security Client
Microsoft Security Essentials
Microsoft Visual C++ 2005 Redistributable
MixiDJ V34 Toolbar
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NTI Backup NOW! 4
NTI CD & DVD-Maker
OLYMPUS Master 2
Optimizer Pro v3.0
PowerDVD
QuickTime
Realtek AC'97 Audio
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Soft Data Fax Modem with SmartCP
SoftV90 Data Fax Modem with SmartCP
Synaptics Pointing Device Driver
Uninstall Helper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973815)
VAFPlayer
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows PowerShell(TM) 1.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
4/28/2013 3:51:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/28/2013 12:07:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm MpFilter
4/28/2013 12:06:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 06:13 PM #4
# AdwCleaner v2.300 - Logfile created 04/28/2013 at 18:03:44
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Sarena Hurt - ACER-684C9A655D
# Boot Mode : Safe mode with networking
# Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Deleted on reboot : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\Documents and Settings\Sarena Hurt\Application Data\Optimizer Pro
Folder Deleted : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\MixiDJ_V34
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\MixiDJ_V34
Folder Deleted : C:\Program Files\Optimizer Pro

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{55B95864-3251-45E9-BB30-1A82589AAFF1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55B95864-3251-45E9-BB30-1A82589AAFF1}
Key Deleted : HKCU\Software\MixiDJ_V34
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{12C9B011-2C73-45B7-9BAA-443D31B5502E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{55B95864-3251-45E9-BB30-1A82589AAFF1}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD453B9-A29C-4168-B592-82309403AD50}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51B66E93-3079-4CA1-ACE2-56A769E3CEED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MixiDJ_V34 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55B95864-3251-45E9-BB30-1A82589AAFF1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{12C9B011-2C73-45B7-9BAA-443D31B5502E}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MixiDJ_V34 Toolbar
Key Deleted : HKLM\Software\MixiDJ_V34
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{55B95864-3251-45E9-BB30-1A82589AAFF1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{55B95864-3251-45E9-BB30-1A82589AAFF1}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{55B95864-3251-45E9-BB30-1A82589AAFF1}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&CUI=UN14786457461970311&UM=2&ctid=CT3298 570 --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.35] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.38] : keyword = "search.conduit.com",
Deleted [l.42] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11[...]
Deleted [l.43] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]
Deleted [l.2126] : homepage = "hxxp://search.conduit.com/?ctid=CT3298570&SearchSource=48&CUI=UN11694982671956828&UM[...]
Deleted [l.2706] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3298570&SearchSource=48&CUI[...]

*************************

AdwCleaner[S2].txt - [4741 octets] - [28/04/2013 18:03:44]

########## EOF - C:\AdwCleaner[S2].txt - [4801 octets] ##########
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 06:24 PM #5
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Safe mode with network support
User : Sarena Hurt [Admin rights]
Mode : Scan -- Date : 04/28/2013 18:21:40
| ARK || FAK || MBR |

Bad processes : 0

Registry Entries : 4
[RUN][SUSP PATH] HKLM\[...]\Run : preload (C:\WINDOWS\RUNXMLPL.EXE) [-] -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\ACER.SCR) [-] -> FOUND

Particular Files / Folders:
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> FOUND
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> FOUND
[Faked.Drv][FILE] parport.sys : C:\WINDOWS\system32\drivers\parport.sys [-] --> FOUND
[Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] --> FOUND
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> FOUND
[Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys [-] --> FOUND
[Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys [-] --> FOUND
[Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys [-] --> FOUND
[Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys [-] --> FOUND
[Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] --> FOUND
[Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] --> FOUND
[Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys [-] --> FOUND
[Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys [-] --> FOUND
[Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] --> FOUND
[Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys [-] --> FOUND
[Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys [-] --> FOUND
[Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys [-] --> FOUND
[Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys [-] --> FOUND
[Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys [-] --> FOUND
[Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys [-] --> FOUND
[Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys [-] --> FOUND
[Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] --> FOUND
[Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys [-] --> FOUND
[Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] --> FOUND
[Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys [-] --> FOUND
[Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys [-] --> FOUND
[Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys [-] --> FOUND
[Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys [-] --> FOUND
[Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> FOUND
[Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys [-] --> FOUND
[Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys [-] --> FOUND
[Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys [-] --> FOUND
[Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys [-] --> FOUND
[Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys [-] --> FOUND
[Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys [-] --> FOUND
[Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys [-] --> FOUND
[Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys [-] --> FOUND
[Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys [-] --> FOUND
[Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] --> FOUND
[Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys [-] --> FOUND
[Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys [-] --> FOUND
[Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] --> FOUND
[Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] --> FOUND
[Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys [-] --> FOUND
[Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys [-] --> FOUND
[Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] --> FOUND
[Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] --> FOUND
[Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys [-] --> FOUND
[Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] --> FOUND
[Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys [-] --> FOUND
[Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] --> FOUND
[Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> FOUND
[Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys [-] --> FOUND
[Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys [-] --> FOUND
[Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] --> FOUND
[Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] --> FOUND
[Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys [-] --> FOUND
[Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys [-] --> FOUND
[Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys [-] --> FOUND
[Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] --> FOUND
[Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys [-] --> FOUND
[Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] --> FOUND
[Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys [-] --> FOUND
[Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys [-] --> FOUND
[Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys [-] --> FOUND
[Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys [-] --> FOUND
[Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys [-] --> FOUND
[Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> FOUND
[Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] --> FOUND
[Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys [-] --> FOUND
[Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys [-] --> FOUND
[Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys [-] --> FOUND
[Faked.Drv][FILE] pcmcia.sys : C:\WINDOWS\system32\drivers\pcmcia.sys [-] --> FOUND
[Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys [-] --> FOUND
[Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] --> FOUND
[Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys [-] --> FOUND
[Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] --> FOUND
[Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] --> FOUND
[Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys [-] --> FOUND
[Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] --> FOUND
[Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys [-] --> FOUND
[Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys [-] --> FOUND
[Faked.Drv][FILE] ntfs.sys : C:\WINDOWS\system32\drivers\ntfs.sys [-] --> FOUND
[Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys [-] --> FOUND
[Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] --> FOUND
[Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys [-] --> FOUND
[Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] --> FOUND
[Faked.Drv][FILE] nscirda.sys : C:\WINDOWS\system32\drivers\nscirda.sys [-] --> FOUND
[Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys [-] --> FOUND
[Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] --> FOUND
[Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] --> FOUND
[Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] --> FOUND
[Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys [-] --> FOUND
[Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] --> FOUND
[Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys [-] --> FOUND
[Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] --> FOUND
[Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys [-] --> FOUND
[Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys [-] --> FOUND
[Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys [-] --> FOUND
[Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys [-] --> FOUND
[Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys [-] --> FOUND
[Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] --> FOUND
[Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys [-] --> FOUND
[Faked.Drv][FILE] intelide.sys : C:\WINDOWS\system32\drivers\intelide.sys [-] --> FOUND
[Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys [-] --> FOUND
[Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys [-] --> FOUND
[Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] --> FOUND
[Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys [-] --> FOUND
[Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys [-] --> FOUND
[Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] --> FOUND
[Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] --> FOUND
[Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys [-] --> FOUND
[Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> FOUND
[Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys [-] --> FOUND
[Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys [-] --> FOUND
[Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys [-] --> FOUND
[Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys [-] --> FOUND
[Faked.Drv][FILE] irda.sys : C:\WINDOWS\system32\drivers\irda.sys [-] --> FOUND
[Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys [-] --> FOUND
[Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] --> FOUND
[Faked.Drv][FILE] i2omp.sys : C:\WINDOWS\system32\drivers\i2omp.sys [-] --> FOUND
[Faked.Drv][FILE] i2omgmt.sys : C:\WINDOWS\system32\drivers\i2omgmt.sys [-] --> FOUND
[Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys [-] --> FOUND
[Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys [-] --> FOUND
[Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys [-] --> FOUND
[Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys [-] --> FOUND
[Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys [-] --> FOUND
[Faked.Drv][FILE] toside.sys : C:\WINDOWS\system32\drivers\toside.sys [-] --> FOUND
[Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys [-] --> FOUND
[Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] --> FOUND
[Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys [-] --> FOUND
[Faked.Drv][FILE] sparrow.sys : C:\WINDOWS\system32\drivers\sparrow.sys [-] --> FOUND
[Faked.Drv][FILE] adpu160m.sys : C:\WINDOWS\system32\drivers\adpu160m.sys [-] --> FOUND
[Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] --> FOUND
[Faked.Drv][FILE] perc2hib.sys : C:\WINDOWS\system32\drivers\perc2hib.sys [-] --> FOUND
[Faked.Drv][FILE] aic78xx.sys : C:\WINDOWS\system32\drivers\aic78xx.sys [-] --> FOUND
[Faked.Drv][FILE] aha154x.sys : C:\WINDOWS\system32\drivers\aha154x.sys [-] --> FOUND
[Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys [-] --> FOUND
[Faked.Drv][FILE] dpti2o.sys : C:\WINDOWS\system32\drivers\dpti2o.sys [-] --> FOUND
[Faked.Drv][FILE] aic78u2.sys : C:\WINDOWS\system32\drivers\aic78u2.sys [-] --> FOUND
[Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys [-] --> FOUND
[Faked.Drv][FILE] cpqarray.sys : C:\WINDOWS\system32\drivers\cpqarray.sys [-] --> FOUND
[Faked.Drv][FILE] symc810.sys : C:\WINDOWS\system32\drivers\symc810.sys [-] --> FOUND
[Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys [-] --> FOUND
[Faked.Drv][FILE] cd20xrnt.sys : C:\WINDOWS\system32\drivers\cd20xrnt.sys [-] --> FOUND
[Faked.Drv][FILE] hpn.sys : C:\WINDOWS\system32\drivers\hpn.sys [-] --> FOUND
[Faked.Drv][FILE] perc2.sys : C:\WINDOWS\system32\drivers\perc2.sys [-] --> FOUND
[Faked.Drv][FILE] sym_hi.sys : C:\WINDOWS\system32\drivers\sym_hi.sys [-] --> FOUND
[Faked.Drv][FILE] fetnd5.sys : C:\WINDOWS\system32\drivers\fetnd5.sys [-] --> FOUND
[Faked.Drv][FILE] symc8xx.sys : C:\WINDOWS\system32\drivers\symc8xx.sys [-] --> FOUND
[Faked.Drv][FILE] sym_u3.sys : C:\WINDOWS\system32\drivers\sym_u3.sys [-] --> FOUND
[Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys [-] --> FOUND
[Faked.Drv][FILE] ql10wnt.sys : C:\WINDOWS\system32\drivers\ql10wnt.sys [-] --> FOUND
[Faked.Drv][FILE] ql1080.sys : C:\WINDOWS\system32\drivers\ql1080.sys [-] --> FOUND
[Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] --> FOUND
[Faked.Drv][FILE] ql1240.sys : C:\WINDOWS\system32\drivers\ql1240.sys [-] --> FOUND
[Faked.Drv][FILE] ql12160.sys : C:\WINDOWS\system32\drivers\ql12160.sys [-] --> FOUND
[Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys [-] --> FOUND
[Faked.Drv][FILE] ql1280.sys : C:\WINDOWS\system32\drivers\ql1280.sys [-] --> FOUND
[Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] --> FOUND
[Faked.Drv][FILE] rasirda.sys : C:\WINDOWS\system32\drivers\rasirda.sys [-] --> FOUND
[Faked.Drv][FILE] mraid35x.sys : C:\WINDOWS\system32\drivers\mraid35x.sys [-] --> FOUND
[Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys [-] --> FOUND
[Faked.Drv][FILE] dac2w2k.sys : C:\WINDOWS\system32\drivers\dac2w2k.sys [-] --> FOUND
[Faked.Drv][FILE] dac960nt.sys : C:\WINDOWS\system32\drivers\dac960nt.sys [-] --> FOUND
[Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys [-] --> FOUND
[Faked.Drv][FILE] asc3550.sys : C:\WINDOWS\system32\drivers\asc3550.sys [-] --> FOUND
[Faked.Drv][FILE] asc.sys : C:\WINDOWS\system32\drivers\asc.sys [-] --> FOUND
[Faked.Drv][FILE] asc3350p.sys : C:\WINDOWS\system32\drivers\asc3350p.sys [-] --> FOUND
[Faked.Drv][FILE] ABP480N5.SYS : C:\WINDOWS\system32\drivers\ABP480N5.SYS [-] --> FOUND
[Faked.Drv][FILE] amsint.sys : C:\WINDOWS\system32\drivers\amsint.sys [-] --> FOUND
[Faked.Drv][FILE] ini910u.sys : C:\WINDOWS\system32\drivers\ini910u.sys [-] --> FOUND
[Faked.Drv][FILE] aliide.sys : C:\WINDOWS\system32\drivers\aliide.sys [-] --> FOUND
[Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys [-] --> FOUND
[Faked.Drv][FILE] ultra.sys : C:\WINDOWS\system32\drivers\ultra.sys [-] --> FOUND
[Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys [-] --> FOUND
[Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys [-] --> FOUND
[Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys [-] --> FOUND
[Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys [-] --> FOUND
[Faked.Drv][FILE] cmdide.sys : C:\WINDOWS\system32\drivers\cmdide.sys [-] --> FOUND
[Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] --> FOUND
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> FOUND
[Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys [-] --> FOUND
[Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys [-] --> FOUND
[Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys [-] --> FOUND
[Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys [-] --> FOUND
[Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys [-] --> FOUND
[Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys [-] --> FOUND
[Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys [-] --> FOUND
[Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys [-] --> FOUND
[Faked.Drv][FILE] Rtlnicxp.sys : C:\WINDOWS\system32\drivers\Rtlnicxp.sys [-] --> FOUND
[Faked.Drv][FILE] BCMWL5.SYS : C:\WINDOWS\system32\drivers\BCMWL5.SYS [-] --> FOUND
[Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys [-] --> FOUND
[Faked.Drv][FILE] hdaudbus.sys : C:\WINDOWS\system32\drivers\hdaudbus.sys [-] --> FOUND
[Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys [-] --> FOUND
[Faked.Drv][FILE] fltMgr.sys : C:\WINDOWS\system32\drivers\fltMgr.sys [-] --> FOUND
[Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys [-] --> FOUND
[Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys [-] --> FOUND
[Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] --> FOUND
[Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys [-] --> FOUND
[Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> FOUND
[Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys [-] --> FOUND
[Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] --> FOUND
[Faked.Drv][FILE] HSF_DP.sys : C:\WINDOWS\system32\drivers\HSF_DP.sys [-] --> FOUND
[Faked.Drv][FILE] pfc.sys : C:\WINDOWS\system32\drivers\pfc.sys [-] --> FOUND
[Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys [-] --> FOUND
[Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] --> FOUND
[Faked.Drv][FILE] ialmnt5.sys : C:\WINDOWS\system32\drivers\ialmnt5.sys [-] --> FOUND
[Faked.Drv][FILE] SynTP.sys : C:\WINDOWS\system32\drivers\SynTP.sys [-] --> FOUND
[Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys [-] --> FOUND
[Faked.Drv][FILE] ALCXWDM.SYS : C:\WINDOWS\system32\drivers\ALCXWDM.SYS [-] --> FOUND
[Faked.Drv][FILE] UBHelper.sys : C:\WINDOWS\system32\drivers\UBHelper.sys [-] --> FOUND
[Faked.Drv][FILE] NTIDrvr.sys : C:\WINDOWS\system32\drivers\NTIDrvr.sys [-] --> FOUND
[Faked.Drv][FILE] ar5211.sys : C:\WINDOWS\system32\drivers\ar5211.sys [-] --> FOUND
[Faked.Drv][FILE] HOTKEY.sys : C:\WINDOWS\system32\drivers\HOTKEY.sys [-] --> FOUND
[Faked.Drv][FILE] HSF_CNXT.sys : C:\WINDOWS\system32\drivers\HSF_CNXT.sys [-] --> FOUND
[Faked.Drv][FILE] HSFHWICH.sys : C:\WINDOWS\system32\drivers\HSFHWICH.sys [-] --> FOUND
[Faked.Drv][FILE] HSF_DPV.sys : C:\WINDOWS\system32\drivers\HSF_DPV.sys [-] --> FOUND
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> FOUND
[Faked.Drv][FILE] epm-psd.sys : C:\WINDOWS\system32\drivers\epm-psd.sys [-] --> FOUND
[Faked.Drv][FILE] epm-shd.sys : C:\WINDOWS\system32\drivers\epm-shd.sys [-] --> FOUND
[Faked.Drv][FILE] osaio.sys : C:\WINDOWS\system32\drivers\osaio.sys [-] --> FOUND
[Faked.Drv][FILE] osanbm.sys : C:\WINDOWS\system32\drivers\osanbm.sys [-] --> FOUND
[Faked.Drv][FILE] OsaFsLoc.sys : C:\WINDOWS\system32\drivers\OsaFsLoc.sys [-] --> FOUND
[Faked.Drv][FILE] NdisFilt.sys : C:\WINDOWS\system32\drivers\NdisFilt.sys [-] --> FOUND
[Faked.Drv][FILE] NETMNT.sys : C:\WINDOWS\system32\drivers\NETMNT.sys [-] --> FOUND
[Faked.Drv][FILE] MpFilter.sys : C:\WINDOWS\system32\drivers\MpFilter.sys [-] --> FOUND
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> FOUND
[Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys [-] --> FOUND
[Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys [-] --> FOUND
[Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys [-] --> FOUND
[Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys [-] --> FOUND
[Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys [-] --> FOUND
[Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys [-] --> FOUND
[Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys [-] --> FOUND
[Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys [-] --> FOUND
[Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys [-] --> FOUND
[Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys [-] --> FOUND
[Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys [-] --> FOUND
[Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> FOUND
[Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys [-] --> FOUND
[Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys [-] --> FOUND
[Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys [-] --> FOUND
[Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys [-] --> FOUND
[Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys [-] --> FOUND
[Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys [-] --> FOUND
[Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys [-] --> FOUND
[Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys [-] --> FOUND
[Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys [-] --> FOUND
[Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys [-] --> FOUND
[Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys [-] --> FOUND
[Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys [-] --> FOUND
[Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys [-] --> FOUND
[Faked.Drv][FILE] wmiacpi.sys : C:\WINDOWS\system32\drivers\wmiacpi.sys [-] --> FOUND
[Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys [-] --> FOUND
[Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys [-] --> FOUND
[Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys [-] --> FOUND
[Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys [-] --> FOUND
[Faked.Drv][FILE] viaide.sys : C:\WINDOWS\system32\drivers\viaide.sys [-] --> FOUND
[Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] --> FOUND
[Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys [-] --> FOUND
[Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys [-] --> FOUND
[Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys [-] --> FOUND
[Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys [-] --> FOUND
[Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys [-] --> FOUND
[Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys [-] --> FOUND
[Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys [-] --> FOUND
[Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] --> FOUND
[Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys [-] --> FOUND
[Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] --> FOUND
[Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys [-] --> FOUND
[Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] --> FOUND
[Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] --> FOUND
[Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys [-] --> FOUND
[Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys [-] --> FOUND
[Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys [-] --> FOUND
[Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys [-] --> FOUND
[Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> FOUND
[Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys [-] --> FOUND
[Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys [-] --> FOUND
[Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys [-] --> FOUND
[Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys [-] --> FOUND
[Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys [-] --> FOUND
[Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys [-] --> FOUND
[Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys [-] --> FOUND
[Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys [-] --> FOUND

Driver : [NOT LOADED]

HOSTS File:
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: SAMSUNG MP0402H +++++
--- User ---
[MBR] e4e2811d5bb93111c3ab227b8f3278d4
[BSP] afd663b62beb710eabd66cab9e298a9d : Acer MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 3200 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 6554520 | Size: 16872 Mo
2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 41110335 | Size: 18128 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04282013_02d1821.txt >>
RKreport[1]_S_04282013_02d1821.txt
Mark1956's Avatar
Malware Removal Specialist with 14,109 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
28-Apr-2013, 07:12 PM #6
Please tell me how things are running now and do another scan with ADWCleaner, using the Delete button just as before, and post the new log.
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 07:40 PM #7
Everything looks normal again, but it is running really slow. Going to do the Adware again.
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 07:49 PM #8
Running a little faster now. Here is the log.

# AdwCleaner v2.300 - Logfile created 04/28/2013 at 19:43:17
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Sarena Hurt - ACER-684C9A655D
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.26] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.29] : keyword = "search.conduit.com",
Deleted [l.33] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11[...]
Deleted [l.34] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]

*************************

AdwCleaner[S2].txt - [4870 octets] - [28/04/2013 18:03:44]
AdwCleaner[S3].txt - [1138 octets] - [28/04/2013 19:43:17]

########## EOF - C:\AdwCleaner[S3].txt - [1198 octets] ##########
Mark1956's Avatar
Malware Removal Specialist with 14,109 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
28-Apr-2013, 08:04 PM #9
Ok, that is looking good but there are some items in Google we need to get rid of, a re-install of it will be the best way. We shall see how the system is running after this and take further steps if it is still slow.

Make sure you follow all the steps in this procedure or it may remain infected with the Adware. When you have completed it all, please run ADWCleaner again and post the log.

First save all your bookmarks/favourites.
Open Chrome, click on the 3 bars in the top right hand corner, select Bookmarks and then Bookmarks Manager.
Click on Organise and then select Export Bookmarks to HTML file and choose the Desktop to save it.
When you have re-installed Chrome repeat the process and select Import Bookmarks to put them back.

Open Chrome, click on the three bars in the top right hand corner and select Settings.
In the list of Settings under Sign in click on Disconnect your Google Account.
In the text of the next window click on Google Dashboard, at the Chrome sync screen click on Stop and Clear at the bottom.
A box will open and ask for confirmation, click on OK.
You must wait for this to complete before doing the next step.
When confirmation appears close that page and then click on Disconnect account.
Shut Google Chrome, click on Start > Control Panel > Programs and Features and uninstall Google Chrome. Select Everything for removal when asked.

Reboot the system and then reinstall Google Chrome from Here
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 08:36 PM #10
I do not have any bookmarks or favorites. So I am just going to continue with this step.
Quote:
Open Chrome, click on the three bars in the top right hand corner and select Settings.
In the list of Settings under Sign in click on Disconnect your Google Account.
In the text of the next window click on Google Dashboard, at the Chrome sync screen click on Stop and Clear at the bottom.
A box will open and ask for confirmation, click on OK.
You must wait for this to complete before doing the next step.
When confirmation appears close that page and then click on Disconnect account.
Shut Google Chrome, click on Start > Control Panel > Programs and Features and uninstall Google Chrome. Select Everything for removal when asked.

Reboot the system and then reinstall Google Chrome from Here
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
28-Apr-2013, 09:20 PM #11
Ok, I followed the instructions the best that I could. There was a few exceptions, you said to go to control pannel and then go to Programs and Features. I did not have that option, the closest thing I had was Add/Remove programs. So I went there I uninstalled Google Chrome from there. It did not ask me to reboot, however I did anyway.

But before I reinstall Google Chrome, I thought this information might be useful. All of this started because I was prompted to do a Flash Player install. I assumed that it was safe because it came from Adobe, my mistake was I went too fast and did not read. It installed a Flash Player titled VAFPlayer, Search Conduit, MixiDJ V34, and something called Optimizer Pro. All of these (with the exception of the search conduit we are trying to get rid of, of course) are still instaled.

Also, I believe it might have infected my Internet Explorer as well as my Google Chrome.

I know you have turned in for the night, I have not reinstalled Google Chrome and I have not ran the ADWCleaner yet. In the morning I will check back for your advice. Thanks again!
Mark1956's Avatar
Malware Removal Specialist with 14,109 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
29-Apr-2013, 04:13 AM #12
You did the correct thing going to Add/Remove programs, Programs and Features is the same thing for Windows 7 and Vista. Thanks for bringing that to my attention, I will edit the instructions for future use.

You can go ahead and re-install Google Chrome and then please run ADWCleaner again.

It always pays to check carefully what you are installing as many programs and some updates come with optional Add-ons and there are a lot on offer that are classed as Adware. Please uninstall VAFPlayer and MixiDJ V34.

Last edited by Mark1956; 29-Apr-2013 at 04:19 AM..
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
29-Apr-2013, 12:50 PM #13
# AdwCleaner v2.300 - Logfile created 04/29/2013 at 12:37:13
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Sarena Hurt - ACER-684C9A655D
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [4870 octets] - [28/04/2013 18:03:44]
AdwCleaner[S3].txt - [1267 octets] - [28/04/2013 19:43:17]
AdwCleaner[S4].txt - [869 octets] - [29/04/2013 12:37:13]

########## EOF - C:\AdwCleaner[S4].txt - [928 octets] ##########
Rena30's Avatar
Rena30 Rena30 is offline
Member with 216 posts.
THREAD STARTER
 
Join Date: Jan 2013
29-Apr-2013, 12:54 PM #14
Ok Reinstalled Google and I uninstalled VFAPlayer.

After the first ADWcleaner that we ran it took away the MixiDj Toolbar, but when I go into IE, in the top right corner (in the search box) MixiDj is still there. It is not in my programs list and I do not know how to get rid of it.

Update: Even after this last ADWCleaner things are still running slow.
Mark1956's Avatar
Malware Removal Specialist with 14,109 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
29-Apr-2013, 01:01 PM #15
Please download SystemLook from the following link below and save it to your Desktop.

  • Double-click SystemLook.exe to run it.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • Copy and paste everything in the codebox below into the main textfield:
    Code:
    :filefind
    mixidj
    :folderfind
    mixidj
    :regfind
    mixidj
  • Click the Look button to start the scan.
  • When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
  • Please copy and paste the contents of that log in your next reply.


===========================================================================


When the above is complete run this scan and post the results.


Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Last edited by Mark1956; 30-Apr-2013 at 02:22 AM..
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2