1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Search Conduit Virus

Discussion in 'Virus & Other Malware Removal' started by Rena30, Apr 28, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    Hello Guys, I need help quick! Somehow I have gotten the Search Conduit Virus. Everything I have read says that this is a High Risk!! Can someone please tell me how to safely remove this for free. Thank you very much for your time.
     
  2. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi Rena, please follow these instructions and post all the logs.

    Please go Here and follow the instructions to run DDS, then Copy and Paste both the logs into your next reply. You need not run HJT or GMER.

    Please run these two scans and post the logs:

    SCAN 1
    Click on this link to download : ADWCleaner and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Delete button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post. If the log does not appear you should find it on your C: drive using Windows Explorer as ADWCleaner[S1].

    [​IMG]



    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]
     
  3. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    DDS (Ver_2012-11-20.01) - FAT32_x86 NETWORK
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
    Run by Sarena Hurt at 17:58:12 on 2013-04-28
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1322 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    ============== Running Processes ================
    .
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN14786457461970311&UM=2&ctid=CT3298570
    uURLSearchHooks: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: MixiDJ V34 Toolbar: {55B95864-3251-45E9-BB30-1A82589AAFF1} - c:\program files\mixidj_v34\prxtbMixi.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: MixiDJ V34 Toolbar: {55b95864-3251-45e9-bb30-1a82589aaff1} - c:\program files\mixidj_v34\prxtbMixi.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
    uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
    mRun: [preload] c:\windows\RUNXMLPL.exe
    mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
    mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
    mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
    mRun: [LaunchAp] "c:\program files\launch manager\LaunchAp.exe"
    mRun: [PowerKey] "c:\program files\launch manager\PowerKey.exe"
    mRun: [LManager] "c:\program files\launch manager\HotkeyApp.exe"
    mRun: [CtrlVol] "c:\program files\launch manager\CtrlVol.exe"
    mRun: [LMgrOSD] "c:\program files\launch manager\OSDCtrl.exe"
    mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
    mRun: [EPM-DM] c:\acer\empowering technology\epower\epm-dm.exe
    mRun: [Acer ePower Management] c:\acer\empowering technology\epower\Acer ePower Management.exe boot
    mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
    mRun: [ADMTray.exe] "c:\acer\empowering technology\admtray.exe"
    mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: &Sample Toolband Serach - c:\windows\system32\ToolBand.dll/MENUSEARCH.HTM
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363637986812
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363638390578
    DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 66.82.4.8
    TCP: Interfaces\{9EFD5CEC-3694-4642-B57D-2C4734E89E5B} : DHCPNameServer = 66.82.4.8
    Notify: igfxcui - igfxdev.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
    S1 mailKmd;mailKmd; [x]
    S2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 POWERKEY;POWERKEY;c:\program files\launch manager\POWERKEY.SYS [2013-3-17 2343]
    S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\rtl8192su.sys --> c:\windows\system32\drivers\RTL8192su.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-04-28 20:27:20 -------- d-sh--w- C:\FOUND.001
    2013-04-28 16:03:29 -------- d-----w- c:\program files\DomaIQ Uninstaller
    2013-04-28 16:02:35 -------- d-----w- c:\program files\Tuguu SL
    2013-04-28 16:02:35 -------- d-----w- c:\documents and settings\sarena hurt\application data\player
    2013-04-28 15:35:28 -------- d-----w- c:\program files\Conduit
    2013-04-28 15:35:25 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\MixiDJ_V34
    2013-04-28 15:35:21 -------- d-----w- c:\program files\MixiDJ_V34
    2013-04-28 15:35:15 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Temp
    2013-04-28 15:32:07 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Conduit
    2013-04-28 15:30:04 -------- d-----w- c:\documents and settings\sarena hurt\application data\Optimizer Pro
    2013-04-28 15:30:03 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\CRE
    2013-04-28 15:29:32 -------- d-----w- c:\program files\Optimizer Pro
    2013-04-28 15:09:53 6906960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{044caf5d-8053-413c-8cc5-b0e3fccc71d4}\mpengine.dll
    2013-04-24 16:06:50 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-04-20 14:31:56 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Google
    2013-04-09 21:32:21 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
    2013-04-09 21:32:17 -------- d-----w- c:\program files\W3i
    2013-04-09 21:32:17 -------- d-----w- c:\documents and settings\all users\application data\W3i
    2013-04-09 21:28:33 -------- d-----w- c:\documents and settings\all users\application data\APN
    2013-04-04 16:34:16 -------- d-sh--w- C:\FOUND.000
    2013-03-30 15:30:44 -------- d-----w- c:\documents and settings\sarena hurt\application data\ElevatedDiagnostics
    2013-03-30 14:52:12 -------- d-----w- c:\windows\system32\XPSViewer
    2013-03-30 14:51:38 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2013-03-30 14:51:23 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2013-03-30 14:51:23 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2013-03-30 14:51:23 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2013-03-30 14:51:23 117760 ------w- c:\windows\system32\prntvpt.dll
    2013-03-30 14:51:22 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2013-03-30 14:51:22 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
    2013-03-30 14:51:22 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2013-03-30 14:51:22 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
    2013-03-30 09:48:44 -------- d-----w- c:\documents and settings\sarena hurt\local settings\application data\Sun
    2013-03-30 08:06:25 221184 ----a-w- c:\windows\system32\wmpns.dll
    2013-03-30 08:02:12 -------- d-----w- c:\windows\ie8updates
    2013-03-30 02:50:33 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
    2013-03-30 02:50:33 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
    2013-03-30 02:50:31 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2013-03-30 02:50:31 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2013-03-30 02:50:29 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
    2013-03-30 02:50:29 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
    2013-03-30 02:50:29 2004992 ------w- c:\windows\system32\dllcache\iertutil.dll
    2013-03-30 02:50:25 11111424 ------w- c:\windows\system32\dllcache\ieframe.dll
    2013-03-30 02:29:04 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
    2013-03-30 02:29:04 284160 ------w- c:\windows\system32\dllcache\pdh.dll
    2013-03-30 02:29:03 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
    2013-03-30 02:29:03 110592 ------w- c:\windows\system32\dllcache\services.exe
    2013-03-30 02:29:02 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
    2013-03-30 02:29:02 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
    2013-03-30 02:29:01 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
    2013-03-30 02:00:52 272128 ------w- c:\windows\system32\dllcache\bthport.sys
    2013-03-30 01:58:03 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
    2013-03-30 01:46:37 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
    2013-03-30 01:44:59 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
    2013-03-30 01:41:10 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
    2013-03-30 01:33:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
    2013-03-30 01:30:52 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
    2013-03-30 01:30:01 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
    2013-03-30 01:30:01 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
    2013-03-30 01:29:18 290560 ------w- c:\windows\system32\dllcache\atmfd.dll
    2013-03-30 01:24:35 153088 ------w- c:\windows\system32\dllcache\triedit.dll
    2013-03-30 01:12:52 105472 ------w- c:\windows\system32\dllcache\mup.sys
    2013-03-30 01:10:59 2193408 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
    2013-03-30 01:10:59 2149888 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
    2013-03-30 01:10:58 2070016 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
    2013-03-30 01:10:58 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
    2013-03-30 01:06:49 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
    2013-03-30 01:06:04 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
    2013-03-30 01:06:04 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
    2013-03-30 01:04:14 331776 ------w- c:\windows\system32\dllcache\msadce.dll
    2013-03-30 00:39:33 536576 ------w- c:\windows\system32\dllcache\msado15.dll
    2013-03-30 00:35:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
    2013-03-30 00:33:28 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
    2013-03-30 00:11:00 718336 ------w- c:\windows\system32\dllcache\ntdll.dll
    2013-03-30 00:07:52 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
    2013-03-30 00:06:19 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
    2013-03-30 00:05:49 3072 ------w- c:\windows\system32\iacenc.dll
    2013-03-30 00:05:49 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
    2013-03-30 00:04:16 45568 ------w- c:\windows\system32\dllcache\wab.exe
    2013-03-30 00:03:43 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
    2013-03-30 00:03:43 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2013-03-29 23:42:02 275696 ----a-w- c:\windows\system32\mucltui.dll
    2013-03-29 23:42:02 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    .
    ==================== Find3M ====================
    .
    2013-04-20 14:31:48 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-04-20 14:31:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-04-11 14:22:56 770384 ----a-w- c:\windows\system32\msvcr100.dll
    2013-04-11 14:22:56 421200 ----a-w- c:\windows\system32\msvcp100.dll
    2013-04-02 10:33:22 237088 ------w- c:\windows\system32\MpSigStub.exe
    2013-03-29 18:45:46 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
    2013-03-29 18:45:46 782240 ----a-w- c:\windows\system32\deployJava1.dll
    2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
    2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-03-02 02:06:32 916480 ----a-w- c:\windows\system32\wininet.dll
    2013-03-02 02:06:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2013-03-02 02:06:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-03-02 01:25:02 1867264 ----a-w- c:\windows\system32\win32k.sys
    2013-03-02 01:08:48 385024 ----a-w- c:\windows\system32\html.iec
    2013-02-27 07:56:52 2067456 ----a-w- c:\windows\system32\mstscax.dll
    2013-02-11 23:32:24 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
    2013-02-11 23:32:24 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
    .
    ============= FINISH: 17:58:51.39 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 3/17/2013 6:47:39 PM
    System Uptime: 4/28/2013 3:32:28 PM (2 hours ago)
    .
    Motherboard: Acer | | Garda-910
    Processor: Intel(R) Celeron(R) M processor 1.50GHz | U1 | 1496/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (FAT32) - 16 GiB total, 4.165 GiB free.
    D: is FIXED (FAT32) - 18 GiB total, 17.326 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Atheros AR5005G Wireless Network Adapter
    Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_04181468&REV_01\4&AD1B67F&0&28F0
    Manufacturer: Atheros
    Name: Atheros AR5005G Wireless Network Adapter
    PNP Device ID: PCI\VEN_168C&DEV_001A&SUBSYS_04181468&REV_01\4&AD1B67F&0&28F0
    Service: AR5211
    .
    ==== System Restore Points ===================
    .
    RP36: 3/31/2013 7:50:31 PM - System Checkpoint
    RP37: 4/1/2013 10:48:26 AM - Software Distribution Service 3.0
    RP38: 4/2/2013 11:13:05 AM - Software Distribution Service 3.0
    RP39: 4/3/2013 11:32:23 AM - System Checkpoint
    RP40: 4/4/2013 1:18:16 PM - Software Distribution Service 3.0
    RP41: 4/5/2013 1:27:32 PM - System Checkpoint
    RP42: 4/6/2013 12:00:50 PM - Software Distribution Service 3.0
    RP43: 4/7/2013 6:33:51 PM - Software Distribution Service 3.0
    RP44: 4/9/2013 7:39:09 AM - Software Distribution Service 3.0
    RP45: 4/10/2013 12:07:10 PM - Software Distribution Service 3.0
    RP46: 4/10/2013 2:55:33 PM - Software Distribution Service 3.0
    RP47: 4/11/2013 7:53:02 PM - System Checkpoint
    RP48: 4/11/2013 8:01:02 PM - Software Distribution Service 3.0
    RP49: 4/13/2013 11:11:52 AM - Software Distribution Service 3.0
    RP50: 4/14/2013 11:59:11 AM - System Checkpoint
    RP51: 4/15/2013 9:52:12 AM - Software Distribution Service 3.0
    RP52: 4/16/2013 10:04:56 AM - Software Distribution Service 3.0
    RP53: 4/17/2013 10:09:46 AM - System Checkpoint
    RP54: 4/18/2013 1:20:07 PM - Software Distribution Service 3.0
    RP55: 4/20/2013 9:35:30 AM - Software Distribution Service 3.0
    RP56: 4/21/2013 10:16:10 AM - System Checkpoint
    RP57: 4/22/2013 9:53:12 AM - Software Distribution Service 3.0
    RP58: 4/23/2013 10:24:46 AM - Software Distribution Service 3.0
    RP59: 4/24/2013 11:05:57 AM - Installed Java 7 Update 21
    RP60: 4/24/2013 11:09:03 AM - Software Distribution Service 3.0
    RP61: 4/24/2013 3:23:26 PM - Software Distribution Service 3.0
    RP62: 4/25/2013 7:13:47 PM - Software Distribution Service 3.0
    RP63: 4/26/2013 8:47:46 PM - Software Distribution Service 3.0
    RP64: 4/28/2013 10:09:49 AM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    Acer eDataSecurity Management
    Acer eDataSecurity Management 1.00.21
    Acer eLock Management
    Acer Empowering Technology framework
    Acer ePerformance Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Adobe Flash Player 11 ActiveX
    Adobe Reader XI (11.0.02)
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    ImgBurn
    Intel(R) Graphics Media Accelerator Driver for Mobile
    Java 7 Update 21
    Java Auto Updater
    Launch Manager V1.0.9.3
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft Download Manager
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Visual C++ 2005 Redistributable
    MixiDJ V34 Toolbar
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    NTI Backup NOW! 4
    NTI CD & DVD-Maker
    OLYMPUS Master 2
    Optimizer Pro v3.0
    PowerDVD
    QuickTime
    Realtek AC'97 Audio
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2797052)
    Security Update for Windows Internet Explorer 8 (KB2809289)
    Security Update for Windows Internet Explorer 8 (KB2817183)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219-v2)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135-v2)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2778344)
    Security Update for Windows XP (KB2780091)
    Security Update for Windows XP (KB2799494)
    Security Update for Windows XP (KB2802968)
    Security Update for Windows XP (KB2807986)
    Security Update for Windows XP (KB2808735)
    Security Update for Windows XP (KB2813170)
    Security Update for Windows XP (KB2813345)
    Security Update for Windows XP (KB2820917)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Soft Data Fax Modem with SmartCP
    SoftV90 Data Fax Modem with SmartCP
    Synaptics Pointing Device Driver
    Uninstall Helper
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB973815)
    VAFPlayer
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows PowerShell(TM) 1.0
    Windows XP Service Pack 3
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/28/2013 3:51:19 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    4/28/2013 12:07:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm MpFilter
    4/28/2013 12:06:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    .
    ==== End Of File ===========================
     
  4. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    # AdwCleaner v2.300 - Logfile created 04/28/2013 at 18:03:44
    # Updated 28/04/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Sarena Hurt - ACER-684C9A655D
    # Boot Mode : Safe mode with networking
    # Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Deleted on reboot : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
    Deleted on reboot : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\APN
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Optimizer Pro
    Folder Deleted : C:\Documents and Settings\Sarena Hurt\Application Data\Optimizer Pro
    Folder Deleted : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Conduit
    Folder Deleted : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\MixiDJ_V34
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\DomaIQ Uninstaller
    Folder Deleted : C:\Program Files\MixiDJ_V34
    Folder Deleted : C:\Program Files\Optimizer Pro

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{55B95864-3251-45E9-BB30-1A82589AAFF1}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55B95864-3251-45E9-BB30-1A82589AAFF1}
    Key Deleted : HKCU\Software\MixiDJ_V34
    Key Deleted : HKCU\Software\Optimizer Pro
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{12C9B011-2C73-45B7-9BAA-443D31B5502E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{55B95864-3251-45E9-BB30-1A82589AAFF1}
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD453B9-A29C-4168-B592-82309403AD50}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51B66E93-3079-4CA1-ACE2-56A769E3CEED}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MixiDJ_V34 Toolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55B95864-3251-45E9-BB30-1A82589AAFF1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{12C9B011-2C73-45B7-9BAA-443D31B5502E}
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MixiDJ_V34 Toolbar
    Key Deleted : HKLM\Software\MixiDJ_V34
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{55B95864-3251-45E9-BB30-1A82589AAFF1}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{55B95864-3251-45E9-BB30-1A82589AAFF1}]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{55B95864-3251-45E9-BB30-1A82589AAFF1}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&CUI=UN14786457461970311&UM=2&ctid=CT3298570 --> hxxp://www.google.com

    -\\ Google Chrome v26.0.1410.64

    File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Deleted [l.35] : icon_url = "hxxp://search.conduit.com/fav.ico",
    Deleted [l.38] : keyword = "search.conduit.com",
    Deleted [l.42] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11[...]
    Deleted [l.43] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]
    Deleted [l.2126] : homepage = "hxxp://search.conduit.com/?ctid=CT3298570&SearchSource=48&CUI=UN11694982671956828&UM[...]
    Deleted [l.2706] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3298570&SearchSource=48&CUI[...]

    *************************

    AdwCleaner[S2].txt - [4741 octets] - [28/04/2013 18:03:44]

    ########## EOF - C:\AdwCleaner[S2].txt - [4801 octets] ##########
     
  5. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Safe mode with network support
    User : Sarena Hurt [Admin rights]
    Mode : Scan -- Date : 04/28/2013 18:21:40
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [RUN][SUSP PATH] HKLM\[...]\Run : preload (C:\WINDOWS\RUNXMLPL.EXE) [-] -> FOUND
    [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
    [SCREENSV][SUSP PATH] HKCU\[...]\Desktop (C:\WINDOWS\ACER.SCR) [-] -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤
    [Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> FOUND
    [Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> FOUND
    [Faked.Drv][FILE] parport.sys : C:\WINDOWS\system32\drivers\parport.sys [-] --> FOUND
    [Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] --> FOUND
    [Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> FOUND
    [Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys [-] --> FOUND
    [Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys [-] --> FOUND
    [Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys [-] --> FOUND
    [Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys [-] --> FOUND
    [Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] --> FOUND
    [Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] --> FOUND
    [Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys [-] --> FOUND
    [Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys [-] --> FOUND
    [Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] --> FOUND
    [Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys [-] --> FOUND
    [Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys [-] --> FOUND
    [Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys [-] --> FOUND
    [Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys [-] --> FOUND
    [Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys [-] --> FOUND
    [Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys [-] --> FOUND
    [Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys [-] --> FOUND
    [Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] --> FOUND
    [Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys [-] --> FOUND
    [Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] --> FOUND
    [Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys [-] --> FOUND
    [Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys [-] --> FOUND
    [Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys [-] --> FOUND
    [Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys [-] --> FOUND
    [Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> FOUND
    [Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys [-] --> FOUND
    [Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys [-] --> FOUND
    [Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys [-] --> FOUND
    [Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys [-] --> FOUND
    [Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys [-] --> FOUND
    [Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys [-] --> FOUND
    [Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys [-] --> FOUND
    [Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys [-] --> FOUND
    [Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys [-] --> FOUND
    [Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] --> FOUND
    [Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys [-] --> FOUND
    [Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys [-] --> FOUND
    [Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] --> FOUND
    [Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] --> FOUND
    [Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys [-] --> FOUND
    [Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys [-] --> FOUND
    [Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] --> FOUND
    [Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] --> FOUND
    [Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys [-] --> FOUND
    [Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] --> FOUND
    [Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys [-] --> FOUND
    [Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] --> FOUND
    [Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> FOUND
    [Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys [-] --> FOUND
    [Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys [-] --> FOUND
    [Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] --> FOUND
    [Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] --> FOUND
    [Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys [-] --> FOUND
    [Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys [-] --> FOUND
    [Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys [-] --> FOUND
    [Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] --> FOUND
    [Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys [-] --> FOUND
    [Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] --> FOUND
    [Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys [-] --> FOUND
    [Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys [-] --> FOUND
    [Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys [-] --> FOUND
    [Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys [-] --> FOUND
    [Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys [-] --> FOUND
    [Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> FOUND
    [Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] --> FOUND
    [Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys [-] --> FOUND
    [Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys [-] --> FOUND
    [Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys [-] --> FOUND
    [Faked.Drv][FILE] pcmcia.sys : C:\WINDOWS\system32\drivers\pcmcia.sys [-] --> FOUND
    [Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys [-] --> FOUND
    [Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] --> FOUND
    [Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys [-] --> FOUND
    [Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] --> FOUND
    [Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] --> FOUND
    [Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys [-] --> FOUND
    [Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] --> FOUND
    [Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys [-] --> FOUND
    [Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys [-] --> FOUND
    [Faked.Drv][FILE] ntfs.sys : C:\WINDOWS\system32\drivers\ntfs.sys [-] --> FOUND
    [Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys [-] --> FOUND
    [Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] --> FOUND
    [Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys [-] --> FOUND
    [Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] --> FOUND
    [Faked.Drv][FILE] nscirda.sys : C:\WINDOWS\system32\drivers\nscirda.sys [-] --> FOUND
    [Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys [-] --> FOUND
    [Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] --> FOUND
    [Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] --> FOUND
    [Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] --> FOUND
    [Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys [-] --> FOUND
    [Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] --> FOUND
    [Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys [-] --> FOUND
    [Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] --> FOUND
    [Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys [-] --> FOUND
    [Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys [-] --> FOUND
    [Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys [-] --> FOUND
    [Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys [-] --> FOUND
    [Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys [-] --> FOUND
    [Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] --> FOUND
    [Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys [-] --> FOUND
    [Faked.Drv][FILE] intelide.sys : C:\WINDOWS\system32\drivers\intelide.sys [-] --> FOUND
    [Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys [-] --> FOUND
    [Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys [-] --> FOUND
    [Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] --> FOUND
    [Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys [-] --> FOUND
    [Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys [-] --> FOUND
    [Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] --> FOUND
    [Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] --> FOUND
    [Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys [-] --> FOUND
    [Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> FOUND
    [Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys [-] --> FOUND
    [Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys [-] --> FOUND
    [Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys [-] --> FOUND
    [Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys [-] --> FOUND
    [Faked.Drv][FILE] irda.sys : C:\WINDOWS\system32\drivers\irda.sys [-] --> FOUND
    [Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys [-] --> FOUND
    [Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] --> FOUND
    [Faked.Drv][FILE] i2omp.sys : C:\WINDOWS\system32\drivers\i2omp.sys [-] --> FOUND
    [Faked.Drv][FILE] i2omgmt.sys : C:\WINDOWS\system32\drivers\i2omgmt.sys [-] --> FOUND
    [Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys [-] --> FOUND
    [Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys [-] --> FOUND
    [Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys [-] --> FOUND
    [Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys [-] --> FOUND
    [Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys [-] --> FOUND
    [Faked.Drv][FILE] toside.sys : C:\WINDOWS\system32\drivers\toside.sys [-] --> FOUND
    [Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys [-] --> FOUND
    [Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] --> FOUND
    [Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys [-] --> FOUND
    [Faked.Drv][FILE] sparrow.sys : C:\WINDOWS\system32\drivers\sparrow.sys [-] --> FOUND
    [Faked.Drv][FILE] adpu160m.sys : C:\WINDOWS\system32\drivers\adpu160m.sys [-] --> FOUND
    [Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] --> FOUND
    [Faked.Drv][FILE] perc2hib.sys : C:\WINDOWS\system32\drivers\perc2hib.sys [-] --> FOUND
    [Faked.Drv][FILE] aic78xx.sys : C:\WINDOWS\system32\drivers\aic78xx.sys [-] --> FOUND
    [Faked.Drv][FILE] aha154x.sys : C:\WINDOWS\system32\drivers\aha154x.sys [-] --> FOUND
    [Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys [-] --> FOUND
    [Faked.Drv][FILE] dpti2o.sys : C:\WINDOWS\system32\drivers\dpti2o.sys [-] --> FOUND
    [Faked.Drv][FILE] aic78u2.sys : C:\WINDOWS\system32\drivers\aic78u2.sys [-] --> FOUND
    [Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys [-] --> FOUND
    [Faked.Drv][FILE] cpqarray.sys : C:\WINDOWS\system32\drivers\cpqarray.sys [-] --> FOUND
    [Faked.Drv][FILE] symc810.sys : C:\WINDOWS\system32\drivers\symc810.sys [-] --> FOUND
    [Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys [-] --> FOUND
    [Faked.Drv][FILE] cd20xrnt.sys : C:\WINDOWS\system32\drivers\cd20xrnt.sys [-] --> FOUND
    [Faked.Drv][FILE] hpn.sys : C:\WINDOWS\system32\drivers\hpn.sys [-] --> FOUND
    [Faked.Drv][FILE] perc2.sys : C:\WINDOWS\system32\drivers\perc2.sys [-] --> FOUND
    [Faked.Drv][FILE] sym_hi.sys : C:\WINDOWS\system32\drivers\sym_hi.sys [-] --> FOUND
    [Faked.Drv][FILE] fetnd5.sys : C:\WINDOWS\system32\drivers\fetnd5.sys [-] --> FOUND
    [Faked.Drv][FILE] symc8xx.sys : C:\WINDOWS\system32\drivers\symc8xx.sys [-] --> FOUND
    [Faked.Drv][FILE] sym_u3.sys : C:\WINDOWS\system32\drivers\sym_u3.sys [-] --> FOUND
    [Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys [-] --> FOUND
    [Faked.Drv][FILE] ql10wnt.sys : C:\WINDOWS\system32\drivers\ql10wnt.sys [-] --> FOUND
    [Faked.Drv][FILE] ql1080.sys : C:\WINDOWS\system32\drivers\ql1080.sys [-] --> FOUND
    [Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] --> FOUND
    [Faked.Drv][FILE] ql1240.sys : C:\WINDOWS\system32\drivers\ql1240.sys [-] --> FOUND
    [Faked.Drv][FILE] ql12160.sys : C:\WINDOWS\system32\drivers\ql12160.sys [-] --> FOUND
    [Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys [-] --> FOUND
    [Faked.Drv][FILE] ql1280.sys : C:\WINDOWS\system32\drivers\ql1280.sys [-] --> FOUND
    [Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] --> FOUND
    [Faked.Drv][FILE] rasirda.sys : C:\WINDOWS\system32\drivers\rasirda.sys [-] --> FOUND
    [Faked.Drv][FILE] mraid35x.sys : C:\WINDOWS\system32\drivers\mraid35x.sys [-] --> FOUND
    [Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys [-] --> FOUND
    [Faked.Drv][FILE] dac2w2k.sys : C:\WINDOWS\system32\drivers\dac2w2k.sys [-] --> FOUND
    [Faked.Drv][FILE] dac960nt.sys : C:\WINDOWS\system32\drivers\dac960nt.sys [-] --> FOUND
    [Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys [-] --> FOUND
    [Faked.Drv][FILE] asc3550.sys : C:\WINDOWS\system32\drivers\asc3550.sys [-] --> FOUND
    [Faked.Drv][FILE] asc.sys : C:\WINDOWS\system32\drivers\asc.sys [-] --> FOUND
    [Faked.Drv][FILE] asc3350p.sys : C:\WINDOWS\system32\drivers\asc3350p.sys [-] --> FOUND
    [Faked.Drv][FILE] ABP480N5.SYS : C:\WINDOWS\system32\drivers\ABP480N5.SYS [-] --> FOUND
    [Faked.Drv][FILE] amsint.sys : C:\WINDOWS\system32\drivers\amsint.sys [-] --> FOUND
    [Faked.Drv][FILE] ini910u.sys : C:\WINDOWS\system32\drivers\ini910u.sys [-] --> FOUND
    [Faked.Drv][FILE] aliide.sys : C:\WINDOWS\system32\drivers\aliide.sys [-] --> FOUND
    [Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys [-] --> FOUND
    [Faked.Drv][FILE] ultra.sys : C:\WINDOWS\system32\drivers\ultra.sys [-] --> FOUND
    [Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys [-] --> FOUND
    [Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys [-] --> FOUND
    [Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys [-] --> FOUND
    [Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys [-] --> FOUND
    [Faked.Drv][FILE] cmdide.sys : C:\WINDOWS\system32\drivers\cmdide.sys [-] --> FOUND
    [Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] --> FOUND
    [Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> FOUND
    [Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys [-] --> FOUND
    [Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys [-] --> FOUND
    [Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys [-] --> FOUND
    [Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys [-] --> FOUND
    [Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys [-] --> FOUND
    [Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys [-] --> FOUND
    [Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys [-] --> FOUND
    [Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys [-] --> FOUND
    [Faked.Drv][FILE] Rtlnicxp.sys : C:\WINDOWS\system32\drivers\Rtlnicxp.sys [-] --> FOUND
    [Faked.Drv][FILE] BCMWL5.SYS : C:\WINDOWS\system32\drivers\BCMWL5.SYS [-] --> FOUND
    [Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys [-] --> FOUND
    [Faked.Drv][FILE] hdaudbus.sys : C:\WINDOWS\system32\drivers\hdaudbus.sys [-] --> FOUND
    [Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys [-] --> FOUND
    [Faked.Drv][FILE] fltMgr.sys : C:\WINDOWS\system32\drivers\fltMgr.sys [-] --> FOUND
    [Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys [-] --> FOUND
    [Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys [-] --> FOUND
    [Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] --> FOUND
    [Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys [-] --> FOUND
    [Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> FOUND
    [Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys [-] --> FOUND
    [Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] --> FOUND
    [Faked.Drv][FILE] HSF_DP.sys : C:\WINDOWS\system32\drivers\HSF_DP.sys [-] --> FOUND
    [Faked.Drv][FILE] pfc.sys : C:\WINDOWS\system32\drivers\pfc.sys [-] --> FOUND
    [Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys [-] --> FOUND
    [Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] --> FOUND
    [Faked.Drv][FILE] ialmnt5.sys : C:\WINDOWS\system32\drivers\ialmnt5.sys [-] --> FOUND
    [Faked.Drv][FILE] SynTP.sys : C:\WINDOWS\system32\drivers\SynTP.sys [-] --> FOUND
    [Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys [-] --> FOUND
    [Faked.Drv][FILE] ALCXWDM.SYS : C:\WINDOWS\system32\drivers\ALCXWDM.SYS [-] --> FOUND
    [Faked.Drv][FILE] UBHelper.sys : C:\WINDOWS\system32\drivers\UBHelper.sys [-] --> FOUND
    [Faked.Drv][FILE] NTIDrvr.sys : C:\WINDOWS\system32\drivers\NTIDrvr.sys [-] --> FOUND
    [Faked.Drv][FILE] ar5211.sys : C:\WINDOWS\system32\drivers\ar5211.sys [-] --> FOUND
    [Faked.Drv][FILE] HOTKEY.sys : C:\WINDOWS\system32\drivers\HOTKEY.sys [-] --> FOUND
    [Faked.Drv][FILE] HSF_CNXT.sys : C:\WINDOWS\system32\drivers\HSF_CNXT.sys [-] --> FOUND
    [Faked.Drv][FILE] HSFHWICH.sys : C:\WINDOWS\system32\drivers\HSFHWICH.sys [-] --> FOUND
    [Faked.Drv][FILE] HSF_DPV.sys : C:\WINDOWS\system32\drivers\HSF_DPV.sys [-] --> FOUND
    [Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> FOUND
    [Faked.Drv][FILE] epm-psd.sys : C:\WINDOWS\system32\drivers\epm-psd.sys [-] --> FOUND
    [Faked.Drv][FILE] epm-shd.sys : C:\WINDOWS\system32\drivers\epm-shd.sys [-] --> FOUND
    [Faked.Drv][FILE] osaio.sys : C:\WINDOWS\system32\drivers\osaio.sys [-] --> FOUND
    [Faked.Drv][FILE] osanbm.sys : C:\WINDOWS\system32\drivers\osanbm.sys [-] --> FOUND
    [Faked.Drv][FILE] OsaFsLoc.sys : C:\WINDOWS\system32\drivers\OsaFsLoc.sys [-] --> FOUND
    [Faked.Drv][FILE] NdisFilt.sys : C:\WINDOWS\system32\drivers\NdisFilt.sys [-] --> FOUND
    [Faked.Drv][FILE] NETMNT.sys : C:\WINDOWS\system32\drivers\NETMNT.sys [-] --> FOUND
    [Faked.Drv][FILE] MpFilter.sys : C:\WINDOWS\system32\drivers\MpFilter.sys [-] --> FOUND
    [Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> FOUND
    [Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys [-] --> FOUND
    [Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys [-] --> FOUND
    [Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys [-] --> FOUND
    [Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys [-] --> FOUND
    [Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys [-] --> FOUND
    [Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys [-] --> FOUND
    [Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys [-] --> FOUND
    [Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys [-] --> FOUND
    [Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys [-] --> FOUND
    [Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys [-] --> FOUND
    [Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys [-] --> FOUND
    [Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> FOUND
    [Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys [-] --> FOUND
    [Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys [-] --> FOUND
    [Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys [-] --> FOUND
    [Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys [-] --> FOUND
    [Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys [-] --> FOUND
    [Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys [-] --> FOUND
    [Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys [-] --> FOUND
    [Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys [-] --> FOUND
    [Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys [-] --> FOUND
    [Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys [-] --> FOUND
    [Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys [-] --> FOUND
    [Faked.Drv][FILE] wmiacpi.sys : C:\WINDOWS\system32\drivers\wmiacpi.sys [-] --> FOUND
    [Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys [-] --> FOUND
    [Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys [-] --> FOUND
    [Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys [-] --> FOUND
    [Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys [-] --> FOUND
    [Faked.Drv][FILE] viaide.sys : C:\WINDOWS\system32\drivers\viaide.sys [-] --> FOUND
    [Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] --> FOUND
    [Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys [-] --> FOUND
    [Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys [-] --> FOUND
    [Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys [-] --> FOUND
    [Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys [-] --> FOUND
    [Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys [-] --> FOUND
    [Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys [-] --> FOUND
    [Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys [-] --> FOUND
    [Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] --> FOUND
    [Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys [-] --> FOUND
    [Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] --> FOUND
    [Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys [-] --> FOUND
    [Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] --> FOUND
    [Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] --> FOUND
    [Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys [-] --> FOUND
    [Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys [-] --> FOUND
    [Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys [-] --> FOUND
    [Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys [-] --> FOUND
    [Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> FOUND
    [Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys [-] --> FOUND
    [Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys [-] --> FOUND
    [Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys [-] --> FOUND
    [Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys [-] --> FOUND
    [Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys [-] --> FOUND
    [Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys [-] --> FOUND
    [Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys [-] --> FOUND
    [Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys [-] --> FOUND

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: SAMSUNG MP0402H +++++
    --- User ---
    [MBR] e4e2811d5bb93111c3ab227b8f3278d4
    [BSP] afd663b62beb710eabd66cab9e298a9d : Acer MBR Code
    Partition table:
    0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 3200 Mo
    1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 6554520 | Size: 16872 Mo
    2 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 41110335 | Size: 18128 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_04282013_02d1821.txt >>
    RKreport[1]_S_04282013_02d1821.txt
     
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please tell me how things are running now and do another scan with ADWCleaner, using the Delete button just as before, and post the new log.
     
  7. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    Everything looks normal again, but it is running really slow. Going to do the Adware again.
     
  8. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    Running a little faster now. Here is the log.

    # AdwCleaner v2.300 - Logfile created 04/28/2013 at 19:43:17
    # Updated 28/04/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Sarena Hurt - ACER-684C9A655D
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Deleted [l.26] : icon_url = "hxxp://search.conduit.com/fav.ico",
    Deleted [l.29] : keyword = "search.conduit.com",
    Deleted [l.33] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11[...]
    Deleted [l.34] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]

    *************************

    AdwCleaner[S2].txt - [4870 octets] - [28/04/2013 18:03:44]
    AdwCleaner[S3].txt - [1138 octets] - [28/04/2013 19:43:17]

    ########## EOF - C:\AdwCleaner[S3].txt - [1198 octets] ##########
     
  9. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, that is looking good but there are some items in Google we need to get rid of, a re-install of it will be the best way. We shall see how the system is running after this and take further steps if it is still slow.

    Make sure you follow all the steps in this procedure or it may remain infected with the Adware. When you have completed it all, please run ADWCleaner again and post the log.

    First save all your bookmarks/favourites.
    Open Chrome, click on the 3 bars in the top right hand corner, select Bookmarks and then Bookmarks Manager.
    Click on Organise and then select Export Bookmarks to HTML file and choose the Desktop to save it.
    When you have re-installed Chrome repeat the process and select Import Bookmarks to put them back.

    Open Chrome, click on the three bars in the top right hand corner and select Settings.
    In the list of Settings under Sign in click on Disconnect your Google Account.
    In the text of the next window click on Google Dashboard, at the Chrome sync screen click on Stop and Clear at the bottom.
    A box will open and ask for confirmation, click on OK.
    You must wait for this to complete before doing the next step.
    When confirmation appears close that page and then click on Disconnect account.
    Shut Google Chrome, click on Start > Control Panel > Programs and Features and uninstall Google Chrome. Select Everything for removal when asked.

    Reboot the system and then reinstall Google Chrome from Here
     
  10. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    I do not have any bookmarks or favorites. So I am just going to continue with this step.
    Quote:
    Open Chrome, click on the three bars in the top right hand corner and select Settings.
    In the list of Settings under Sign in click on Disconnect your Google Account.
    In the text of the next window click on Google Dashboard, at the Chrome sync screen click on Stop and Clear at the bottom.
    A box will open and ask for confirmation, click on OK.
    You must wait for this to complete before doing the next step.
    When confirmation appears close that page and then click on Disconnect account.
    Shut Google Chrome, click on Start > Control Panel > Programs and Features and uninstall Google Chrome. Select Everything for removal when asked.

    Reboot the system and then reinstall Google Chrome from Here
     
  11. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    Ok, I followed the instructions the best that I could. There was a few exceptions, you said to go to control pannel and then go to Programs and Features. I did not have that option, the closest thing I had was Add/Remove programs. So I went there I uninstalled Google Chrome from there. It did not ask me to reboot, however I did anyway.

    But before I reinstall Google Chrome, I thought this information might be useful. All of this started because I was prompted to do a Flash Player install. I assumed that it was safe because it came from Adobe, my mistake was I went too fast and did not read. It installed a Flash Player titled VAFPlayer, Search Conduit, MixiDJ V34, and something called Optimizer Pro. All of these (with the exception of the search conduit we are trying to get rid of, of course) are still instaled.

    Also, I believe it might have infected my Internet Explorer as well as my Google Chrome.

    I know you have turned in for the night, I have not reinstalled Google Chrome and I have not ran the ADWCleaner yet. In the morning I will check back for your advice. Thanks again! :)
     
  12. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    You did the correct thing going to Add/Remove programs, Programs and Features is the same thing for Windows 7 and Vista. Thanks for bringing that to my attention, I will edit the instructions for future use.

    You can go ahead and re-install Google Chrome and then please run ADWCleaner again.

    It always pays to check carefully what you are installing as many programs and some updates come with optional Add-ons and there are a lot on offer that are classed as Adware. Please uninstall VAFPlayer and MixiDJ V34.
     
  13. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    # AdwCleaner v2.300 - Logfile created 04/29/2013 at 12:37:13
    # Updated 28/04/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Sarena Hurt - ACER-684C9A655D
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Sarena Hurt\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****


    ***** [Registry] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Google Chrome v26.0.1410.64

    File : C:\Documents and Settings\Sarena Hurt\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S2].txt - [4870 octets] - [28/04/2013 18:03:44]
    AdwCleaner[S3].txt - [1267 octets] - [28/04/2013 19:43:17]
    AdwCleaner[S4].txt - [869 octets] - [29/04/2013 12:37:13]

    ########## EOF - C:\AdwCleaner[S4].txt - [928 octets] ##########
     
  14. Rena30

    Rena30 Thread Starter

    Joined:
    Jan 18, 2013
    Messages:
    216
    Ok Reinstalled Google and I uninstalled VFAPlayer.

    After the first ADWcleaner that we ran it took away the MixiDj Toolbar, but when I go into IE, in the top right corner (in the search box) MixiDj is still there. It is not in my programs list and I do not know how to get rid of it.

    Update: Even after this last ADWCleaner things are still running slow.
     
  15. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please download SystemLook from the following link below and save it to your Desktop.



    • Double-click SystemLook.exe to run it.
    • Vista/Windows 7 users right-click and select Run As Administrator.
    • Copy and paste everything in the codebox below into the main textfield:
      Code:
      :filefind
      mixidj
      :folderfind
      mixidj
      :regfind
      mixidj
      
    • Click the Look button to start the scan.
    • When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
    • Please copy and paste the contents of that log in your next reply.


    ===========================================================================


    When the above is complete run this scan and post the results.


    Please download Junkware Removal Tool to your desktop.

    • Shutdown your antivirus to avoid any conflicts.
    • Right-mouse click JRT.exe and select Run as administrator
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1097343