1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Task manager does not appear

Discussion in 'Malware and Virus Removal Archive' started by FrancoBao, 2010/10/08.

Thread Status:
Not open for further replies.
  1. 2010/10/08
    FrancoBao

    FrancoBao Inactive Thread Starter

    Joined:
    2010/10/08
    Messages:
    1
    Likes Received:
    0
    [Inactive] Task manager does not appear

    Hi. It seemed that i had a smart engine malware on my computer and I ran some operations from a site. it seemed to work cause i don't get the pop ups anymore, but now my tasl manger doesn't work and IE and Google Chrome don't have connections to the web. I ran the dss scan on my computer and got a log file. As I have understood in the post, i need to include the post of the log in this window and attach the other file. Not sure i can attach it, so i tried to post both in here but it's too long, so i will try to add a thread to this post. Thanks


    DDS (Ver_10-10-05.01) - NTFSx86
    Run by Administrator at 22:57:03,26 on 2010-10-08
    Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3572.2715 [GMT -4:00]

    AV: Smart Engine *On-access scanning enabled* (Updated) {4D1E2C02-4712-4988-92DC-E32BB371710A}
    FW: Smart Engine *enabled* {64D67870-7EE1-43DE-B93A-A4293CE977FB}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\drivers\audio\r190031\stacsv.exe
    C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
    C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
    svchost.exe
    C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
    C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
    c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
    C:\Program Files\VMware\VMware Player\vmware-authd.exe
    C:\WINDOWS\system32\vmnat.exe
    C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
    C:\WINDOWS\system32\vmnetdhcp.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\DellTPad\Apoint.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\WINDOWS\system32\AESTFltr.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtTray.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\mmc.exe
    C:\WINDOWS\regedit.exe
    C:\Documents and Settings\Administrator\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uSearch Page = hxxp://www.google.ca/hws/sb/dell-row-rel/en/side.html?channel=ca
    uDefault_Page_URL = www.google.ca/ig/dell?hl=en&client=dell-row-rel&channel=ca&ibd=2081216
    uSearch Bar = hxxp://www.google.ca/hws/sb/dell-row-rel/en/side.html?channel=ca
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    mSearch Bar = hxxp://www.google.com/ie
    uInternet Settings,ProxyServer = http=127.0.0.1:25498
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    uURLSearchHooks: compliance0615 Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\program files\iobitcom\tbIOb1.dll
    BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\iepro\iepro.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: compliance0615 Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\program files\iobitcom\tbIOb1.dll
    BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB: compliance0615 Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\program files\iobitcom\tbIOb1.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\iepro\IEProRecorder.dll
    uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe "
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
    uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [Apoint] c:\program files\delltpad\Apoint.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /installquiet
    mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
    mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12
    mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
    mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
    mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe "
    mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
    mRun: [SetDefPrt] c:\program files\brother\brmfl04a\BrStDvPt.exe
    mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
    mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
    mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe "
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\status~1.lnk - c:\program files\brother\brmfcmon\BrMfcWnd.exe
    uPolicies-explorer: DisallowRun = 1 (0x1)
    uPolicies-disallowrun: 0 = msseces.exe
    uPolicies-disallowrun: 1 = MSASCui.exe
    uPolicies-disallowrun: 2 = ekrn.exe
    uPolicies-disallowrun: 3 = egui.exe
    uPolicies-disallowrun: 4 = avgnt.exe
    uPolicies-disallowrun: 5 = avcenter.exe
    uPolicies-disallowrun: 6 = avscan.exe
    uPolicies-disallowrun: 7 = avgfrw.exe
    uPolicies-disallowrun: 8 = avgui.exe
    uPolicies-disallowrun: 9 = avgtray.exe
    uPolicies-disallowrun: 10 = avgscanx.exe
    uPolicies-disallowrun: 11 = avgcfgex.exe
    uPolicies-disallowrun: 12 = avgemc.exe
    uPolicies-disallowrun: 13 = avgchsvx.exe
    uPolicies-disallowrun: 14 = avgcmgr.exe
    uPolicies-disallowrun: 15 = avgwdsvc.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - c:\program files\iepro\iepro.dll
    IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    LSP: c:\program files\vmware\vmware player\vsocklib.dll
    DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
    DPF: {0FACC666-E038-43FF-B1A5-064FFB536934} - hxxp://mvs-prod-tnrx8:88/tenterprise/Download/Upload.CAB
    DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://mvs-prod-tnrx8:88/tenterprise/download/ScriptX.cab
    DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/wireless/bin/sysreqlab_srlx.cab
    DPF: {338095E4-1806-4BA3-AB51-38A3179200E9} - hxxps://172.19.3.5/ui/plugin/msie/vmware-mks.cab
    DPF: {3E059DAB-6894-435C-B758-2977F014D734} - hxxp://mvs-prod-tnrx8:88/tenterprise/download/TClientProc.CAB
    DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxp://appqsp01:8000/Reserved.ReportViewerWebPart.axd?ReportSession=ktjaiyjgsn5odybq1uxuzw55&ControlID=6b96b6cb48a94565b2c344e3bd86cd5b&Culture=1036&UICulture=1036&ReportStack=1&OpType=PrintCab
    DPF: {4A3CBDDD-C4DC-4C38-B44F-704DAEF628AE} - hxxp://mvs-prod-tnrx8/projectserver/objects/pjclient.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233754443645
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {AF9A1421-E128-4D5F-A37E-039F305867B9} - hxxp://mvs-prod-tnrx8/projectserver/objects/1033/pjcintl.cab
    DPF: {B9F3DE87-ED5D-4092-A1F8-CBF86B0BED0C} - hxxps://moncourrierext.rtss.qc.ca/,DanaInfo=messagerie7.mtl.rtss.qc.ca+iNotes6W.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D5B680E5-9C5F-45E0-A97C-521D4F281173} - hxxp://vmprodproject01/pwa/_layouts/pwa/objects/1033/pjcintl.cab
    DPF: {DC7D77DA-E1AC-4D40-930B-B87B2954E034} - hxxps://10.10.1.90/ui/plugin/msie/vmware-mks.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E3089160-E8AD-4C5B-B47C-ADDF3DF660DD} - hxxp://vmprodproject01/pwa/_layouts/pwa/objects/pjclient.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Authentication Packages = msv1_0 wvauth
    IFEO: image file execution options - svchost.exe
    IFEO: a.exe - svchost.exe
    IFEO: aAvgApi.exe - svchost.exe
    IFEO: AAWTray.exe - svchost.exe
    IFEO: About.exe - svchost.exe

    Note: multiple IFEO entries found. Please refer to Attach.txt
    Hosts: 192.168.2.132 HP001B78A1C01A
    Hosts: 192.168.2.128 WIN-476CGXN4O7W
    Hosts: 10.1.1.16 appqsp01
    Hosts: 74.125.45.100 4-open-davinci.com
    Hosts: 74.125.45.100 securitysoftwarepayments.com

    Note: multiple HOSTS entries found. Please refer to Attach.txt

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\nzq9j3az.default\
    FF - prefs.js: browser.search.selectedEngine - search
    FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\google updater\2.4.1970.7372\npCIDetect14.dll
    FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-10-8 218592]
    R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968]
    R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328]
    R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2008-7-31 808296]
    R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2008-7-31 21352]
    R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-18 455960]
    R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-9-9 69632]
    R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2009-3-26 54960]
    R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2008-12-15 108160]
    R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2008-12-15 32808]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2008-12-15 244368]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-5 135664]
    S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832]
    S3 B-Service;B-Service;c:\documents and settings\siliesco\application data\mikogo extra\b-service.exe --> c:\documents and settings\siliesco\application data\mikogo extra\B-Service.exe [?]
    S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-12-16 30192]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

    =============== Created Last 30 ================

    2010-10-09 02:43:51 440 --sha-r- c:\documents and settings\administrator\ntuser.pol
    2010-10-09 02:41:41 -------- d--h--w- c:\windows\system32\GroupPolicy
    2010-10-09 01:49:43 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
    2010-10-09 01:49:43 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
    2010-10-09 01:49:41 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
    2010-10-09 01:49:41 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
    2010-10-09 01:49:41 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
    2010-10-09 01:49:41 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
    2010-10-09 01:49:35 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
    2010-10-09 01:49:35 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
    2010-10-09 01:49:18 -------- d-----w- c:\program files\common files\PC Tools
    2010-10-09 01:49:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
    2010-10-09 01:49:17 -------- d-----w- c:\program files\Spyware Doctor
    2010-10-09 01:49:17 -------- d-----w- c:\docume~1\admini~1\applic~1\PC Tools
    2010-10-09 00:37:52 -------- d-sh--w- c:\docume~1\admini~1\applic~1\Smart Engine
    2010-10-09 00:37:51 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SMXOE
    2010-10-09 00:37:24 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\67a93e
    2010-10-02 14:03:45 423656 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-23 19:21:13 -------- d-----w- c:\documents and settings\all users\Uniblue
    2010-09-23 19:21:09 -------- d-----w- c:\docume~1\admini~1\applic~1\Uniblue
    2010-09-23 00:55:10 -------- d-----w- c:\program files\Refworks

    ==================== Find3M ====================

    2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-07-22 15:49:15 590848 ----a-w- c:\windows\system32\rpcrt4.dll
    2010-07-22 05:57:20 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-07-17 06:42:29 73728 ----a-w- c:\windows\system32\javacpl.cpl

    ============= FINISH: 22:58:03,10 ===============
     
    FrancoBao,
    #1
  2. 2010/10/09
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Welcome aboard :)

    Please, keep all info in one topic. Don't create another topic.

    I'm pasting your info from your 2nd topic and I'll delete the other topic.

    ================================================================

    second part of the first post...

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-05.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2008-12-22 13:26:49
    System Uptime: 2010-10-08 22:04:08 (0 hours ago)

    Motherboard: Dell Inc. | |
    Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz | Microprocessor | 2527/266mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 74 GiB total, 41,92 GiB free.
    F: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E977-E325-11CE-BFC1-08002BE10318}
    Description: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_02501028&REV_BA\4&A85581B&0&08F0
    Manufacturer: RICOH
    Name: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
    PNP Device ID: PCI\VEN_1180&DEV_0476&SUBSYS_02501028&REV_BA\4&A85581B&0&08F0
    Service: pcmcia

    Class GUID: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
    Description: OHCI Compliant IEEE 1394 Host Controller
    Device ID: PCI\VEN_1180&DEV_0832&SUBSYS_02501028&REV_04\4&A85581B&0&09F0
    Manufacturer: IEEE 1394 OHCI Compliant Host Controller Vendor
    Name: OHCI Compliant IEEE 1394 Host Controller
    PNP Device ID: PCI\VEN_1180&DEV_0832&SUBSYS_02501028&REV_04\4&A85581B&0&09F0
    Service: ohci1394

    Class GUID: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
    Description: SDA Standard Compliant SD Host Controller
    Device ID: PCI\VEN_1180&DEV_0822&SUBSYS_02501028&REV_21\4&A85581B&0&0AF0
    Manufacturer: SDA Standard Compliant SD Host Controller Vendor
    Name: SDA Standard Compliant SD Host Controller
    PNP Device ID: PCI\VEN_1180&DEV_0822&SUBSYS_02501028&REV_21\4&A85581B&0&0AF0
    Service: sdbus

    Class GUID: {4D36E96A-E325-11CE-BFC1-08002BE10318}
    Description: Ricoh SD/MMC Host Controller
    Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0
    Manufacturer: Ricoh Company
    Name: Ricoh SD/MMC Host Controller
    PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02501028&REV_11\4&A85581B&0&0BF0
    Service: rimmptsk

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Bluetooth LAN Access Server Driver
    Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000
    Manufacturer: Broadcom
    Name: Bluetooth LAN Access Server Driver
    PNP Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000
    Service: BTWDNDIS

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: VMware Virtual Ethernet Adapter for VMnet1
    Device ID: ROOT\VMWARE\0000
    Manufacturer: VMware, Inc.
    Name: VMware Virtual Ethernet Adapter for VMnet1
    PNP Device ID: ROOT\VMWARE\0000
    Service: VMnetAdapter

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: VMware Virtual Ethernet Adapter for VMnet8
    Device ID: ROOT\VMWARE\0001
    Manufacturer: VMware, Inc.
    Name: VMware Virtual Ethernet Adapter for VMnet8
    PNP Device ID: ROOT\VMWARE\0001
    Service: VMnetAdapter

    ==== System Restore Points ===================

    RP379: 2010-07-14 09:45:10 - System Checkpoint
    RP380: 2010-07-24 18:26:58 - Software Distribution Service 3.0
    RP381: 2010-07-24 21:13:17 - Software Distribution Service 3.0
    RP382: 2010-07-26 11:26:45 - System Checkpoint
    RP383: 2010-07-27 11:52:01 - System Checkpoint
    RP384: 2010-07-28 12:11:03 - System Checkpoint
    RP385: 2010-07-29 13:45:18 - System Checkpoint
    RP386: 2010-07-30 19:19:59 - System Checkpoint
    RP387: 2010-08-03 22:54:16 - System Checkpoint
    RP388: 2010-08-04 03:00:15 - Software Distribution Service 3.0
    RP389: 2010-08-06 17:28:30 - System Checkpoint
    RP390: 2010-08-10 11:19:42 - System Checkpoint
    RP391: 2010-08-11 11:30:47 - System Checkpoint
    RP392: 2010-08-13 11:13:36 - Software Distribution Service 3.0
    RP393: 2010-08-16 20:37:25 - System Checkpoint
    RP394: 2010-08-19 18:33:00 - System Checkpoint
    RP395: 2010-08-20 18:55:27 - System Checkpoint
    RP396: 2010-08-22 12:15:38 - System Checkpoint
    RP397: 2010-08-29 09:34:34 - System Checkpoint
    RP398: 2010-09-02 12:41:09 - System Checkpoint
    RP399: 2010-09-09 18:19:58 - Software Distribution Service 3.0
    RP400: 2010-09-10 18:50:35 - System Checkpoint
    RP401: 2010-09-12 11:39:16 - System Checkpoint
    RP402: 2010-09-13 12:16:55 - System Checkpoint
    RP403: 2010-09-14 13:16:56 - System Checkpoint
    RP404: 2010-09-15 18:28:46 - System Checkpoint
    RP405: 2010-09-15 19:54:04 - Software Distribution Service 3.0
    RP406: 2010-09-17 12:15:50 - System Checkpoint
    RP407: 2010-09-18 15:14:56 - System Checkpoint
    RP408: 2010-09-20 09:28:34 - System Checkpoint
    RP409: 2010-09-22 21:46:26 - System Checkpoint
    RP410: 2010-09-25 12:20:35 - System Checkpoint
    RP411: 2010-09-26 15:34:32 - System Checkpoint
    RP412: 2010-09-27 19:16:51 - System Checkpoint
    RP413: 2010-09-29 09:27:02 - System Checkpoint
    RP414: 2010-09-29 21:05:07 - Software Distribution Service 3.0
    RP415: 2010-10-02 10:03:21 - Installed Java(TM) 6 Update 21
    RP416: 2010-10-03 11:10:17 - System Checkpoint
    RP417: 2010-10-04 11:43:03 - System Checkpoint
    RP418: 2010-10-06 09:47:00 - System Checkpoint
    RP419: 2010-10-07 10:54:09 - System Checkpoint
    RP420: 2010-10-07 20:04:16 - Software Distribution Service 3.0
    RP421: 2010-10-08 22:09:51 - Advanced SystemCare RestorePoint

    ==== Image File Execution Options =============

    IFEO: image file execution options - svchost.exe
    IFEO: a.exe - svchost.exe
    IFEO: aAvgApi.exe - svchost.exe
    IFEO: AAWTray.exe - svchost.exe
    IFEO: About.exe - svchost.exe
    IFEO: ackwin32.exe - svchost.exe
    IFEO: Ad-Aware.exe - svchost.exe
    IFEO: adaware.exe - svchost.exe
    IFEO: advxdwin.exe - svchost.exe
    IFEO: AdwarePrj.exe - svchost.exe
    IFEO: agent.exe - svchost.exe
    IFEO: agentsvr.exe - svchost.exe
    IFEO: agentw.exe - svchost.exe
    IFEO: alertsvc.exe - svchost.exe
    IFEO: alevir.exe - svchost.exe
    IFEO: alogserv.exe - svchost.exe
    IFEO: AlphaAV - svchost.exe
    IFEO: AlphaAV.exe - svchost.exe
    IFEO: AluSchedulerSvc.exe - svchost.exe
    IFEO: amon9x.exe - svchost.exe
    IFEO: anti-trojan.exe - svchost.exe
    IFEO: Anti-Virus Professional.exe - svchost.exe
    IFEO: AntispywarXP2009.exe - svchost.exe
    IFEO: antivirus.exe - svchost.exe
    IFEO: AntivirusPlus - svchost.exe
    IFEO: AntivirusPlus.exe - svchost.exe
    IFEO: AntivirusPro_2010.exe - svchost.exe
    IFEO: AntivirusXP - svchost.exe
    IFEO: AntivirusXP.exe - svchost.exe
    IFEO: antivirusxppro2009.exe - svchost.exe
    IFEO: AntiVirus_Pro.exe - svchost.exe
    IFEO: ants.exe - svchost.exe
    IFEO: apimonitor.exe - svchost.exe
    IFEO: aplica32.exe - svchost.exe
    IFEO: apvxdwin.exe - svchost.exe
    IFEO: arr.exe - svchost.exe
    IFEO: Arrakis3.exe - svchost.exe
    IFEO: ashAvast.exe - svchost.exe
    IFEO: ashBug.exe - svchost.exe
    IFEO: ashChest.exe - svchost.exe
    IFEO: ashCnsnt.exe - svchost.exe
    IFEO: ashDisp.exe - svchost.exe
    IFEO: ashLogV.exe - svchost.exe
    IFEO: ashMaiSv.exe - svchost.exe
    IFEO: ashPopWz.exe - svchost.exe
    IFEO: ashQuick.exe - svchost.exe
    IFEO: ashServ.exe - svchost.exe
    IFEO: ashSimp2.exe - svchost.exe
    IFEO: ashSimpl.exe - svchost.exe
    IFEO: ashSkPcc.exe - svchost.exe
    IFEO: ashSkPck.exe - svchost.exe
    IFEO: ashUpd.exe - svchost.exe
    IFEO: ashWebSv.exe - svchost.exe
    IFEO: aswChLic.exe - svchost.exe
    IFEO: aswRegSvr.exe - svchost.exe
    IFEO: aswRunDll.exe - svchost.exe
    IFEO: aswUpdSv.exe - svchost.exe
    IFEO: atcon.exe - svchost.exe
    IFEO: atguard.exe - svchost.exe
    IFEO: atro55en.exe - svchost.exe
    IFEO: atupdater.exe - svchost.exe
    IFEO: atwatch.exe - svchost.exe
    IFEO: au.exe - svchost.exe
    IFEO: aupdate.exe - svchost.exe
    IFEO: auto-protect.nav80try.exe - svchost.exe
    IFEO: autodown.exe - svchost.exe
    IFEO: autotrace.exe - svchost.exe
    IFEO: autoupdate.exe - svchost.exe
    IFEO: av360.exe - svchost.exe
    IFEO: avadmin.exe - svchost.exe
    IFEO: AVCare.exe - svchost.exe
    IFEO: avcenter.exe - svchost.exe
    IFEO: avciman.exe - svchost.exe
    IFEO: avconfig.exe - svchost.exe
    IFEO: avconsol.exe - svchost.exe
    IFEO: ave32.exe - svchost.exe
    IFEO: AVENGINE.EXE - svchost.exe
    IFEO: avgcc32.exe - svchost.exe
    IFEO: avgchk.exe - svchost.exe
    IFEO: avgcmgr.exe - svchost.exe
    IFEO: avgcsrvx.exe - svchost.exe
    IFEO: avgctrl.exe - svchost.exe
    IFEO: avgdumpx.exe - svchost.exe
    IFEO: avgemc.exe - svchost.exe
    IFEO: avgiproxy.exe - svchost.exe
    IFEO: avgnsx.exe - svchost.exe
    IFEO: avgnt.exe - svchost.exe
    IFEO: avgrsx.exe - svchost.exe
    IFEO: avgscanx.exe - svchost.exe
    IFEO: avgserv.exe - svchost.exe
    IFEO: avgserv9.exe - svchost.exe
    IFEO: avgsrmax.exe - svchost.exe
    IFEO: avgtray.exe - svchost.exe
    IFEO: avgui.exe - svchost.exe
    IFEO: avgupd.exe - svchost.exe
    IFEO: avgw.exe - svchost.exe
    IFEO: avgwdsvc.exe - svchost.exe
    IFEO: avkpop.exe - svchost.exe
    IFEO: avkserv.exe - svchost.exe
    IFEO: avkservice.exe - svchost.exe
    IFEO: avkwctl9.exe - svchost.exe
    IFEO: avltmain.exe - svchost.exe
    IFEO: avmailc.exe - svchost.exe
    IFEO: avmcdlg.exe - svchost.exe
    IFEO: avnotify.exe - svchost.exe
    IFEO: avnt.exe - svchost.exe
    IFEO: avp32.exe - svchost.exe
    IFEO: avpcc.exe - svchost.exe
    IFEO: avpdos32.exe - svchost.exe
    IFEO: avpm.exe - svchost.exe
    IFEO: avptc32.exe - svchost.exe
    IFEO: avpupd.exe - svchost.exe
    IFEO: avsched32.exe - svchost.exe
    IFEO: avsynmgr.exe - svchost.exe
    IFEO: avupgsvc.exe - svchost.exe
    IFEO: AVWEBGRD.EXE - svchost.exe
    IFEO: avwin.exe - svchost.exe
    IFEO: avwin95.exe - svchost.exe
    IFEO: avwinnt.exe - svchost.exe
    IFEO: avwsc.exe - svchost.exe
    IFEO: avwupd.exe - svchost.exe
    IFEO: avwupd32.exe - svchost.exe
    IFEO: avwupsrv.exe - svchost.exe
    IFEO: avxmonitor9x.exe - svchost.exe
    IFEO: avxmonitornt.exe - svchost.exe
    IFEO: avxquar.exe - svchost.exe
    IFEO: b.exe - svchost.exe
    IFEO: backweb.exe - svchost.exe
    IFEO: bargains.exe - svchost.exe
    IFEO: bdagent.exe - svchost.exe
    IFEO: bdfvcl.exe - svchost.exe
    IFEO: bdfvwiz.exe - svchost.exe
    IFEO: BDInProcPatch.exe - svchost.exe
    IFEO: bdmcon.exe - svchost.exe
    IFEO: BDMsnScan.exe - svchost.exe
    IFEO: bdreinit.exe - svchost.exe
    IFEO: bdsubwiz.exe - svchost.exe
    IFEO: BDSurvey.exe - svchost.exe
    IFEO: bdtkexec.exe - svchost.exe
    IFEO: bdwizreg.exe - svchost.exe
    IFEO: bd_professional.exe - svchost.exe
    IFEO: beagle.exe - svchost.exe
    IFEO: belt.exe - svchost.exe
    IFEO: bidef.exe - svchost.exe
    IFEO: bidserver.exe - svchost.exe
    IFEO: bipcp.exe - svchost.exe
    IFEO: bipcpevalsetup.exe - svchost.exe
    IFEO: bisp.exe - svchost.exe
    IFEO: blackd.exe - svchost.exe
    IFEO: blackice.exe - svchost.exe
    IFEO: blink.exe - svchost.exe
    IFEO: blss.exe - svchost.exe
    IFEO: bootconf.exe - svchost.exe
    IFEO: bootwarn.exe - svchost.exe
    IFEO: borg2.exe - svchost.exe
    IFEO: bpc.exe - svchost.exe
    IFEO: brasil.exe - svchost.exe
    IFEO: brastk.exe - svchost.exe
    IFEO: brw.exe - svchost.exe
    IFEO: bs120.exe - svchost.exe
    IFEO: bspatch.exe - svchost.exe
    IFEO: bundle.exe - svchost.exe
    IFEO: bvt.exe - svchost.exe
    IFEO: c.exe - svchost.exe
    IFEO: cavscan.exe - svchost.exe
    IFEO: ccapp.exe - svchost.exe
    IFEO: ccevtmgr.exe - svchost.exe
    IFEO: ccpxysvc.exe - svchost.exe
    IFEO: ccSvcHst.exe - svchost.exe
    IFEO: cdp.exe - svchost.exe
    IFEO: cfd.exe - svchost.exe
    IFEO: cfgwiz.exe - svchost.exe
    IFEO: cfiadmin.exe - svchost.exe
    IFEO: cfiaudit.exe - svchost.exe
    IFEO: cfinet.exe - svchost.exe
    IFEO: cfinet32.exe - svchost.exe
    IFEO: cfp.exe - svchost.exe
    IFEO: cfpconfg.exe - svchost.exe
    IFEO: cfplogvw.exe - svchost.exe
    IFEO: cfpupdat.exe - svchost.exe
    IFEO: Cl.exe - svchost.exe
    IFEO: claw95.exe - svchost.exe
    IFEO: claw95cf.exe - svchost.exe
    IFEO: clean.exe - svchost.exe
    IFEO: cleaner.exe - svchost.exe
    IFEO: cleaner3.exe - svchost.exe
    IFEO: cleanIELow.exe - svchost.exe
    IFEO: cleanpc.exe - svchost.exe
    IFEO: click.exe - svchost.exe
    IFEO: cmd32.exe - svchost.exe
    IFEO: cmdagent.exe - svchost.exe
    IFEO: cmesys.exe - svchost.exe
    IFEO: cmgrdian.exe - svchost.exe
    IFEO: cmon016.exe - svchost.exe
    IFEO: connectionmonitor.exe - svchost.exe
    IFEO: control - svchost.exe
    IFEO: cpd.exe - svchost.exe
    IFEO: cpf9x206.exe - svchost.exe
    IFEO: cpfnt206.exe - svchost.exe
    IFEO: crashrep.exe - svchost.exe
    IFEO: csc.exe - svchost.exe
    IFEO: cssconfg.exe - svchost.exe
    IFEO: cssupdat.exe - svchost.exe
    IFEO: cssurf.exe - svchost.exe
    IFEO: ctrl.exe - svchost.exe
    IFEO: cv.exe - svchost.exe
    IFEO: cwnb181.exe - svchost.exe
    IFEO: cwntdwmo.exe - svchost.exe
    IFEO: d.exe - svchost.exe
    IFEO: datemanager.exe - svchost.exe
    IFEO: dcomx.exe - svchost.exe
    IFEO: defalert.exe - svchost.exe
    IFEO: defscangui.exe - svchost.exe
    IFEO: defwatch.exe - svchost.exe
    IFEO: deloeminfs.exe - svchost.exe
    IFEO: deputy.exe - svchost.exe
    IFEO: divx.exe - svchost.exe
    IFEO: dllcache.exe - svchost.exe
    IFEO: dllreg.exe - svchost.exe
    IFEO: doors.exe - svchost.exe
    IFEO: dop.exe - svchost.exe
    IFEO: dpf.exe - svchost.exe
    IFEO: dpfsetup.exe - svchost.exe
    IFEO: dpps2.exe - svchost.exe
    IFEO: driverctrl.exe - svchost.exe
    IFEO: drwatson.exe - svchost.exe
    IFEO: drweb32.exe - svchost.exe
    IFEO: drwebupw.exe - svchost.exe
    IFEO: dssagent.exe - svchost.exe
    IFEO: dvp95.exe - svchost.exe
    IFEO: dvp95_0.exe - svchost.exe
    IFEO: ecengine.exe - svchost.exe
    IFEO: efpeadm.exe - svchost.exe
    IFEO: egui.exe - svchost.exe
    IFEO: ekrn.exe - svchost.exe
    IFEO: emsw.exe - svchost.exe
    IFEO: ent.exe - svchost.exe
    IFEO: esafe.exe - svchost.exe
    IFEO: escanhnt.exe - svchost.exe
    IFEO: escanv95.exe - svchost.exe
    IFEO: espwatch.exe - svchost.exe
    IFEO: ethereal.exe - svchost.exe
    IFEO: etrustcipe.exe - svchost.exe
    IFEO: evpn.exe - svchost.exe
    IFEO: exantivirus-cnet.exe - svchost.exe
    IFEO: exe.avxw.exe - svchost.exe
    IFEO: expert.exe - svchost.exe
    IFEO: explore.exe - svchost.exe
    IFEO: f-agnt95.exe - svchost.exe
    IFEO: f-prot.exe - svchost.exe
    IFEO: f-prot95.exe - svchost.exe
    IFEO: f-stopw.exe - svchost.exe
    IFEO: fact.exe - svchost.exe
    IFEO: fameh32.exe - svchost.exe
    IFEO: fast.exe - svchost.exe
    IFEO: fch32.exe - svchost.exe
    IFEO: fih32.exe - svchost.exe
    IFEO: findviru.exe - svchost.exe
    IFEO: firewall.exe - svchost.exe
    IFEO: fixcfg.exe - svchost.exe
    IFEO: fixfp.exe - svchost.exe
    IFEO: fnrb32.exe - svchost.exe
    IFEO: fp-win.exe - svchost.exe
    IFEO: fp-win_trial.exe - svchost.exe
    IFEO: fprot.exe - svchost.exe
    IFEO: frmwrk32.exe - svchost.exe
    IFEO: frw.exe - svchost.exe
    IFEO: fsaa.exe - svchost.exe
    IFEO: fsav.exe - svchost.exe
    IFEO: fsav32.exe - svchost.exe
    IFEO: fsav530stbyb.exe - svchost.exe
    IFEO: fsav530wtbyb.exe - svchost.exe
    IFEO: fsav95.exe - svchost.exe
    IFEO: fsgk32.exe - svchost.exe
    IFEO: fsm32.exe - svchost.exe
    IFEO: fsma32.exe - svchost.exe
    IFEO: fsmb32.exe - svchost.exe
    IFEO: gator.exe - svchost.exe
    IFEO: gav.exe - svchost.exe
    IFEO: gbmenu.exe - svchost.exe
    IFEO: gbn976rl.exe - svchost.exe
    IFEO: gbpoll.exe - svchost.exe
    IFEO: generics.exe - svchost.exe
    IFEO: gmt.exe - svchost.exe
    IFEO: guard.exe - svchost.exe
    IFEO: guarddog.exe - svchost.exe
    IFEO: guardgui.exe - svchost.exe
    IFEO: hacktracersetup.exe - svchost.exe
    IFEO: hbinst.exe - svchost.exe
    IFEO: hbsrv.exe - svchost.exe
    IFEO: History.exe - svchost.exe
    IFEO: homeav2010.exe - svchost.exe
    IFEO: hotactio.exe - svchost.exe
    IFEO: hotpatch.exe - svchost.exe
    IFEO: htlog.exe - svchost.exe
    IFEO: htpatch.exe - svchost.exe
    IFEO: hwpe.exe - svchost.exe
    IFEO: hxdl.exe - svchost.exe
    IFEO: hxiul.exe - svchost.exe
    IFEO: iamapp.exe - svchost.exe
    IFEO: iamserv.exe - svchost.exe
    IFEO: iamstats.exe - svchost.exe
    IFEO: ibmasn.exe - svchost.exe
    IFEO: ibmavsp.exe - svchost.exe
    IFEO: icload95.exe - svchost.exe
    IFEO: icloadnt.exe - svchost.exe
    IFEO: icmon.exe - svchost.exe
    IFEO: icsupp95.exe - svchost.exe
    IFEO: icsuppnt.exe - svchost.exe
    IFEO: Identity.exe - svchost.exe
    IFEO: idle.exe - svchost.exe
    IFEO: iedll.exe - svchost.exe
    IFEO: iedriver.exe - svchost.exe
    IFEO: IEShow.exe - svchost.exe
    IFEO: iface.exe - svchost.exe
    IFEO: ifw2000.exe - svchost.exe
    IFEO: inetlnfo.exe - svchost.exe
    IFEO: infus.exe - svchost.exe
    IFEO: infwin.exe - svchost.exe
    IFEO: init.exe - svchost.exe
    IFEO: init32.exe - svchost.exe
    IFEO: install.exe - svchost.exe
    IFEO: install[1].exe - svchost.exe
    IFEO: install[2].exe - svchost.exe
    IFEO: install[3].exe - svchost.exe
    IFEO: install[4].exe - svchost.exe
    IFEO: install[5].exe - svchost.exe
    IFEO: intdel.exe - svchost.exe
    IFEO: intren.exe - svchost.exe
    IFEO: iomon98.exe - svchost.exe
    IFEO: istsvc.exe - svchost.exe
    IFEO: jammer.exe - svchost.exe
    IFEO: jdbgmrg.exe - svchost.exe
    IFEO: jedi.exe - svchost.exe
    IFEO: JsRcGen.exe - svchost.exe
    IFEO: kavlite40eng.exe - svchost.exe
    IFEO: kavpers40eng.exe - svchost.exe
    IFEO: kavpf.exe - svchost.exe
    IFEO: kazza.exe - svchost.exe
    IFEO: keenvalue.exe - svchost.exe
    IFEO: kerio-pf-213-en-win.exe - svchost.exe
    IFEO: kerio-wrl-421-en-win.exe - svchost.exe
    IFEO: kerio-wrp-421-en-win.exe - svchost.exe
    IFEO: killprocesssetup161.exe - svchost.exe
    IFEO: ldnetmon.exe - svchost.exe
    IFEO: ldpro.exe - svchost.exe
    IFEO: ldpromenu.exe - svchost.exe
    IFEO: ldscan.exe - svchost.exe
    IFEO: licmgr.exe - svchost.exe
    IFEO: livesrv.exe - svchost.exe
    IFEO: lnetinfo.exe - svchost.exe
    IFEO: loader.exe - svchost.exe
    IFEO: localnet.exe - svchost.exe
    IFEO: lockdown.exe - svchost.exe
    IFEO: lockdown2000.exe - svchost.exe
    IFEO: lookout.exe - svchost.exe
    IFEO: lordpe.exe - svchost.exe
    IFEO: lsetup.exe - svchost.exe
    IFEO: luall.exe - svchost.exe
    IFEO: luau.exe - svchost.exe
    IFEO: lucomserver.exe - svchost.exe
    IFEO: luinit.exe - svchost.exe
    IFEO: luspt.exe - svchost.exe
    IFEO: MalwareRemoval.exe - svchost.exe
    IFEO: mapisvc32.exe - svchost.exe
    IFEO: mcagent.exe - svchost.exe
    IFEO: mcmnhdlr.exe - svchost.exe
    IFEO: mcmscsvc.exe - svchost.exe
    IFEO: mcnasvc.exe - svchost.exe
    IFEO: mcproxy.exe - svchost.exe
    IFEO: McSACore.exe - svchost.exe
    IFEO: mcshell.exe - svchost.exe
    IFEO: mcshield.exe - svchost.exe
    IFEO: mcsysmon.exe - svchost.exe
    IFEO: mctool.exe - svchost.exe
    IFEO: mcupdate.exe - svchost.exe
    IFEO: mcvsrte.exe - svchost.exe
    IFEO: mcvsshld.exe - svchost.exe
    IFEO: md.exe - svchost.exe
    IFEO: mfin32.exe - svchost.exe
    IFEO: mfw2en.exe - svchost.exe
    IFEO: mfweng3.02d30.exe - svchost.exe
    IFEO: mgavrtcl.exe - svchost.exe
    IFEO: mgavrte.exe - svchost.exe
    IFEO: mghtml.exe - svchost.exe
    IFEO: mgui.exe - svchost.exe
    IFEO: minilog.exe - svchost.exe
    IFEO: mmod.exe - svchost.exe
    IFEO: monitor.exe - svchost.exe
    IFEO: moolive.exe - svchost.exe
    IFEO: mostat.exe - svchost.exe
    IFEO: mpfagent.exe - svchost.exe
    IFEO: mpfservice.exe - svchost.exe
    IFEO: MPFSrv.exe - svchost.exe
    IFEO: mpftray.exe - svchost.exe
    IFEO: mrflux.exe - svchost.exe
    IFEO: mrt.exe - svchost.exe
    IFEO: msa.exe - svchost.exe
    IFEO: msapp.exe - svchost.exe
    IFEO: MSASCui.exe - svchost.exe
    IFEO: msbb.exe - svchost.exe
    IFEO: msblast.exe - svchost.exe
    IFEO: mscache.exe - svchost.exe
    IFEO: msccn32.exe - svchost.exe
    IFEO: mscman.exe - svchost.exe
    IFEO: msconfig - svchost.exe
    IFEO: msdm.exe - svchost.exe
    IFEO: msdos.exe - svchost.exe
    IFEO: msfwsvc.exe - svchost.exe
    IFEO: msiexec16.exe - svchost.exe
    IFEO: mslaugh.exe - svchost.exe
    IFEO: msmgt.exe - svchost.exe
    IFEO: MsMpEng.exe - svchost.exe
    IFEO: msmsgri32.exe - svchost.exe
    IFEO: msseces.exe - svchost.exe
    IFEO: mssmmc32.exe - svchost.exe
    IFEO: mssys.exe - svchost.exe
    IFEO: msvxd.exe - svchost.exe
    IFEO: mu0311ad.exe - svchost.exe
    IFEO: mwatch.exe - svchost.exe
    IFEO: n32scanw.exe - svchost.exe
    IFEO: nav.exe - svchost.exe
    IFEO: navap.navapsvc.exe - svchost.exe
    IFEO: navapsvc.exe - svchost.exe
    IFEO: navapw32.exe - svchost.exe
    IFEO: navdx.exe - svchost.exe
    IFEO: navlu32.exe - svchost.exe
    IFEO: navnt.exe - svchost.exe
    IFEO: navstub.exe - svchost.exe
    IFEO: navw32.exe - svchost.exe
    IFEO: navwnt.exe - svchost.exe
    IFEO: nc2000.exe - svchost.exe
    IFEO: ncinst4.exe - svchost.exe
    IFEO: ndd32.exe - svchost.exe
    IFEO: neomonitor.exe - svchost.exe
    IFEO: neowatchlog.exe - svchost.exe
    IFEO: netarmor.exe - svchost.exe
    IFEO: netd32.exe - svchost.exe
    IFEO: netinfo.exe - svchost.exe
    IFEO: netmon.exe - svchost.exe
    IFEO: netscanpro.exe - svchost.exe
    IFEO: netspyhunter-1.2.exe - svchost.exe
    IFEO: netutils.exe - svchost.exe
    IFEO: nisserv.exe - svchost.exe
    IFEO: nisum.exe - svchost.exe
    IFEO: nmain.exe - svchost.exe
    IFEO: nod32.exe - svchost.exe
    IFEO: normist.exe - svchost.exe
    IFEO: norton_internet_secu_3.0_407.exe - svchost.exe
    IFEO: notstart.exe - svchost.exe
    IFEO: npf40_tw_98_nt_me_2k.exe - svchost.exe
    IFEO: npfmessenger.exe - svchost.exe
    IFEO: nprotect.exe - svchost.exe
    IFEO: npscheck.exe - svchost.exe
    IFEO: npssvc.exe - svchost.exe
    IFEO: nsched32.exe - svchost.exe
    IFEO: nssys32.exe - svchost.exe
    IFEO: nstask32.exe - svchost.exe
    IFEO: nsupdate.exe - svchost.exe
    IFEO: nt.exe - svchost.exe
    IFEO: ntrtscan.exe - svchost.exe
    IFEO: ntvdm.exe - svchost.exe
    IFEO: ntxconfig.exe - svchost.exe
    IFEO: nui.exe - svchost.exe
    IFEO: nupgrade.exe - svchost.exe
    IFEO: nvarch16.exe - svchost.exe
    IFEO: nvc95.exe - svchost.exe
    IFEO: nvsvc32.exe - svchost.exe
    IFEO: nwinst4.exe - svchost.exe
    IFEO: nwservice.exe - svchost.exe
    IFEO: nwtool16.exe - svchost.exe
    IFEO: OAcat.exe - svchost.exe
    IFEO: OAhlp.exe - svchost.exe
    IFEO: OAReg.exe - svchost.exe
    IFEO: oasrv.exe - svchost.exe
    IFEO: oaui.exe - svchost.exe
    IFEO: oaview.exe - svchost.exe
    IFEO: OcHealthMon.exe - svchost.exe
    IFEO: ODSW.exe - svchost.exe
    IFEO: ollydbg.exe - svchost.exe
    IFEO: onsrvr.exe - svchost.exe
    IFEO: optimize.exe - svchost.exe
    IFEO: ostronet.exe - svchost.exe
    IFEO: otfix.exe - svchost.exe
    IFEO: outpost.exe - svchost.exe
    IFEO: outpostinstall.exe - svchost.exe
    IFEO: outpostproinstall.exe - svchost.exe
    IFEO: ozn695m5.exe - svchost.exe
    IFEO: padmin.exe - svchost.exe
    IFEO: panixk.exe - svchost.exe
    IFEO: patch.exe - svchost.exe
    IFEO: pav.exe - svchost.exe
    IFEO: pavcl.exe - svchost.exe
    IFEO: PavFnSvr.exe - svchost.exe
    IFEO: pavproxy.exe - svchost.exe
    IFEO: pavprsrv.exe - svchost.exe
    IFEO: pavsched.exe - svchost.exe
    IFEO: pavsrv51.exe - svchost.exe
    IFEO: pavw.exe - svchost.exe
    IFEO: pc.exe - svchost.exe
    IFEO: pccwin98.exe - svchost.exe
    IFEO: pcfwallicon.exe - svchost.exe
    IFEO: pcip10117_0.exe - svchost.exe
    IFEO: pcscan.exe - svchost.exe
    IFEO: pctsAuxs.exe - svchost.exe
    IFEO: pctsGui.exe - svchost.exe
    IFEO: pctsSvc.exe - svchost.exe
    IFEO: pctsTray.exe - svchost.exe
    IFEO: PC_Antispyware2010.exe - svchost.exe
    IFEO: pdfndr.exe - svchost.exe
    IFEO: pdsetup.exe - svchost.exe
    IFEO: PerAvir.exe - svchost.exe
    IFEO: periscope.exe - svchost.exe
    IFEO: persfw.exe - svchost.exe
    IFEO: personalguard - svchost.exe
    IFEO: personalguard.exe - svchost.exe
    IFEO: perswf.exe - svchost.exe
    IFEO: pf2.exe - svchost.exe
    IFEO: pfwadmin.exe - svchost.exe
    IFEO: pgmonitr.exe - svchost.exe
    IFEO: pingscan.exe - svchost.exe
    IFEO: platin.exe - svchost.exe
    IFEO: pop3trap.exe - svchost.exe
    IFEO: poproxy.exe - svchost.exe
    IFEO: popscan.exe - svchost.exe
    IFEO: portdetective.exe - svchost.exe
    IFEO: portmonitor.exe - svchost.exe
    IFEO: powerscan.exe - svchost.exe
    IFEO: ppinupdt.exe - svchost.exe
    IFEO: pptbc.exe - svchost.exe
    IFEO: ppvstop.exe - svchost.exe
    IFEO: prizesurfer.exe - svchost.exe
    IFEO: prmt.exe - svchost.exe
    IFEO: prmvr.exe - svchost.exe
    IFEO: procdump.exe - svchost.exe
    IFEO: processmonitor.exe - svchost.exe
    IFEO: procexplorerv1.0.exe - svchost.exe
    IFEO: programauditor.exe - svchost.exe
    IFEO: proport.exe - svchost.exe
    IFEO: protector.exe - svchost.exe
    IFEO: protectx.exe - svchost.exe
    IFEO: PSANCU.exe - svchost.exe
    IFEO: PSANHost.exe - svchost.exe
    IFEO: PSANToManager.exe - svchost.exe
    IFEO: PsCtrls.exe - svchost.exe
    IFEO: PsImSvc.exe - svchost.exe
    IFEO: PskSvc.exe - svchost.exe
    IFEO: pspf.exe - svchost.exe
    IFEO: PSUNMain.exe - svchost.exe
    IFEO: purge.exe - svchost.exe
    IFEO: qconsole.exe - svchost.exe
    IFEO: qh.exe - svchost.exe
    IFEO: qserver.exe - svchost.exe
    IFEO: Quick Heal.exe - svchost.exe
    IFEO: QuickHealCleaner.exe - svchost.exe
    IFEO: rapapp.exe - svchost.exe
    IFEO: rav7.exe - svchost.exe
    IFEO: rav7win.exe - svchost.exe
    IFEO: rav8win32eng.exe - svchost.exe
    IFEO: ray.exe - svchost.exe
    IFEO: rb32.exe - svchost.exe
    IFEO: rcsync.exe - svchost.exe
    IFEO: realmon.exe - svchost.exe
    IFEO: reged.exe - svchost.exe
    IFEO: regedt32.exe - svchost.exe
    IFEO: rescue.exe - svchost.exe
    IFEO: rescue32.exe - svchost.exe
    IFEO: rrguard.exe - svchost.exe
    IFEO: rscdwld.exe - svchost.exe
    IFEO: rshell.exe - svchost.exe
    IFEO: rtvscan.exe - svchost.exe
    IFEO: rtvscn95.exe - svchost.exe
    IFEO: rulaunch.exe - svchost.exe
    IFEO: rwg - svchost.exe
    IFEO: rwg.exe - svchost.exe
    IFEO: SafetyKeeper.exe - svchost.exe
    IFEO: safeweb.exe - svchost.exe
    IFEO: sahagent.exe - svchost.exe
    IFEO: Save.exe - svchost.exe
    IFEO: SaveArmor.exe - svchost.exe
    IFEO: SaveDefense.exe - svchost.exe
    IFEO: SaveKeep.exe - svchost.exe
    IFEO: savenow.exe - svchost.exe
    IFEO: sbserv.exe - svchost.exe
    IFEO: sc.exe - svchost.exe
    IFEO: scam32.exe - svchost.exe
    IFEO: scan32.exe - svchost.exe
    IFEO: scan95.exe - svchost.exe
    IFEO: scanpm.exe - svchost.exe
    IFEO: scrscan.exe - svchost.exe
    IFEO: seccenter.exe - svchost.exe
    IFEO: Secure Veteran.exe - svchost.exe
    IFEO: secureveteran.exe - svchost.exe
    IFEO: Security Center.exe - svchost.exe
    IFEO: SecurityFighter.exe - svchost.exe
    IFEO: securitysoldier.exe - svchost.exe
    IFEO: serv95.exe - svchost.exe
    IFEO: setloadorder.exe - svchost.exe
    IFEO: setupvameeval.exe - svchost.exe
    IFEO: setup_flowprotector_us.exe - svchost.exe
    IFEO: sgssfw32.exe - svchost.exe
    IFEO: sh.exe - svchost.exe
    IFEO: shellspyinstall.exe - svchost.exe
    IFEO: shield.exe - svchost.exe
    IFEO: shn.exe - svchost.exe
    IFEO: showbehind.exe - svchost.exe
    IFEO: signcheck.exe - svchost.exe
    IFEO: smart.exe - svchost.exe
    IFEO: smartprotector.exe - svchost.exe
    IFEO: smc.exe - svchost.exe
    IFEO: smrtdefp.exe - svchost.exe
    IFEO: sms.exe - svchost.exe
    IFEO: smss32.exe - svchost.exe
    IFEO: snetcfg.exe - svchost.exe
    IFEO: soap.exe - svchost.exe
    IFEO: sofi.exe - svchost.exe
    IFEO: SoftSafeness.exe - svchost.exe
    IFEO: sperm.exe - svchost.exe
    IFEO: spf.exe - svchost.exe
    IFEO: sphinx.exe - svchost.exe
    IFEO: spoler.exe - svchost.exe
    IFEO: spoolcv.exe - svchost.exe
    IFEO: spoolsv32.exe - svchost.exe
    IFEO: spywarexpguard.exe - svchost.exe
    IFEO: spyxx.exe - svchost.exe
    IFEO: srexe.exe - svchost.exe
    IFEO: srng.exe - svchost.exe
    IFEO: ss3edit.exe - svchost.exe
    IFEO: ssgrate.exe - svchost.exe
    IFEO: ssg_4104.exe - svchost.exe
    IFEO: st2.exe - svchost.exe
    IFEO: start.exe - svchost.exe
    IFEO: stcloader.exe - svchost.exe
    IFEO: supftrl.exe - svchost.exe
    IFEO: support.exe - svchost.exe
    IFEO: supporter5.exe - svchost.exe
    IFEO: svc.exe - svchost.exe
    IFEO: svchostc.exe - svchost.exe
    IFEO: svchosts.exe - svchost.exe
    IFEO: svshost.exe - svchost.exe
    IFEO: sweep95.exe - svchost.exe
    IFEO: sweepnet.sweepsrv.sys.swnetsup.exe - svchost.exe
    IFEO: symlcsvc.exe - svchost.exe
    IFEO: symproxysvc.exe - svchost.exe
    IFEO: symtray.exe - svchost.exe
    IFEO: system.exe - svchost.exe
    IFEO: system32.exe - svchost.exe
    IFEO: sysupd.exe - svchost.exe
    IFEO: tapinstall.exe - svchost.exe
    IFEO: taskmgr.exe - svchost.exe
    IFEO: taumon.exe - svchost.exe
    IFEO: tbscan.exe - svchost.exe
    IFEO: tc.exe - svchost.exe
    IFEO: tca.exe - svchost.exe
    IFEO: tcm.exe - svchost.exe
    IFEO: tds-3.exe - svchost.exe
    IFEO: tds2-98.exe - svchost.exe
    IFEO: tds2-nt.exe - svchost.exe
    IFEO: teekids.exe - svchost.exe
    IFEO: tfak.exe - svchost.exe
    IFEO: tfak5.exe - svchost.exe
    IFEO: tgbob.exe - svchost.exe
    IFEO: titanin.exe - svchost.exe
    IFEO: titaninxp.exe - svchost.exe
    IFEO: TPSrv.exe - svchost.exe
    IFEO: trickler.exe - svchost.exe
    IFEO: trjscan.exe - svchost.exe
    IFEO: trjsetup.exe - svchost.exe
    IFEO: trojantrap3.exe - svchost.exe
    IFEO: TrustWarrior.exe - svchost.exe
    IFEO: tsadbot.exe - svchost.exe
    IFEO: tsc.exe - svchost.exe
    IFEO: tvmd.exe - svchost.exe
    IFEO: tvtmd.exe - svchost.exe
    IFEO: uiscan.exe - svchost.exe
    IFEO: undoboot.exe - svchost.exe
    IFEO: updat.exe - svchost.exe
    IFEO: upgrad.exe - svchost.exe
    IFEO: upgrepl.exe - svchost.exe
    IFEO: utpost.exe - svchost.exe
    IFEO: vbcmserv.exe - svchost.exe
    IFEO: vbcons.exe - svchost.exe
    IFEO: vbust.exe - svchost.exe
    IFEO: vbwin9x.exe - svchost.exe
    IFEO: vbwinntw.exe - svchost.exe
    IFEO: vcsetup.exe - svchost.exe
    IFEO: vet32.exe - svchost.exe
    IFEO: vet95.exe - svchost.exe
    IFEO: vettray.exe - svchost.exe
    IFEO: vfsetup.exe - svchost.exe
    IFEO: vir-help.exe - svchost.exe
    IFEO: virusmdpersonalfirewall.exe - svchost.exe
    IFEO: VisthAux.exe - svchost.exe
    IFEO: VisthLic.exe - svchost.exe
    IFEO: VisthUpd.exe - svchost.exe
    IFEO: vnlan300.exe - svchost.exe
    IFEO: vnpc3000.exe - svchost.exe
    IFEO: vpc32.exe - svchost.exe
    IFEO: vpc42.exe - svchost.exe
    IFEO: vpfw30s.exe - svchost.exe
    IFEO: vptray.exe - svchost.exe
    IFEO: vscan40.exe - svchost.exe
    IFEO: vscenu6.02d30.exe - svchost.exe
    IFEO: vsched.exe - svchost.exe
    IFEO: vsecomr.exe - svchost.exe
    IFEO: vshwin32.exe - svchost.exe
    IFEO: vsisetup.exe - svchost.exe
    IFEO: vsmain.exe - svchost.exe
    IFEO: vsmon.exe - svchost.exe
    IFEO: vsserv.exe - svchost.exe
    IFEO: vsstat.exe - svchost.exe
    IFEO: vswin9xe.exe - svchost.exe
    IFEO: vswinntse.exe - svchost.exe
    IFEO: vswinperse.exe - svchost.exe
    IFEO: w32dsm89.exe - svchost.exe
    IFEO: W3asbas.exe - svchost.exe
    IFEO: w9x.exe - svchost.exe
    IFEO: watchdog.exe - svchost.exe
    IFEO: webdav.exe - svchost.exe
    IFEO: WebProxy.exe - svchost.exe
    IFEO: webscanx.exe - svchost.exe
    IFEO: webtrap.exe - svchost.exe
    IFEO: wfindv32.exe - svchost.exe
    IFEO: whoswatchingme.exe - svchost.exe
    IFEO: wimmun32.exe - svchost.exe
    IFEO: win-bugsfix.exe - svchost.exe
    IFEO: win32.exe - svchost.exe
    IFEO: win32us.exe - svchost.exe
    IFEO: winactive.exe - svchost.exe
    IFEO: winav.exe - svchost.exe
    IFEO: windll32.exe - svchost.exe
    IFEO: window.exe - svchost.exe
    IFEO: windows Police Pro.exe - svchost.exe
    IFEO: windows.exe - svchost.exe
    IFEO: wininetd.exe - svchost.exe
    IFEO: wininitx.exe - svchost.exe
    IFEO: winlogin.exe - svchost.exe
    IFEO: winmain.exe - svchost.exe
    IFEO: winppr32.exe - svchost.exe
    IFEO: winrecon.exe - svchost.exe
    IFEO: winservn.exe - svchost.exe
    IFEO: winss.exe - svchost.exe
    IFEO: winssk32.exe - svchost.exe
    IFEO: winssnotify.exe - svchost.exe
    IFEO: WinSSUI.exe - svchost.exe
    IFEO: winstart.exe - svchost.exe
    IFEO: winstart001.exe - svchost.exe
    IFEO: wintsk32.exe - svchost.exe
    IFEO: winupdate.exe - svchost.exe
    IFEO: wkufind.exe - svchost.exe
    IFEO: wnad.exe - svchost.exe
    IFEO: wnt.exe - svchost.exe
    IFEO: wradmin.exe - svchost.exe
    IFEO: wrctrl.exe - svchost.exe
    IFEO: wsbgate.exe - svchost.exe
    IFEO: wscfxas.exe - svchost.exe
    IFEO: wscfxav.exe - svchost.exe
    IFEO: wscfxfw.exe - svchost.exe
    IFEO: wsctool.exe - svchost.exe
    IFEO: wupdater.exe - svchost.exe
    IFEO: wupdt.exe - svchost.exe
    IFEO: wyvernworksfirewall.exe - svchost.exe
    IFEO: xpdeluxe.exe - svchost.exe
    IFEO: xpf202en.exe - svchost.exe
    IFEO: xp_antispyware.exe - svchost.exe
    IFEO: zapro.exe - svchost.exe
    IFEO: zapsetup3001.exe - svchost.exe
    IFEO: zatutor.exe - svchost.exe
    IFEO: zonalm2601.exe - svchost.exe
    IFEO: zonealarm.exe - svchost.exe
    IFEO: _avp32.exe - svchost.exe
    IFEO: _avpcc.exe - svchost.exe
    IFEO: _avpm.exe - svchost.exe
    IFEO: ~1.exe - svchost.exe
    IFEO: ~2.exe - svchost.exe

    ==== Hosts File Hijack ======================

    Hosts: 192.168.2.132 HP001B78A1C01A
    Hosts: 192.168.2.128 WIN-476CGXN4O7W
    Hosts: 10.1.1.16 appqsp01
    Hosts: 74.125.45.100 4-open-davinci.com
    Hosts: 74.125.45.100 securitysoftwarepayments.com
    Hosts: 74.125.45.100 privatesecuredpayments.com
    Hosts: 74.125.45.100 secure.privatesecuredpayments.com
    Hosts: 74.125.45.100 getantivirusplusnow.com
    Hosts: 74.125.45.100 secure-plus-payments.com
    Hosts: 74.125.45.100 www.getantivirusplusnow.com
    Hosts: 74.125.45.100 www.secure-plus-payments.com
    Hosts: 74.125.45.100 www.getavplusnow.com
    Hosts: 74.125.45.100 safebrowsing-cache.google.com
    Hosts: 74.125.45.100 urs.microsoft.com
    Hosts: 74.125.45.100 www.securesoftwarebill.com
    Hosts: 74.125.45.100 secure.paysecuresystem.com
    Hosts: 74.125.45.100 paysoftbillsolution.com
    Hosts: 74.125.45.100 protected.maxisoftwaremart.com
    Hosts: 173.232.108.157 www.google.com
    Hosts: 173.232.108.157 google.com
    Hosts: 173.232.108.157 google.com.au
    Hosts: 173.232.108.157 www.google.com.au
    Hosts: 173.232.108.157 google.be
    Hosts: 173.232.108.157 www.google.be
    Hosts: 173.232.108.157 google.com.br
    Hosts: 173.232.108.157 www.google.com.br
    Hosts: 173.232.108.157 google.ca
    Hosts: 173.232.108.157 www.google.ca
    Hosts: 173.232.108.157 google.ch
    Hosts: 173.232.108.157 www.google.ch
    Hosts: 173.232.108.157 google.de
    Hosts: 173.232.108.157 www.google.de
    Hosts: 173.232.108.157 google.dk
    Hosts: 173.232.108.157 www.google.dk
    Hosts: 173.232.108.157 google.fr
    Hosts: 173.232.108.157 www.google.fr
    Hosts: 173.232.108.157 google.ie
    Hosts: 173.232.108.157 www.google.ie
    Hosts: 173.232.108.157 google.it
    Hosts: 173.232.108.157 www.google.it
    Hosts: 173.232.108.157 google.co.jp
    Hosts: 173.232.108.157 www.google.co.jp
    Hosts: 173.232.108.157 google.nl
    Hosts: 173.232.108.157 www.google.nl
    Hosts: 173.232.108.157 google.no
    Hosts: 173.232.108.157 www.google.no
    Hosts: 173.232.108.157 google.co.nz
    Hosts: 173.232.108.157 www.google.co.nz
    Hosts: 173.232.108.157 google.pl
    Hosts: 173.232.108.157 www.google.pl
    Hosts: 173.232.108.157 google.se
    Hosts: 173.232.108.157 www.google.se
    Hosts: 173.232.108.157 google.co.uk
    Hosts: 173.232.108.157 www.google.co.uk
    Hosts: 173.232.108.157 google.co.za
    Hosts: 173.232.108.157 www.google.co.za
    Hosts: 173.232.108.157 www.google-analytics.com
    Hosts: 173.232.108.157 www.bing.com
    Hosts: 173.232.108.157 search.yahoo.com
    Hosts: 173.232.108.157 www.search.yahoo.com
    Hosts: 173.232.108.157 uk.search.yahoo.com
    Hosts: 173.232.108.157 ca.search.yahoo.com
    Hosts: 173.232.108.157 de.search.yahoo.com
    Hosts: 173.232.108.157 fr.search.yahoo.com
    Hosts: 173.232.108.157 au.search.yahoo.com
    Hosts: 173.232.108.157 www.youtube.com

    ==== Installed Programs ======================

    2007 Microsoft Office Suite Service Pack 2 (SP2)
    7-Zip 4.58 beta
    AC3Filter (remove only)
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.2
    Advanced SystemCare 3
    All Day Battery Life Configuration
    BioAPI Framework
    biolsp patch
    Broadcom USH Host Components
    Brother MFL-Pro Suite
    Browser Address Error Redirector
    CCleaner (remove only)
    ClamWin Free Antivirus 0.96.2.1
    Critical Update for Windows Media Player 11 (KB959772)
    Defraggler (remove only)
    Dell Control Point
    Dell ControlPoint Connection Manager
    Dell ControlPoint Security Manager
    Dell ControlPoint System Manager
    Dell Embassy Trust Suite by Wave Systems
    Dell Security Device Driver Pack
    Dell Touchpad
    DivX Web Player
    Document Manager Lite
    EMBASSY Security Center
    EMBASSY Security Setup
    ESC Home Page Plugin
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    FastStone Capture 5.3 (French)
    fflink
    FileZilla Client 3.2.5
    Gemalto
    Google Chrome
    Google Desktop
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Google Updater
    High Definition Audio Driver Package - KB835221
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
    Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB945436)
    Hotfix for Windows XP (KB949764)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB953955)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Product Detection
    IE7Pro
    Intel PROSet Wireless
    Intel(R) Network Connections 13.0.42.0
    Intel(R) PRO Alerting Agent
    Intel(R) PROSet/Wireless WiFi Software
    Intel® Matrix Storage Manager
    IObitCom Toolbar
    Java Auto Updater
    Java(TM) 6 Update 21
    Java(TM) 6 Update 7
    kgcbase
    Kodak EasyShare software
    McAfee Security Scan Plus
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft ActiveSync
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Easy Assist v2
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Project 2007 Service Pack 2 (SP2)
    Microsoft Office Project MUI (English) 2007
    Microsoft Office Project Professional 2003
    Microsoft Office Project Professional 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office SharePoint Designer 2007
    Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
    Microsoft Office SharePoint Designer MUI (English) 2007
    Microsoft Office Visio 2007 Service Pack 2 (SP2)
    Microsoft Office Visio MUI (English) 2007
    Microsoft Office Visio Professional 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server 2008
    Microsoft SQL Server 2008 BI Development Studio
    Microsoft SQL Server 2008 Client Tools
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Management Studio
    Microsoft SQL Server 2008 Native Client
    Microsoft SQL Server 2008 Policies
    Microsoft SQL Server 2008 Report Builder 2.0
    Microsoft SQL Server 2008 Setup Support Files (English)
    Microsoft SQL Server Compact 3.5 SP1 English
    Microsoft SQL Server Compact 3.5 SP1 Query Tools English
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Virtual PC 2007 SP1
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual Studio 2005 Tools for Office Runtime
    Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
    Microsoft Visual Studio Tools for Applications 2.0 - ENU
    Mindjet MindManager Viewer 7
    Mozilla Firefox (3.5.6)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser (KB933579)
    netbrdg
    Notepad++
    NTRU TCG Software Stack
    NVIDIA Drivers
    OfotoXMI
    Preboot Manager
    Private Information Manager
    PRS-500 USB driver
    Secure Update
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office Outlook 2007 (KB2288953)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office Publisher 2007 (KB982124)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio 2007 (KB982127)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB2183461)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Security Wizards
    SFR
    SHASTA
    skin0001
    SKINXSDK
    Skype™ 4.2
    Smart Defrag
    Spyware Doctor 7.0
    SQL Server System CLR Types
    staticcr
    System Requirements Lab
    Tap'Touche Garfield
    tooltips
    Trusted Drive Manager
    tsp patch
    Uninstall 1.0.0.1
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Outlook 2007 Junk Email Filter (kb2291599)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 7 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.762
    Visual Studio 2005 Tools for Office Second Edition Runtime
    Visual Studio Tools for the Office system 3.0 Runtime
    VLC media player 0.9.8a
    VMware Player
    VPRINTOL
    Wave Infrastructure Installer
    Wave Support Software
    WebFldrs XP
    WIDCOMM Bluetooth Software
    Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
    Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows PowerShell(TM) 1.0
    Windows PowerShell(TM) 1.0 MUI pack
    Windows XP Service Pack 3
    WIRELESS
    Write-N-Cite

    ==== Event Viewer Messages From Past Week ========

    2010-10-08 22:57:04, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
    2010-10-08 20:43:29, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the NVIDIA Display Driver Service service to connect.
    2010-10-08 20:43:29, error: Service Control Manager [7000] - The NVIDIA Display Driver Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    2010-10-04 08:39:30, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {A4199E55-EBB9-49E5-AF1A-7A5408B2E206} to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20). This security permission can be modified using the Component Services administrative tool.
    2010-10-04 08:39:26, error: NETLOGON [5719] - No Domain Controller is available for domain INTERDOC due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

    ==== End Of File ===========================
     
    broni,
    #2


  3. to hide this advert.

  4. 2010/10/09
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You don't have any antivirus program running.

    Please, download and install ONE of these:
    - Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
    - Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html
    After installation, run full scan.

    Then....

    STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
    (Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform Quick Scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


    STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
    Alternative downloads:
    - http://majorgeeks.com/GMER_d5198.html
    - http://www.softpedia.com/get/Interne...ers/GMER.shtml
    Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
    Do NOT use the computer while GMER is running!
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    IMPORTANT! If for some reason GMER refuses to run, try again.
    If it still fails, try to UN-check "Devices" in right pane.
    If still no joy, try to run it from Safe Mode.


    STEP 3. Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.



    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #3
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...