Jump to content

easy_b

Members
  • Posts

    18
  • Joined

  • Last visited

Everything posted by easy_b

  1. Computer is running Great! Thanks for the Help!
  2. C:\Users\Bill\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.0.8.windows.exe Win32/OpenCandy application C:\Users\Bill\Downloads\KeyFinderInstaller.exe Win32/OpenCandy application
  3. Nothing found on the MBAM scan. Here is the log from Hijack this. Thanks again! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:33:23 PM, on 7/24/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{1976FBF0-6ECC-4C71-A667-6B5547EA0FE1}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{1976FBF0-6ECC-4C71-A667-6B5547EA0FE1}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS2\Services\Tcpip\..\{1976FBF0-6ECC-4C71-A667-6B5547EA0FE1}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 6585 bytes
  4. I have been in the process of moving, but I did reinstall chrome last night, and so far all seems well. Thanks Again!
  5. Hello, I have changed to open DNS, but its still redirecting. Again thanks for the continued help!
  6. I was wondering if you had a chance to look at this. Thanks for continued help!
  7. Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 10-07-2012 Ran by SYSTEM at 10-07-2012 17:08:00 Running from F:\ Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [igfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-09-23] (Intel Corporation) HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-09-23] (Intel Corporation) HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation) HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-01-30] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-10] (Adobe Systems Incorporated) HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-05] (Apple Inc.) HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.) HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [718688 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-26] (Microsoft Corporation) HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4273976 2012-07-03] (AVAST Software) HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.) HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.) HKU\Bill\...\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" [247728 2012-01-22] (TomTom) HKU\Bill\...\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2012-02-23] (Apple Inc.) HKU\Bill\...\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKU\Bill\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.) Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Startup: C:\Users\Bill\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Bill\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ================================ Services (Whitelisted) ================== 2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-07-03] (AVAST Software) 2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation) ========================== Drivers (Whitelisted) ============= 3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1035776 2009-07-13] (LSI Corp) 2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [21256 2012-07-03] (AVAST Software) 2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [57656 2012-07-03] (AVAST Software) 1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [44784 2012-07-03] (AVAST Software) 1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [721000 2012-07-03] (AVAST Software) 1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [353688 2012-07-03] (AVAST Software) 1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [54232 2012-07-03] (AVAST Software) 3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [60160 2009-08-13] (Microsoft Corporation) 3 catchme; \??\C:\Users\Bill\AppData\Local\Temp\catchme.sys [x] 3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-07-10 13:00 - 2012-07-10 13:00 - 00890230 ____A (Farbar) C:\Users\Bill\Desktop\FRST.exe 2012-07-09 12:48 - 2012-07-09 12:48 - 00000000 ____D C:\_OTL 2012-07-09 12:44 - 2012-07-09 12:44 - 00000000 ____D C:\avast! sandbox 2012-07-09 12:43 - 2012-07-09 12:43 - 00595968 ____A (OldTimer Tools) C:\Users\Bill\Desktop\OTL.exe 2012-07-09 12:42 - 2012-07-09 12:42 - 04574937 ____A (Swearware) C:\Users\Bill\Desktop\ComboFix.exe 2012-07-08 05:30 - 2012-07-08 05:30 - 00000000 ____A C:\Users\Bill\Desktop\New Text Document.txt 2012-07-07 22:14 - 2012-07-07 22:14 - 00000512 ____A C:\Users\Bill\Desktop\MBR.dat 2012-07-07 21:53 - 2012-07-07 21:53 - 04731392 ____A (AVAST Software) C:\Users\Bill\Downloads\aswMBR.exe 2012-07-07 20:29 - 2012-07-07 20:57 - 00000000 ____D C:\Windows\erdnt 2012-07-07 20:18 - 2012-07-07 20:18 - 00881475 ____A C:\Users\Bill\Downloads\SecurityCheck.exe 2012-07-07 19:55 - 2012-07-07 19:55 - 00004486 ____A C:\Users\Bill\Desktop\Attach.txt 2012-07-07 19:44 - 2012-07-07 19:44 - 00607260 ____R (Swearware) C:\Users\Bill\Downloads\dds.scr 2012-07-07 14:47 - 2012-07-07 14:47 - 02116179 ____A C:\Users\Bill\Downloads\tdsskiller.zip 2012-07-07 14:47 - 2012-07-02 16:01 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Bill\Desktop\123.com 2012-07-07 14:41 - 2012-07-07 14:42 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Bill\Downloads\tdsskiller (1).exe 2012-07-01 17:07 - 2012-07-01 17:07 - 00000000 ____D C:\Users\Bill\Documents\OneNote Notebooks 2012-06-28 18:12 - 2012-06-28 18:12 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-06-28 18:10 - 2012-06-28 18:10 - 00000000 ____D C:\Program Files\iPod 2012-06-28 18:03 - 2012-06-28 18:03 - 00001815 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2012-06-28 18:02 - 2012-06-28 18:03 - 00000000 ____D C:\Program Files\QuickTime 2012-06-25 13:56 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-25 13:56 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-25 13:56 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-25 13:56 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-25 13:56 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-25 13:56 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-25 13:56 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-25 13:56 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-25 13:56 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-25 13:56 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-25 13:56 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-25 13:56 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-25 13:56 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-25 13:56 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-25 13:48 - 2012-02-29 21:46 - 00019824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys 2012-06-25 13:48 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2012-06-25 13:48 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll 2012-06-25 13:48 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll 2012-06-24 10:07 - 2012-06-24 10:07 - 00000000 ____D C:\Program Files\Common Files\Java 2012-06-24 10:06 - 2012-06-24 10:06 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll 2012-06-24 10:06 - 2012-06-24 10:06 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe 2012-06-24 10:06 - 2012-06-24 10:06 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe 2012-06-24 10:06 - 2012-06-24 10:06 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe 2012-06-24 10:02 - 2012-06-24 10:02 - 00000000 ____D C:\Users\All Users\McAfee 2012-06-24 07:56 - 2012-03-30 02:23 - 01291632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2012-06-24 07:55 - 2012-04-27 20:41 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2012-06-24 07:55 - 2012-04-27 19:17 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-06-24 07:55 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll 2012-06-24 07:55 - 2012-03-30 20:39 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-06-24 07:55 - 2012-03-30 20:39 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-06-24 07:54 - 2012-05-14 17:05 - 02343936 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-06-24 07:54 - 2012-04-30 20:44 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll 2012-06-24 07:54 - 2012-04-25 20:45 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2012-06-24 07:54 - 2012-04-25 20:45 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll 2012-06-24 07:54 - 2012-04-25 20:41 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe 2012-06-24 07:54 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-06-24 07:54 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-06-24 07:54 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-06-24 07:54 - 2012-03-16 23:27 - 00056176 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys 2012-06-24 07:54 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-06-24 07:48 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2012-06-24 07:48 - 2012-02-16 20:13 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys 2012-06-24 07:44 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-24 07:44 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-24 07:44 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-24 07:44 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-24 07:44 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-24 07:44 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-24 07:44 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-24 07:44 - 2012-06-02 11:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-24 07:44 - 2012-06-02 11:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-24 07:25 - 2012-07-03 08:21 - 00353688 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2012-06-24 07:25 - 2012-07-03 08:21 - 00021256 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys 2012-06-24 07:25 - 2012-06-24 07:25 - 00001994 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2012-06-24 07:24 - 2012-07-03 08:21 - 00721000 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2012-06-24 07:24 - 2012-07-03 08:21 - 00057656 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys 2012-06-24 07:24 - 2012-07-03 08:21 - 00054232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys 2012-06-24 07:24 - 2012-07-03 08:21 - 00044784 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys 2012-06-24 07:23 - 2012-07-03 08:21 - 00227648 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe 2012-06-24 07:23 - 2012-07-03 08:21 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr 2012-06-24 07:23 - 2012-06-24 07:23 - 00000000 ____D C:\Users\All Users\AVAST Software 2012-06-24 07:23 - 2012-06-24 07:23 - 00000000 ____D C:\Program Files\AVAST Software 2012-06-24 07:21 - 2012-06-24 07:22 - 74761776 ____A C:\Users\Bill\Downloads\avast_free_antivirus_setup (1).exe 2012-06-24 07:17 - 2012-06-24 07:17 - 00374616 ____A C:\Users\Bill\Downloads\avast! Professional Antivirus 7 + Anti Spyware Free DownloadSetup.exe 2012-06-23 05:33 - 2012-06-23 05:33 - 74761776 ____A C:\Users\Bill\Downloads\avast_free_antivirus_setup.exe 2012-06-21 17:55 - 2012-06-21 17:56 - 00000000 ____D C:\Windows\System32\appmgmt 2012-06-21 16:45 - 2012-06-21 16:45 - 00002959 ____A C:\Users\Bill\Desktop\HiJackThis.lnk 2012-06-21 16:45 - 2012-06-21 16:45 - 00000000 ____D C:\Program Files\Trend Micro 2012-06-21 16:44 - 2012-06-21 16:44 - 01402880 ____A C:\Users\Bill\Downloads\HiJackThis.msi 2012-06-19 04:36 - 2012-06-19 04:36 - 00001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-06-18 14:50 - 2012-06-18 14:50 - 00000000 ____D C:\Users\All Users\Mozilla 2012-06-18 14:50 - 2012-06-18 14:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2012-06-18 14:50 - 2012-06-18 14:50 - 00000000 ____D C:\Program Files\7-Zip 2012-06-15 14:39 - 2012-06-15 14:39 - 00009754 ____A C:\Users\Bill\Downloads\imgburn_write.txt 2012-06-14 20:22 - 2012-06-14 20:33 - 00085096 ____A C:\Users\Bill\Downloads\dvdauthor.txt 2012-06-14 20:22 - 2012-06-14 20:22 - 00000766 ____A C:\Users\Bill\Downloads\dvdauthor.xml 2012-06-14 20:17 - 2012-06-14 20:22 - 00002701 ____A C:\Users\Bill\Downloads\mplex_title1.txt 2012-06-14 20:13 - 2012-06-14 20:17 - 00002700 ____A C:\Users\Bill\Downloads\mplex_title0.txt 2012-06-14 20:07 - 2012-06-14 20:13 - 00038504 ____A C:\Users\Bill\Downloads\ffmpeg_audio_title1_track0_source0.txt 2012-06-14 20:03 - 2012-06-14 20:07 - 00031351 ____A C:\Users\Bill\Downloads\ffmpeg_audio_title0_track0_source0.txt 2012-06-14 17:54 - 2012-06-14 20:03 - 01138836 ____A C:\Users\Bill\Downloads\ffmpeg_video_title1_source0.txt ============ 3 Months Modified Files ======================== 2012-07-10 13:02 - 2010-11-20 13:01 - 00726316 ____A C:\Windows\System32\PerfStringBackup.INI 2012-07-10 13:01 - 2012-03-04 07:59 - 00001634 ____A C:\Windows\setupact.log 2012-07-10 13:00 - 2012-07-10 13:00 - 00890230 ____A (Farbar) C:\Users\Bill\Desktop\FRST.exe 2012-07-10 12:44 - 2012-03-11 16:55 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002UA.job 2012-07-10 12:30 - 2012-05-27 07:25 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-07-10 07:30 - 2012-05-27 07:25 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-07-09 13:44 - 2012-03-11 16:55 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002Core.job 2012-07-09 12:43 - 2012-07-09 12:43 - 00595968 ____A (OldTimer Tools) C:\Users\Bill\Desktop\OTL.exe 2012-07-09 12:42 - 2012-07-09 12:42 - 04574937 ____A (Swearware) C:\Users\Bill\Desktop\ComboFix.exe 2012-07-09 05:20 - 2009-07-13 20:34 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-07-09 05:20 - 2009-07-13 20:34 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-07-09 05:12 - 2012-03-04 07:58 - 00010248 ____A C:\Windows\PFRO.log 2012-07-09 05:12 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-07-08 05:59 - 2009-07-13 18:04 - 00000215 ____A C:\Windows\system.ini 2012-07-08 05:30 - 2012-07-08 05:30 - 00000000 ____A C:\Users\Bill\Desktop\New Text Document.txt 2012-07-07 22:14 - 2012-07-07 22:14 - 00000512 ____A C:\Users\Bill\Desktop\MBR.dat 2012-07-07 21:53 - 2012-07-07 21:53 - 04731392 ____A (AVAST Software) C:\Users\Bill\Downloads\aswMBR.exe 2012-07-07 20:18 - 2012-07-07 20:18 - 00881475 ____A C:\Users\Bill\Downloads\SecurityCheck.exe 2012-07-07 19:55 - 2012-07-07 19:55 - 00004486 ____A C:\Users\Bill\Desktop\Attach.txt 2012-07-07 19:44 - 2012-07-07 19:44 - 00607260 ____R (Swearware) C:\Users\Bill\Downloads\dds.scr 2012-07-07 14:47 - 2012-07-07 14:47 - 02116179 ____A C:\Users\Bill\Downloads\tdsskiller.zip 2012-07-07 14:42 - 2012-07-07 14:41 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Bill\Downloads\tdsskiller (1).exe 2012-07-04 04:39 - 2009-07-13 18:04 - 00002577 ____A C:\Windows\System32\config.nt 2012-07-03 08:21 - 2012-06-24 07:25 - 00353688 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2012-07-03 08:21 - 2012-06-24 07:25 - 00021256 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys 2012-07-03 08:21 - 2012-06-24 07:24 - 00721000 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2012-07-03 08:21 - 2012-06-24 07:24 - 00057656 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys 2012-07-03 08:21 - 2012-06-24 07:24 - 00054232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys 2012-07-03 08:21 - 2012-06-24 07:24 - 00044784 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys 2012-07-03 08:21 - 2012-06-24 07:23 - 00227648 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe 2012-07-03 08:21 - 2012-06-24 07:23 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr 2012-07-02 16:01 - 2012-07-07 14:47 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Bill\Desktop\123.com 2012-07-02 14:14 - 2012-03-11 16:56 - 00002391 ____A C:\Users\Bill\Desktop\Google Chrome.lnk 2012-06-28 18:12 - 2012-06-28 18:12 - 00001753 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-06-28 18:03 - 2012-06-28 18:03 - 00001815 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2012-06-25 14:37 - 2009-07-13 20:33 - 00436920 ____A C:\Windows\System32\FNTCACHE.DAT 2012-06-24 10:06 - 2012-06-24 10:06 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll 2012-06-24 10:06 - 2012-06-24 10:06 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe 2012-06-24 10:06 - 2012-06-24 10:06 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe 2012-06-24 10:06 - 2012-06-24 10:06 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe 2012-06-24 10:06 - 2011-05-19 12:43 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll 2012-06-24 07:25 - 2012-06-24 07:25 - 00001994 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2012-06-24 07:22 - 2012-06-24 07:21 - 74761776 ____A C:\Users\Bill\Downloads\avast_free_antivirus_setup (1).exe 2012-06-24 07:17 - 2012-06-24 07:17 - 00374616 ____A C:\Users\Bill\Downloads\avast! Professional Antivirus 7 + Anti Spyware Free DownloadSetup.exe 2012-06-23 05:33 - 2012-06-23 05:33 - 74761776 ____A C:\Users\Bill\Downloads\avast_free_antivirus_setup.exe 2012-06-21 16:45 - 2012-06-21 16:45 - 00002959 ____A C:\Users\Bill\Desktop\HiJackThis.lnk 2012-06-21 16:44 - 2012-06-21 16:44 - 01402880 ____A C:\Users\Bill\Downloads\HiJackThis.msi 2012-06-19 04:36 - 2012-06-19 04:36 - 00001067 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-06-18 14:50 - 2012-02-23 15:39 - 00000487 ____A C:\user.js 2012-06-15 14:39 - 2012-06-15 14:39 - 00009754 ____A C:\Users\Bill\Downloads\imgburn_write.txt 2012-06-15 14:39 - 2012-02-13 08:21 - 00004944 ____A C:\Users\Bill\Downloads\dvdflick.log 2012-06-14 20:33 - 2012-06-14 20:22 - 00085096 ____A C:\Users\Bill\Downloads\dvdauthor.txt 2012-06-14 20:22 - 2012-06-14 20:22 - 00000766 ____A C:\Users\Bill\Downloads\dvdauthor.xml 2012-06-14 20:22 - 2012-06-14 20:17 - 00002701 ____A C:\Users\Bill\Downloads\mplex_title1.txt 2012-06-14 20:17 - 2012-06-14 20:13 - 00002700 ____A C:\Users\Bill\Downloads\mplex_title0.txt 2012-06-14 20:13 - 2012-06-14 20:07 - 00038504 ____A C:\Users\Bill\Downloads\ffmpeg_audio_title1_track0_source0.txt 2012-06-14 20:07 - 2012-06-14 20:03 - 00031351 ____A C:\Users\Bill\Downloads\ffmpeg_audio_title0_track0_source0.txt 2012-06-14 20:03 - 2012-06-14 17:54 - 01138836 ____A C:\Users\Bill\Downloads\ffmpeg_video_title1_source0.txt 2012-06-14 17:54 - 2012-02-13 08:21 - 00875352 ____A C:\Users\Bill\Downloads\ffmpeg_video_title0_source0.txt 2012-06-03 19:35 - 2011-04-29 13:01 - 56731752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-06-02 14:19 - 2012-06-24 07:44 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-06-24 07:44 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-06-24 07:44 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-06-24 07:44 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-06-24 07:44 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:12 - 2012-06-24 07:44 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:12 - 2012-06-24 07:44 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 11:19 - 2012-06-24 07:44 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 11:12 - 2012-06-24 07:44 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-05-27 07:26 - 2012-05-27 07:26 - 00002170 ____A C:\Users\Public\Desktop\Google Earth.lnk 2012-05-27 07:23 - 2012-05-27 07:22 - 00739816 ____A (Google Inc.) C:\Users\Bill\Downloads\GoogleEarthSetup.exe 2012-05-19 17:05 - 2012-05-19 16:39 - 236609077 ____A C:\Users\Bill\Downloads\zzz-10765.mp4 2012-05-17 15:11 - 2012-06-25 13:56 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-05-17 14:48 - 2012-06-25 13:56 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-05-17 14:45 - 2012-06-25 13:56 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-05-17 14:36 - 2012-06-25 13:56 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-05-17 14:35 - 2012-06-25 13:56 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-05-17 14:35 - 2012-06-25 13:56 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-05-17 14:33 - 2012-06-25 13:56 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-05-17 14:31 - 2012-06-25 13:56 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-05-17 14:29 - 2012-06-25 13:56 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-05-17 14:29 - 2012-06-25 13:56 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-05-17 14:27 - 2012-06-25 13:56 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-05-17 14:25 - 2012-06-25 13:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-05-17 14:24 - 2012-06-25 13:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-05-17 14:20 - 2012-06-25 13:56 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-05-14 17:05 - 2012-06-24 07:54 - 02343936 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-05-12 10:05 - 2011-04-30 19:22 - 00002479 ____A C:\Users\Public\Desktop\Safari.lnk 2012-05-12 05:13 - 2011-04-30 07:18 - 00114960 ____A C:\Users\Bill\AppData\Local\GDIPFONTCACHEV1.DAT 2012-05-08 15:26 - 2009-07-13 18:04 - 00000478 ____A C:\Windows\win.ini 2012-05-08 15:02 - 2012-05-08 15:02 - 00004314 ____A C:\Users\Bill\Documents\MS Office 2007.mds 2012-05-08 15:02 - 2012-05-08 14:58 - 1302560768 ____A C:\Users\Bill\Documents\MS Office 2007.iso 2012-05-03 15:07 - 2012-05-03 15:07 - 00008316 ____A C:\Users\Bill\Downloads\BUI-72.rtf 2012-04-30 20:44 - 2012-06-24 07:54 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll 2012-04-29 13:34 - 2012-04-29 13:33 - 03949785 ____A C:\Users\Bill\Downloads\Motorblok_demontage.wmv 2012-04-27 20:41 - 2012-06-24 07:55 - 00919040 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2012-04-27 19:17 - 2012-06-24 07:55 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-04-25 20:45 - 2012-06-24 07:54 - 00129536 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll 2012-04-25 20:45 - 2012-06-24 07:54 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll 2012-04-25 20:41 - 2012-06-24 07:54 - 00008192 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe 2012-04-23 20:36 - 2012-06-24 07:54 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-04-23 20:36 - 2012-06-24 07:54 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-04-23 20:36 - 2012-06-24 07:54 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-04-18 16:56 - 2012-04-18 16:56 - 00094208 ____A (Apple Inc.) C:\Windows\System32\QuickTimeVR.qtx 2012-04-18 16:56 - 2012-04-18 16:56 - 00069632 ____A (Apple Inc.) C:\Windows\System32\QuickTime.qts 2012-04-15 17:59 - 2012-04-15 17:59 - 00007649 ____A C:\Users\Bill\Downloads\Filter Tubes List.zip ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 34% Total physical RAM: 1013.99 MB Available physical RAM: 662.28 MB Total Pagefile: 1013.99 MB Available Pagefile: 658.34 MB Total Virtual: 2047.88 MB Available Virtual: 1969.93 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:74.52 GB) (Free:18.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)] 4 Drive f: (BRADS DRIVE) (Removable) (Total:0.93 GB) (Free:0.78 GB) FAT 5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 74 GB 9 MB Disk 1 No Media 0 B 0 B Disk 2 Online 954 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 74 GB 31 KB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C NTFS Partition 74 GB Healthy ================================================================================== Partitions of Disk 2: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 953 MB 16 KB ================================================================================== Disk: 2 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 F BRADS DRIVE FAT Removable 953 MB Healthy ================================================================================== ========================================================== Last Boot: 2012-07-07 23:52 ======================= End Of Log ==========================
  8. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. HKEY_USERS\S-1-5-21-333680662-3317831912-918726619-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-333680662-3317831912-918726619-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\718tw7ji.default\extensions\vhewrnwlfg@vhewrnwlfg.org.xpi moved successfully. C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully. ========== FILES ========== C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully. C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll moved successfully. File\Folder C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll not found. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\images folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\windows folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\utils folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\traits folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\tabs folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\img folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\events folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\dom folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib\content folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\lib folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils\data folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\api-utils folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\addon-kit\lib folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\addon-kit\data folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\addon-kit folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0 folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\igejbdpebbmpkkoonkpdgjlnhjeljebd\1.4.2_0\js folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\igejbdpebbmpkkoonkpdgjlnhjeljebd\1.4.2_0\img folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\igejbdpebbmpkkoonkpdgjlnhjeljebd\1.4.2_0 folder moved successfully. C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\igejbdpebbmpkkoonkpdgjlnhjeljebd folder moved successfully. < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Bill\Desktop\cmd.bat deleted successfully. C:\Users\Bill\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Bill ->Java cache emptied: 0 bytes User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Bill ->Flash cache emptied: 79687 bytes User: Default ->Flash cache emptied: 56466 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.53.1 log created on 07092012_164840
  9. OTL logfile created on: 7/8/2012 7:37:42 PM - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Bill\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1013.99 Mb Total Physical Memory | 480.29 Mb Available Physical Memory | 47.37% Memory free 1.99 Gb Paging File | 1.01 Gb Available in Paging File | 50.95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74.52 Gb Total Space | 17.86 Gb Free Space | 23.97% Space Free | Partition Type: NTFS Computer Name: BILL-PC | User Name: Bill | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Bill\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) PRC - C:\Program Files\IObit\Game Booster 3\gbtray.exe (IObit) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\PrintIsolationHost.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files\IObit\Game Booster 3\sqlite3.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () ========== Win32 Services (SafeList) ========== SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found DRV - (mbr) -- C:\ComboFix\mbr.sys File not found DRV - (catchme) -- C:\Users\Bill\AppData\Local\Temp\catchme.sys File not found DRV - (aswMBR) -- C:\Users\Bill\AppData\Local\Temp\aswMBR.sys File not found DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation) DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation) DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113959&tt=060612_7_&babsrc=SP_ss&mntrId=78db3950000000000000061f3a75ca90 IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-333680662-3317831912-918726619-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bill\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bill\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/04 08:39:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/28 22:03:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/28 22:03:13 | 000,000,000 | ---D | M] [2011/06/29 21:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill\AppData\Roaming\Mozilla\Extensions [2011/06/29 21:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2012/06/18 18:50:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\718tw7ji.default\extensions [2012/06/24 14:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/06/24 14:06:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2009/07/13 19:11:12 | 000,004,813 | ---- | M] () (No name found) -- C:\USERS\BILL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\718TW7JI.DEFAULT\EXTENSIONS\VHEWRNWLFG@VHEWRNWLFG.ORG.XPI [2012/06/18 18:50:29 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/03/18 15:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll [2011/03/18 15:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll [2012/06/18 18:50:10 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012/03/15 11:51:45 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/03/15 11:51:45 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Bill\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bill\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bill\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Coupon Alert Installer Plugin Stub (Enabled) = C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Bill\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: TimelineRemove = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\0.9.8_0\ CHR - Extension: avast! WebRep = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\ CHR - Extension: privacyscore by PrivacyChoice = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\igejbdpebbmpkkoonkpdgjlnhjeljebd\1.4.2_0\ CHR - Extension: Gmail = C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/07/08 09:59:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-333680662-3317831912-918726619-1002..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKU\S-1-5-21-333680662-3317831912-918726619-1002..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-333680662-3317831912-918726619-1002..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-21-333680662-3317831912-918726619-1002..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe () O4 - Startup: C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-333680662-3317831912-918726619-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-333680662-3317831912-918726619-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Download with Mipony - C:\Program Files\MiPony\Browser\IEContext.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1976FBF0-6ECC-4C71-A667-6B5547EA0FE1}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/07/08 18:39:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe [2012/07/08 10:08:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/07/08 10:08:49 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/07/08 00:30:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/07/08 00:30:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/07/08 00:30:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/07/08 00:29:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/07/08 00:28:43 | 004,574,136 | R--- | C] (Swearware) -- C:\Users\Bill\Desktop\ComboFix.exe [2012/07/07 18:47:39 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\123.com [2012/07/01 21:07:06 | 000,000,000 | ---D | C] -- C:\Users\Bill\Documents\OneNote Notebooks [2012/06/28 22:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/06/28 22:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/06/28 22:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012/06/28 22:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2012/06/25 17:56:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012/06/25 17:56:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012/06/25 17:56:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012/06/25 17:56:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012/06/25 17:56:46 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012/06/25 17:56:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012/06/25 17:56:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012/06/24 14:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/06/24 14:06:36 | 000,476,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012/06/24 14:06:35 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012/06/24 14:06:35 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012/06/24 14:06:35 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012/06/24 14:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012/06/24 11:55:42 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2012/06/24 11:55:33 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012/06/24 11:55:31 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012/06/24 11:54:57 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012/06/24 11:54:55 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2012/06/24 11:54:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2012/06/24 11:54:54 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012/06/24 11:54:46 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012/06/24 11:48:51 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2012/06/24 11:44:56 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012/06/24 11:44:55 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012/06/24 11:44:40 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012/06/24 11:44:40 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012/06/24 11:44:40 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012/06/24 11:44:22 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012/06/24 11:44:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012/06/24 11:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012/06/24 11:25:02 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012/06/24 11:25:01 | 000,353,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012/06/24 11:24:57 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012/06/24 11:24:56 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012/06/24 11:24:54 | 000,721,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012/06/24 11:24:49 | 000,057,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012/06/24 11:23:48 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012/06/24 11:23:47 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012/06/24 11:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/06/24 11:23:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/06/21 21:55:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012/06/21 20:45:20 | 000,000,000 | ---D | C] -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012/06/21 20:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2012/06/18 18:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/06/18 18:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/06/18 18:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012/06/18 18:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2002/03/25 11:03:34 | 000,638,976 | ---- | C] (HMP - Hard- & Software GmbH) -- C:\Users\Bill\NPSI2KVW.dll ========== Files - Modified Within 30 Days ========== [2012/07/08 19:44:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002UA.job [2012/07/08 19:31:57 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/08 18:40:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Bill\Desktop\OTL.exe [2012/07/08 17:44:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002Core.job [2012/07/08 11:30:01 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/08 09:59:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/07/08 02:14:11 | 000,000,512 | ---- | M] () -- C:\Users\Bill\Desktop\MBR.dat [2012/07/08 00:28:49 | 004,574,136 | R--- | M] (Swearware) -- C:\Users\Bill\Desktop\ComboFix.exe [2012/07/08 00:26:10 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/07/08 00:26:10 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/07/07 22:32:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/07 19:07:07 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/07 19:07:07 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/07 18:59:34 | 797,433,856 | -HS- | M] () -- C:\hiberfil.sys [2012/07/04 08:39:56 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012/07/03 12:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012/07/03 12:21:53 | 000,044,784 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012/07/02 20:01:46 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bill\Desktop\123.com [2012/07/02 18:14:19 | 000,002,391 | ---- | M] () -- C:\Users\Bill\Desktop\Google Chrome.lnk [2012/07/01 21:07:04 | 000,001,276 | ---- | M] () -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012/06/28 22:12:34 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/28 22:03:00 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/25 18:37:37 | 000,436,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/06/24 14:06:20 | 000,157,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012/06/24 14:06:20 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012/06/24 14:06:20 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012/06/24 14:06:19 | 000,476,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012/06/24 14:06:19 | 000,472,840 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012/06/24 11:25:03 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/06/21 20:45:20 | 000,002,959 | ---- | M] () -- C:\Users\Bill\Desktop\HiJackThis.lnk [2012/06/19 08:36:36 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/18 18:50:18 | 000,000,487 | ---- | M] () -- C:\user.js ========== Files Created - No Company Name ========== [2012/07/08 02:14:11 | 000,000,512 | ---- | C] () -- C:\Users\Bill\Desktop\MBR.dat [2012/07/08 00:30:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/07/08 00:30:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/07/08 00:30:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/07/08 00:30:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/07/08 00:30:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/07/01 21:07:04 | 000,001,276 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2012/06/28 22:12:34 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/06/28 22:03:00 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012/06/24 11:25:03 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/06/21 20:45:20 | 000,002,959 | ---- | C] () -- C:\Users\Bill\Desktop\HiJackThis.lnk [2012/06/19 08:36:36 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2011/11/24 21:47:37 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011/11/24 21:47:37 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011/11/24 20:59:03 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011/08/02 21:56:21 | 000,000,124 | ---- | C] () -- C:\Windows\wininit.ini [2011/05/15 00:43:59 | 000,000,000 | ---- | C] () -- C:\Users\Bill\AppData\Roaming\chrtmp [2011/05/10 21:03:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat [2011/05/01 20:08:04 | 000,361,726 | ---- | C] () -- C:\ProgramData\bdinstall.bin [2011/04/29 16:52:29 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2010/11/20 17:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2010/11/20 17:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe ========== Files - Unicode (All) ========== [2011/11/24 11:22:37 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污 [2011/11/24 11:22:37 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污 < End of report >
  10. It's scanning now. Should I run fix, when it's done?
  11. It seems to redirect on firefox also, thru babylon. I`ve been using chrome exclusively. I never use IE.
  12. The computer is still redirecting. Here is the latest log file. ComboFix 12-07-07.04 - Bill 07/08/2012 9:41.2.1 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1014.360 [GMT -4:00] Running from: c:\users\Bill\Desktop\ComboFix.exe Command switches used :: c:\users\Bill\Desktop\cfScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Ask.com c:\program files\Ask.com\assets\oobe\b.png c:\program files\Ask.com\assets\oobe\bl.png c:\program files\Ask.com\assets\oobe\br.png c:\program files\Ask.com\assets\oobe\l.png c:\program files\Ask.com\assets\oobe\pointer.png c:\program files\Ask.com\assets\oobe\r.png c:\program files\Ask.com\assets\oobe\t.png c:\program files\Ask.com\assets\oobe\tl.png c:\program files\Ask.com\assets\oobe\tr.png c:\program files\Ask.com\cobrand.ico c:\program files\Ask.com\config.xml c:\program files\Ask.com\favicon.ico c:\program files\Ask.com\fv_9db5.ico c:\program files\Ask.com\GenericAskToolbar.dll c:\program files\Ask.com\mupcfg.xml c:\program files\Ask.com\SaUpdate.exe c:\program files\Ask.com\UpdateTask.exe . . ((((((((((((((((((((((((( Files Created from 2012-06-08 to 2012-07-08 ))))))))))))))))))))))))))))))) . . 2012-07-08 13:59 . 2012-07-08 13:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-08 09:00 . 2012-07-08 09:00 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BF922BB-6D55-4A2F-A19D-25CE9AD9C141}\offreg.dll 2012-07-06 20:13 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BF922BB-6D55-4A2F-A19D-25CE9AD9C141}\mpengine.dll 2012-06-29 02:10 . 2012-06-29 02:10 -------- d-----w- c:\program files\iPod 2012-06-25 21:56 . 2012-05-17 23:21 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-06-25 21:48 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-06-25 21:48 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-06-25 21:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2012-06-25 21:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-06-24 18:07 . 2012-06-24 18:07 -------- d-----w- c:\program files\Common Files\Java 2012-06-24 18:06 . 2012-06-24 18:06 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-06-24 18:02 . 2012-06-24 18:02 -------- d-----w- c:\programdata\McAfee 2012-06-24 15:56 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-24 15:56 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-06-24 15:56 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-06-24 15:56 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-06-24 15:56 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-06-24 15:55 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-06-24 15:55 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-24 15:55 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-24 15:55 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-06-24 15:55 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-24 15:54 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys 2012-06-24 15:54 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-24 15:54 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-24 15:54 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-24 15:54 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-06-24 15:54 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-06-24 15:54 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-06-24 15:54 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-24 15:54 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-06-24 15:54 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-24 15:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-06-24 15:48 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-06-24 15:44 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-24 15:44 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-24 15:44 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-24 15:44 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-24 15:44 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-24 15:44 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-24 15:44 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-24 15:44 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-24 15:44 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-24 15:25 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-06-24 15:25 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-06-24 15:24 . 2012-07-03 16:21 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-06-24 15:24 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-06-24 15:24 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-06-24 15:24 . 2012-07-03 16:21 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-06-24 15:23 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr 2012-06-24 15:23 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-24 15:23 . 2012-06-24 15:23 -------- d-----w- c:\programdata\AVAST Software 2012-06-24 15:23 . 2012-06-24 15:23 -------- d-----w- c:\program files\AVAST Software 2012-06-22 00:45 . 2012-06-22 00:45 388096 ----a-r- c:\users\Bill\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-22 00:45 . 2012-06-22 00:45 -------- d-----w- c:\program files\Trend Micro 2012-06-18 22:50 . 2012-06-18 22:50 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-18 22:50 . 2012-06-18 22:50 -------- d-----w- c:\program files\7-Zip 2012-06-18 22:50 . 2012-06-18 22:50 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-18 22:50 . 2012-06-18 22:50 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-24 18:06 . 2011-05-19 20:43 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-06-18 22:50 . 2011-05-19 22:12 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 37647026 *NewlyCreated* - ASWMBR *Deregistered* - 37647026 *Deregistered* - aswMBR . Contents of the 'Scheduled Tasks' folder . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 15:25] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 15:25] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002Core.job - c:\users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 00:55] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002UA.job - c:\users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 00:55] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\718tw7ji.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-08 10:08:45 ComboFix-quarantined-files.txt 2012-07-08 14:08 ComboFix2.txt 2012-07-08 05:03 ComboFix3.txt 2011-04-29 00:59 . Pre-Run: 19,547,127,808 bytes free Post-Run: 19,620,110,336 bytes free . - - End Of File - - 3DDDE36763B22BBEF4DC2271311464CF
  13. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-08 01:58:37 ----------------------------- 01:58:37.526 OS Version: Windows 6.1.7601 Service Pack 1 01:58:37.526 Number of processors: 1 586 0x1601 01:58:37.526 ComputerName: BILL-PC UserName: Bill 01:58:38.368 Initialize success 01:58:38.571 AVAST engine defs: 12070701 01:58:56.449 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 01:58:56.449 Disk 0 Vendor: Hitachi_HTS542580K9SA00 BBBOC31P Size: 76319MB BusType: 11 01:58:56.495 Disk 0 MBR read successfully 01:58:56.511 Disk 0 MBR scan 01:58:56.511 Disk 0 Windows 7 default MBR code 01:58:56.511 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63 01:58:56.542 Disk 0 scanning sectors +156280320 01:58:56.636 Disk 0 scanning C:\Windows\system32\drivers 01:59:11.138 Service scanning 01:59:41.434 Modules scanning 01:59:52.511 Disk 0 trace - called modules: 01:59:52.527 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys 01:59:52.527 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84f33030] 01:59:53.042 3 CLASSPNP.SYS[871ad59e] -> nt!IofCallDriver -> [0x84e54c10] 01:59:53.042 5 ACPI.sys[86cc53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84e4a030] 01:59:54.180 AVAST engine scan C:\Windows 01:59:57.145 AVAST engine scan C:\Windows\system32 02:02:28.730 AVAST engine scan C:\Windows\system32\drivers 02:02:41.787 AVAST engine scan C:\Users\Bill 02:12:05.193 AVAST engine scan C:\ProgramData 02:13:03.930 Scan finished successfully 02:13:47.305 Verifying 02:13:57.321 Disk 0 Windows 601 MBR fixed successfully 02:14:11.314 Disk 0 MBR has been saved successfully to "C:\Users\Bill\Desktop\MBR.dat" 02:14:11.314 The log file has been saved successfully to "C:\Users\Bill\Desktop\aswMBR.txt"
  14. 01:50:21.0792 4728 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 01:50:22.0136 4728 ============================================================ 01:50:22.0136 4728 Current date / time: 2012/07/08 01:50:22.0136 01:50:22.0136 4728 SystemInfo: 01:50:22.0136 4728 01:50:22.0136 4728 OS Version: 6.1.7601 ServicePack: 1.0 01:50:22.0136 4728 Product type: Workstation 01:50:22.0136 4728 ComputerName: BILL-PC 01:50:22.0136 4728 UserName: Bill 01:50:22.0136 4728 Windows directory: C:\Windows 01:50:22.0136 4728 System windows directory: C:\Windows 01:50:22.0136 4728 Processor architecture: Intel x86 01:50:22.0136 4728 Number of processors: 1 01:50:22.0136 4728 Page size: 0x1000 01:50:22.0136 4728 Boot type: Normal boot 01:50:22.0136 4728 ============================================================ 01:50:23.0867 4728 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 01:50:23.0930 4728 ============================================================ 01:50:23.0930 4728 \Device\Harddisk0\DR0: 01:50:23.0961 4728 MBR partitions: 01:50:23.0961 4728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1 01:50:23.0961 4728 ============================================================ 01:50:24.0054 4728 C: <-> \Device\Harddisk0\DR0\Partition0 01:50:24.0054 4728 ============================================================ 01:50:24.0054 4728 Initialize success 01:50:24.0054 4728 ============================================================ 01:50:27.0564 4532 ============================================================ 01:50:27.0564 4532 Scan started 01:50:27.0564 4532 Mode: Manual; 01:50:27.0564 4532 ============================================================ 01:50:28.0859 4532 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 01:50:28.0859 4532 1394ohci - ok 01:50:28.0922 4532 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 01:50:28.0922 4532 ACPI - ok 01:50:28.0953 4532 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 01:50:28.0953 4532 AcpiPmi - ok 01:50:29.0015 4532 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys 01:50:29.0031 4532 adp94xx - ok 01:50:29.0078 4532 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys 01:50:29.0078 4532 adpahci - ok 01:50:29.0156 4532 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys 01:50:29.0171 4532 adpu320 - ok 01:50:29.0234 4532 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 01:50:29.0234 4532 AeLookupSvc - ok 01:50:29.0327 4532 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 01:50:29.0327 4532 AFD - ok 01:50:29.0452 4532 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys 01:50:29.0468 4532 AgereSoftModem - ok 01:50:29.0530 4532 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 01:50:29.0530 4532 agp440 - ok 01:50:29.0577 4532 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys 01:50:29.0577 4532 aic78xx - ok 01:50:29.0655 4532 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 01:50:29.0655 4532 ALG - ok 01:50:29.0686 4532 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 01:50:29.0686 4532 aliide - ok 01:50:29.0733 4532 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 01:50:29.0733 4532 amdagp - ok 01:50:29.0795 4532 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 01:50:29.0811 4532 amdide - ok 01:50:29.0827 4532 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys 01:50:29.0842 4532 AmdK8 - ok 01:50:29.0858 4532 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys 01:50:29.0858 4532 AmdPPM - ok 01:50:29.0920 4532 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 01:50:29.0920 4532 amdsata - ok 01:50:29.0967 4532 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys 01:50:29.0967 4532 amdsbs - ok 01:50:29.0983 4532 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 01:50:29.0998 4532 amdxata - ok 01:50:30.0029 4532 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 01:50:30.0045 4532 AppID - ok 01:50:30.0092 4532 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 01:50:30.0092 4532 AppIDSvc - ok 01:50:30.0139 4532 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 01:50:30.0139 4532 Appinfo - ok 01:50:30.0310 4532 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 01:50:30.0326 4532 Apple Mobile Device - ok 01:50:30.0404 4532 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 01:50:30.0404 4532 AppMgmt - ok 01:50:30.0466 4532 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys 01:50:30.0466 4532 arc - ok 01:50:30.0497 4532 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys 01:50:30.0497 4532 arcsas - ok 01:50:30.0560 4532 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\Windows\system32\drivers\aswFsBlk.sys 01:50:30.0560 4532 aswFsBlk - ok 01:50:30.0622 4532 aswMonFlt (a48d8015af2a0d8b4937613ffbfd28de) C:\Windows\system32\drivers\aswMonFlt.sys 01:50:30.0622 4532 aswMonFlt - ok 01:50:30.0638 4532 aswRdr (4a951beba9e49410cde478b6f6abb252) C:\Windows\System32\Drivers\aswrdr2.sys 01:50:30.0653 4532 aswRdr - ok 01:50:30.0716 4532 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\Windows\system32\drivers\aswSnx.sys 01:50:30.0731 4532 aswSnx - ok 01:50:30.0778 4532 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\Windows\system32\drivers\aswSP.sys 01:50:30.0794 4532 aswSP - ok 01:50:30.0825 4532 aswTdi (7109a9aa551f37cd168c02368465957e) C:\Windows\system32\drivers\aswTdi.sys 01:50:30.0825 4532 aswTdi - ok 01:50:30.0887 4532 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 01:50:30.0903 4532 AsyncMac - ok 01:50:30.0919 4532 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 01:50:30.0919 4532 atapi - ok 01:50:31.0059 4532 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\Windows\system32\DRIVERS\athr.sys 01:50:31.0090 4532 athr - ok 01:50:31.0184 4532 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 01:50:31.0184 4532 AudioEndpointBuilder - ok 01:50:31.0199 4532 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 01:50:31.0215 4532 Audiosrv - ok 01:50:31.0309 4532 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 01:50:31.0309 4532 avast! Antivirus - ok 01:50:31.0387 4532 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 01:50:31.0387 4532 AxInstSV - ok 01:50:31.0480 4532 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys 01:50:31.0496 4532 b06bdrv - ok 01:50:31.0558 4532 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 01:50:31.0558 4532 b57nd60x - ok 01:50:31.0605 4532 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 01:50:31.0605 4532 BDESVC - ok 01:50:31.0621 4532 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 01:50:31.0621 4532 Beep - ok 01:50:31.0839 4532 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 01:50:31.0839 4532 BFE - ok 01:50:31.0933 4532 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll 01:50:31.0948 4532 BITS - ok 01:50:31.0995 4532 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 01:50:32.0011 4532 blbdrive - ok 01:50:32.0151 4532 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 01:50:32.0151 4532 Bonjour Service - ok 01:50:32.0213 4532 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 01:50:32.0229 4532 bowser - ok 01:50:32.0245 4532 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys 01:50:32.0245 4532 BrFiltLo - ok 01:50:32.0276 4532 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys 01:50:32.0276 4532 BrFiltUp - ok 01:50:32.0307 4532 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 01:50:32.0307 4532 Bridge - ok 01:50:32.0338 4532 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 01:50:32.0338 4532 BridgeMP - ok 01:50:32.0401 4532 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 01:50:32.0416 4532 Browser - ok 01:50:32.0479 4532 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 01:50:32.0494 4532 Brserid - ok 01:50:32.0525 4532 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 01:50:32.0525 4532 BrSerWdm - ok 01:50:32.0557 4532 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 01:50:32.0557 4532 BrUsbMdm - ok 01:50:32.0572 4532 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 01:50:32.0572 4532 BrUsbSer - ok 01:50:32.0603 4532 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys 01:50:32.0603 4532 BTHMODEM - ok 01:50:32.0681 4532 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 01:50:32.0681 4532 bthserv - ok 01:50:32.0791 4532 catchme - ok 01:50:32.0853 4532 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 01:50:32.0853 4532 cdfs - ok 01:50:32.0915 4532 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 01:50:32.0915 4532 cdrom - ok 01:50:32.0993 4532 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 01:50:32.0993 4532 CertPropSvc - ok 01:50:33.0009 4532 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys 01:50:33.0009 4532 circlass - ok 01:50:33.0056 4532 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 01:50:33.0056 4532 CLFS - ok 01:50:33.0181 4532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:50:33.0196 4532 clr_optimization_v2.0.50727_32 - ok 01:50:33.0321 4532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:50:33.0321 4532 clr_optimization_v4.0.30319_32 - ok 01:50:33.0368 4532 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 01:50:33.0368 4532 CmBatt - ok 01:50:33.0399 4532 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 01:50:33.0399 4532 cmdide - ok 01:50:33.0461 4532 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 01:50:33.0477 4532 CNG - ok 01:50:33.0508 4532 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 01:50:33.0508 4532 Compbatt - ok 01:50:33.0571 4532 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys 01:50:33.0571 4532 CompositeBus - ok 01:50:33.0586 4532 COMSysApp - ok 01:50:33.0649 4532 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys 01:50:33.0649 4532 crcdisk - ok 01:50:33.0711 4532 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll 01:50:33.0711 4532 CryptSvc - ok 01:50:33.0789 4532 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 01:50:33.0805 4532 CSC - ok 01:50:33.0883 4532 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 01:50:33.0883 4532 CscService - ok 01:50:33.0976 4532 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 01:50:33.0976 4532 DcomLaunch - ok 01:50:34.0054 4532 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 01:50:34.0054 4532 defragsvc - ok 01:50:34.0132 4532 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 01:50:34.0148 4532 DfsC - ok 01:50:34.0210 4532 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 01:50:34.0226 4532 Dhcp - ok 01:50:34.0241 4532 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 01:50:34.0241 4532 discache - ok 01:50:34.0304 4532 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys 01:50:34.0304 4532 Disk - ok 01:50:34.0366 4532 dmvsc (2a958ef85db1b61ffca65044fa4bce9e) C:\Windows\system32\drivers\dmvsc.sys 01:50:34.0366 4532 dmvsc - ok 01:50:34.0429 4532 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 01:50:34.0429 4532 Dnscache - ok 01:50:34.0507 4532 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 01:50:34.0507 4532 dot3svc - ok 01:50:34.0538 4532 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 01:50:34.0538 4532 DPS - ok 01:50:34.0600 4532 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 01:50:34.0600 4532 drmkaud - ok 01:50:34.0694 4532 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 01:50:34.0709 4532 DXGKrnl - ok 01:50:34.0772 4532 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 01:50:34.0787 4532 EapHost - ok 01:50:35.0021 4532 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys 01:50:35.0084 4532 ebdrv - ok 01:50:35.0224 4532 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 01:50:35.0224 4532 EFS - ok 01:50:35.0318 4532 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 01:50:35.0333 4532 ehRecvr - ok 01:50:35.0365 4532 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 01:50:35.0365 4532 ehSched - ok 01:50:35.0567 4532 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys 01:50:35.0567 4532 elxstor - ok 01:50:35.0614 4532 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 01:50:35.0614 4532 ErrDev - ok 01:50:35.0723 4532 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 01:50:35.0739 4532 EventSystem - ok 01:50:36.0020 4532 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 01:50:36.0020 4532 exfat - ok 01:50:36.0051 4532 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 01:50:36.0051 4532 fastfat - ok 01:50:36.0160 4532 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 01:50:36.0160 4532 Fax - ok 01:50:36.0223 4532 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\drivers\fdc.sys 01:50:36.0223 4532 fdc - ok 01:50:36.0269 4532 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 01:50:36.0269 4532 fdPHost - ok 01:50:36.0301 4532 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 01:50:36.0301 4532 FDResPub - ok 01:50:36.0332 4532 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 01:50:36.0332 4532 FileInfo - ok 01:50:36.0347 4532 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 01:50:36.0347 4532 Filetrace - ok 01:50:36.0379 4532 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\drivers\flpydisk.sys 01:50:36.0379 4532 flpydisk - ok 01:50:36.0425 4532 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 01:50:36.0425 4532 FltMgr - ok 01:50:36.0519 4532 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 01:50:36.0535 4532 FontCache - ok 01:50:36.0675 4532 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 01:50:36.0675 4532 FontCache3.0.0.0 - ok 01:50:36.0737 4532 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 01:50:36.0737 4532 FsDepends - ok 01:50:36.0784 4532 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys 01:50:36.0784 4532 Fs_Rec - ok 01:50:36.0815 4532 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 01:50:36.0815 4532 fvevol - ok 01:50:36.0878 4532 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys 01:50:36.0878 4532 gagp30kx - ok 01:50:36.0956 4532 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 01:50:36.0956 4532 GEARAspiWDM - ok 01:50:37.0049 4532 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 01:50:37.0049 4532 gpsvc - ok 01:50:37.0143 4532 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe 01:50:37.0159 4532 gupdate - ok 01:50:37.0159 4532 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files\Google\Update\GoogleUpdate.exe 01:50:37.0174 4532 gupdatem - ok 01:50:37.0221 4532 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 01:50:37.0221 4532 hcw85cir - ok 01:50:37.0315 4532 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 01:50:37.0315 4532 HdAudAddService - ok 01:50:37.0361 4532 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 01:50:37.0361 4532 HDAudBus - ok 01:50:37.0393 4532 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys 01:50:37.0393 4532 HidBatt - ok 01:50:37.0424 4532 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys 01:50:37.0424 4532 HidBth - ok 01:50:37.0486 4532 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys 01:50:37.0486 4532 HidIr - ok 01:50:37.0549 4532 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 01:50:37.0549 4532 hidserv - ok 01:50:37.0611 4532 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 01:50:37.0611 4532 HidUsb - ok 01:50:37.0673 4532 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 01:50:37.0689 4532 hkmsvc - ok 01:50:37.0720 4532 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 01:50:37.0736 4532 HomeGroupListener - ok 01:50:37.0798 4532 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 01:50:37.0814 4532 HomeGroupProvider - ok 01:50:37.0861 4532 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 01:50:37.0876 4532 HpSAMD - ok 01:50:37.0939 4532 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 01:50:37.0939 4532 HTTP - ok 01:50:37.0970 4532 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 01:50:37.0970 4532 hwpolicy - ok 01:50:38.0048 4532 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 01:50:38.0048 4532 i8042prt - ok 01:50:38.0126 4532 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 01:50:38.0141 4532 iaStorV - ok 01:50:38.0297 4532 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 01:50:38.0313 4532 idsvc - ok 01:50:38.0875 4532 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys 01:50:39.0031 4532 igfx - ok 01:50:39.0374 4532 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys 01:50:39.0374 4532 iirsp - ok 01:50:39.0467 4532 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 01:50:39.0483 4532 IKEEXT - ok 01:50:39.0530 4532 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 01:50:39.0530 4532 intelide - ok 01:50:39.0592 4532 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 01:50:39.0592 4532 intelppm - ok 01:50:39.0623 4532 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 01:50:39.0655 4532 IPBusEnum - ok 01:50:39.0686 4532 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 01:50:39.0701 4532 IpFilterDriver - ok 01:50:39.0967 4532 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 01:50:39.0967 4532 iphlpsvc - ok 01:50:40.0029 4532 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 01:50:40.0029 4532 IPMIDRV - ok 01:50:40.0076 4532 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 01:50:40.0076 4532 IPNAT - ok 01:50:40.0216 4532 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe 01:50:40.0232 4532 iPod Service - ok 01:50:40.0310 4532 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 01:50:40.0310 4532 IRENUM - ok 01:50:40.0341 4532 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 01:50:40.0341 4532 isapnp - ok 01:50:40.0388 4532 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 01:50:40.0388 4532 iScsiPrt - ok 01:50:40.0450 4532 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 01:50:40.0450 4532 kbdclass - ok 01:50:40.0481 4532 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 01:50:40.0481 4532 kbdhid - ok 01:50:40.0528 4532 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 01:50:40.0528 4532 KeyIso - ok 01:50:40.0559 4532 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 01:50:40.0559 4532 KSecDD - ok 01:50:40.0591 4532 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 01:50:40.0606 4532 KSecPkg - ok 01:50:40.0669 4532 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 01:50:40.0684 4532 KtmRm - ok 01:50:40.0747 4532 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll 01:50:40.0762 4532 LanmanServer - ok 01:50:40.0825 4532 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 01:50:40.0840 4532 LanmanWorkstation - ok 01:50:40.0934 4532 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 01:50:40.0934 4532 lltdio - ok 01:50:40.0996 4532 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 01:50:41.0012 4532 lltdsvc - ok 01:50:41.0043 4532 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 01:50:41.0043 4532 lmhosts - ok 01:50:41.0090 4532 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys 01:50:41.0090 4532 LSI_FC - ok 01:50:41.0121 4532 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys 01:50:41.0121 4532 LSI_SAS - ok 01:50:41.0152 4532 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys 01:50:41.0152 4532 LSI_SAS2 - ok 01:50:41.0183 4532 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys 01:50:41.0183 4532 LSI_SCSI - ok 01:50:41.0215 4532 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 01:50:41.0215 4532 luafv - ok 01:50:41.0277 4532 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 01:50:41.0277 4532 Mcx2Svc - ok 01:50:41.0324 4532 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys 01:50:41.0324 4532 megasas - ok 01:50:41.0371 4532 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys 01:50:41.0386 4532 MegaSR - ok 01:50:41.0495 4532 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 01:50:41.0495 4532 Microsoft Office Groove Audit Service - ok 01:50:41.0558 4532 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 01:50:41.0558 4532 MMCSS - ok 01:50:41.0589 4532 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 01:50:41.0605 4532 Modem - ok 01:50:41.0683 4532 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 01:50:41.0683 4532 monitor - ok 01:50:41.0729 4532 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 01:50:41.0729 4532 mouclass - ok 01:50:41.0761 4532 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\drivers\mouhid.sys 01:50:41.0761 4532 mouhid - ok 01:50:41.0792 4532 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 01:50:41.0792 4532 mountmgr - ok 01:50:41.0854 4532 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 01:50:41.0870 4532 MozillaMaintenance - ok 01:50:41.0917 4532 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 01:50:41.0917 4532 mpio - ok 01:50:41.0948 4532 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 01:50:41.0948 4532 mpsdrv - ok 01:50:42.0041 4532 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 01:50:42.0041 4532 MpsSvc - ok 01:50:42.0104 4532 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 01:50:42.0104 4532 MRxDAV - ok 01:50:42.0182 4532 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 01:50:42.0197 4532 mrxsmb - ok 01:50:42.0229 4532 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 01:50:42.0229 4532 mrxsmb10 - ok 01:50:42.0260 4532 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 01:50:42.0260 4532 mrxsmb20 - ok 01:50:42.0291 4532 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 01:50:42.0291 4532 msahci - ok 01:50:42.0338 4532 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 01:50:42.0338 4532 msdsm - ok 01:50:42.0400 4532 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 01:50:42.0400 4532 MSDTC - ok 01:50:42.0447 4532 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 01:50:42.0463 4532 Msfs - ok 01:50:42.0494 4532 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 01:50:42.0494 4532 mshidkmdf - ok 01:50:42.0525 4532 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 01:50:42.0525 4532 msisadrv - ok 01:50:42.0587 4532 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 01:50:42.0603 4532 MSiSCSI - ok 01:50:42.0619 4532 msiserver - ok 01:50:42.0650 4532 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 01:50:42.0650 4532 MSKSSRV - ok 01:50:42.0681 4532 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 01:50:42.0681 4532 MSPCLOCK - ok 01:50:42.0697 4532 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 01:50:42.0697 4532 MSPQM - ok 01:50:42.0743 4532 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 01:50:42.0743 4532 MsRPC - ok 01:50:42.0806 4532 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 01:50:42.0806 4532 mssmbios - ok 01:50:42.0837 4532 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 01:50:42.0837 4532 MSTEE - ok 01:50:42.0853 4532 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys 01:50:42.0853 4532 MTConfig - ok 01:50:42.0884 4532 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 01:50:42.0899 4532 Mup - ok 01:50:42.0977 4532 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 01:50:42.0977 4532 napagent - ok 01:50:43.0055 4532 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 01:50:43.0055 4532 NativeWifiP - ok 01:50:43.0149 4532 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 01:50:43.0165 4532 NDIS - ok 01:50:43.0196 4532 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 01:50:43.0196 4532 NdisCap - ok 01:50:43.0243 4532 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 01:50:43.0243 4532 NdisTapi - ok 01:50:43.0274 4532 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 01:50:43.0274 4532 Ndisuio - ok 01:50:43.0305 4532 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 01:50:43.0305 4532 NdisWan - ok 01:50:43.0367 4532 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 01:50:43.0367 4532 NDProxy - ok 01:50:43.0399 4532 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 01:50:43.0399 4532 NetBIOS - ok 01:50:43.0430 4532 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 01:50:43.0430 4532 NetBT - ok 01:50:43.0477 4532 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 01:50:43.0492 4532 Netlogon - ok 01:50:43.0555 4532 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 01:50:43.0570 4532 Netman - ok 01:50:43.0633 4532 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 01:50:43.0648 4532 netprofm - ok 01:50:43.0757 4532 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 01:50:43.0757 4532 NetTcpPortSharing - ok 01:50:43.0820 4532 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys 01:50:43.0820 4532 nfrd960 - ok 01:50:43.0882 4532 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 01:50:43.0882 4532 NlaSvc - ok 01:50:43.0913 4532 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 01:50:43.0913 4532 Npfs - ok 01:50:43.0929 4532 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 01:50:43.0945 4532 nsi - ok 01:50:43.0960 4532 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 01:50:43.0960 4532 nsiproxy - ok 01:50:44.0101 4532 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 01:50:44.0132 4532 Ntfs - ok 01:50:44.0179 4532 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 01:50:44.0179 4532 Null - ok 01:50:44.0225 4532 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 01:50:44.0225 4532 nvraid - ok 01:50:44.0257 4532 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 01:50:44.0272 4532 nvstor - ok 01:50:44.0303 4532 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 01:50:44.0319 4532 nv_agp - ok 01:50:44.0444 4532 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 01:50:44.0459 4532 odserv - ok 01:50:44.0491 4532 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 01:50:44.0491 4532 ohci1394 - ok 01:50:44.0584 4532 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:50:44.0584 4532 ose - ok 01:50:44.0662 4532 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 01:50:44.0662 4532 p2pimsvc - ok 01:50:44.0709 4532 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 01:50:44.0725 4532 p2psvc - ok 01:50:44.0771 4532 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\drivers\parport.sys 01:50:44.0771 4532 Parport - ok 01:50:44.0818 4532 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys 01:50:44.0818 4532 partmgr - ok 01:50:44.0849 4532 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\drivers\parvdm.sys 01:50:44.0849 4532 Parvdm - ok 01:50:44.0881 4532 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 01:50:44.0896 4532 PcaSvc - ok 01:50:44.0927 4532 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 01:50:44.0927 4532 pci - ok 01:50:44.0959 4532 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 01:50:44.0959 4532 pciide - ok 01:50:44.0990 4532 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys 01:50:44.0990 4532 pcmcia - ok 01:50:45.0052 4532 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 01:50:45.0068 4532 pcw - ok 01:50:45.0115 4532 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 01:50:45.0130 4532 PEAUTH - ok 01:50:45.0239 4532 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 01:50:45.0255 4532 PeerDistSvc - ok 01:50:45.0427 4532 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 01:50:45.0473 4532 pla - ok 01:50:45.0676 4532 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 01:50:45.0692 4532 PlugPlay - ok 01:50:45.0739 4532 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 01:50:45.0739 4532 PNRPAutoReg - ok 01:50:45.0801 4532 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 01:50:45.0801 4532 PNRPsvc - ok 01:50:45.0879 4532 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 01:50:45.0895 4532 PolicyAgent - ok 01:50:45.0957 4532 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 01:50:45.0973 4532 Power - ok 01:50:46.0082 4532 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 01:50:46.0082 4532 PptpMiniport - ok 01:50:46.0113 4532 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys 01:50:46.0113 4532 Processor - ok 01:50:46.0175 4532 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll 01:50:46.0191 4532 ProfSvc - ok 01:50:46.0207 4532 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 01:50:46.0222 4532 ProtectedStorage - ok 01:50:46.0253 4532 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 01:50:46.0269 4532 Psched - ok 01:50:46.0363 4532 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys 01:50:46.0394 4532 ql2300 - ok 01:50:46.0565 4532 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys 01:50:46.0565 4532 ql40xx - ok 01:50:46.0643 4532 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 01:50:46.0643 4532 QWAVE - ok 01:50:46.0675 4532 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 01:50:46.0675 4532 QWAVEdrv - ok 01:50:46.0706 4532 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 01:50:46.0706 4532 RasAcd - ok 01:50:46.0768 4532 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 01:50:46.0768 4532 RasAgileVpn - ok 01:50:46.0799 4532 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 01:50:46.0799 4532 RasAuto - ok 01:50:46.0862 4532 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 01:50:46.0862 4532 Rasl2tp - ok 01:50:46.0955 4532 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 01:50:46.0971 4532 RasMan - ok 01:50:47.0002 4532 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 01:50:47.0002 4532 RasPppoe - ok 01:50:47.0033 4532 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 01:50:47.0033 4532 RasSstp - ok 01:50:47.0065 4532 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 01:50:47.0080 4532 rdbss - ok 01:50:47.0096 4532 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 01:50:47.0096 4532 rdpbus - ok 01:50:47.0127 4532 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 01:50:47.0127 4532 RDPCDD - ok 01:50:47.0189 4532 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 01:50:47.0189 4532 RDPDR - ok 01:50:47.0252 4532 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 01:50:47.0252 4532 RDPENCDD - ok 01:50:47.0283 4532 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 01:50:47.0283 4532 RDPREFMP - ok 01:50:47.0361 4532 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 01:50:47.0361 4532 RdpVideoMiniport - ok 01:50:47.0423 4532 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys 01:50:47.0423 4532 RDPWD - ok 01:50:47.0486 4532 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 01:50:47.0486 4532 rdyboost - ok 01:50:47.0548 4532 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 01:50:47.0548 4532 RemoteAccess - ok 01:50:47.0611 4532 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 01:50:47.0626 4532 RemoteRegistry - ok 01:50:47.0673 4532 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 01:50:47.0689 4532 RpcEptMapper - ok 01:50:47.0751 4532 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 01:50:47.0751 4532 RpcLocator - ok 01:50:47.0798 4532 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 01:50:47.0798 4532 RpcSs - ok 01:50:47.0876 4532 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 01:50:47.0876 4532 rspndr - ok 01:50:47.0923 4532 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 01:50:47.0923 4532 s3cap - ok 01:50:47.0954 4532 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 01:50:47.0969 4532 SamSs - ok 01:50:48.0016 4532 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 01:50:48.0016 4532 sbp2port - ok 01:50:48.0063 4532 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 01:50:48.0079 4532 SCardSvr - ok 01:50:48.0094 4532 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 01:50:48.0094 4532 scfilter - ok 01:50:48.0172 4532 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 01:50:48.0188 4532 Schedule - ok 01:50:48.0250 4532 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 01:50:48.0250 4532 SCPolicySvc - ok 01:50:48.0297 4532 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 01:50:48.0313 4532 SDRSVC - ok 01:50:48.0375 4532 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 01:50:48.0375 4532 secdrv - ok 01:50:48.0406 4532 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 01:50:48.0406 4532 seclogon - ok 01:50:48.0453 4532 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 01:50:48.0469 4532 SENS - ok 01:50:48.0500 4532 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 01:50:48.0515 4532 SensrSvc - ok 01:50:48.0547 4532 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\drivers\serenum.sys 01:50:48.0547 4532 Serenum - ok 01:50:48.0578 4532 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\drivers\serial.sys 01:50:48.0578 4532 Serial - ok 01:50:48.0609 4532 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys 01:50:48.0609 4532 sermouse - ok 01:50:48.0687 4532 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 01:50:48.0703 4532 SessionEnv - ok 01:50:48.0749 4532 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 01:50:48.0749 4532 sffdisk - ok 01:50:48.0781 4532 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 01:50:48.0781 4532 sffp_mmc - ok 01:50:48.0812 4532 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 01:50:48.0812 4532 sffp_sd - ok 01:50:48.0827 4532 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys 01:50:48.0827 4532 sfloppy - ok 01:50:48.0937 4532 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 01:50:48.0937 4532 SharedAccess - ok 01:50:49.0015 4532 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 01:50:49.0030 4532 ShellHWDetection - ok 01:50:49.0093 4532 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 01:50:49.0093 4532 sisagp - ok 01:50:49.0139 4532 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys 01:50:49.0139 4532 SiSRaid2 - ok 01:50:49.0186 4532 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys 01:50:49.0186 4532 SiSRaid4 - ok 01:50:49.0217 4532 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 01:50:49.0217 4532 Smb - ok 01:50:49.0295 4532 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 01:50:49.0295 4532 SNMPTRAP - ok 01:50:49.0358 4532 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 01:50:49.0358 4532 spldr - ok 01:50:49.0420 4532 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 01:50:49.0420 4532 Spooler - ok 01:50:49.0732 4532 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 01:50:49.0795 4532 sppsvc - ok 01:50:49.0966 4532 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 01:50:49.0966 4532 sppuinotify - ok 01:50:50.0060 4532 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 01:50:50.0060 4532 srv - ok 01:50:50.0107 4532 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 01:50:50.0107 4532 srv2 - ok 01:50:50.0138 4532 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 01:50:50.0153 4532 srvnet - ok 01:50:50.0185 4532 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 01:50:50.0185 4532 SSDPSRV - ok 01:50:50.0216 4532 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 01:50:50.0231 4532 SstpSvc - ok 01:50:50.0278 4532 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys 01:50:50.0278 4532 stexstor - ok 01:50:50.0372 4532 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 01:50:50.0387 4532 StiSvc - ok 01:50:50.0497 4532 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 01:50:50.0512 4532 storflt - ok 01:50:50.0559 4532 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 01:50:50.0559 4532 storvsc - ok 01:50:50.0606 4532 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 01:50:50.0606 4532 swenum - ok 01:50:50.0902 4532 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 01:50:50.0918 4532 swprv - ok 01:50:50.0980 4532 Synth3dVsc (f2ad8960812fd111e20e84659ef19d43) C:\Windows\system32\drivers\synth3dvsc.sys 01:50:50.0996 4532 Synth3dVsc - ok 01:50:51.0074 4532 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 01:50:51.0105 4532 SysMain - ok 01:50:51.0167 4532 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 01:50:51.0167 4532 TabletInputService - ok 01:50:51.0214 4532 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 01:50:51.0214 4532 TapiSrv - ok 01:50:51.0245 4532 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 01:50:51.0245 4532 TBS - ok 01:50:51.0401 4532 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys 01:50:51.0417 4532 Tcpip - ok 01:50:51.0464 4532 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys 01:50:51.0479 4532 TCPIP6 - ok 01:50:51.0620 4532 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 01:50:51.0620 4532 tcpipreg - ok 01:50:51.0651 4532 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 01:50:51.0651 4532 TDPIPE - ok 01:50:51.0698 4532 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 01:50:51.0698 4532 TDTCP - ok 01:50:51.0745 4532 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 01:50:51.0745 4532 tdx - ok 01:50:51.0823 4532 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys 01:50:51.0823 4532 TermDD - ok 01:50:51.0885 4532 terminpt (052306fd76793d5d5ab5d9891fd1adbb) C:\Windows\system32\drivers\terminpt.sys 01:50:51.0885 4532 terminpt - ok 01:50:51.0963 4532 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 01:50:51.0979 4532 TermService - ok 01:50:52.0010 4532 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 01:50:52.0025 4532 Themes - ok 01:50:52.0088 4532 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 01:50:52.0088 4532 THREADORDER - ok 01:50:52.0259 4532 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 01:50:52.0259 4532 TomTomHOMEService - ok 01:50:52.0322 4532 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 01:50:52.0337 4532 TrkWks - ok 01:50:52.0431 4532 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 01:50:52.0447 4532 TrustedInstaller - ok 01:50:52.0478 4532 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 01:50:52.0478 4532 tssecsrv - ok 01:50:52.0540 4532 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 01:50:52.0540 4532 TsUsbFlt - ok 01:50:52.0571 4532 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys 01:50:52.0571 4532 TsUsbGD - ok 01:50:52.0618 4532 tsusbhub (045acb987c650d8186c6b4a692223860) C:\Windows\system32\drivers\tsusbhub.sys 01:50:52.0634 4532 tsusbhub - ok 01:50:52.0681 4532 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 01:50:52.0681 4532 tunnel - ok 01:50:52.0712 4532 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys 01:50:52.0727 4532 uagp35 - ok 01:50:52.0774 4532 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 01:50:52.0774 4532 udfs - ok 01:50:52.0837 4532 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 01:50:52.0852 4532 UI0Detect - ok 01:50:52.0915 4532 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 01:50:52.0915 4532 uliagpkx - ok 01:50:52.0961 4532 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 01:50:52.0961 4532 umbus - ok 01:50:52.0993 4532 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys 01:50:52.0993 4532 UmPass - ok 01:50:53.0055 4532 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 01:50:53.0071 4532 UmRdpService - ok 01:50:53.0133 4532 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 01:50:53.0149 4532 upnphost - ok 01:50:53.0195 4532 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 01:50:53.0211 4532 USBAAPL - ok 01:50:53.0258 4532 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 01:50:53.0258 4532 usbccgp - ok 01:50:53.0320 4532 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 01:50:53.0336 4532 usbcir - ok 01:50:53.0367 4532 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 01:50:53.0367 4532 usbehci - ok 01:50:53.0414 4532 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 01:50:53.0429 4532 usbhub - ok 01:50:53.0445 4532 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 01:50:53.0445 4532 usbohci - ok 01:50:53.0476 4532 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 01:50:53.0476 4532 usbprint - ok 01:50:53.0539 4532 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 01:50:53.0539 4532 usbscan - ok 01:50:53.0601 4532 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 01:50:53.0601 4532 USBSTOR - ok 01:50:53.0617 4532 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 01:50:53.0617 4532 usbuhci - ok 01:50:53.0679 4532 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 01:50:53.0679 4532 UxSms - ok 01:50:53.0741 4532 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 01:50:53.0741 4532 VaultSvc - ok 01:50:53.0804 4532 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 01:50:53.0804 4532 vdrvroot - ok 01:50:53.0851 4532 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 01:50:53.0866 4532 vds - ok 01:50:53.0944 4532 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 01:50:53.0944 4532 vga - ok 01:50:53.0975 4532 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 01:50:53.0975 4532 VgaSave - ok 01:50:53.0991 4532 VGPU - ok 01:50:54.0038 4532 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 01:50:54.0038 4532 vhdmp - ok 01:50:54.0100 4532 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 01:50:54.0100 4532 viaagp - ok 01:50:54.0116 4532 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys 01:50:54.0131 4532 ViaC7 - ok 01:50:54.0147 4532 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 01:50:54.0147 4532 viaide - ok 01:50:54.0209 4532 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 01:50:54.0225 4532 vmbus - ok 01:50:54.0256 4532 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 01:50:54.0256 4532 VMBusHID - ok 01:50:54.0319 4532 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 01:50:54.0319 4532 volmgr - ok 01:50:54.0350 4532 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 01:50:54.0365 4532 volmgrx - ok 01:50:54.0412 4532 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 01:50:54.0412 4532 volsnap - ok 01:50:54.0475 4532 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys 01:50:54.0475 4532 vsmraid - ok 01:50:54.0599 4532 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 01:50:54.0631 4532 VSS - ok 01:50:54.0677 4532 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 01:50:54.0677 4532 vwifibus - ok 01:50:54.0724 4532 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 01:50:54.0724 4532 vwififlt - ok 01:50:54.0755 4532 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys 01:50:54.0755 4532 vwifimp - ok 01:50:55.0052 4532 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 01:50:55.0083 4532 W32Time - ok 01:50:55.0130 4532 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys 01:50:55.0130 4532 WacomPen - ok 01:50:55.0177 4532 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 01:50:55.0177 4532 WANARP - ok 01:50:55.0192 4532 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 01:50:55.0192 4532 Wanarpv6 - ok 01:50:55.0348 4532 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 01:50:55.0379 4532 WatAdminSvc - ok 01:50:55.0504 4532 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 01:50:55.0535 4532 wbengine - ok 01:50:55.0613 4532 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 01:50:55.0613 4532 WbioSrvc - ok 01:50:55.0676 4532 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 01:50:55.0691 4532 wcncsvc - ok 01:50:55.0723 4532 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 01:50:55.0723 4532 WcsPlugInService - ok 01:50:56.0175 4532 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys 01:50:56.0175 4532 Wd - ok 01:50:56.0237 4532 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 01:50:56.0253 4532 Wdf01000 - ok 01:50:56.0315 4532 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 01:50:56.0331 4532 WdiServiceHost - ok 01:50:56.0331 4532 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 01:50:56.0347 4532 WdiSystemHost - ok 01:50:56.0378 4532 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 01:50:56.0393 4532 WebClient - ok 01:50:56.0409 4532 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 01:50:56.0425 4532 Wecsvc - ok 01:50:56.0456 4532 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 01:50:56.0456 4532 wercplsupport - ok 01:50:56.0518 4532 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 01:50:56.0518 4532 WerSvc - ok 01:50:56.0581 4532 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 01:50:56.0581 4532 WfpLwf - ok 01:50:56.0612 4532 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 01:50:56.0612 4532 WIMMount - ok 01:50:56.0752 4532 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 01:50:56.0768 4532 WinDefend - ok 01:50:56.0783 4532 WinHttpAutoProxySvc - ok 01:50:56.0893 4532 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 01:50:56.0893 4532 Winmgmt - ok 01:50:57.0017 4532 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 01:50:57.0049 4532 WinRM - ok 01:50:57.0205 4532 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 01:50:57.0205 4532 WinUsb - ok 01:50:57.0392 4532 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 01:50:57.0407 4532 Wlansvc - ok 01:50:57.0470 4532 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 01:50:57.0470 4532 WmiAcpi - ok 01:50:57.0563 4532 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 01:50:57.0563 4532 wmiApSrv - ok 01:50:57.0953 4532 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 01:50:57.0985 4532 WMPNetworkSvc - ok 01:50:58.0047 4532 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 01:50:58.0047 4532 WPCSvc - ok 01:50:58.0078 4532 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 01:50:58.0078 4532 WPDBusEnum - ok 01:50:58.0172 4532 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 01:50:58.0172 4532 ws2ifsl - ok 01:50:58.0203 4532 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll 01:50:58.0203 4532 wscsvc - ok 01:50:58.0219 4532 WSearch - ok 01:50:58.0375 4532 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 01:50:58.0406 4532 wuauserv - ok 01:50:58.0999 4532 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 01:50:59.0014 4532 WudfPf - ok 01:50:59.0061 4532 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 01:50:59.0061 4532 WUDFRd - ok 01:50:59.0139 4532 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 01:50:59.0155 4532 wudfsvc - ok 01:50:59.0186 4532 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 01:50:59.0201 4532 WwanSvc - ok 01:50:59.0342 4532 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys 01:50:59.0404 4532 xusb21 - ok 01:50:59.0638 4532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 01:51:00.0044 4532 \Device\Harddisk0\DR0 - ok 01:51:00.0059 4532 Boot (0x1200) (223de565a2230fcc265c28e0ad4a3210) \Device\Harddisk0\DR0\Partition0 01:51:00.0059 4532 \Device\Harddisk0\DR0\Partition0 - ok 01:51:00.0059 4532 ============================================================ 01:51:00.0059 4532 Scan finished 01:51:00.0059 4532 ============================================================ 01:51:00.0075 2052 Detected object count: 0 01:51:00.0075 2052 Actual detected object count: 0
  15. Here it is, and Thanks! ComboFix 12-07-07.04 - Bill 07/08/2012 0:33.1.1 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.1014.394 [GMT -4:00] Running from: c:\users\Bill\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\CouponAlert_2pEI c:\users\Bill\AppData\Roaming\AdVantage c:\users\Bill\AppData\Roaming\Google Talk c:\users\Bill\AppData\Roaming\system32 . . ((((((((((((((((((((((((( Files Created from 2012-06-08 to 2012-07-08 ))))))))))))))))))))))))))))))) . . 2012-07-08 04:50 . 2012-07-08 04:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-06 20:13 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BF922BB-6D55-4A2F-A19D-25CE9AD9C141}\mpengine.dll 2012-06-29 02:10 . 2012-06-29 02:10 -------- d-----w- c:\program files\iPod 2012-06-25 21:56 . 2012-05-17 23:21 140920 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2012-06-25 21:48 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-06-25 21:48 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-06-25 21:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2012-06-25 21:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-06-24 18:07 . 2012-06-24 18:07 -------- d-----w- c:\program files\Common Files\Java 2012-06-24 18:06 . 2012-06-24 18:06 476936 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-06-24 18:02 . 2012-06-24 18:02 -------- d-----w- c:\programdata\McAfee 2012-06-24 15:56 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-06-24 15:56 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-06-24 15:56 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-06-24 15:56 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-06-24 15:56 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-06-24 15:55 . 2012-04-28 04:41 919040 ----a-w- c:\windows\system32\rdpcorets.dll 2012-06-24 15:55 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-24 15:55 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-06-24 15:55 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-06-24 15:55 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll 2012-06-24 15:54 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys 2012-06-24 15:54 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-06-24 15:54 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-06-24 15:54 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-24 15:54 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-06-24 15:54 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll 2012-06-24 15:54 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-06-24 15:54 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-24 15:54 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-06-24 15:54 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-24 15:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-06-24 15:48 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-06-24 15:44 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-24 15:44 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-24 15:44 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-24 15:44 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-24 15:44 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-24 15:44 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-24 15:44 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-24 15:44 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-24 15:44 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-06-24 15:25 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-06-24 15:25 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-06-24 15:24 . 2012-07-03 16:21 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-06-24 15:24 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-06-24 15:24 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-06-24 15:24 . 2012-07-03 16:21 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-06-24 15:23 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr 2012-06-24 15:23 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe 2012-06-24 15:23 . 2012-06-24 15:23 -------- d-----w- c:\programdata\AVAST Software 2012-06-24 15:23 . 2012-06-24 15:23 -------- d-----w- c:\program files\AVAST Software 2012-06-22 00:45 . 2012-06-22 00:45 388096 ----a-r- c:\users\Bill\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-22 00:45 . 2012-06-22 00:45 -------- d-----w- c:\program files\Trend Micro 2012-06-18 22:50 . 2012-06-18 22:50 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-18 22:50 . 2012-06-18 22:50 -------- d-----w- c:\program files\7-Zip 2012-06-18 22:50 . 2012-06-18 22:50 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-18 22:50 . 2012-06-18 22:50 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-24 18:06 . 2011-05-19 20:43 472840 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-06-18 22:50 . 2011-05-19 22:12 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-02-01 23:17 1487240 ------w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] . c:\users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 15:25] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-05-27 15:25] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002Core.job - c:\users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 00:55] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-333680662-3317831912-918726619-1002UA.job - c:\users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 00:55] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\718tw7ji.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=113959&tt=060612_7_&babsrc=KW_ss&mntrId=78db3950000000000000061f3a75ca90&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=060612_7_ FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 78db3950000000000000061f3a75ca90 FF - user.js: extensions.BabylonToolbar_i.hardId - 78db3950000000000000061f3a75ca90 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15509 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:50 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-07-08 01:03:06 ComboFix-quarantined-files.txt 2012-07-08 05:03 ComboFix2.txt 2011-04-29 00:59 . Pre-Run: 19,422,400,512 bytes free Post-Run: 19,762,978,816 bytes free . - - End Of File - - 6C257FE69B04108EC8B1EFCD3ED79407
  16. Results of screen317's Security Check version 0.99.42 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.61.0.1400 CCleaner Java 6 Update 22 Java 6 Update 33 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.1.102.62 Adobe Reader X 10.0.1 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome 19.0.1084.56 Google Chrome 20.0.1132.47 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  17. Hello, Been getting a bunch of redirection as i`m browsing. I think i`m infected. Any help would be appreciated! DDS.txt Attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.