flea
-
Posts
13 -
Joined
-
Last visited
-
F-Secure Scan Report Scanning Report Saturday, February 23, 2013 17:48:08 - 18:41:28 Computer name: TRAVIS-PC Scanning type: Scan system for malware, spyware and rootkits Target: C:\ No malware found Statistics Scanned: Files: 104269 System: 5907 Not scanned: 220 Actions: Disinfected: 0 Renamed: 0 Deleted: 0 Not cleaned: 0 Submitted: 0 Files not scanned: C:\HIBERFIL.SYS C:\PAGEFILE.SYS C:\WINDOWS\SYSTEM32\CONFIG\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM C:\WINDOWS\SYSTEM32\CONFIG\SAM C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\D547F9FE236BCB4363D6D1428E5222749E52A54B.HOMEGROUPCLASSIFIER\796B04ED8244B6151FA5FF1FDA613355\GROUPING\DB.MDB C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DF1C8C544CF07D810A.TMP C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFDD9E401A900D4B30.TMP C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFDF71F65F4A8A0D65.TMP C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFFEA2350D6EB8226B.TMP C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\HSPERFDATA_TRAVIS\3560 C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\HSPERFDATA_TRAVIS\4872 C:\SYSTEM VOLUME INFORMATION\{12838FD2-789B-11E2-91DE-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{32BDCD53-7BB6-11E2-A39B-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEE0-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEE4-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEE8-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AF02-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{8C14F609-7AFB-11E2-B9B8-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEF0-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEEC-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEFE-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AEFA-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\SYSTEM VOLUME INFORMATION\{3727AF06-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752} C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0182101289F0372B6C9E066AD4140989_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04341F79986C573D13405251C423A16F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0766F80603B3737FAEF3FF4A3E2025AC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A5F35E075652482BBAAFFCC6C7A3165_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02A5B3CC3F0F0F1A8368A3C8C8A18840_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C5035D870AB06221228BDF717035297_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0CA6B4DAE18EDCCBAB447CD598F437B9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C9028F610BC14923E6446857541BC5E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\10E510E38C1767C32F08DF328644EC5A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1121B1019EB69535CC4FA46B55E1233B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\124275E5E88030764A871F29EDD9ED0C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A5A649BF77E2F81DB235928E6B0DDD4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\05060BD653BEE1CAC8D0BAA4D84A4125_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\106CBE05166BCB61EF7B1310A95C9EF3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\148160DDC8D6599F8E2C011DA2170A9C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FFE205E95A4B6C9D4BC0150313E31E0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0DAFB8553413FF623853CAE7B56BD175_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\135DD925D93EBAF06FACAA0CE4766581_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\19543FE6FD22EB0E1F088F714A4C8801_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\16DE469F39D1CE4257F2429C2B294088_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15299757E24DF185416EE0C24E15A34E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14FDC0DF2845D5B8E1C1FAA562109660_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1623C58F8F7AF5C5779A90FB39188792_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1C8E2A2D88D16D84D4B4A1205181D6AF_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1EA7539DEAA5EB21EE5FEFCEE4CD90CC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BAEA7ECA29179B380C5C38038BA71FC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D909FA48422353AECB5D20A914E8721_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\29120F93853539850DF94291EBB43B17_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1EFFF3E85B61A83492189351A0042D65_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A6655A9BA355866198B6F07ECCCA090_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2975DE53D45876D977957D8AD49F9F10_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20E54896E1E16521F8FB4A44A29ED173_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1DBF5169913E29B17DD0A957D7B8422B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FF2C6266ACBFD5F3D269F2B2972C90B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2BF42574C204AA878A69F0F888F0A1CC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C71C377D79A20077F6B214D649BAE36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2E6A0CB1FCC0642088D16DC2CD9EF055_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3276AD985906532DEC1EAA48CEAAC48B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\345B20F0AA414FA009EC76E30B5E5866_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\34732E3AC950BDAC47BF1FD8F43166D7_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\34FC70CF401C18BB23632A1B9527F2EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\364C3649FBD538E2AA43EC0A59E0D3E9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\38541C16FF9B2F05C8224B7BFB458DC5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3BEE100CAC2EC9B8FA7B262FAB824A2B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3BF857CD142343D05A991C3796BEA5EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C047E3803CB7EF0944AD9C393C0CDA2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3FDB46689EB689E2260F3F593012F754_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D8382005A3F7142FA36315340A0BF26_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\41065CC69CF3C9148F77A89B48D11C75_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4378521F8AC36D346309FE47863C7116_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\468DB6DF1BBC69DC539B48EBA09217A5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\471ABC266E91C99C8675B276FE8B6339_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\490F427EF28F8208CCC21687EFD76134_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C5D06DD5E1AEEEE63673694BFC7C848_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4DB720AD1EE2FBD3E8983275B1CA8B00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F4DBA373661F7356CCA3F57FDD666C3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\507449CE51A47DA234165D2D87B6E375_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\547B4F14318EB74E14F286F636613DD1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5629C37F7F6C38A9FFDC8739D1FDFC3B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\56A1B204FE4EDA8DC53BDCC4CC468972_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\47BAF824A34913168E037D37ADE8B7FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5797AD129AC93A2433E34F0C36C5D153_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5975242D608DE5BDE146080BDC57C88B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A1A9094CA591C60BA2201B152B67E87_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A6894175E949591E91B11B836C6EEF5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B0A5E4538FB8FDCCF3C760AECDDFFDE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5C61848FC845117DF1BEE132667556B9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D0745A1ED252026AEA4172A37251D75_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6178BF1FF26E5E607FB6FAFFEA344062_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\650CD59DF3F986CC4026A1DB7F306078_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\52A1B6E588258D9FC5B14F126BF5DE4E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\615651F0E49CEEFD483B4239D2E51999_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\654AD0A75F3AC11FB691BAB85F4A2B02_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6BAE4F378AE8DAD53866C9A0C43BA9B5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\675F023623D2936133F00E8787C480D3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5437A54F6C77B548CAB69C0E584D5A58_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\50D21E26626D83FFF0AD3F818545BB25_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\744D1A030173A24D2781FDA0BB62FAF6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\71E02C71E8BED8B9072B7B673B5E0269_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6EE9B4C7C7E4F8EB4EDE512CEA96CDDE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77B3B19A361FEE52165BF3E279312C90_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\780FA702E8A063CB29BC736074665D02_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\722B3E3A6C54402ACF20F7FB49E9504C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7C10C0B09CBB8AA1817A2F57D4D25A91_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7CD40058F9370214856B154BE1E60B5F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6D2AC7BBE471F534DE74B46536E88B5F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\78FFC4E5A3529553770D84276EDAA696_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\80667B257561D29F3946F06848218E83_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\808B610DCF6746D4C60615EE07502736_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\813ED8DA73F3A884CAFF8D7E605887CD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\824A83F8EF3B5D50278F68415685A3B0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8281C8846F4B4FD1953506222B3E4EFD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\82F8C19FB57BD3DC5698DD0094F6C451_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7E8D60AE4088BE229B6852A34D23C488_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\83C1640BA0A82256D19EAD6B8D9F8C6C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87435D3A84D7AA5F9795D3BCA76AF13F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\84A2B46709A1C2AD3549DC487D19DD2D_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85AD40FA06D8BAA0F3EF19FEADAD841C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7F5957E21C80BEB167972DB3F47B7EEC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87A631A3F214C8188BBF7A56738390BE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85F14A9115B2AEF734847B44C734C17F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B46C130C61FF71BCACE09D37D049972_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C0C0A16FD287AFBA96594629DB24FEC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8CD69782920E83C529780BB03E8427E2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8E7BEBAAA33ED7E1149CF073EAE616C2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8FFDEAAF155F2F96A23FB3550954EA2A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\904FBE8C87B8C3A9F232844E301B732F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\90F125FB74815DCFF5296B7686707869_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\91F1F023847148749A54F56D5F94A348_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93C10FA14CD204E58D94B63470B379E4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\99AE45643CDE521B44F0466FFCB39B20_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9AFAE2FBB472E2EB56890FF489581873_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\881E50341DACA4290044D19DB6E5D278_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F2D63AE3411EE15F270B529A5504010_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F2F3B405A5AA3EE618E8160780D04FD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8922CF0B241071A683AABD045F034C74_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A27A0A9518083D0514946E49CCDE146_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\88C161583D9A0FED3EF40E054496BB36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A09DAA7A43842BDF4C0CF3C6E12B76CD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C883AFEE1083290889C703AE65C8F00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A1A90C57BDE9BE291C080AB73D276687_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AEE534174B691C02170BF6ACFD83B7D7_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF4C4237C45180AD5C33CF1436AFBCF4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B027A7291597558D71AD1BB43FC04143_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B0F67F01EC8E458532C492CE10FE14C9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B19FBC766DF7AA1D3BCF4EFF3F9ACBC2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B395E7F44DC668E88344C8B90B9161BE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A01FAEC95D9BAF8357A13DE3E7CA8088_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A52C765B2C3AEFF24FC4948C1126947C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B423E7D1F3993D163C3FFDDF43CB64B5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AC8667F051BAB52F2D960A9DC77475B4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB635AFB0622D025A6452E9F30669A9B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B992108334F68A63352FFC9639715A36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA0CE9B51249454514DAFF6781D2B674_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B57C20031F840B9A28D757F9134BAB84_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B6947B671D8F796507FF062B63E56A50_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7833A04B0C60FB195217D12551B44E0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C1F575CF6214D3CABB0E31B318A2457F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4A202C2568D0BED171776484E07789A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2E40AC265D09684D87F81FD5E76D8FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C79A17FB32BE414343F170445B2CF2F9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D1D9F1812E00B6AF04088310664A6CE6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D4EC6E581CCA52979527F94344CE4977_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5A04E17A1E189214CC70EF287AACBB6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5F1C94F53A1ADE0D98015BD6D1AB4A1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D859AECBA502AB960BFD61496593404C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D85A8A679CBF3D70EA72FB278F74E2DE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C35F5E760B452660657A627168C1F9C2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C7B802FA4C1A6F29FC207FAED5F1A92C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA8150B4E030C46A341DF76169A53900_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D6262D5C39E8121525C5F20D33298588_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9D8637DD9848831E2973C505150A272_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9A422FBBF03893D4FD1D63B42235D00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DF2BA527FEF79DE1B7887C164B244BEF_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DA5471041BCFEC9BFBB8D9FF68675C3E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C6519FD052C31DFD2D9F3E732A71B352_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DB2330041D98134FCCF6980D3A51BBAA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E8CA9429EE53A94F02BAEC96B365744D_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB22B0251EF6424B2C71BEC3919F5A7F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDB6242B9B74B5D710947389F84259C0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EBCB3AB5C9DD9B506C96E7AB9097F1CB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDECBE5FB50880D92F388565176BA7D5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE846EBD76BFFCE98A9FCD5F7F5245AD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F03CA81B6451A5F59D16A856995735FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDBC3B662513F2874A42E68D2D561FCA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E57B1841FA53F72CD7754CCAEB9BDF46_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F27F62A9ED956C099A9BDE1AE3DA3383_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F34FED11F0D3C2F65558C1113CC843FD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F5314E9C8FEC74F3E6F48A987A04ED32_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F1EAEB1464584E47142EAFB5AB8360DC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DDB2799D0C7A32AE0A2FCC8143893FAB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB96132C6C57D1425D81577241E62D8F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F630D4BF73A8E37A45D746DC5BC9995C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F7BFA5F93CB8CAC92B5493263ADB85A1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8FEDF2798147666E50002142006EC05_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF454B01D48EA18855E328DC9C627103_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F36FA9A482205D85CFACF0FD713019EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F5ABA474CDCE2D3CABA10B579D3936A2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F1FA172D69EC78E703A9AAEB293D07BD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF9FFA23707CB26A0E664D8863487946_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19 C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_0 C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_1 C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_2 C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_3 C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\INDEX C:\BOOT\BCD Options Scanning engines: Scanning options: Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR TMP Use advanced heuristics Copyright © 1998-2009 Product support | Send virus sample to F-Secure F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.
-
<h1 style="color: rgb(0, 0, 0); text-transform: none; line-height: normal; text-indent: 0px; letter-spacing: normal; font-family: verdana; font-style: normal; font-variant: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <font face="Arial">Scanning Report</font></h1> <h2 style="color: rgb(0, 0, 0); text-transform: none; line-height: normal; text-indent: 0px; letter-spacing: normal; font-family: verdana; font-style: normal; font-variant: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <font face="Arial">Saturday, February 23, 2013 17:48:08 - 18:41:28</font></h2> <p style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Computer name: TRAVIS-PC<br /> Scanning type: Scan system for malware, spyware and rootkits<br /> Target: C:\</p> <hr noshade="noshade" style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" /> <h2 style="color: rgb(0, 0, 0); text-transform: none; line-height: normal; text-indent: 0px; letter-spacing: normal; font-family: verdana; font-style: normal; font-variant: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <font color="#5a6ed2" face="Arial">No malware found</font></h2> <hr noshade="noshade" style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" /> <h2 style="color: rgb(0, 0, 0); text-transform: none; line-height: normal; text-indent: 0px; letter-spacing: normal; font-family: verdana; font-style: normal; font-variant: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <font color="#5a6ed2" face="Arial">Statistics</font></h2> <p><span style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Scanned:</span></p> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <li>Files: 104269</li> <li>System: 5907</li> <li>Not scanned: 220</li> </ul> <p><span style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Actions:</span></p> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <li>Disinfected: 0</li> <li>Renamed: 0</li> <li>Deleted: 0</li> <li>Not cleaned: 0</li> <li>Submitted: 0</li> </ul> <p><span style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Files not scanned:</span></p> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <li>C:\HIBERFIL.SYS</li> <li>C:\PAGEFILE.SYS</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\SECURITY</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\SAM</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT</li> <li>C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM</li> <li>C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB</li> <li>C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB</li> <li>C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\D547F9FE236BCB4363D6D1428E5222749E52A54B.HOMEGROUPCLASSIFIER\796B04ED8244B6151FA5FF1FDA613355\GROUPING\DB.MDB</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DF1C8C544CF07D810A.TMP</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFDD9E401A900D4B30.TMP</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFDF71F65F4A8A0D65.TMP</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\~DFFEA2350D6EB8226B.TMP</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\HSPERFDATA_TRAVIS\3560</li> <li>C:\USERS\TRAVIS\APPDATA\LOCAL\TEMP\HSPERFDATA_TRAVIS\4872</li> <li>C:\SYSTEM VOLUME INFORMATION\{12838FD2-789B-11E2-91DE-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{32BDCD53-7BB6-11E2-A39B-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEE0-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEE4-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEE8-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AF02-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{8C14F609-7AFB-11E2-B9B8-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEF0-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEEC-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEFE-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AEFA-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\SYSTEM VOLUME INFORMATION\{3727AF06-7B00-11E2-A7BC-E0CB4EE5843B}{3808876B-C176-4E48-B7AE-04046E6CC752}</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0182101289F0372B6C9E066AD4140989_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04341F79986C573D13405251C423A16F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0766F80603B3737FAEF3FF4A3E2025AC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A5F35E075652482BBAAFFCC6C7A3165_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02A5B3CC3F0F0F1A8368A3C8C8A18840_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C5035D870AB06221228BDF717035297_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0CA6B4DAE18EDCCBAB447CD598F437B9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C9028F610BC14923E6446857541BC5E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\10E510E38C1767C32F08DF328644EC5A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1121B1019EB69535CC4FA46B55E1233B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\124275E5E88030764A871F29EDD9ED0C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A5A649BF77E2F81DB235928E6B0DDD4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\05060BD653BEE1CAC8D0BAA4D84A4125_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\106CBE05166BCB61EF7B1310A95C9EF3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\148160DDC8D6599F8E2C011DA2170A9C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FFE205E95A4B6C9D4BC0150313E31E0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0DAFB8553413FF623853CAE7B56BD175_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\135DD925D93EBAF06FACAA0CE4766581_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\19543FE6FD22EB0E1F088F714A4C8801_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\16DE469F39D1CE4257F2429C2B294088_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15299757E24DF185416EE0C24E15A34E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14FDC0DF2845D5B8E1C1FAA562109660_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1623C58F8F7AF5C5779A90FB39188792_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1C8E2A2D88D16D84D4B4A1205181D6AF_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1EA7539DEAA5EB21EE5FEFCEE4CD90CC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BAEA7ECA29179B380C5C38038BA71FC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D909FA48422353AECB5D20A914E8721_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\29120F93853539850DF94291EBB43B17_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1EFFF3E85B61A83492189351A0042D65_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A6655A9BA355866198B6F07ECCCA090_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2975DE53D45876D977957D8AD49F9F10_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20E54896E1E16521F8FB4A44A29ED173_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1DBF5169913E29B17DD0A957D7B8422B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FF2C6266ACBFD5F3D269F2B2972C90B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2BF42574C204AA878A69F0F888F0A1CC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C71C377D79A20077F6B214D649BAE36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2E6A0CB1FCC0642088D16DC2CD9EF055_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3276AD985906532DEC1EAA48CEAAC48B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\345B20F0AA414FA009EC76E30B5E5866_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\34732E3AC950BDAC47BF1FD8F43166D7_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\34FC70CF401C18BB23632A1B9527F2EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\364C3649FBD538E2AA43EC0A59E0D3E9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\38541C16FF9B2F05C8224B7BFB458DC5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3BEE100CAC2EC9B8FA7B262FAB824A2B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3BF857CD142343D05A991C3796BEA5EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C047E3803CB7EF0944AD9C393C0CDA2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3FDB46689EB689E2260F3F593012F754_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D8382005A3F7142FA36315340A0BF26_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\41065CC69CF3C9148F77A89B48D11C75_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4378521F8AC36D346309FE47863C7116_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\468DB6DF1BBC69DC539B48EBA09217A5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\471ABC266E91C99C8675B276FE8B6339_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\490F427EF28F8208CCC21687EFD76134_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C5D06DD5E1AEEEE63673694BFC7C848_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4DB720AD1EE2FBD3E8983275B1CA8B00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F4DBA373661F7356CCA3F57FDD666C3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\507449CE51A47DA234165D2D87B6E375_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\547B4F14318EB74E14F286F636613DD1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5629C37F7F6C38A9FFDC8739D1FDFC3B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\56A1B204FE4EDA8DC53BDCC4CC468972_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\47BAF824A34913168E037D37ADE8B7FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5797AD129AC93A2433E34F0C36C5D153_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5975242D608DE5BDE146080BDC57C88B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A1A9094CA591C60BA2201B152B67E87_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A6894175E949591E91B11B836C6EEF5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B0A5E4538FB8FDCCF3C760AECDDFFDE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5C61848FC845117DF1BEE132667556B9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D0745A1ED252026AEA4172A37251D75_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6178BF1FF26E5E607FB6FAFFEA344062_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\650CD59DF3F986CC4026A1DB7F306078_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\52A1B6E588258D9FC5B14F126BF5DE4E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\615651F0E49CEEFD483B4239D2E51999_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\654AD0A75F3AC11FB691BAB85F4A2B02_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6BAE4F378AE8DAD53866C9A0C43BA9B5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\675F023623D2936133F00E8787C480D3_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5437A54F6C77B548CAB69C0E584D5A58_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\50D21E26626D83FFF0AD3F818545BB25_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\744D1A030173A24D2781FDA0BB62FAF6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\71E02C71E8BED8B9072B7B673B5E0269_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6EE9B4C7C7E4F8EB4EDE512CEA96CDDE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77B3B19A361FEE52165BF3E279312C90_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\780FA702E8A063CB29BC736074665D02_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\722B3E3A6C54402ACF20F7FB49E9504C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7C10C0B09CBB8AA1817A2F57D4D25A91_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7CD40058F9370214856B154BE1E60B5F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6D2AC7BBE471F534DE74B46536E88B5F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\78FFC4E5A3529553770D84276EDAA696_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\80667B257561D29F3946F06848218E83_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\808B610DCF6746D4C60615EE07502736_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\813ED8DA73F3A884CAFF8D7E605887CD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\824A83F8EF3B5D50278F68415685A3B0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8281C8846F4B4FD1953506222B3E4EFD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\82F8C19FB57BD3DC5698DD0094F6C451_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7E8D60AE4088BE229B6852A34D23C488_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\83C1640BA0A82256D19EAD6B8D9F8C6C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87435D3A84D7AA5F9795D3BCA76AF13F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\84A2B46709A1C2AD3549DC487D19DD2D_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85AD40FA06D8BAA0F3EF19FEADAD841C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7F5957E21C80BEB167972DB3F47B7EEC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87A631A3F214C8188BBF7A56738390BE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85F14A9115B2AEF734847B44C734C17F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B46C130C61FF71BCACE09D37D049972_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C0C0A16FD287AFBA96594629DB24FEC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8CD69782920E83C529780BB03E8427E2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8E7BEBAAA33ED7E1149CF073EAE616C2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8FFDEAAF155F2F96A23FB3550954EA2A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\904FBE8C87B8C3A9F232844E301B732F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\90F125FB74815DCFF5296B7686707869_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\91F1F023847148749A54F56D5F94A348_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93C10FA14CD204E58D94B63470B379E4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\99AE45643CDE521B44F0466FFCB39B20_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9AFAE2FBB472E2EB56890FF489581873_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\881E50341DACA4290044D19DB6E5D278_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F2D63AE3411EE15F270B529A5504010_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F2F3B405A5AA3EE618E8160780D04FD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8922CF0B241071A683AABD045F034C74_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A27A0A9518083D0514946E49CCDE146_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\88C161583D9A0FED3EF40E054496BB36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A09DAA7A43842BDF4C0CF3C6E12B76CD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C883AFEE1083290889C703AE65C8F00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A1A90C57BDE9BE291C080AB73D276687_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AEE534174B691C02170BF6ACFD83B7D7_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF4C4237C45180AD5C33CF1436AFBCF4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B027A7291597558D71AD1BB43FC04143_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B0F67F01EC8E458532C492CE10FE14C9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B19FBC766DF7AA1D3BCF4EFF3F9ACBC2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B395E7F44DC668E88344C8B90B9161BE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A01FAEC95D9BAF8357A13DE3E7CA8088_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A52C765B2C3AEFF24FC4948C1126947C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B423E7D1F3993D163C3FFDDF43CB64B5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AC8667F051BAB52F2D960A9DC77475B4_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB635AFB0622D025A6452E9F30669A9B_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B992108334F68A63352FFC9639715A36_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA0CE9B51249454514DAFF6781D2B674_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B57C20031F840B9A28D757F9134BAB84_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B6947B671D8F796507FF062B63E56A50_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7833A04B0C60FB195217D12551B44E0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C1F575CF6214D3CABB0E31B318A2457F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4A202C2568D0BED171776484E07789A_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2E40AC265D09684D87F81FD5E76D8FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C79A17FB32BE414343F170445B2CF2F9_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D1D9F1812E00B6AF04088310664A6CE6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D4EC6E581CCA52979527F94344CE4977_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5A04E17A1E189214CC70EF287AACBB6_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5F1C94F53A1ADE0D98015BD6D1AB4A1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D859AECBA502AB960BFD61496593404C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D85A8A679CBF3D70EA72FB278F74E2DE_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C35F5E760B452660657A627168C1F9C2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C7B802FA4C1A6F29FC207FAED5F1A92C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA8150B4E030C46A341DF76169A53900_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D6262D5C39E8121525C5F20D33298588_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9D8637DD9848831E2973C505150A272_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9A422FBBF03893D4FD1D63B42235D00_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DF2BA527FEF79DE1B7887C164B244BEF_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DA5471041BCFEC9BFBB8D9FF68675C3E_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C6519FD052C31DFD2D9F3E732A71B352_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DB2330041D98134FCCF6980D3A51BBAA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E8CA9429EE53A94F02BAEC96B365744D_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB22B0251EF6424B2C71BEC3919F5A7F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDB6242B9B74B5D710947389F84259C0_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EBCB3AB5C9DD9B506C96E7AB9097F1CB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDECBE5FB50880D92F388565176BA7D5_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE846EBD76BFFCE98A9FCD5F7F5245AD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F03CA81B6451A5F59D16A856995735FA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDBC3B662513F2874A42E68D2D561FCA_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E57B1841FA53F72CD7754CCAEB9BDF46_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F27F62A9ED956C099A9BDE1AE3DA3383_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F34FED11F0D3C2F65558C1113CC843FD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F5314E9C8FEC74F3E6F48A987A04ED32_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F1EAEB1464584E47142EAFB5AB8360DC_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DDB2799D0C7A32AE0A2FCC8143893FAB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB96132C6C57D1425D81577241E62D8F_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F630D4BF73A8E37A45D746DC5BC9995C_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F7BFA5F93CB8CAC92B5493263ADB85A1_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8FEDF2798147666E50002142006EC05_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF454B01D48EA18855E328DC9C627103_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F36FA9A482205D85CFACF0FD713019EB_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F5ABA474CDCE2D3CABA10B579D3936A2_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F1FA172D69EC78E703A9AAEB293D07BD_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF9FFA23707CB26A0E664D8863487946_D01840F4-3EF6-4CFE-B8D0-AE09ABB06D19</li> <li>C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_0</li> <li>C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_1</li> <li>C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_2</li> <li>C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\DATA_3</li> <li>C:\PROGRAM FILES (X86)\STEAM\CONFIG\HTMLCACHE\INDEX</li> <li>C:\BOOT\BCD</li> </ul> <hr noshade="noshade" style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" /> <h2 style="color: rgb(0, 0, 0); text-transform: none; line-height: normal; text-indent: 0px; letter-spacing: normal; font-family: verdana; font-style: normal; font-variant: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <font color="#5a6ed2" face="Arial">Options</font></h2> <p><span style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Scanning engines:</span></p> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"></ul> <p><span style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; float: none; display: inline !important; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;">Scanning options:</span></p> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"> <li>Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR TMP</li> <li>Use advanced heuristics</li> </ul> <hr noshade="noshade" style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" /> <h6> Copyright © 1998-2009<a href="http://support.f-secure.com/"><span class="Apple-converted-space"> </span>Product support</a><span class="Apple-converted-space"> </span>|<span class="Apple-converted-space"> </span><a href="http://support.f-secure.com//enu/home/virusproblem/sample/">Send virus sample to F-Secure</a></h6> <h6> F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.</h6> <ul style="font: 13px/normal verdana; color: rgb(0, 0, 0); text-transform: none; text-indent: 0px; letter-spacing: normal; word-spacing: 0px; white-space: normal; orphans: 2; widows: 2; font-size-adjust: none; font-stretch: normal; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;"></ul>
-
I tried to run ESET scan but it did not work. I clicked on the button to run the scan, then accepted the terms and agreement. The window goes blank with a little ('unclickable') icon the looks like a placeholder for an image.
-
Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.02.19.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Travis :: TRAVIS-PC [administrator] 2/19/2013 8:28:32 PM mbam-log-2013-02-19 (20-28-32).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 256197 Time elapsed: 4 minute(s), Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:35:51 PM, on 2/19/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe C:\Users\Travis\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120821191715.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Device Handle Service - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\AsHookDevice.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12164 bytes No problems with running the programs. The system seems to not access the hard drive as much as it used to and seems to be more stable.
-
I had to run ComboFix in safe mode in order for it to finish. Otherwise it would freeze during the scan. With the exception of the odd behaviour of the program, it seems like the computer is running okay... ComboFix 13-02-15.01 - Travis 02/17/2013 0:34.3.2 - x64 MINIMAL Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4847 [GMT -7:00] Running from: c:\users\Travis\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2013-01-17 to 2013-02-17 ))))))))))))))))))))))))))))))) . . 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\TMA\AppData\Local\temp 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\Jennie\AppData\Local\temp 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-17 02:39 . 2013-02-17 02:39 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 02:39 . 2013-02-17 02:39 -------- d-----w- c:\program files (x86)\Java 2013-02-17 00:47 . 2013-02-17 00:47 -------- d-----w- c:\users\Travis\AppData\Roaming\SUPERAntiSpyware.com 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\users\TMA\AppData\Roaming\SUPERAntiSpyware.com 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2013-02-16 00:59 . 2013-02-16 03:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-02-16 00:59 . 2009-01-25 19:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe 2013-02-16 00:58 . 2013-02-16 00:59 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2013-02-13 14:45 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:45 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:39 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 14:39 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 14:39 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 14:39 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 14:39 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 14:39 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 14:39 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 14:39 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 14:39 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 14:39 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 14:38 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 14:38 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-11 02:41 . 2013-02-11 02:41 -------- d-----w- c:\users\TMA\AppData\Roaming\Malwarebytes 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\programdata\ATI 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\programdata\AMD 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\AMD AVT 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\AMD APP 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\users\Travis\AppData\Roaming\Malwarebytes 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\programdata\Malwarebytes 2013-02-10 02:43 . 2012-12-14 23:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-02-09 02:41 . 2013-02-10 03:47 -------- d-----w- C:\DBClass 2013-02-09 02:15 . 2013-02-09 02:15 -------- d-----w- c:\users\TMA\Oracle 2013-02-06 22:58 . 2013-02-11 02:33 -------- d-----w- c:\users\TMA\AppData\Local\Netscape 2013-02-02 04:49 . 2008-10-15 13:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll 2013-02-01 04:26 . 2013-02-17 04:51 -------- d-----w- c:\program files (x86)\Common Files\Steam 2013-02-01 04:26 . 2013-02-17 07:07 -------- d-----w- c:\program files (x86)\Steam 2013-01-30 22:41 . 2013-01-30 22:43 -------- d-----w- c:\programdata\AlawarWrapper 2013-01-30 22:41 . 2013-01-30 22:41 -------- d-----w- c:\program files (x86)\Alawar 2013-01-27 21:47 . 2013-01-27 21:47 -------- d-----w- C:\oraclexe 2013-01-27 21:41 . 2013-01-27 21:41 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Oracle 2013-01-27 21:32 . 2013-01-27 21:32 -------- d-----w- c:\users\Travis\Oracle 2013-01-23 01:28 . 2013-02-13 03:40 -------- d-----w- c:\users\TMA\AppData\Roaming\Skype 2013-01-23 01:27 . 2013-01-23 01:28 -------- d-----r- c:\program files (x86)\Skype 2013-01-23 01:27 . 2013-01-23 01:27 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-01-23 01:27 . 2013-01-23 01:28 -------- d-----w- c:\programdata\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-17 02:39 . 2012-08-12 22:22 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-02-17 02:39 . 2012-08-12 22:22 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-13 14:48 . 2012-07-27 19:38 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-09 23:46 . 2012-08-07 16:08 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-09 23:46 . 2012-08-07 16:08 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-01-04 04:43 . 2013-02-13 14:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-26 16:55 . 2012-07-27 23:32 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-12-26 16:52 . 2012-06-22 14:38 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-12-26 16:52 . 2012-07-27 23:25 182312 ----a-w- c:\windows\system32\mfevtps.exe 2012-12-26 16:51 . 2012-07-27 23:32 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-12-26 16:51 . 2012-07-27 23:32 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-12-26 16:50 . 2012-06-22 14:36 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-12-26 16:49 . 2012-07-27 23:32 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-12-26 16:49 . 2012-07-27 23:32 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-12-26 16:48 . 2012-06-22 14:34 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-12-16 17:11 . 2012-12-22 01:53 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 01:53 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:53 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:53 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-10 01:12 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-10 01:12 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-10 01:12 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-10 01:12 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-10 01:12 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-10 01:12 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-10 01:12 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-10 01:12 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-10 01:12 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-10 01:12 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-10 01:12 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-10 01:12 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-10 01:12 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-10 01:12 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-10 01:12 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-10 01:12 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-10 01:12 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-10 01:12 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-10 01:12 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-10 01:12 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-10 01:12 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-10 01:12 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-10 01:12 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-10 01:12 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-10 01:12 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-07 10:46 . 2013-01-10 01:12 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-11-30 05:45 . 2013-01-10 01:11 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-10 01:11 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-10 01:11 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-10 01:11 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-10 01:11 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-10 01:11 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-10 01:11 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-08-20 225280] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-01-15 1534504] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 946352] "MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704] "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 238080] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe [2009-08-20 196608] R2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-12-26 218320] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-26 182312] R2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x] R2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3289208] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-26 69672] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-26 515528] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-26 106112] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720] R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-27 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-12-26 339776] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2013-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 23:46] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 23:39] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 23:39] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1001Core.job - c:\users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 19:25] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1001UA.job - c:\users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 19:25] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1005Core.job - c:\users\TMA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01 17:32] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1005UA.job - c:\users\TMA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01 17:32] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-24 7833120] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-05-24 1833504] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\h4g6fpjx.default\ FF - ExtSQL: 2013-02-16 17:44; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: !HIDDEN! 2012-07-30 20:55; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) Notify-SDWinLogon - SDWinLogon.dll Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-02-17 00:43:31 ComboFix-quarantined-files.txt 2013-02-17 07:43 . Pre-Run: 877,525,282,816 bytes free Post-Run: 876,875,022,336 bytes free . - - End Of File - - C35895549C6635E9BB22718F3A8F65EA
-
Scan came back clean. Everything appears to be in working order. Internet, firewall, and Microsoft Update appears to be in working order.
-
http://www.2shared.com/document/M_8QNHCz/TDSSKiller28160_17022013_01185.html aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-17 01:23:58 ----------------------------- 01:23:58.639 OS Version: Windows x64 6.1.7601 Service Pack 1 01:23:58.639 Number of processors: 2 586 0x170A 01:23:58.640 ComputerName: TRAVIS-PC UserName: Travis 01:24:00.020 Initialize success 01:33:47.959 AVAST engine defs: 13021602 01:34:02.325 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 01:34:02.327 Disk 0 Vendor: Hitachi_HDT721010SLA360 ST6OA31B Size: 953869MB BusType: 3 01:34:02.337 Disk 0 MBR read successfully 01:34:02.339 Disk 0 MBR scan 01:34:02.350 Disk 0 unknown MBR code 01:34:02.353 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 63 01:34:02.370 Disk 0 scanning C:\Windows\system32\drivers 01:34:15.441 Service scanning 01:34:49.368 Modules scanning 01:34:49.373 Disk 0 trace - called modules: 01:34:49.380 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 01:34:49.384 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80061a2060] 01:34:49.387 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8005174e40] 01:34:49.392 5 ACPI.sys[fffff88000f617a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005bf4060] 01:34:50.830 AVAST engine scan C:\Windows 01:34:57.379 AVAST engine scan C:\Windows\system32 01:40:31.895 AVAST engine scan C:\Windows\system32\drivers 01:40:43.044 AVAST engine scan C:\Users\Travis 01:44:29.015 AVAST engine scan C:\ProgramData 01:45:47.564 Scan finished successfully 01:46:06.603 Disk 0 MBR has been saved successfully to "C:\Users\Travis\Desktop\MBR.dat" 01:46:06.607 The log file has been saved successfully to "C:\Users\Travis\Desktop\aswMBR.txt"
-
ComboFix 13-02-15.01 - Travis 02/17/2013 0:34.3.2 - x64 MINIMAL Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4847 [GMT -7:00] Running from: c:\users\Travis\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2013-01-17 to 2013-02-17 ))))))))))))))))))))))))))))))) . . 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\TMA\AppData\Local\temp 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\Jennie\AppData\Local\temp 2013-02-17 07:41 . 2013-02-17 07:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-02-17 02:39 . 2013-02-17 02:39 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 02:39 . 2013-02-17 02:39 -------- d-----w- c:\program files (x86)\Java 2013-02-17 00:47 . 2013-02-17 00:47 -------- d-----w- c:\users\Travis\AppData\Roaming\SUPERAntiSpyware.com 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\users\TMA\AppData\Roaming\SUPERAntiSpyware.com 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-02-17 00:16 . 2013-02-17 00:16 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2013-02-16 00:59 . 2013-02-16 03:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2013-02-16 00:59 . 2009-01-25 19:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe 2013-02-16 00:58 . 2013-02-16 00:59 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2 2013-02-13 14:45 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:45 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 14:39 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 14:39 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-02-13 14:39 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-02-13 14:39 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 14:39 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-02-13 14:39 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-02-13 14:39 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-02-13 14:39 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-02-13 14:39 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-02-13 14:39 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-02-13 14:38 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 14:38 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-11 02:41 . 2013-02-11 02:41 -------- d-----w- c:\users\TMA\AppData\Roaming\Malwarebytes 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\programdata\ATI 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\programdata\AMD 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\AMD AVT 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\AMD APP 2013-02-10 20:31 . 2013-02-10 20:31 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\users\Travis\AppData\Roaming\Malwarebytes 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\programdata\Malwarebytes 2013-02-10 02:43 . 2012-12-14 23:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-10 02:43 . 2013-02-10 02:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-02-09 02:41 . 2013-02-10 03:47 -------- d-----w- C:\DBClass 2013-02-09 02:15 . 2013-02-09 02:15 -------- d-----w- c:\users\TMA\Oracle 2013-02-06 22:58 . 2013-02-11 02:33 -------- d-----w- c:\users\TMA\AppData\Local\Netscape 2013-02-02 04:49 . 2008-10-15 13:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll 2013-02-02 04:49 . 2008-10-15 13:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll 2013-02-01 04:26 . 2013-02-17 04:51 -------- d-----w- c:\program files (x86)\Common Files\Steam 2013-02-01 04:26 . 2013-02-17 07:07 -------- d-----w- c:\program files (x86)\Steam 2013-01-30 22:41 . 2013-01-30 22:43 -------- d-----w- c:\programdata\AlawarWrapper 2013-01-30 22:41 . 2013-01-30 22:41 -------- d-----w- c:\program files (x86)\Alawar 2013-01-27 21:47 . 2013-01-27 21:47 -------- d-----w- C:\oraclexe 2013-01-27 21:41 . 2013-01-27 21:41 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Oracle 2013-01-27 21:32 . 2013-01-27 21:32 -------- d-----w- c:\users\Travis\Oracle 2013-01-23 01:28 . 2013-02-13 03:40 -------- d-----w- c:\users\TMA\AppData\Roaming\Skype 2013-01-23 01:27 . 2013-01-23 01:28 -------- d-----r- c:\program files (x86)\Skype 2013-01-23 01:27 . 2013-01-23 01:27 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-01-23 01:27 . 2013-01-23 01:28 -------- d-----w- c:\programdata\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-17 02:39 . 2012-08-12 22:22 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-02-17 02:39 . 2012-08-12 22:22 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-13 14:48 . 2012-07-27 19:38 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-02-09 23:46 . 2012-08-07 16:08 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-09 23:46 . 2012-08-07 16:08 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-01-04 04:43 . 2013-02-13 14:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-26 16:55 . 2012-07-27 23:32 69672 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-12-26 16:52 . 2012-06-22 14:38 339776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-12-26 16:52 . 2012-07-27 23:25 182312 ----a-w- c:\windows\system32\mfevtps.exe 2012-12-26 16:51 . 2012-07-27 23:32 10288 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-12-26 16:51 . 2012-07-27 23:32 106112 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-12-26 16:50 . 2012-06-22 14:36 771096 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-12-26 16:49 . 2012-07-27 23:32 515528 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-12-26 16:49 . 2012-07-27 23:32 309400 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-12-26 16:48 . 2012-06-22 14:34 178840 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2012-12-16 17:11 . 2012-12-22 01:53 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 01:53 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:53 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 01:53 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-10 01:12 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-10 01:12 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-10 01:12 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-10 01:12 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-10 01:12 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-10 01:12 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-10 01:12 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-10 01:12 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-10 01:12 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-10 01:12 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-10 01:12 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-10 01:12 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-10 01:12 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-10 01:12 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-10 01:12 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-10 01:12 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-10 01:12 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-10 01:12 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-10 01:12 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-10 01:12 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-10 01:12 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-10 01:12 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-10 01:12 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-10 01:12 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-10 01:12 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-10 01:12 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-10 01:12 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-12-07 10:46 . 2013-01-10 01:12 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-11-30 05:45 . 2013-01-10 01:11 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-10 01:11 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-10 01:11 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-10 01:11 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-10 01:11 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-10 01:11 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-10 01:11 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-10 01:11 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-08-20 225280] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-01-15 1534504] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 946352] "MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704] "SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 238080] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe [2009-08-20 196608] R2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-12-26 218320] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-26 182312] R2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [x] R2 OracleXETNSListener;OracleXETNSListener;c:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3289208] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-12-26 69672] R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-12-26 515528] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-12-26 106112] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720] R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-27 1255736] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976] R4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [x] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-12-26 339776] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2013-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 23:46] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 23:39] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 23:39] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1001Core.job - c:\users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 19:25] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1001UA.job - c:\users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27 19:25] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1005Core.job - c:\users\TMA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01 17:32] . 2013-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3394610304-1409485003-3043593587-1005UA.job - c:\users\TMA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01 17:32] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Travis\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-12-18 02:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-24 7833120] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-05-24 1833504] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\h4g6fpjx.default\ FF - ExtSQL: 2013-02-16 17:44; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: !HIDDEN! 2012-07-30 20:55; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) Notify-SDWinLogon - SDWinLogon.dll Toolbar-Locked - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-02-17 00:43:31 ComboFix-quarantined-files.txt 2013-02-17 07:43 . Pre-Run: 877,525,282,816 bytes free Post-Run: 876,875,022,336 bytes free . - - End Of File - - C35895549C6635E9BB22718F3A8F65EA
-
After booting into safe mode, I ran Combofix. Combofix announced that McAfee was still running. I checked all system processes and none of those which were running were from McAfee. Combofix said it would run regardless. I closed the program and rebooted to post this reply.
-
Attempted Combofix twice. Both times, the program ceased to work. The first time, right after announcing that it was going to run the log files. The second time, during task 50. I restarted the computer after the second time.
-
# AdwCleaner v2.112 - Logfile created 02/16/2013 at 21:44:52 # Updated 10/02/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Travis - TRAVIS-PC # Boot Mode : Normal # Running from : C:\Users\Travis\Desktop\adwcleaner0.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Travis\AppData\Local\APN ***** [Registry] ***** Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51- 7695ECA05670} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. -\\ Mozilla Firefox v16.0.2 (en-US) File : C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\h4g6fpjx.default\prefs.js [OK] File is clean. File : C:\Users\Jennie\AppData\Roaming\Mozilla\Firefox\Profiles\otacxcil.default\prefs.js [OK] File is clean. File : C:\Users\TMA\AppData\Roaming\Mozilla\Firefox\Profiles\ug8b9nhc.default\prefs.js [OK] File is clean. -\\ Google Chrome v24.0.1312.57 File : C:\Users\Travis\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\TMA\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [1501 octets] - [16/02/2013 21:44:52] ########## EOF - C:\AdwCleaner[s1].txt - [1561 octets] ########## RogueKiller V8.5.1 [Feb 12 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Travis [Admin rights] Mode : Remove -- Date : 02/16/2013 21:58:23 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [TASK][sUSP PATH] ExpressReminder : C:\Users\TMA\AppData\Roaming\NCH Software\Program Files\Express\express.exe -shakeicon [7] -> DELETED [TASK][sUSP PATH] ScribeReminder : C:\Users\TMA\AppData\Roaming\NCH Software\Program Files\Scribe\scribe.exe -shakeicon [7] -> DELETED [HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDT721010SLA360 ATA Device +++++ --- User --- [MBR] f309ce3b4d4970681f6bedb86adee263 [bSP] ad2d9e326214911cd3de519a19b11a09 : Standard MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_D_02162013_02d2158.txt >>
-
Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.70.0.1100 JavaFX 2.1.1 Java 7 Update 13 Java version out of Date! Adobe Flash Player 11.5.502.149 Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Firefox 16.0.2 Firefox out of Date! Google Chrome 24.0.1312.56 Google Chrome 24.0.1312.57 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log`````````````````````` DDS (Ver_2012-11-20.01) - NTFS_AMD64 (DDS FILE) Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2 Run by Travis at 21:33:13 on 2013-02-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.3146 [GMT -7:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Windows\System32\svchost.exe -k HPZ12 c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe C:\Program Files (x86)\ATI Technologies\HydraVision\Grid64.exe C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD64.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Travis\Downloads\Defogger.exe C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Travis\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java \jre7\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee \SystemCore\ScriptSn.20120821191715.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype \Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee \SiteAdvisor\McIEPlg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee \SiteAdvisor\McIEPlg.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [Google Update] "C:\Users\Travis\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent uRun: [Grid] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe" uRun: [HydraVisionMDEngine] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraMD.exe" uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C: \Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Travis\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll TCP: NameServer = 192.168.0.1 TCP: Interfaces\{D87950B7-9327-48C0-AD35-9CB8A956D063} : DHCPNameServer = 192.168.0.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee \MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee \SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor \McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype \Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files \Skype\Skype4COM.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java \jre7\bin\ssv.dll x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee \SystemCore\ScriptSn.20120727163251.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java \jre7\bin\jp2ssv.dll x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee \MSC\McSnIePl64.dll x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee \SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee \SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\h4g6fpjx.default\ FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Users\Travis\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-02-16 17:44; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - ExtSQL: !HIDDEN! 2012-07-30 20:55; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-6-22 771096] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-6-22 339776] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-16 238080] R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync \FreeAgentService.exe [2009-9-25 189736] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee \McSvcHost\McSvHost.exe [2012-11-14 201304] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost \McSvHost.exe [2012-11-14 201304] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-14 201304] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-11-14 201304] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-7-27 241016] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-7-27 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-7-27 182312] R2 OracleServiceXE;OracleServiceXE;c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE --> c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [?] R2 OracleXETNSListener;OracleXETNSListener;C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE [2011-8-27 512000] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-15 1103392] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-15 1369624] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-15 168384] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3289208] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-7-27 69672] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-7-27 309400] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-7-27 515528] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows \System32\drivers\nx6000.sys [2010-5-20 36720] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows \Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows \Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2012-7-27 196608] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-14 196440] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-7-27 106112] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-27 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7 -27 1255736] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server \100\Shared\sqladhlp.exe [2009-7-22 61976] S4 OracleJobSchedulerXE;OracleJobSchedulerXE;c:\oraclexe\app\oracle\product\11.2.0\server\Bin \extjob.exe XE --> c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [?] S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server \MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880] . =============== Created Last 30 ================ . 2013-02-17 02:39:21 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-02-17 00:47:35 -------- d-----w- C:\Users\Travis\AppData\Roaming \SUPERAntiSpyware.com 2013-02-17 00:16:31 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2013-02-17 00:16:31 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2013-02-16 00:59:12 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-02-16 00:59:02 17272 ----a-w- C:\Windows\System32\sdnclean64.exe 2013-02-16 00:58:56 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-02-13 14:45:27 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX \VGX.dll 2013-02-13 14:45:27 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared \VGX\VGX.dll 2013-02-13 14:39:37 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-13 14:39:36 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-13 14:39:36 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-13 14:39:25 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 14:39:16 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-13 14:39:15 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-13 14:39:15 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-13 14:39:14 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-13 14:39:14 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-13 14:39:10 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-13 14:38:49 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-13 14:38:48 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-10 20:31:40 -------- d-----w- C:\ProgramData\AMD 2013-02-10 20:31:38 -------- d-----w- C:\Program Files (x86)\AMD AVT 2013-02-10 20:31:33 -------- d-----w- C:\Program Files (x86)\AMD APP 2013-02-10 20:31:28 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2013-02-10 02:43:57 -------- d-----w- C:\Users\Travis\AppData\Roaming\Malwarebytes 2013-02-10 02:43:32 -------- d-----w- C:\ProgramData\Malwarebytes 2013-02-10 02:43:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-02-10 02:43:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti- Malware 2013-02-09 02:41:43 -------- d-----w- C:\DBClass 2013-02-02 04:49:58 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll 2013-02-02 04:49:58 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll 2013-02-02 04:49:58 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll 2013-02-02 04:49:58 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll 2013-02-02 04:49:56 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll 2013-02-02 04:49:56 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll 2013-02-01 04:26:53 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-02-01 04:26:43 -------- d-----w- C:\Program Files (x86)\Steam 2013-01-30 22:42:31 -------- d-----w- C:\Users\Travis\AppData\Local\APN 2013-01-30 22:41:56 -------- d-----w- C:\ProgramData\AlawarWrapper 2013-01-30 22:41:37 -------- d-----w- C:\Program Files (x86)\Alawar 2013-01-27 21:47:01 -------- d-----w- C:\oraclexe 2013-01-27 21:32:16 -------- d-----w- C:\Users\Travis\Oracle 2013-01-23 01:27:52 -------- d-----r- C:\Program Files (x86)\Skype . ==================== Find3M ==================== . 2013-02-17 02:39:09 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-02-17 02:39:09 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-09 23:46:15 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-09 23:46:15 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-26 16:55:26 69672 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2012-12-26 16:52:44 339776 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2012-12-26 16:52:34 182312 ----a-w- C:\Windows\System32\mfevtps.exe 2012-12-26 16:51:34 10288 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2012-12-26 16:51:24 106112 ----a-w- C:\Windows\System32\drivers\mferkdet.sys 2012-12-26 16:50:48 771096 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2012-12-26 16:49:42 515528 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2012-12-26 16:49:00 309400 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2012-12-26 16:48:30 178840 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1- 0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe 2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll 2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll . ============= FINISH: 21:33:56.23 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) (ATTACH FILE) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/27/2012 11:17:29 AM System Uptime: 2/16/2013 5:43:37 PM (4 hours ago) . Motherboard: ASUSTeK Computer INC. | | CM5571 Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz | LGA775 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 932 GiB total, 817.601 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP100: 2/10/2013 1:27:38 PM - Device Driver Package Install: Advanced Micro Devices, Inc. Display adapters RP101: 2/13/2013 7:43:21 AM - Windows Update RP102: 2/16/2013 7:38:13 PM - Installed Java 7 Update 13 . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer 7-Zip 9.20 (x64 edition) Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.5) Advertising Center AI Manager alien_crossfire alpha_centauri Amazon Send to Kindle AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders Apache Longbow ASUSUpdate Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver Atheros Ethernet Utility ATI AVIVO64 Codecs BitTorrent BufferChm calibre 64bit Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Coupon Printer for Windows Crystal Reports for Visual Studio D1600 Derive 6 DeviceDiscovery DJ_SF_06_D1600_SW_Min Dotfuscator Software Services - Community Edition Dropbox EPU-4 Engine Farm Frenzy 2 Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin USB Drivers GOG.com Downloader version 3.3.14 Google App Engine Google Chrome Google Drive Google Earth Plug-in Google Talk Plugin Google Update Helper GPBaseService2 Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054) HP Customer Participation Program 14.0 HP Deskjet D1600 Printer Driver Software 14.0 Rel. 6 HP Imaging Device Functions 14.0 HP Photo Creations HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply HydraVision ImagXpress Java 7 Update 13 Java 7 Update 7 (64-bit) Java Auto Updater Java SE Development Kit 7 Update 7 (64-bit) JavaFX 2.1.1 Malwarebytes Anti-Malware version 1.70.0.1100 MarketResearch McAfee SecurityCenter Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation Microsoft Help Viewer 1.0 Microsoft LifeCam Microsoft Mathematics (64-bit) Microsoft Mathematics Add-in (32-bit) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Management Objects (x64) Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server 2012 Setup (English) Microsoft SQL Server Compact 3.5 Design Tools ENU Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft Sync Framework Runtime v1.0 SP1 (x64) Microsoft Sync Framework SDK v1.0 SP1 Microsoft Sync Framework Services v1.0 SP1 (x64) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Visual C# 2008 Express Edition - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual F# 2.0 Runtime Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Office Developer Tools (x64) Microsoft Visual Studio 2010 Professional - ENU Microsoft Visual Studio 2010 SharePoint Developer Tools Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio Macro Tools Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 Morrowind Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Neverwinter Nights Diamond Edition Oracle Database 11g Express Edition Python 2.7.3 Realtek High Definition Audio Driver Seagate Manager Installer Secure Download Manager Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2251489) Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980) Security Update for Microsoft Visual Studio Macro Tools (KB2669970) SEGA Genesis Classics Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Shared C Run-time for x64 Shop for HP Supplies Sid Meier's Alpha Centauri Skype Click to Call Skype™ 6.1 SmartWebPrinting SolutionCenter SpiderOak Spybot - Search & Destroy Sql Server Customer Experience Improvement Program Status Steam SUPERAntiSpyware System Requirements Lab CYRI TES Construction Set The Witcher Enhanced Edition Director's Cut Toolbox TrayApp Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VC Runtimes MSI Visual Studio 2010 Prerequisites - English Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU Warlock - Master of the Arcane Web Deployment Tool WebReg Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) World of Warcraft FREE Trial Worlds of Ultima - The Savage Empire . ==== Event Viewer Messages From Past Week ======== . 2/16/2013 8:42:42 PM, Error: Application Popup [1060] - \??\C:\Users\Travis\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 2/16/2013 8:40:48 PM, Error: Service Control Manager [7034] - The Device Handle Service service terminated unexpectedly. It has done this 1 time(s). 2/16/2013 6:02:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 2/16/2013 6:02:17 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 2/16/2013 6:02:05 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/16/2013 5:43:52 PM, Error: amdkmdag [43038] - EDID contain an error in the RangeLimit field 2/15/2013 8:34:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F- 4110-AB43-1604DA9B4F40} 2/15/2013 8:33:46 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166- 11D1-B1D0-00805FC1270E} 2/15/2013 8:33:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A- 11D8-B9A5-505054503030} 2/15/2013 8:33:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08- 4F1F-BEB7-5C22C517CE39} 2/15/2013 8:33:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419- 11D9-A5B4-001185AD2B89} 2/15/2013 8:33:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766- 5536-11D1-B726-00C04FB926AF} 2/15/2013 8:33:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/15/2013 8:33:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO DfsC discache mfehidk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 2/15/2013 8:33:20 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:20 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:20 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:20 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:33:19 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/15/2013 8:25:31 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The media is write protected. 2/15/2013 8:25:23 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 2/15/2013 8:25:23 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846. 2/15/2013 8:25:23 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure. 2/15/2013 8:25:23 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032. 2/15/2013 6:03:58 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 2/15/2013 6:03:58 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 2/15/2013 6:03:58 PM, Error: Service Control Manager [7001] - The Application Information service depends on the User Profile Service service which failed to start because of the following error: The service has not been started. 2/15/2013 6:03:58 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure. 2/15/2013 6:03:58 PM, Error: Service Control Manager [7000] - The hpqcxs08 service failed to start due to the following error: A system shutdown is in progress. 2/15/2013 6:03:58 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure. 2/15/2013 6:03:58 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: A system shutdown is in progress. 2/15/2013 6:03:55 PM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 2/11/2013 3:41:44 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds. 2/10/2013 9:20:58 AM, Error: atikmdag [43029] - Display is not active 2/10/2013 8:59:51 AM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter . ==== End Of File =========================== No problems running the programs.
-
Hello. I recently ran Spybot Rootkit Scan on my computer which discovered PhysicalDrive0 as a possible rootkit scan. However, Malwarebytes Anti-Malware scan does not discover this possible threat. I did recently discover a virus on my computer which has since been removed. Though the system seems to run much better now, I am concerned that there may still be an infection. Please help. Thank you, Travis GMER 2.1.18952 - http://www.gmer.net Rootkit scan 2013-02-16 20:53:57 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDT721010SLA360 rev.ST6OA31B 931.51GB Running: jop1smfp.exe; Driver: C:\Users\Travis\AppData\Local\Temp\pwliipob.sys ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ---- Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2013.02.16.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Travis :: TRAVIS-PC [administrator] 2/16/2013 8:32:18 PM mbam-log-2013-02-16 (20-32-18).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 253673 Time elapsed: 3 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)