Jump to content

Browser Redirect Problem -- usually to www.infoflashes.com


jampa

Recommended Posts

Hi!

I have been following other forum suggestions on trying to clean this out. But, I still have redirects! I had "Recommended for You" popups that would hang out on the lower right part of the browser window. I followed the directions of this topic : http://forums.malwarebytes.org/index.php?showtopic=109884. I used RogueKiller, TDSSKiller, Combofix, and Malawarebytes. Although, I haven't seen the "Recommended for You" Popups lately, I still have redirects... mostly to www.infoflashes.com.

I also have ad-aware and avg free versions installed, and they have found nothing. I have been looking at the forums on "browser redirects" and have noticed that they also recommend using the Combofix and Malawarebytes fixes. Maybe I don't know what I am looking for! Any help would be appreciated!

Link to post
Share on other sites

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I need to get some reports to get a base to start from so I need you to run these programs first.

-DeFogger-

  • Please download
DeFogger to your desktop.
Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK

Do not re-enable these drivers until otherwise instructed.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:
    dds_scr.gif
    Download DDS and save it to your desktop
Link1
Link2
Link3
  • Double-Click on dds.scr and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt

    [*]A window will open instructing you save & post the logs

    [*]Save the logs to a convenient place such as your desktop

    [*]Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following
  1. both reports from DDS
  2. report from security check
  3. let me know of any problems you may have had

Gringo

Link to post
Share on other sites

Hi Gringo! Thanks for helping.

--SECURITY CHECK --

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

AVG Anti-Virus Free Edition 2013

Lavasoft Ad-Aware

Antivirus up to date! (On Access scanning disabled!)

`````````Anti-malware/Other Utilities Check:`````````

Ad-Aware

Malwarebytes Anti-Malware version 1.65.1.1000

Java 7 Update 9

Adobe Flash Player 10 Flash Player out of Date!

Adobe Flash Player 11.4.402.265 Flash Player out of Date!

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Thunderbird (17.0.)

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.91

Google Chrome 23.0.1271.95

````````Process Check: objlist.exe by Laurent````````

Ad-Aware AAWService.exe is disabled!

Ad-Aware AAWTray.exe is disabled!

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

AVG avgwdsvc.exe

Ad-Aware Antivirus AdAwareService.exe

Ad-Aware Antivirus SBAMSvc.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

--DDS--

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2

Run by Vanessa at 8:07:51 on 2012-12-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.9655.7069 [GMT -6:00]

.

AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\IDT\WDM\Beats64.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Windows\SysWOW64\RunDll32.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe

C:\Windows\system32\wuauclt.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\adawaretb\ffHelper.exe

C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

C:\PROGRA~2\AD-AWA~1\AdAware.exe

C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

C:\Users\Vanessa\Desktop\RogueKiller.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\RunDLL32.exe

C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Roaming\Spotify\spotify.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Java\jre7\bin\javaw.exe

C:\Windows\system32\taskhost.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\WUDFHost.exe

C:\Users\Vanessa\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\notepad.exe

C:\Windows\system32\RunDLL32.exe

C:\Users\Vanessa\Desktop\Defogger.exe

C:\Users\Vanessa\Desktop\SecurityCheck.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\svchost.exe -k defragsvc

C:\Windows\SysWOW64\notepad.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=FF39850081ED7EE5ED016E50BA1400FF

uURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll

mURLSearchHooks: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - <orphaned>

mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll

TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

uRun: [Cookienator] "C:\Program Files (x86)\Cookienator\cookienator.exe" /auto

uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f

uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [EEventManager] C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

mRun: [searchProtection] C:\ProgramData\Search Protection\_run.bat

mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{530CBC6F-D9C1-4B62-9249-34E20626C262} : DHCPNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{E4129584-133A-4DC5-B184-FF6D9E7D6F69} : DHCPNameServer = 209.18.47.61 209.18.47.62

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [beatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-5-14 82048]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-5-14 42624]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-8-7 56208]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]

R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-11-21 1236368]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-5-14 235520]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-6 5814392]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-17 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-17 676936]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-5-14 1128952]

R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2012-5-14 102528]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2012-5-14 219776]

R3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2012-5-14 349736]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-5-14 39464]

R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-5-14 104048]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-17 25928]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-14 54400]

S0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2012-12-1 14456]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HP Support Assistant Service;HP Support Assistant Service;"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-8 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"

ShellExec: PortraitProfessional.exe: open="C:\Program Files (x86)\Portrait Professional 10 Trial\PortraitProfessionalTrial.exe" /P "%1"

.

=============== Created Last 30 ================

.

2012-12-01 14:34:40 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus

2012-12-01 14:29:31 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\LavasoftStatistics

2012-12-01 14:28:50 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2012-12-01 14:28:38 -------- d-----w- C:\Users\Vanessa\AppData\Local\Downloaded Installations

2012-12-01 14:28:32 47496 ----a-w- C:\Windows\System32\sbbd.exe

2012-12-01 14:28:32 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys

2012-12-01 14:28:23 -------- d-----w- C:\ProgramData\Search Protection

2012-12-01 14:28:22 -------- d-----w- C:\Users\Vanessa\AppData\Local\adawarebp

2012-12-01 14:28:22 -------- d-----w- C:\ProgramData\blekko toolbars

2012-12-01 14:28:22 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2012-12-01 14:28:17 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2012-12-01 14:28:12 -------- d-----w- C:\Program Files (x86)\adawaretb

2012-12-01 14:27:54 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\Ad-Aware Antivirus

2012-12-01 14:23:37 -------- d-----w- C:\Program Files (x86)\Cookienator

2012-12-01 14:01:10 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-01 13:55:05 916456 ----a-w- C:\Windows\System32\deployJava1.dll

2012-12-01 13:55:05 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll

2012-12-01 13:54:54 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2012-12-01 13:48:42 -------- d-sh--w- C:\$RECYCLE.BIN

2012-12-01 01:07:25 -------- d-----w- C:\TDSSKiller_Quarantine

2012-11-17 15:10:08 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\Malwarebytes

2012-11-17 15:09:50 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-17 15:09:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-17 15:09:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-17 14:53:00 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\AVG2013

2012-11-17 14:50:39 -------- d-----w- C:\Users\Vanessa\AppData\Roaming\TuneUp Software

2012-11-17 14:50:29 -------- d-----w- C:\ProgramData\AVG2013

2012-11-17 14:50:29 -------- d-----w- C:\$AVG

2012-11-17 14:49:51 -------- d-----w- C:\Program Files (x86)\AVG

2012-11-17 14:48:10 -------- d-----w- C:\Users\Vanessa\AppData\Local\MFAData

2012-11-17 14:48:10 -------- d-----w- C:\Users\Vanessa\AppData\Local\Avg2013

2012-11-17 14:48:10 -------- d-----w- C:\ProgramData\MFAData

2012-11-16 13:42:06 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28CDBE97-7879-4784-AE23-6DD2B3F32678}\mpengine.dll

2012-11-14 09:05:19 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui

2012-11-14 09:05:18 9728 ----a-w- C:\Windows\System32\Wdfres.dll

2012-11-14 09:05:18 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2012-11-14 09:05:18 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys

2012-11-14 03:52:28 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll

.

==================== Find3M ====================

.

2012-10-22 19:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys

2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll

2012-10-15 09:48:50 63328 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll

2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll

2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-10-06 02:46:38 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-10-06 02:46:38 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-10-05 09:32:50 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll

2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll

2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll

2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll

2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll

2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll

2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll

2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll

2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll

2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-10-02 09:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll

2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll

2012-09-21 09:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2012-09-21 09:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-09-14 09:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

.

============= FINISH: 8:08:12.56 ===============

--ATTACH--

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 8/7/2012 6:24:03 PM

System Uptime: 12/2/2012 4:46:56 AM (100 hours ago)

.

Motherboard: MSI | | 2AE0

Processor: AMD A10-5700 APU with Radeon HD Graphics | P0 | 3400/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 1846 GiB total, 1509.227 GiB free.

D: is FIXED (NTFS) - 17 GiB total, 2.11 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 1397 GiB total, 602.013 GiB free.

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is CDROM ()

L: is Removable

M: is Removable

N: is Removable

O: is Removable

P: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP55: 12/1/2012 7:44:58 AM - ComboFix created restore point

RP56: 12/1/2012 7:54:30 AM - Installed Java 7 Update 9 (64-bit)

RP57: 12/1/2012 8:00:30 AM - Installed Java 7 Update 9

RP58: 12/1/2012 8:03:47 AM - Vans Clean Computer 12-1-12

RP59: 12/1/2012 8:23:17 AM - Installed Cookienator

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Ad-Aware Antivirus

Ad-Aware Security Add-on

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Creative Suite 6 Master Collection

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 ActiveX (x64)

Adobe Flash Player 11 Plugin

Adobe Help Manager

Adobe Media Player

Adobe Reader X (10.1.4)

Adobe Widget Browser

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Media Foundation Decoders

AMD Steady Video Plug-In

AMD VISION Engine Control Center

Ashampoo Burning Studio 6 FREE v.6.80

AVG 2013

Bejeweled 3

bl

Blackhawk Striker 2

Bluetooth by hp

Bubble Wrap

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Conduit Engine

Cookienator

Cradle of Rome 2

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DirectX for Managed Code Update (Summer 2004)

Dora's World Adventure

EPSON Attach To Email

EPSON Copy Utility 3

EPSON Event Manager

EPSON Perfection V500 Photo Scanner Driver Update

EPSON Perfection V500P User's Guide

EPSON Scan

EPSON Scan Assistant

Farm Frenzy

Farmscapes

FATE

FileZilla Client 3.6.0.1

Final Drive Fury

GOM Player

Google Chrome

Hewlett-Packard ACLM.NET v1.1.2.0

Hoyle Card Games

HP Application Assistant

HP Auto

HP Calendar

HP Client Services

HP Clock

HP Customer Experience Enhancements

HP Deskjet 1000 J110 series Basic Device Software

HP Deskjet 1000 J110 series Help

HP Games

HP LinkUp

HP Odometer

HP RSS

HP Setup

HP Setup Manager

HP Support Information

HP TouchSmart Background - Beats

HP Update

HP Vision Hardware Diagnostics

HP Weather

IDT Audio

Java 7 Update 9

Java 7 Update 9 (64-bit)

Java Auto Updater

Jewel Match 3

Jewel Quest Mysteries: The Seventh Gate Collector's Edition

John Deere Drive Green

Junk Mail filter update

LabelPrint

Letters from Nowhere 2

Luxor HD

Mah Jong Medley

Malwarebytes Anti-Malware version 1.65.1.1000

Mesh Runtime

Metric Converter

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Mathematics

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Mozilla Maintenance Service

Mozilla Thunderbird 17.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MyAshampoo Toolbar

opensource

PDF Complete Special Edition

PDF Settings CS6

Penguins!

ph

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

Portrait Professional 10.9 Trial

Power2Go

PowerISO

PressReader

PxMergeModule

Recovery Manager

Remote Graphics Receiver

RollerCoaster Tycoon 3: Platinum

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition

Skype™ 5.10

Spot

Spotify

Tap Tap Bear

The Treasures of Mystery Island: The Ghost Ship

Torchlight

TSHostedAppLauncher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update Installer for WildTangent Games App

Virtual Villagers 4 - The Tree of Life

Visual Studio 2010 x64 Redistributables

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Yontoo 1.10.02

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

12/6/2012 6:55:10 AM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.

12/4/2012 7:53:40 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{E4129584-133A-4DC5-B184-FF6D9E7D6F69} because another computer on the network has the same name. The server could not start.

12/3/2012 7:18:02 PM, Error: NetBT [4321] - The name "BLUETOAST :1d" could not be registered on the interface with IP address 192.168.1.110. The computer with the IP address 192.168.1.114 did not allow the name to be claimed by this computer.

12/1/2012 8:19:19 AM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The system cannot find the file specified.

12/1/2012 8:17:06 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

11/30/2012 7:17:21 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hello

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

--AdwCleaner--

# AdwCleaner v2.011 - Logfile created 12/06/2012 at 18:32:27

# Updated 02/12/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Vanessa - VANESSA-HP

# Boot Mode : Normal

# Running from : C:\Users\Vanessa\Desktop\adwcleaner (1).exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\ConduitEngine

Folder Deleted : C:\Program Files (x86)\MyAshampoo

Folder Deleted : C:\Program Files (x86)\Yontoo

Folder Deleted : C:\ProgramData\blekko toolbars

Folder Deleted : C:\ProgramData\search protection

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Vanessa\AppData\Local\Conduit

Folder Deleted : C:\Users\Vanessa\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Vanessa\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\Vanessa\AppData\LocalLow\MyAshampoo

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine

Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6CBE9D43-ED46-4C00-8D8E-269743E60806}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7584FAD0-B930-4D08-89E3-7ACEAEA02E9F}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\conduitEngine

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{84F9FD52-6654-4E81-BC1A-B1AABBEF1563}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\Software\MyAshampoo

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6CBE9D43-ED46-4C00-8D8E-269743E60806}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7584FAD0-B930-4D08-89E3-7ACEAEA02E9F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{84F9FD52-6654-4E81-BC1A-B1AABBEF1563}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82B316DD-BDBF-4288-8E3E-62FAE6475658}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A0F950-B327-4B3B-A2DA-2F9856188FBB}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [7385 octets] - [06/12/2012 18:32:27]

########## EOF - C:\AdwCleaner[s1].txt - [7445 octets] ##########

--RogueKiller--

RogueKiller V8.3.1 [Nov 29 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Vanessa [Admin rights]

Mode : Remove -- Date : 12/06/2012 18:37:39

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\Run : SearchProtection (C:\ProgramData\Search Protection\_run.bat) -> DELETED

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS723020BLA642 SATA Disk Device +++++

--- User ---

[MBR] 2ae79db63b98333dfd52b41ddfb523b0

[bSP] 4983a9911f971aada1dd37870b6d3c1d : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1890333 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3871608832 | Size: 17294 Mo

User = LL1 ... OK!

User != LL2 ... KO!

--- LL2 ---

[MBR] 9ce7e7ceda62ca639aed489534eee68a

[bSP] d2241d96b689915b6aedddf575001296 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 226125824 | Size: 300 Mo

+++++ PhysicalDrive1: WDC WD15 EADS-00S2B0 SATA Disk Device +++++

--- User ---

[MBR] a24dbc1752f8bc7a2450d2f887c54f99

[bSP] 01dc4923855d0ad65d81bf74284f2b0f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1430797 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[2]_D_12062012_02d1837.txt >>

RKreport[1]_S_12062012_02d1837.txt ; RKreport[2]_D_12062012_02d1837.txt

Link to post
Share on other sites

  • Staff

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

ComboFix 12-12-04.01 - Vanessa 12/06/2012 20:25:28.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.9655.8245 [GMT -6:00]

Running from: c:\users\Vanessa\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Java\jre7\bin\ssv.dll

.

.

((((((((((((((((((((((((( Files Created from 2012-11-07 to 2012-12-07 )))))))))))))))))))))))))))))))

.

.

2012-12-07 02:29 . 2012-12-07 02:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-01 14:34 . 2012-12-01 14:37 -------- d-----w- c:\programdata\Ad-Aware Antivirus

2012-12-01 14:29 . 2012-12-01 14:29 -------- d-----w- c:\users\Vanessa\AppData\Roaming\LavasoftStatistics

2012-12-01 14:28 . 2012-12-01 17:31 -------- d-----w- c:\program files (x86)\Ad-Aware Antivirus

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\programdata\Lavasoft

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\users\Vanessa\AppData\Local\Downloaded Installations

2012-12-01 14:28 . 2012-12-01 14:28 47496 ----a-w- c:\windows\system32\sbbd.exe

2012-12-01 14:28 . 2012-12-01 14:28 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\users\Vanessa\AppData\Local\adawarebp

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\program files (x86)\Toolbar Cleaner

2012-12-01 14:28 . 2012-12-01 14:28 -------- d-----w- c:\program files (x86)\adawaretb

2012-12-01 14:27 . 2012-12-01 14:34 -------- d-----w- c:\users\Vanessa\AppData\Roaming\Ad-Aware Antivirus

2012-12-01 14:23 . 2012-12-01 14:23 -------- d-----w- c:\program files (x86)\Cookienator

2012-12-01 14:01 . 2012-09-25 05:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-01 13:55 . 2012-12-01 13:54 916456 ----a-w- c:\windows\system32\deployJava1.dll

2012-12-01 13:55 . 2012-12-01 13:54 289768 ----a-w- c:\windows\system32\javaws.exe

2012-12-01 13:55 . 2012-12-01 13:54 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-12-01 13:54 . 2012-12-01 13:54 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2012-12-01 13:54 . 2012-12-01 13:54 189416 ----a-w- c:\windows\system32\javaw.exe

2012-12-01 13:54 . 2012-12-01 13:54 188904 ----a-w- c:\windows\system32\java.exe

2012-12-01 13:54 . 2012-12-01 13:54 -------- d-----w- c:\program files\Java

2012-12-01 01:07 . 2012-12-01 01:07 -------- d-----w- C:\TDSSKiller_Quarantine

2012-11-22 13:21 . 2012-11-28 21:25 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird

2012-11-22 04:11 . 2012-11-26 16:32 -------- d-----w- c:\users\Vanessa\AppData\Roaming\FileZilla

2012-11-22 04:11 . 2012-11-22 04:11 -------- d-----w- c:\program files (x86)\FileZilla FTP Client

2012-11-17 15:10 . 2012-11-17 15:10 -------- d-----w- c:\users\Vanessa\AppData\Roaming\Malwarebytes

2012-11-17 15:09 . 2012-11-17 15:09 -------- d-----w- c:\programdata\Malwarebytes

2012-11-17 15:09 . 2012-12-01 01:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-11-17 15:09 . 2012-09-30 01:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-17 14:53 . 2012-11-17 14:53 -------- d-----w- c:\users\Vanessa\AppData\Roaming\AVG2013

2012-11-17 14:50 . 2012-11-17 14:50 -------- d-----w- c:\users\Vanessa\AppData\Roaming\TuneUp Software

2012-11-17 14:50 . 2012-11-17 14:50 -------- d-----w- c:\programdata\AVG2013

2012-11-17 14:50 . 2012-11-17 14:50 -------- d-----w- C:\$AVG

2012-11-17 14:49 . 2012-11-17 14:49 -------- d-----w- c:\program files (x86)\AVG

2012-11-17 14:48 . 2012-12-07 00:38 -------- d-----w- c:\programdata\MFAData

2012-11-17 14:48 . 2012-11-17 14:56 -------- d-----w- c:\users\Vanessa\AppData\Local\Avg2013

2012-11-17 14:48 . 2012-11-17 14:48 -------- d-----w- c:\users\Vanessa\AppData\Local\MFAData

2012-11-16 13:42 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{28CDBE97-7879-4784-AE23-6DD2B3F32678}\mpengine.dll

2012-11-14 09:05 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui

2012-11-14 09:05 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-11-14 09:05 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-11-14 09:05 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-11-14 03:52 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-22 19:02 . 2012-10-22 19:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2012-10-16 08:38 . 2012-11-27 21:46 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-27 21:46 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-27 21:46 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 09:48 . 2012-10-15 09:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2012-10-06 02:46 . 2012-10-06 02:46 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-10-06 02:46 . 2012-10-06 02:46 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-10-05 09:32 . 2012-10-05 09:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2012-10-02 09:30 . 2012-10-02 09:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2012-09-21 09:46 . 2012-09-21 09:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-09-21 09:46 . 2012-09-21 09:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys

2012-09-14 19:19 . 2012-10-10 13:14 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 13:14 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-09-14 09:05 . 2012-09-14 09:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

2012-11-16 21:41 87448 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-11-16 87448]

.

[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cookienator"="c:\program files (x86)\Cookienator\cookienator.exe" [2009-10-19 1333472]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-21 630912]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-12 658424]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]

"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"EEventManager"="c:\program files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2006-10-12 102400]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]

"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-11-16 542104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-3-25 1137952]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

@="Ad-Aware Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-07 5814392]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-08 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2012-01-16 82048]

S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2012-01-16 42624]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]

S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-01 14456]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]

S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-11-22 1236368]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-10 235520]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-08-16 16384]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-08-12 1128952]

S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2012-01-11 102528]

S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2012-01-11 219776]

S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-03-26 349736]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-03-26 39464]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-01-30 104048]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-12-28 54400]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - GFIBTO

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-856132688-397709542-2382734282-1000Core.job

- c:\users\Vanessa\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 00:40]

.

2012-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-856132688-397709542-2382734282-1000UA.job

- c:\users\Vanessa\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-08 00:40]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2011-12-13 37888]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-13 1425408]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=FF39850081ED7EE5ED016E50BA1400FF

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-12-06 20:31:11

ComboFix-quarantined-files.txt 2012-12-07 02:31

.

Pre-Run: 1,621,095,624,704 bytes free

Post-Run: 1,620,986,150,912 bytes free

.

- - End Of File - - 602DC8498F413502F8A38E0B2559E7F4

Thanks Gringo. I didnt have any trouble running any of the steps you outlined. But I am still having redirect issues.... I think! I have to right click and then open the links in a new tab to get anywhere...

I get alll of this below!

forum-1.jpg

forum-3.jpg

forum-4.jpg

Link to post
Share on other sites

  • Staff

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.

  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo

Link to post
Share on other sites

Good Morning, and many Thanks.

--TDSKiller--

08:46:03.0181 6376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

08:46:03.0697 6376 ============================================================

08:46:03.0697 6376 Current date / time: 2012/12/07 08:46:03.0697

08:46:03.0697 6376 SystemInfo:

08:46:03.0697 6376

08:46:03.0697 6376 OS Version: 6.1.7601 ServicePack: 1.0

08:46:03.0698 6376 Product type: Workstation

08:46:03.0698 6376 ComputerName: VANESSA-HP

08:46:03.0698 6376 UserName: Vanessa

08:46:03.0698 6376 Windows directory: C:\Windows

08:46:03.0698 6376 System windows directory: C:\Windows

08:46:03.0698 6376 Running under WOW64

08:46:03.0698 6376 Processor architecture: Intel x64

08:46:03.0698 6376 Number of processors: 4

08:46:03.0698 6376 Page size: 0x1000

08:46:03.0698 6376 Boot type: Normal boot

08:46:03.0698 6376 ============================================================

08:46:04.0167 6376 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:46:04.0562 6376 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:46:04.0607 6376 Drive \Device\Harddisk8\DR8 - Size: 0x3B5980000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

08:46:04.0622 6376 ============================================================

08:46:04.0622 6376 \Device\Harddisk0\DR0:

08:46:04.0622 6376 MBR partitions:

08:46:04.0622 6376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

08:46:04.0622 6376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE6C0E800

08:46:04.0622 6376 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE6C41000, BlocksNum 0x21C7000

08:46:04.0622 6376 \Device\Harddisk1\DR1:

08:46:04.0622 6376 MBR partitions:

08:46:04.0622 6376 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800

08:46:04.0622 6376 \Device\Harddisk8\DR8:

08:46:04.0624 6376 MBR partitions:

08:46:04.0624 6376 \Device\Harddisk8\DR8\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DAAC00

08:46:04.0624 6376 ============================================================

08:46:04.0639 6376 C: <-> \Device\Harddisk0\DR0\Partition2

08:46:04.0678 6376 D: <-> \Device\Harddisk0\DR0\Partition3

08:46:04.0712 6376 F: <-> \Device\Harddisk1\DR1\Partition1

08:46:04.0713 6376 ============================================================

08:46:04.0713 6376 Initialize success

08:46:04.0713 6376 ============================================================

08:46:07.0616 7924 ============================================================

08:46:07.0616 7924 Scan started

08:46:07.0616 7924 Mode: Manual;

08:46:07.0616 7924 ============================================================

08:46:08.0212 7924 ================ Scan system memory ========================

08:46:08.0212 7924 System memory - ok

08:46:08.0213 7924 ================ Scan services =============================

08:46:08.0358 7924 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

08:46:08.0363 7924 1394ohci - ok

08:46:08.0386 7924 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

08:46:08.0392 7924 ACPI - ok

08:46:08.0411 7924 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

08:46:08.0413 7924 AcpiPmi - ok

08:46:08.0523 7924 [ AAD408B6A66595432405C97F73D6FF00 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

08:46:08.0540 7924 Ad-Aware Service - ok

08:46:08.0633 7924 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:46:08.0636 7924 AdobeARMservice - ok

08:46:08.0669 7924 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

08:46:08.0677 7924 adp94xx - ok

08:46:08.0700 7924 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

08:46:08.0706 7924 adpahci - ok

08:46:08.0728 7924 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

08:46:08.0731 7924 adpu320 - ok

08:46:08.0743 7924 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

08:46:08.0745 7924 AeLookupSvc - ok

08:46:08.0787 7924 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

08:46:08.0792 7924 AFD - ok

08:46:08.0814 7924 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

08:46:08.0816 7924 agp440 - ok

08:46:08.0825 7924 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

08:46:08.0827 7924 ALG - ok

08:46:08.0845 7924 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

08:46:08.0846 7924 aliide - ok

08:46:08.0869 7924 [ BA7DEAEF1066F1FD31FD1D719FC98204 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

08:46:08.0872 7924 AMD External Events Utility - ok

08:46:08.0896 7924 [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30 C:\Windows\system32\drivers\amdhub30.sys

08:46:08.0897 7924 amdhub30 - ok

08:46:08.0907 7924 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

08:46:08.0908 7924 amdide - ok

08:46:08.0916 7924 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

08:46:08.0918 7924 AmdK8 - ok

08:46:09.0084 7924 [ 0DB247E7D8EE52176E4FCCF00911608D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys

08:46:09.0159 7924 amdkmdag - ok

08:46:09.0185 7924 [ FC57F1D151DA79BABD7E790E621BA525 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys

08:46:09.0189 7924 amdkmdap - ok

08:46:09.0213 7924 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

08:46:09.0214 7924 AmdPPM - ok

08:46:09.0241 7924 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

08:46:09.0253 7924 amdsata - ok

08:46:09.0266 7924 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

08:46:09.0268 7924 amdsbs - ok

08:46:09.0280 7924 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

08:46:09.0280 7924 amdxata - ok

08:46:09.0324 7924 [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc C:\Windows\system32\drivers\amdxhc.sys

08:46:09.0326 7924 amdxhc - ok

08:46:09.0336 7924 [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata C:\Windows\system32\drivers\amd_sata.sys

08:46:09.0337 7924 amd_sata - ok

08:46:09.0342 7924 [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys

08:46:09.0343 7924 amd_xata - ok

08:46:09.0376 7924 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

08:46:09.0377 7924 AppID - ok

08:46:09.0400 7924 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

08:46:09.0401 7924 AppIDSvc - ok

08:46:09.0407 7924 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

08:46:09.0408 7924 Appinfo - ok

08:46:09.0457 7924 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

08:46:09.0458 7924 arc - ok

08:46:09.0480 7924 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

08:46:09.0481 7924 arcsas - ok

08:46:09.0559 7924 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

08:46:09.0561 7924 aspnet_state - ok

08:46:09.0587 7924 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

08:46:09.0589 7924 AsyncMac - ok

08:46:09.0658 7924 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

08:46:09.0660 7924 atapi - ok

08:46:09.0686 7924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:46:09.0693 7924 AudioEndpointBuilder - ok

08:46:09.0703 7924 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

08:46:09.0709 7924 AudioSrv - ok

08:46:09.0837 7924 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

08:46:09.0866 7924 AVGIDSAgent - ok

08:46:09.0902 7924 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

08:46:09.0904 7924 AVGIDSDriver - ok

08:46:09.0916 7924 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

08:46:09.0917 7924 AVGIDSHA - ok

08:46:09.0925 7924 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

08:46:09.0927 7924 Avgldx64 - ok

08:46:09.0969 7924 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

08:46:09.0971 7924 Avgloga - ok

08:46:09.0982 7924 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

08:46:09.0983 7924 Avgmfx64 - ok

08:46:10.0003 7924 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

08:46:10.0004 7924 Avgrkx64 - ok

08:46:10.0017 7924 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

08:46:10.0019 7924 Avgtdia - ok

08:46:10.0051 7924 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

08:46:10.0055 7924 avgwd - ok

08:46:10.0075 7924 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

08:46:10.0079 7924 AxInstSV - ok

08:46:10.0105 7924 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

08:46:10.0111 7924 b06bdrv - ok

08:46:10.0123 7924 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

08:46:10.0125 7924 b57nd60a - ok

08:46:10.0183 7924 [ FDE8C8DC07E75347E4C6B455A0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys

08:46:10.0204 7924 BCM43XX - ok

08:46:10.0212 7924 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

08:46:10.0213 7924 BDESVC - ok

08:46:10.0224 7924 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

08:46:10.0226 7924 Beep - ok

08:46:10.0253 7924 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

08:46:10.0258 7924 BFE - ok

08:46:10.0279 7924 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll

08:46:10.0286 7924 BITS - ok

08:46:10.0293 7924 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

08:46:10.0295 7924 blbdrive - ok

08:46:10.0323 7924 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

08:46:10.0324 7924 bowser - ok

08:46:10.0339 7924 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

08:46:10.0340 7924 BrFiltLo - ok

08:46:10.0347 7924 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

08:46:10.0348 7924 BrFiltUp - ok

08:46:10.0363 7924 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

08:46:10.0364 7924 BridgeMP - ok

08:46:10.0395 7924 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

08:46:10.0397 7924 Browser - ok

08:46:10.0414 7924 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

08:46:10.0417 7924 Brserid - ok

08:46:10.0431 7924 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

08:46:10.0433 7924 BrSerWdm - ok

08:46:10.0443 7924 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

08:46:10.0444 7924 BrUsbMdm - ok

08:46:10.0452 7924 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

08:46:10.0453 7924 BrUsbSer - ok

08:46:10.0484 7924 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

08:46:10.0485 7924 BthEnum - ok

08:46:10.0495 7924 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

08:46:10.0496 7924 BTHMODEM - ok

08:46:10.0505 7924 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

08:46:10.0506 7924 BthPan - ok

08:46:10.0522 7924 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

08:46:10.0526 7924 BTHPORT - ok

08:46:10.0537 7924 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

08:46:10.0538 7924 bthserv - ok

08:46:10.0550 7924 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

08:46:10.0551 7924 BTHUSB - ok

08:46:10.0573 7924 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys

08:46:10.0576 7924 BTWAMPFL - ok

08:46:10.0582 7924 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

08:46:10.0584 7924 btwaudio - ok

08:46:10.0602 7924 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

08:46:10.0604 7924 btwavdt - ok

08:46:10.0646 7924 [ 1AD3A2BAF31C4327DCBB2B0ECA4A23BB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

08:46:10.0651 7924 btwdins - ok

08:46:10.0661 7924 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

08:46:10.0662 7924 btwl2cap - ok

08:46:10.0684 7924 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

08:46:10.0685 7924 btwrchid - ok

08:46:10.0732 7924 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe

08:46:10.0733 7924 CalendarSynchService - ok

08:46:10.0761 7924 catchme - ok

08:46:10.0778 7924 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

08:46:10.0780 7924 cdfs - ok

08:46:10.0809 7924 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

08:46:10.0812 7924 cdrom - ok

08:46:10.0838 7924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

08:46:10.0841 7924 CertPropSvc - ok

08:46:10.0859 7924 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

08:46:10.0862 7924 circlass - ok

08:46:10.0886 7924 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

08:46:10.0891 7924 CLFS - ok

08:46:10.0936 7924 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:46:10.0938 7924 clr_optimization_v2.0.50727_32 - ok

08:46:10.0969 7924 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

08:46:10.0971 7924 clr_optimization_v2.0.50727_64 - ok

08:46:11.0020 7924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:46:11.0023 7924 clr_optimization_v4.0.30319_32 - ok

08:46:11.0038 7924 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

08:46:11.0041 7924 clr_optimization_v4.0.30319_64 - ok

08:46:11.0057 7924 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

08:46:11.0059 7924 CmBatt - ok

08:46:11.0073 7924 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

08:46:11.0074 7924 cmdide - ok

08:46:11.0115 7924 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

08:46:11.0120 7924 CNG - ok

08:46:11.0133 7924 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

08:46:11.0135 7924 Compbatt - ok

08:46:11.0157 7924 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

08:46:11.0158 7924 CompositeBus - ok

08:46:11.0162 7924 COMSysApp - ok

08:46:11.0172 7924 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

08:46:11.0173 7924 crcdisk - ok

08:46:11.0209 7924 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

08:46:11.0211 7924 CryptSvc - ok

08:46:11.0263 7924 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

08:46:11.0274 7924 cvhsvc - ok

08:46:11.0308 7924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

08:46:11.0319 7924 DcomLaunch - ok

08:46:11.0342 7924 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

08:46:11.0346 7924 defragsvc - ok

08:46:11.0365 7924 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

08:46:11.0367 7924 DfsC - ok

08:46:11.0393 7924 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

08:46:11.0397 7924 Dhcp - ok

08:46:11.0401 7924 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

08:46:11.0402 7924 discache - ok

08:46:11.0426 7924 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

08:46:11.0428 7924 Disk - ok

08:46:11.0465 7924 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

08:46:11.0471 7924 Dnscache - ok

08:46:11.0510 7924 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

08:46:11.0516 7924 dot3svc - ok

08:46:11.0535 7924 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

08:46:11.0539 7924 DPS - ok

08:46:11.0564 7924 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

08:46:11.0566 7924 drmkaud - ok

08:46:11.0599 7924 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

08:46:11.0614 7924 DXGKrnl - ok

08:46:11.0628 7924 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

08:46:11.0631 7924 EapHost - ok

08:46:11.0702 7924 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

08:46:11.0734 7924 ebdrv - ok

08:46:11.0750 7924 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

08:46:11.0752 7924 EFS - ok

08:46:11.0788 7924 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

08:46:11.0799 7924 ehRecvr - ok

08:46:11.0823 7924 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

08:46:11.0825 7924 ehSched - ok

08:46:11.0842 7924 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

08:46:11.0848 7924 elxstor - ok

08:46:11.0865 7924 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

08:46:11.0866 7924 ErrDev - ok

08:46:11.0887 7924 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

08:46:11.0891 7924 EventSystem - ok

08:46:11.0904 7924 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

08:46:11.0907 7924 exfat - ok

08:46:11.0920 7924 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

08:46:11.0922 7924 fastfat - ok

08:46:11.0946 7924 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

08:46:11.0952 7924 Fax - ok

08:46:11.0968 7924 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

08:46:11.0969 7924 fdc - ok

08:46:11.0980 7924 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

08:46:11.0981 7924 fdPHost - ok

08:46:11.0994 7924 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

08:46:11.0995 7924 FDResPub - ok

08:46:12.0002 7924 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

08:46:12.0003 7924 FileInfo - ok

08:46:12.0009 7924 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

08:46:12.0010 7924 Filetrace - ok

08:46:12.0026 7924 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

08:46:12.0027 7924 flpydisk - ok

08:46:12.0042 7924 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

08:46:12.0044 7924 FltMgr - ok

08:46:12.0073 7924 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

08:46:12.0082 7924 FontCache - ok

08:46:12.0117 7924 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:46:12.0117 7924 FontCache3.0.0.0 - ok

08:46:12.0133 7924 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

08:46:12.0134 7924 FsDepends - ok

08:46:12.0147 7924 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

08:46:12.0148 7924 Fs_Rec - ok

08:46:12.0157 7924 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

08:46:12.0159 7924 fvevol - ok

08:46:12.0171 7924 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

08:46:12.0173 7924 gagp30kx - ok

08:46:12.0202 7924 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

08:46:12.0216 7924 GamesAppService - ok

08:46:12.0256 7924 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys

08:46:12.0257 7924 gfibto - ok

08:46:12.0271 7924 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

08:46:12.0277 7924 gpsvc - ok

08:46:12.0322 7924 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:46:12.0323 7924 gupdate - ok

08:46:12.0326 7924 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:46:12.0327 7924 gupdatem - ok

08:46:12.0340 7924 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

08:46:12.0342 7924 hcw85cir - ok

08:46:12.0356 7924 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:46:12.0359 7924 HdAudAddService - ok

08:46:12.0376 7924 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

08:46:12.0378 7924 HDAudBus - ok

08:46:12.0392 7924 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

08:46:12.0393 7924 HidBatt - ok

08:46:12.0409 7924 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

08:46:12.0410 7924 HidBth - ok

08:46:12.0417 7924 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

08:46:12.0418 7924 HidIr - ok

08:46:12.0431 7924 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll

08:46:12.0432 7924 hidserv - ok

08:46:12.0451 7924 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

08:46:12.0452 7924 HidUsb - ok

08:46:12.0466 7924 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

08:46:12.0468 7924 hkmsvc - ok

08:46:12.0483 7924 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:46:12.0486 7924 HomeGroupListener - ok

08:46:12.0499 7924 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:46:12.0502 7924 HomeGroupProvider - ok

08:46:12.0518 7924 HP Support Assistant Service - ok

08:46:12.0554 7924 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

08:46:12.0558 7924 HPClientSvc - ok

08:46:12.0574 7924 hpqwmiex - ok

08:46:12.0594 7924 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

08:46:12.0596 7924 HpSAMD - ok

08:46:12.0622 7924 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

08:46:12.0630 7924 HTTP - ok

08:46:12.0636 7924 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

08:46:12.0637 7924 hwpolicy - ok

08:46:12.0648 7924 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

08:46:12.0650 7924 i8042prt - ok

08:46:12.0662 7924 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

08:46:12.0666 7924 iaStorV - ok

08:46:12.0700 7924 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

08:46:12.0707 7924 idsvc - ok

08:46:12.0812 7924 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

08:46:12.0854 7924 igfx - ok

08:46:12.0867 7924 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

08:46:12.0868 7924 iirsp - ok

08:46:12.0889 7924 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

08:46:12.0896 7924 IKEEXT - ok

08:46:12.0907 7924 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

08:46:12.0908 7924 intelide - ok

08:46:12.0922 7924 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

08:46:12.0923 7924 intelppm - ok

08:46:12.0938 7924 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

08:46:12.0940 7924 IPBusEnum - ok

08:46:12.0943 7924 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:46:12.0945 7924 IpFilterDriver - ok

08:46:12.0978 7924 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

08:46:12.0982 7924 iphlpsvc - ok

08:46:12.0997 7924 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

08:46:12.0999 7924 IPMIDRV - ok

08:46:13.0003 7924 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

08:46:13.0004 7924 IPNAT - ok

08:46:13.0020 7924 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

08:46:13.0021 7924 IRENUM - ok

08:46:13.0041 7924 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

08:46:13.0042 7924 isapnp - ok

08:46:13.0059 7924 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

08:46:13.0062 7924 iScsiPrt - ok

08:46:13.0073 7924 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

08:46:13.0075 7924 kbdclass - ok

08:46:13.0083 7924 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

08:46:13.0084 7924 kbdhid - ok

08:46:13.0092 7924 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

08:46:13.0093 7924 KeyIso - ok

08:46:13.0126 7924 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

08:46:13.0128 7924 KSecDD - ok

08:46:13.0140 7924 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

08:46:13.0142 7924 KSecPkg - ok

08:46:13.0157 7924 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

08:46:13.0158 7924 ksthunk - ok

08:46:13.0184 7924 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

08:46:13.0189 7924 KtmRm - ok

08:46:13.0213 7924 [ BD56BAE4403497E31727096CEBC42956 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys

08:46:13.0215 7924 L1C - ok

08:46:13.0259 7924 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll

08:46:13.0265 7924 LanmanServer - ok

08:46:13.0286 7924 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:46:13.0292 7924 LanmanWorkstation - ok

08:46:13.0318 7924 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

08:46:13.0320 7924 lltdio - ok

08:46:13.0338 7924 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

08:46:13.0345 7924 lltdsvc - ok

08:46:13.0359 7924 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

08:46:13.0361 7924 lmhosts - ok

08:46:13.0383 7924 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

08:46:13.0385 7924 LSI_FC - ok

08:46:13.0396 7924 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

08:46:13.0398 7924 LSI_SAS - ok

08:46:13.0407 7924 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

08:46:13.0412 7924 LSI_SAS2 - ok

08:46:13.0431 7924 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

08:46:13.0433 7924 LSI_SCSI - ok

08:46:13.0449 7924 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

08:46:13.0451 7924 luafv - ok

08:46:13.0481 7924 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

08:46:13.0482 7924 MBAMProtector - ok

08:46:13.0521 7924 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

08:46:13.0523 7924 MBAMScheduler - ok

08:46:13.0537 7924 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

08:46:13.0542 7924 MBAMService - ok

08:46:13.0551 7924 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

08:46:13.0554 7924 Mcx2Svc - ok

08:46:13.0562 7924 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

08:46:13.0564 7924 megasas - ok

08:46:13.0578 7924 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

08:46:13.0582 7924 MegaSR - ok

08:46:13.0597 7924 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

08:46:13.0599 7924 MMCSS - ok

08:46:13.0611 7924 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

08:46:13.0613 7924 Modem - ok

08:46:13.0630 7924 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

08:46:13.0631 7924 monitor - ok

08:46:13.0649 7924 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

08:46:13.0650 7924 mouclass - ok

08:46:13.0656 7924 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

08:46:13.0657 7924 mouhid - ok

08:46:13.0666 7924 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

08:46:13.0668 7924 mountmgr - ok

08:46:13.0707 7924 [ 8121C6DD654970FEDDBC195596D9706E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

08:46:13.0710 7924 MozillaMaintenance - ok

08:46:13.0739 7924 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

08:46:13.0743 7924 mpio - ok

08:46:13.0758 7924 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

08:46:13.0761 7924 mpsdrv - ok

08:46:13.0797 7924 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

08:46:13.0805 7924 MpsSvc - ok

08:46:13.0820 7924 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

08:46:13.0822 7924 MRxDAV - ok

08:46:13.0844 7924 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

08:46:13.0846 7924 mrxsmb - ok

08:46:13.0864 7924 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:46:13.0867 7924 mrxsmb10 - ok

08:46:13.0876 7924 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:46:13.0878 7924 mrxsmb20 - ok

08:46:13.0892 7924 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

08:46:13.0893 7924 msahci - ok

08:46:13.0909 7924 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

08:46:13.0911 7924 msdsm - ok

08:46:13.0922 7924 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

08:46:13.0925 7924 MSDTC - ok

08:46:13.0944 7924 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

08:46:13.0944 7924 Msfs - ok

08:46:13.0954 7924 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

08:46:13.0955 7924 mshidkmdf - ok

08:46:13.0972 7924 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

08:46:13.0972 7924 msisadrv - ok

08:46:13.0997 7924 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

08:46:14.0001 7924 MSiSCSI - ok

08:46:14.0005 7924 msiserver - ok

08:46:14.0026 7924 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

08:46:14.0027 7924 MSKSSRV - ok

08:46:14.0033 7924 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

08:46:14.0034 7924 MSPCLOCK - ok

08:46:14.0043 7924 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

08:46:14.0044 7924 MSPQM - ok

08:46:14.0060 7924 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

08:46:14.0063 7924 MsRPC - ok

08:46:14.0085 7924 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

08:46:14.0086 7924 mssmbios - ok

08:46:14.0099 7924 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

08:46:14.0100 7924 MSTEE - ok

08:46:14.0113 7924 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

08:46:14.0115 7924 MTConfig - ok

08:46:14.0130 7924 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

08:46:14.0131 7924 Mup - ok

08:46:14.0152 7924 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

08:46:14.0158 7924 napagent - ok

08:46:14.0185 7924 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

08:46:14.0189 7924 NativeWifiP - ok

08:46:14.0227 7924 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

08:46:14.0235 7924 NDIS - ok

08:46:14.0249 7924 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

08:46:14.0250 7924 NdisCap - ok

08:46:14.0272 7924 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

08:46:14.0274 7924 NdisTapi - ok

08:46:14.0294 7924 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

08:46:14.0295 7924 Ndisuio - ok

08:46:14.0306 7924 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

08:46:14.0308 7924 NdisWan - ok

08:46:14.0320 7924 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

08:46:14.0321 7924 NDProxy - ok

08:46:14.0328 7924 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

08:46:14.0329 7924 NetBIOS - ok

08:46:14.0345 7924 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

08:46:14.0347 7924 NetBT - ok

08:46:14.0358 7924 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

08:46:14.0359 7924 Netlogon - ok

08:46:14.0393 7924 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

08:46:14.0397 7924 Netman - ok

08:46:14.0412 7924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:46:14.0413 7924 NetMsmqActivator - ok

08:46:14.0416 7924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:46:14.0417 7924 NetPipeActivator - ok

08:46:14.0432 7924 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

08:46:14.0437 7924 netprofm - ok

08:46:14.0441 7924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:46:14.0442 7924 NetTcpActivator - ok

08:46:14.0445 7924 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:46:14.0446 7924 NetTcpPortSharing - ok

08:46:14.0460 7924 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

08:46:14.0461 7924 nfrd960 - ok

08:46:14.0478 7924 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

08:46:14.0481 7924 NlaSvc - ok

08:46:14.0487 7924 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

08:46:14.0488 7924 Npfs - ok

08:46:14.0507 7924 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

08:46:14.0509 7924 nsi - ok

08:46:14.0516 7924 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

08:46:14.0517 7924 nsiproxy - ok

08:46:14.0568 7924 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

08:46:14.0580 7924 Ntfs - ok

08:46:14.0590 7924 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

08:46:14.0591 7924 Null - ok

08:46:14.0610 7924 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

08:46:14.0612 7924 nvraid - ok

08:46:14.0622 7924 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

08:46:14.0624 7924 nvstor - ok

08:46:14.0632 7924 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

08:46:14.0634 7924 nv_agp - ok

08:46:14.0649 7924 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

08:46:14.0650 7924 ohci1394 - ok

08:46:14.0676 7924 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:46:14.0677 7924 ose - ok

08:46:14.0792 7924 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

08:46:14.0816 7924 osppsvc - ok

08:46:14.0843 7924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

08:46:14.0846 7924 p2pimsvc - ok

08:46:14.0858 7924 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

08:46:14.0862 7924 p2psvc - ok

08:46:14.0875 7924 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

08:46:14.0876 7924 Parport - ok

08:46:14.0903 7924 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

08:46:14.0904 7924 partmgr - ok

08:46:14.0915 7924 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

08:46:14.0918 7924 PcaSvc - ok

08:46:14.0935 7924 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

08:46:14.0937 7924 pci - ok

08:46:14.0962 7924 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

08:46:14.0963 7924 pciide - ok

08:46:14.0983 7924 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

08:46:14.0985 7924 pcmcia - ok

08:46:14.0996 7924 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

08:46:14.0997 7924 pcw - ok

08:46:15.0013 7924 pdfcDispatcher - ok

08:46:15.0029 7924 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

08:46:15.0034 7924 PEAUTH - ok

08:46:15.0086 7924 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

08:46:15.0089 7924 PerfHost - ok

08:46:15.0135 7924 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

08:46:15.0149 7924 pla - ok

08:46:15.0172 7924 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

08:46:15.0176 7924 PlugPlay - ok

08:46:15.0181 7924 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

08:46:15.0183 7924 PNRPAutoReg - ok

08:46:15.0189 7924 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

08:46:15.0192 7924 PNRPsvc - ok

08:46:15.0213 7924 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

08:46:15.0217 7924 PolicyAgent - ok

08:46:15.0234 7924 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

08:46:15.0237 7924 Power - ok

08:46:15.0259 7924 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

08:46:15.0260 7924 PptpMiniport - ok

08:46:15.0272 7924 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

08:46:15.0273 7924 Processor - ok

08:46:15.0302 7924 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

08:46:15.0305 7924 ProfSvc - ok

08:46:15.0316 7924 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

08:46:15.0318 7924 ProtectedStorage - ok

08:46:15.0336 7924 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

08:46:15.0338 7924 Psched - ok

08:46:15.0357 7924 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

08:46:15.0358 7924 PxHlpa64 - ok

08:46:15.0390 7924 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

08:46:15.0401 7924 ql2300 - ok

08:46:15.0411 7924 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

08:46:15.0413 7924 ql40xx - ok

08:46:15.0447 7924 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

08:46:15.0452 7924 QWAVE - ok

08:46:15.0464 7924 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

08:46:15.0466 7924 QWAVEdrv - ok

08:46:15.0486 7924 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

08:46:15.0487 7924 RasAcd - ok

08:46:15.0507 7924 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

08:46:15.0508 7924 RasAgileVpn - ok

08:46:15.0515 7924 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

08:46:15.0518 7924 RasAuto - ok

08:46:15.0528 7924 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

08:46:15.0530 7924 Rasl2tp - ok

08:46:15.0546 7924 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

08:46:15.0550 7924 RasMan - ok

08:46:15.0560 7924 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

08:46:15.0562 7924 RasPppoe - ok

08:46:15.0569 7924 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

08:46:15.0570 7924 RasSstp - ok

08:46:15.0583 7924 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

08:46:15.0586 7924 rdbss - ok

08:46:15.0600 7924 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

08:46:15.0601 7924 rdpbus - ok

08:46:15.0610 7924 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

08:46:15.0611 7924 RDPCDD - ok

08:46:15.0626 7924 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

08:46:15.0627 7924 RDPENCDD - ok

08:46:15.0636 7924 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

08:46:15.0637 7924 RDPREFMP - ok

08:46:15.0669 7924 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

08:46:15.0671 7924 RDPWD - ok

08:46:15.0687 7924 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

08:46:15.0689 7924 rdyboost - ok

08:46:15.0711 7924 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

08:46:15.0713 7924 RemoteAccess - ok

08:46:15.0725 7924 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

08:46:15.0729 7924 RemoteRegistry - ok

08:46:15.0749 7924 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

08:46:15.0751 7924 RFCOMM - ok

08:46:15.0761 7924 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

08:46:15.0763 7924 RpcEptMapper - ok

08:46:15.0773 7924 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

08:46:15.0775 7924 RpcLocator - ok

08:46:15.0789 7924 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

08:46:15.0793 7924 RpcSs - ok

08:46:15.0817 7924 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

08:46:15.0819 7924 rspndr - ok

08:46:15.0825 7924 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

08:46:15.0826 7924 SamSs - ok

08:46:15.0957 7924 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

08:46:15.0982 7924 SBAMSvc - ok

08:46:16.0001 7924 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

08:46:16.0003 7924 sbp2port - ok

08:46:16.0022 7924 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

08:46:16.0025 7924 SCardSvr - ok

08:46:16.0064 7924 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys

08:46:16.0065 7924 SCDEmu - ok

08:46:16.0082 7924 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

08:46:16.0083 7924 scfilter - ok

08:46:16.0108 7924 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

08:46:16.0117 7924 Schedule - ok

08:46:16.0137 7924 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

08:46:16.0138 7924 SCPolicySvc - ok

08:46:16.0151 7924 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

08:46:16.0154 7924 SDRSVC - ok

08:46:16.0163 7924 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

08:46:16.0164 7924 secdrv - ok

08:46:16.0172 7924 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

08:46:16.0174 7924 seclogon - ok

08:46:16.0181 7924 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll

08:46:16.0182 7924 SENS - ok

08:46:16.0196 7924 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

08:46:16.0198 7924 SensrSvc - ok

08:46:16.0228 7924 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

08:46:16.0229 7924 Serenum - ok

08:46:16.0245 7924 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

08:46:16.0247 7924 Serial - ok

08:46:16.0257 7924 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

08:46:16.0258 7924 sermouse - ok

08:46:16.0279 7924 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

08:46:16.0282 7924 SessionEnv - ok

08:46:16.0289 7924 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

08:46:16.0291 7924 sffdisk - ok

08:46:16.0296 7924 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

08:46:16.0297 7924 sffp_mmc - ok

08:46:16.0301 7924 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

08:46:16.0302 7924 sffp_sd - ok

08:46:16.0311 7924 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

08:46:16.0312 7924 sfloppy - ok

08:46:16.0342 7924 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

08:46:16.0347 7924 Sftfs - ok

08:46:16.0393 7924 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

08:46:16.0395 7924 sftlist - ok

08:46:16.0408 7924 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

08:46:16.0411 7924 Sftplay - ok

08:46:16.0417 7924 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

08:46:16.0417 7924 Sftredir - ok

08:46:16.0424 7924 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

08:46:16.0425 7924 Sftvol - ok

08:46:16.0436 7924 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

08:46:16.0438 7924 sftvsa - ok

08:46:16.0458 7924 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

08:46:16.0462 7924 SharedAccess - ok

08:46:16.0472 7924 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:46:16.0477 7924 ShellHWDetection - ok

08:46:16.0491 7924 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

08:46:16.0492 7924 SiSRaid2 - ok

08:46:16.0498 7924 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

08:46:16.0500 7924 SiSRaid4 - ok

08:46:16.0519 7924 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

08:46:16.0520 7924 SkypeUpdate - ok

08:46:16.0536 7924 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

08:46:16.0538 7924 Smb - ok

08:46:16.0565 7924 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

08:46:16.0567 7924 SNMPTRAP - ok

08:46:16.0586 7924 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

08:46:16.0587 7924 spldr - ok

08:46:16.0625 7924 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

08:46:16.0631 7924 Spooler - ok

08:46:16.0684 7924 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

08:46:16.0709 7924 sppsvc - ok

08:46:16.0721 7924 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

08:46:16.0723 7924 sppuinotify - ok

08:46:16.0739 7924 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

08:46:16.0742 7924 srv - ok

08:46:16.0759 7924 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

08:46:16.0762 7924 srv2 - ok

08:46:16.0772 7924 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

08:46:16.0773 7924 srvnet - ok

08:46:16.0792 7924 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

08:46:16.0795 7924 SSDPSRV - ok

08:46:16.0801 7924 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

08:46:16.0803 7924 SstpSvc - ok

08:46:16.0844 7924 [ 4B1D0B5B6D043AAF45AE89EABAB7B865 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

08:46:16.0846 7924 STacSV - ok

08:46:16.0856 7924 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

08:46:16.0857 7924 stexstor - ok

08:46:16.0875 7924 [ 542BDF7E9256189ABBC68935FA8116A4 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

08:46:16.0880 7924 STHDA - ok

08:46:16.0901 7924 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

08:46:16.0907 7924 stisvc - ok

08:46:16.0913 7924 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

08:46:16.0914 7924 swenum - ok

08:46:16.0981 7924 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

08:46:16.0988 7924 SwitchBoard - ok

08:46:17.0008 7924 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

08:46:17.0014 7924 swprv - ok

08:46:17.0045 7924 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

08:46:17.0060 7924 SysMain - ok

08:46:17.0071 7924 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:46:17.0074 7924 TabletInputService - ok

08:46:17.0082 7924 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

08:46:17.0086 7924 TapiSrv - ok

08:46:17.0093 7924 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

08:46:17.0096 7924 TBS - ok

08:46:17.0155 7924 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

08:46:17.0169 7924 Tcpip - ok

08:46:17.0190 7924 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

08:46:17.0201 7924 TCPIP6 - ok

08:46:17.0229 7924 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

08:46:17.0230 7924 tcpipreg - ok

08:46:17.0253 7924 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

08:46:17.0254 7924 TDPIPE - ok

08:46:17.0271 7924 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

08:46:17.0272 7924 TDTCP - ok

08:46:17.0282 7924 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

08:46:17.0284 7924 tdx - ok

08:46:17.0303 7924 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

08:46:17.0304 7924 TermDD - ok

08:46:17.0325 7924 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

08:46:17.0334 7924 TermService - ok

08:46:17.0357 7924 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

08:46:17.0359 7924 Themes - ok

08:46:17.0380 7924 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

08:46:17.0381 7924 THREADORDER - ok

08:46:17.0391 7924 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

08:46:17.0394 7924 TrkWks - ok

08:46:17.0418 7924 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:46:17.0419 7924 TrustedInstaller - ok

08:46:17.0428 7924 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

08:46:17.0433 7924 tssecsrv - ok

08:46:17.0437 7924 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

08:46:17.0438 7924 TsUsbFlt - ok

08:46:17.0464 7924 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

08:46:17.0466 7924 TsUsbGD - ok

08:46:17.0499 7924 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

08:46:17.0503 7924 tunnel - ok

08:46:17.0518 7924 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

08:46:17.0521 7924 uagp35 - ok

08:46:17.0538 7924 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

08:46:17.0545 7924 udfs - ok

08:46:17.0560 7924 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

08:46:17.0563 7924 UI0Detect - ok

08:46:17.0577 7924 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

08:46:17.0579 7924 uliagpkx - ok

08:46:17.0599 7924 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

08:46:17.0600 7924 umbus - ok

08:46:17.0615 7924 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

08:46:17.0616 7924 UmPass - ok

08:46:17.0636 7924 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

08:46:17.0642 7924 upnphost - ok

08:46:17.0653 7924 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

08:46:17.0655 7924 usbccgp - ok

08:46:17.0670 7924 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

08:46:17.0672 7924 usbcir - ok

08:46:17.0685 7924 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

08:46:17.0686 7924 usbehci - ok

08:46:17.0693 7924 [ 87B0382F0713C8D70D4382806492E864 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys

08:46:17.0694 7924 usbfilter - ok

08:46:17.0711 7924 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

08:46:17.0715 7924 usbhub - ok

08:46:17.0719 7924 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

08:46:17.0721 7924 usbohci - ok

08:46:17.0733 7924 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

08:46:17.0734 7924 usbprint - ok

08:46:17.0765 7924 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

08:46:17.0766 7924 usbscan - ok

08:46:17.0775 7924 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:46:17.0776 7924 USBSTOR - ok

08:46:17.0787 7924 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

08:46:17.0788 7924 usbuhci - ok

08:46:17.0798 7924 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

08:46:17.0800 7924 UxSms - ok

08:46:17.0808 7924 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

08:46:17.0809 7924 VaultSvc - ok

08:46:17.0825 7924 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

08:46:17.0827 7924 vdrvroot - ok

08:46:17.0846 7924 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

08:46:17.0853 7924 vds - ok

08:46:17.0868 7924 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

08:46:17.0869 7924 vga - ok

08:46:17.0883 7924 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

08:46:17.0885 7924 VgaSave - ok

08:46:17.0900 7924 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

08:46:17.0903 7924 vhdmp - ok

08:46:17.0924 7924 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

08:46:17.0926 7924 viaide - ok

08:46:17.0942 7924 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

08:46:17.0944 7924 volmgr - ok

08:46:17.0961 7924 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

08:46:17.0965 7924 volmgrx - ok

08:46:17.0982 7924 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys

08:46:17.0985 7924 volsnap - ok

08:46:18.0005 7924 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

08:46:18.0008 7924 vsmraid - ok

08:46:18.0041 7924 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

08:46:18.0058 7924 VSS - ok

08:46:18.0067 7924 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

08:46:18.0068 7924 vwifibus - ok

08:46:18.0075 7924 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

08:46:18.0077 7924 vwififlt - ok

08:46:18.0097 7924 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

08:46:18.0098 7924 vwifimp - ok

08:46:18.0107 7924 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

08:46:18.0112 7924 W32Time - ok

08:46:18.0134 7924 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

08:46:18.0135 7924 WacomPen - ok

08:46:18.0161 7924 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

08:46:18.0163 7924 WANARP - ok

08:46:18.0166 7924 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

08:46:18.0167 7924 Wanarpv6 - ok

08:46:18.0229 7924 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

08:46:18.0245 7924 WatAdminSvc - ok

08:46:18.0284 7924 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

08:46:18.0302 7924 wbengine - ok

08:46:18.0315 7924 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

08:46:18.0319 7924 WbioSrvc - ok

08:46:18.0331 7924 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

08:46:18.0337 7924 wcncsvc - ok

08:46:18.0346 7924 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:46:18.0350 7924 WcsPlugInService - ok

08:46:18.0366 7924 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

08:46:18.0367 7924 Wd - ok

08:46:18.0398 7924 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

08:46:18.0404 7924 Wdf01000 - ok

08:46:18.0417 7924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

08:46:18.0419 7924 WdiServiceHost - ok

08:46:18.0422 7924 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

08:46:18.0424 7924 WdiSystemHost - ok

08:46:18.0432 7924 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

08:46:18.0436 7924 WebClient - ok

08:46:18.0446 7924 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

08:46:18.0449 7924 Wecsvc - ok

08:46:18.0462 7924 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

08:46:18.0464 7924 wercplsupport - ok

08:46:18.0481 7924 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

08:46:18.0483 7924 WerSvc - ok

08:46:18.0490 7924 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

08:46:18.0491 7924 WfpLwf - ok

08:46:18.0501 7924 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

08:46:18.0502 7924 WIMMount - ok

08:46:18.0526 7924 WinDefend - ok

08:46:18.0532 7924 WinHttpAutoProxySvc - ok

08:46:18.0573 7924 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

08:46:18.0578 7924 Winmgmt - ok

08:46:18.0620 7924 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

08:46:18.0642 7924 WinRM - ok

08:46:18.0686 7924 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

08:46:18.0687 7924 WinUsb - ok

08:46:18.0714 7924 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

08:46:18.0725 7924 Wlansvc - ok

08:46:18.0751 7924 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

08:46:18.0752 7924 wlcrasvc - ok

08:46:18.0811 7924 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

08:46:18.0827 7924 wlidsvc - ok

08:46:18.0857 7924 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

08:46:18.0858 7924 WmiAcpi - ok

08:46:18.0875 7924 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

08:46:18.0877 7924 wmiApSrv - ok

08:46:18.0885 7924 WMPNetworkSvc - ok

08:46:18.0897 7924 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

08:46:18.0899 7924 WPCSvc - ok

08:46:18.0914 7924 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

08:46:18.0917 7924 WPDBusEnum - ok

08:46:18.0924 7924 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

08:46:18.0925 7924 ws2ifsl - ok

08:46:18.0936 7924 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll

08:46:18.0939 7924 wscsvc - ok

08:46:18.0941 7924 WSearch - ok

08:46:18.0988 7924 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

08:46:19.0006 7924 wuauserv - ok

08:46:19.0035 7924 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

08:46:19.0036 7924 WudfPf - ok

08:46:19.0046 7924 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

08:46:19.0048 7924 WUDFRd - ok

08:46:19.0059 7924 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

08:46:19.0061 7924 wudfsvc - ok

08:46:19.0080 7924 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

08:46:19.0084 7924 WwanSvc - ok

08:46:19.0112 7924 ================ Scan global ===============================

08:46:19.0122 7924 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

08:46:19.0147 7924 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

08:46:19.0154 7924 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll

08:46:19.0176 7924 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

08:46:19.0190 7924 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

08:46:19.0194 7924 [Global] - ok

08:46:19.0194 7924 ================ Scan MBR ==================================

08:46:19.0200 7924 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

08:46:19.0365 7924 \Device\Harddisk0\DR0 - ok

08:46:19.0370 7924 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1

08:46:19.0375 7924 \Device\Harddisk1\DR1 - ok

08:46:19.0383 7924 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk8\DR8

08:46:19.0394 7924 \Device\Harddisk8\DR8 - ok

08:46:19.0395 7924 ================ Scan VBR ==================================

08:46:19.0399 7924 [ C21955089A11435544B0FC345EBB78C7 ] \Device\Harddisk0\DR0\Partition1

08:46:19.0401 7924 \Device\Harddisk0\DR0\Partition1 - ok

08:46:19.0412 7924 [ ECA6B668D725A59B42C295A14AB9EC14 ] \Device\Harddisk0\DR0\Partition2

08:46:19.0415 7924 \Device\Harddisk0\DR0\Partition2 - ok

08:46:19.0450 7924 [ D75861B1ED4EB24501DFC0054E677289 ] \Device\Harddisk0\DR0\Partition3

08:46:19.0454 7924 \Device\Harddisk0\DR0\Partition3 - ok

08:46:19.0459 7924 [ D26AE290B451BC10F57A77C0CF11F1C4 ] \Device\Harddisk1\DR1\Partition1

08:46:19.0461 7924 \Device\Harddisk1\DR1\Partition1 - ok

08:46:19.0468 7924 [ 7DC718387A4AACB57EA849B0F6328972 ] \Device\Harddisk8\DR8\Partition1

08:46:19.0470 7924 \Device\Harddisk8\DR8\Partition1 - ok

08:46:19.0470 7924 ============================================================

08:46:19.0470 7924 Scan finished

08:46:19.0470 7924 ============================================================

08:46:19.0479 5000 Detected object count: 0

08:46:19.0479 5000 Actual detected object count: 0

--aswMBR--

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-12-07 08:47:45

-----------------------------

08:47:45.856 OS Version: Windows x64 6.1.7601 Service Pack 1

08:47:45.856 Number of processors: 4 586 0x1001

08:47:45.857 ComputerName: VANESSA-HP UserName: Vanessa

08:47:47.943 Initialize success

08:48:34.806 AVAST engine defs: 12120700

08:48:41.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066

08:48:41.255 Disk 0 Vendor: Hitachi_ MN6O Size: 1907729MB BusType: 11

08:48:41.260 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000067

08:48:41.264 Disk 1 Vendor: WDC_WD15 01.0 Size: 1430799MB BusType: 11

08:48:41.282 Disk 0 MBR read successfully

08:48:41.285 Disk 0 MBR scan

08:48:41.290 Disk 0 Windows 7 default MBR code

08:48:41.294 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

08:48:41.302 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1890333 MB offset 206848

08:48:41.332 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17294 MB offset 3871608832

08:48:41.366 Disk 0 scanning C:\Windows\system32\drivers

08:48:48.795 Service scanning

08:49:04.699 Modules scanning

08:49:04.714 Disk 0 trace - called modules:

08:49:04.797 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys

08:49:04.806 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80092f6060]

08:49:04.815 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8009022ac0]

08:49:04.825 5 amd_xata.sys[fffff8800114dd00] -> nt!IofCallDriver -> \Device\00000066[0xfffffa800901d1f0]

08:49:07.679 AVAST engine scan C:\Windows

08:49:11.037 AVAST engine scan C:\Windows\system32

08:52:03.917 AVAST engine scan C:\Windows\system32\drivers

08:52:13.766 AVAST engine scan C:\Users\Vanessa

08:59:48.562 AVAST engine scan C:\ProgramData

09:01:07.862 Scan finished successfully

09:01:23.054 Disk 0 MBR has been saved successfully to "C:\Users\Vanessa\Desktop\MBR.dat"

09:01:23.057 The log file has been saved successfully to "C:\Users\Vanessa\Desktop\aswMBR.txt"

Link to post
Share on other sites

  • Staff

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later

    [*]Please post the contents of OTL.txt in your next reply.

Gringo

Link to post
Share on other sites

Hi,

OTL logfile created on: 12/7/2012 7:04:58 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vanessa\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

9.43 Gb Total Physical Memory | 7.22 Gb Available Physical Memory | 76.60% Memory free

18.86 Gb Paging File | 14.98 Gb Available in Paging File | 79.43% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 1846.03 Gb Total Space | 1508.33 Gb Free Space | 81.71% Space Free | Partition Type: NTFS

Drive D: | 16.89 Gb Total Space | 2.11 Gb Free Space | 12.50% Space Free | Partition Type: NTFS

Drive F: | 1397.26 Gb Total Space | 595.32 Gb Free Space | 42.61% Space Free | Partition Type: NTFS

Drive N: | 14.83 Gb Total Space | 5.29 Gb Free Space | 35.69% Space Free | Partition Type: FAT32

Computer Name: VANESSA-HP | User Name: Vanessa | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Vanessa\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)

PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe (Lavasoft Limited)

PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Users\Vanessa\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)

PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe (Hewlett-Packard)

PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard)

PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)

PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

PRC - C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libglesv2.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll ()

MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll ()

MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\59353156806745822ad61a40de8fb631\System.IdentityModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a27582afda5c9a9258ed2cd787352773\System.ServiceModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\bc4a5d9898a6c903baafbecacf6010b3\ReachFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\bb404633d24f5098f9d7f5f5a1d234c3\System.Runtime.DurableInstancing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0dd39ca15b3d56a03a31fbf671c80cfe\SMDiagnostics.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll ()

MOD - C:\Users\Vanessa\AppData\Roaming\Spotify\Data\libcef.dll ()

MOD - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)

SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)

SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (CalendarSynchService) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard)

SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)

SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)

DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )

DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )

DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)

DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)

DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)

DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{2C7D4748-641D-4903-B586-318C77F2AE12}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

IE - HKLM\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{2C7D4748-641D-4903-B586-318C77F2AE12}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=FF39850081ED7EE5ED016E50BA1400FF

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes\{2C7D4748-641D-4903-B586-318C77F2AE12}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/10/08 12:01:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/22 07:21:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/22 07:21:37 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012/08/22 20:29:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vanessa\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - homepage:

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - homepage:

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: Google Drive = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\

CHR - Extension: Google Drive = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Flash Player = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcplidffijapllcadglkoenobogpgdlb\11_0\

CHR - Extension: Gmail = C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/06 20:29:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()

O3 - HKU\S-1-5-21-856132688-397709542-2382734282-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [beatsOSDApp] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard )

O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKU\S-1-5-21-856132688-397709542-2382734282-1000..\Run: [Cookienator] C:\Program Files (x86)\Cookienator\cookienator.exe (CodeFromThe70s.org)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-856132688-397709542-2382734282-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/store?Action=DisplayProductSearchResultsPage&SiteID=hpappli&Locale=en_US&keywords=%w

O7 - HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{530CBC6F-D9C1-4B62-9249-34E20626C262}: DhcpNameServer = 209.18.47.61 209.18.47.62

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4129584-133A-4DC5-B184-FF6D9E7D6F69}: DhcpNameServer = 209.18.47.61 209.18.47.62

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/07 19:02:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vanessa\Desktop\OTL.exe

[2012/12/07 08:44:21 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Vanessa\Desktop\aswMBR.exe

[2012/12/07 08:43:28 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Vanessa\Desktop\tdsskiller (1).exe

[2012/12/06 21:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012/12/06 21:28:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2012/12/06 21:26:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012/12/06 20:31:12 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2012/12/06 20:23:42 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012/12/06 20:23:42 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012/12/06 20:23:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012/12/06 20:23:12 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012/12/06 20:20:58 | 005,009,321 | R--- | C] (Swearware) -- C:\Users\Vanessa\Desktop\ComboFix.exe

[2012/12/06 08:07:08 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Vanessa\Desktop\dds.com

[2012/12/01 09:33:01 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\RK_Quarantine

[2012/12/01 08:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus

[2012/12/01 08:29:31 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\LavasoftStatistics

[2012/12/01 08:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus

[2012/12/01 08:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2012/12/01 08:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus

[2012/12/01 08:28:38 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\Downloaded Installations

[2012/12/01 08:28:32 | 000,047,496 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe

[2012/12/01 08:28:32 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys

[2012/12/01 08:28:22 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\adawarebp

[2012/12/01 08:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection

[2012/12/01 08:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner

[2012/12/01 08:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb

[2012/12/01 08:27:54 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Ad-Aware Antivirus

[2012/12/01 08:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cookienator

[2012/12/01 08:01:10 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/12/01 08:01:10 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/12/01 08:01:10 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012/12/01 07:55:05 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll

[2012/12/01 07:55:05 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll

[2012/12/01 07:55:05 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012/12/01 07:54:54 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012/12/01 07:54:54 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012/12/01 07:54:54 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012/12/01 07:54:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012/11/30 19:10:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2012/11/30 19:07:25 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012/11/22 07:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird

[2012/11/21 22:11:37 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\FileZilla

[2012/11/21 22:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

[2012/11/21 22:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client

[2012/11/17 09:10:08 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\Malwarebytes

[2012/11/17 09:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/11/17 09:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/11/17 09:09:49 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/11/17 09:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012/11/17 08:53:00 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\AVG2013

[2012/11/17 08:50:39 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Roaming\TuneUp Software

[2012/11/17 08:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2012/11/17 08:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013

[2012/11/17 08:50:29 | 000,000,000 | ---D | C] -- C:\$AVG

[2012/11/17 08:49:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG

[2012/11/17 08:48:10 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\MFAData

[2012/11/17 08:48:10 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2012/11/17 08:48:10 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\AppData\Local\Avg2013

[2012/11/17 08:43:30 | 000,000,000 | ---D | C] -- C:\Users\Vanessa\Desktop\desktop

[2012/11/14 03:05:18 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys

[2012/11/14 03:05:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll

[2012/11/14 03:01:30 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/11/14 03:01:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/11/14 03:01:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/11/14 03:01:29 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/11/14 03:01:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/11/14 03:01:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/11/14 03:01:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012/11/14 03:01:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/11/14 03:01:28 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/11/14 03:01:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/11/14 03:01:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/11/14 03:01:28 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012/11/14 03:01:27 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/11/14 03:01:27 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/11/14 03:01:27 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012/11/14 03:01:10 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll

[2012/11/14 03:01:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll

[2012/11/14 03:01:09 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe

[2012/11/14 03:01:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll

[2012/11/13 21:52:28 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll

[2012/11/13 21:52:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll

[2012/11/13 21:52:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll

[2012/11/13 21:52:26 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll

[2012/11/13 21:52:26 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll

[2012/11/13 21:52:26 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll

[2012/11/13 21:52:26 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2012/11/13 21:52:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll

[2012/11/13 21:52:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll

[2012/11/13 21:52:16 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll

[2012/11/13 21:52:16 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll

========== Files - Modified Within 30 Days ==========

[2012/12/07 19:02:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vanessa\Desktop\OTL.exe

[2012/12/07 18:33:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/12/07 13:35:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/12/07 09:01:23 | 000,000,512 | ---- | M] () -- C:\Users\Vanessa\Desktop\MBR.dat

[2012/12/07 08:44:58 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Vanessa\Desktop\aswMBR.exe

[2012/12/07 08:43:35 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Vanessa\Desktop\tdsskiller (1).exe

[2012/12/06 21:46:35 | 000,779,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/12/06 21:46:35 | 000,660,494 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/12/06 21:46:35 | 000,121,164 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/12/06 21:34:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/12/06 21:34:07 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/12/06 21:33:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/12/06 21:30:08 | 000,002,291 | ---- | M] () -- C:\Users\Vanessa\Desktop\Google Chrome.lnk

[2012/12/06 21:26:59 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk

[2012/12/06 21:26:41 | 3297,976,319 | -HS- | M] () -- C:\hiberfil.sys

[2012/12/06 20:46:44 | 000,066,305 | ---- | M] () -- C:\Users\Vanessa\Desktop\forum-4.JPG

[2012/12/06 20:46:13 | 000,021,113 | ---- | M] () -- C:\Users\Vanessa\Desktop\forum-3.JPG

[2012/12/06 20:43:10 | 000,019,298 | ---- | M] () -- C:\Users\Vanessa\Desktop\forum-2.JPG

[2012/12/06 20:42:18 | 000,019,466 | ---- | M] () -- C:\Users\Vanessa\Desktop\forum-1.JPG

[2012/12/06 20:29:41 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012/12/06 20:21:03 | 005,009,321 | R--- | M] (Swearware) -- C:\Users\Vanessa\Desktop\ComboFix.exe

[2012/12/06 18:26:43 | 000,540,743 | ---- | M] () -- C:\Users\Vanessa\Desktop\adwcleaner (1).exe

[2012/12/06 08:39:17 | 001,695,012 | ---- | M] () -- C:\Users\Vanessa\Desktop\Payment Plan001.jpg

[2012/12/06 08:07:09 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Vanessa\Desktop\dds.com

[2012/12/06 08:03:27 | 000,000,000 | ---- | M] () -- C:\Users\Vanessa\defogger_reenable

[2012/12/06 08:02:40 | 000,856,731 | ---- | M] () -- C:\Users\Vanessa\Desktop\SecurityCheck.exe

[2012/12/06 08:01:49 | 000,050,477 | ---- | M] () -- C:\Users\Vanessa\Desktop\Defogger.exe

[2012/12/05 12:31:59 | 000,002,215 | ---- | M] () -- C:\Users\Vanessa\Desktop\DPL ROES Full Service.lnk

[2012/12/01 08:28:32 | 000,047,496 | ---- | M] (GFI Software) -- C:\Windows\SysNative\sbbd.exe

[2012/12/01 08:28:32 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys

[2012/12/01 07:54:49 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012/12/01 07:54:48 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll

[2012/12/01 07:54:48 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll

[2012/12/01 07:54:48 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012/12/01 07:54:48 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012/12/01 07:54:48 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012/11/30 19:24:18 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/11/30 18:52:14 | 000,752,128 | ---- | M] () -- C:\Users\Vanessa\Desktop\RogueKiller.exe

[2012/11/29 17:22:25 | 000,071,171 | ---- | M] () -- C:\Users\Vanessa\Desktop\mystic.jpg

[2012/11/29 14:08:50 | 000,065,392 | ---- | M] () -- C:\Users\Vanessa\Desktop\sanantonio.jpg

[2012/11/28 15:25:03 | 000,002,112 | ---- | M] () -- C:\Users\Vanessa\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk

[2012/11/20 07:09:11 | 008,870,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/12/07 09:01:23 | 000,000,512 | ---- | C] () -- C:\Users\Vanessa\Desktop\MBR.dat

[2012/12/06 21:30:08 | 000,002,291 | ---- | C] () -- C:\Users\Vanessa\Desktop\Google Chrome.lnk

[2012/12/06 21:28:35 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/12/06 21:28:35 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/12/06 20:46:43 | 000,066,305 | ---- | C] () -- C:\Users\Vanessa\Desktop\forum-4.JPG

[2012/12/06 20:46:13 | 000,021,113 | ---- | C] () -- C:\Users\Vanessa\Desktop\forum-3.JPG

[2012/12/06 20:43:10 | 000,019,298 | ---- | C] () -- C:\Users\Vanessa\Desktop\forum-2.JPG

[2012/12/06 20:42:18 | 000,019,466 | ---- | C] () -- C:\Users\Vanessa\Desktop\forum-1.JPG

[2012/12/06 20:23:42 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012/12/06 20:23:42 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012/12/06 20:23:42 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012/12/06 20:23:42 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012/12/06 20:23:42 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012/12/06 18:26:42 | 000,540,743 | ---- | C] () -- C:\Users\Vanessa\Desktop\adwcleaner (1).exe

[2012/12/06 08:39:16 | 001,695,012 | ---- | C] () -- C:\Users\Vanessa\Desktop\Payment Plan001.jpg

[2012/12/06 08:03:27 | 000,000,000 | ---- | C] () -- C:\Users\Vanessa\defogger_reenable

[2012/12/06 08:02:39 | 000,856,731 | ---- | C] () -- C:\Users\Vanessa\Desktop\SecurityCheck.exe

[2012/12/06 08:01:48 | 000,050,477 | ---- | C] () -- C:\Users\Vanessa\Desktop\Defogger.exe

[2012/12/05 12:31:59 | 000,002,215 | ---- | C] () -- C:\Users\Vanessa\Desktop\DPL ROES Full Service.lnk

[2012/12/01 08:28:53 | 000,001,870 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk

[2012/12/01 08:23:37 | 000,003,001 | ---- | C] () -- C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk

[2012/11/30 19:24:18 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/11/30 18:52:13 | 000,752,128 | ---- | C] () -- C:\Users\Vanessa\Desktop\RogueKiller.exe

[2012/11/29 17:22:25 | 000,071,171 | ---- | C] () -- C:\Users\Vanessa\Desktop\mystic.jpg

[2012/11/29 14:08:49 | 000,065,392 | ---- | C] () -- C:\Users\Vanessa\Desktop\sanantonio.jpg

[2012/11/14 03:05:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

[2012/11/14 03:01:09 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

[2012/10/31 15:38:44 | 000,001,738 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\ihsmspyzsvi.crx

[2012/10/08 10:23:07 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat

[2012/10/08 10:23:07 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat

[2012/10/08 10:23:07 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat

[2012/10/08 10:23:07 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat

[2012/10/08 10:23:07 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat

[2012/10/08 10:23:07 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat

[2012/10/08 10:23:07 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat

[2012/10/08 10:23:07 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat

[2012/10/08 10:23:07 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat

[2012/10/08 10:23:07 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat

[2012/10/08 10:23:07 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat

[2012/10/08 10:23:07 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat

[2012/10/08 10:23:07 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat

[2012/10/08 10:23:07 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat

[2012/10/08 10:23:07 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat

[2012/10/08 10:23:07 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini

[2012/10/08 10:19:16 | 000,000,044 | ---- | C] () -- C:\Windows\PERFV500P.ini

[2012/08/20 15:09:59 | 000,001,456 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\Adobe Save for Web 13.0 Prefs

[2012/08/12 16:40:46 | 000,001,456 | ---- | C] () -- C:\Users\Vanessa\AppData\Local\Adobe Save for Web 12.0 Prefs

[2012/05/14 23:16:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012/05/14 23:12:55 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012/05/14 23:12:55 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012/05/14 23:12:54 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2012/01/20 23:04:54 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2012/01/20 23:04:44 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011/12/13 22:44:10 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[2011/10/12 16:33:22 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

[2011/02/11 11:15:43 | 000,772,916 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Link to post
Share on other sites

  • Staff

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png textbox. Do not include the word Code

    :OTL
    IE - HKLM\..\URLSearchHook: {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No CLSID value found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll File not found
    O4 - HKLM..\Run: [] File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    IE - HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.l...D016E50BA1400FF

    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]


  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

Link to post
Share on other sites

Hello,

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.

File Protocol\Handler\livecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

File Protocol\Handler\ms-help - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.

File Protocol\Handler\msnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.

File Protocol\Handler\skype4com - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.

File Protocol\Handler\wlmailhtml - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

File Protocol\Handler\wlpg - No CLSID value found not found.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

HKU\S-1-5-21-856132688-397709542-2382734282-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\Vanessa\Desktop\cmd.bat deleted successfully.

C:\Users\Vanessa\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Vanessa

->Java cache emptied: 11678691 bytes

Total Java Files Cleaned = 11.00 mb

[EMPTYFLASH]

User: All Users

User: Default

->Flash cache emptied: 56475 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Public

User: Vanessa

->Flash cache emptied: 71527 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12082012_202346

After running the above code I tired to navigate around the forums a bit and still no luck. I am getting a "Recommended For You" white popup in the right hand corner of the browser and am still getting "Unable to Access Network" as in the photo above. Still getting random redirects also.

Link to post
Share on other sites

  • Staff

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png textbox. Do not include the word Code

    :Files
    C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]


  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

Link to post
Share on other sites

Hello, Still having the same issues, "Your browser isn't redirecting right, please, click on the link to redirect", and "Unable to Access Network ".

========== FILES ==========

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Session Storage scheduled to be moved on reboot.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\vox-static.liverail.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\t.cxt.ms\lso.swf folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\t.cxt.ms folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\software.hiro.tv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys\#t.cxt.ms folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys\#software.hiro.tv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys\#hiro.viewster.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys\#cdn.innovid.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys\#cache.btrll.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer\sys folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support\flashplayer folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com\support folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\macromedia.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\hiro.viewster.com\US_FARM_viewste# folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\hiro.viewster.com\##590D0E96AA4C2B7A folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\hiro.viewster.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\cdn.innovid.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX\cache.btrll.com folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\5EJGU8UX folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\8JN46L39 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Pepper Data folder moved successfully.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Media Cache scheduled to be moved on reboot.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage scheduled to be moved on reboot.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\__MACOSX folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcplidffijapllcadglkoenobogpgdlb\11_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcplidffijapllcadglkoenobogpgdlb folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\he folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\en folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\__MACOSX folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\zh_TW folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\zh_CN folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\vi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\uk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\tr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\th folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\sk folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ru folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ro folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pt_PT folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pt_BR folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\pl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\no folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\nl folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ms folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\lv folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\lt folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ko folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ja folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\it folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\id folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\hi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\he folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fr folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fil folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\fi folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\eu folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\et folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\es_419 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\es folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\en_US folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\en_GB folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\el folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\de folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\da folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\cs folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ca folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\bg folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales\ar folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\_locales folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extension State scheduled to be moved on reboot.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Cache scheduled to be moved on reboot.

Folder move failed. C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default scheduled to be moved on reboot.

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\Vanessa\Desktop\cmd.bat deleted successfully.

C:\Users\Vanessa\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Vanessa

->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Public

User: Vanessa

->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12082012_234158

Files\Folders moved on Reboot...

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Session Storage folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Media Cache folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Local Storage folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extension State folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

  • Staff

Greetings,

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737

Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE

Gringo

Link to post
Share on other sites

Yes, it is still trying to redirect. Here and there when I click on something AVG or Malwarebytes detects something and removes it, but its still a very frustrating time browsing with Chrome.

Also, I am getting the popups in the corner more frequently based on what I am looking at.

This one is because I was on flickr.

popup.jpg

Link to post
Share on other sites

  • Staff

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png textbox. Do not include the word Code

    :Files
    C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]


  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.