loveyeshu Posted June 11, 2013 ID:690021 Share Posted June 11, 2013 After removign some trojans with malwarebyte, i restarted my pc and got an error.C:\users\user\appdata\local\temp\srisxue\sqsucpj\wow.dll ---The specified module could not be found.What can i do? Thanks for any help Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 11, 2013 ID:690022 Share Posted June 11, 2013 Hello loveyeshu and welcome to Malwarebytes!I am D-FRED-BROWN and I will be helping you. Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.----------Step 1----------------Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.----------Step 2----------------Please download Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt----------Step 3----------------Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix***IMPORTANT: save ComboFix to your Desktop**** Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please go here to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall** Please include the C:\ComboFix.txt in your next reply for further review.NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.----------Step 4----------------Please download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.----------Step 5----------------In your next reply, please include the following:TDSSKiller's logfileMBAR mbar-log.txt and system-log.txtComboFix's report (C:\ComboFix.txt)Security Check checkup.txtAfter that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Note:Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"-------> Your topic will be closed if you haven't replied within 3 days! <--------(If I don't respond within 24 hours, please send me a PM)-DFB Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690073 Share Posted June 12, 2013 TDSSKiller found a rootkit virus last week, but clean today and here are logs.20:34:43.0911 4692 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:1920:34:43.0926 4692 ============================================================20:34:43.0926 4692 Current date / time: 2013/06/11 20:34:43.092620:34:43.0926 4692 SystemInfo:20:34:43.0926 4692 20:34:43.0926 4692 OS Version: 6.1.7601 ServicePack: 1.020:34:43.0926 4692 Product type: Workstation20:34:43.0926 4692 ComputerName: USER-PC20:34:43.0926 4692 UserName: user20:34:43.0926 4692 Windows directory: C:\Windows20:34:43.0926 4692 System windows directory: C:\Windows20:34:43.0926 4692 Running under WOW6420:34:43.0926 4692 Processor architecture: Intel x6420:34:43.0926 4692 Number of processors: 420:34:43.0926 4692 Page size: 0x100020:34:43.0926 4692 Boot type: Normal boot20:34:43.0926 4692 ============================================================20:34:44.0410 4692 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004020:34:44.0426 4692 Drive \Device\Harddisk1\DR1 - Size: 0x1E7800000 (7.62 Gb), SectorSize: 0x200, Cylinders: 0x3E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'20:34:44.0426 4692 ============================================================20:34:44.0426 4692 \Device\Harddisk0\DR0:20:34:44.0426 4692 MBR partitions:20:34:44.0426 4692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200020:34:44.0426 4692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5751300020:34:44.0426 4692 \Device\Harddisk1\DR1:20:34:44.0426 4692 MBR partitions:20:34:44.0426 4692 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0xF3BFC020:34:44.0426 4692 ============================================================20:34:44.0472 4692 C: <-> \Device\Harddisk0\DR0\Partition220:34:44.0472 4692 ============================================================20:34:44.0472 4692 Initialize success20:34:44.0472 4692 ============================================================20:34:52.0647 4584 ============================================================20:34:52.0647 4584 Scan started20:34:52.0647 4584 Mode: Manual;20:34:52.0647 4584 ============================================================20:34:52.0818 4584 ================ Scan system memory ========================20:34:52.0818 4584 System memory - ok20:34:52.0818 4584 ================ Scan services =============================20:34:53.0006 4584 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE20:34:53.0006 4584 !SASCORE - ok20:34:53.0318 4584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys20:34:53.0318 4584 1394ohci - ok20:34:53.0489 4584 [ A6A3D0150C13B63AA6F8861715A2CAA8 ] 24x7HelpSvc C:\Program Files (x86)\24x7Help\App24x7Svc.exe20:34:53.0489 4584 24x7HelpSvc - ok20:34:53.0552 4584 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe20:34:53.0552 4584 ACDaemon - ok20:34:53.0598 4584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys20:34:53.0598 4584 ACPI - ok20:34:53.0645 4584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys20:34:53.0645 4584 AcpiPmi - ok20:34:53.0801 4584 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe20:34:53.0801 4584 AdobeFlashPlayerUpdateSvc - ok20:34:53.0879 4584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys20:34:53.0879 4584 adp94xx - ok20:34:53.0957 4584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys20:34:53.0957 4584 adpahci - ok20:34:53.0988 4584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys20:34:53.0988 4584 adpu320 - ok20:34:54.0020 4584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll20:34:54.0020 4584 AeLookupSvc - ok20:34:54.0082 4584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys20:34:54.0082 4584 AFD - ok20:34:54.0129 4584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys20:34:54.0129 4584 agp440 - ok20:34:54.0176 4584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe20:34:54.0176 4584 ALG - ok20:34:54.0207 4584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys20:34:54.0207 4584 aliide - ok20:34:54.0207 4584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys20:34:54.0207 4584 amdide - ok20:34:54.0238 4584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys20:34:54.0238 4584 AmdK8 - ok20:34:54.0254 4584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys20:34:54.0269 4584 AmdPPM - ok20:34:54.0316 4584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys20:34:54.0316 4584 amdsata - ok20:34:54.0332 4584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys20:34:54.0332 4584 amdsbs - ok20:34:54.0347 4584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys20:34:54.0347 4584 amdxata - ok20:34:54.0394 4584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys20:34:54.0394 4584 AppID - ok20:34:54.0410 4584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll20:34:54.0410 4584 AppIDSvc - ok20:34:54.0456 4584 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll20:34:54.0456 4584 Appinfo - ok20:34:54.0581 4584 [ 07E65A14A406BA2C7114EAD176D1927F ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe20:34:54.0581 4584 Application Sendori - ok20:34:54.0612 4584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys20:34:54.0612 4584 arc - ok20:34:54.0628 4584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys20:34:54.0644 4584 arcsas - ok20:34:54.0690 4584 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys20:34:54.0690 4584 aswFsBlk - ok20:34:54.0737 4584 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys20:34:54.0737 4584 aswMonFlt - ok20:34:54.0737 4584 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys20:34:54.0737 4584 aswRdr - ok20:34:54.0768 4584 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys20:34:54.0768 4584 aswRvrt - ok20:34:54.0815 4584 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys20:34:54.0831 4584 aswSnx - ok20:34:54.0878 4584 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys20:34:54.0878 4584 aswSP - ok20:34:54.0909 4584 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys20:34:54.0909 4584 aswTdi - ok20:34:54.0924 4584 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys20:34:54.0940 4584 aswVmm - ok20:34:54.0971 4584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys20:34:54.0971 4584 AsyncMac - ok20:34:55.0002 4584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys20:34:55.0002 4584 atapi - ok20:34:55.0049 4584 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys20:34:55.0049 4584 AthBTPort - ok20:34:55.0112 4584 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe20:34:55.0112 4584 AtherosSvc - ok20:34:55.0190 4584 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys20:34:55.0221 4584 athr - ok20:34:55.0268 4584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll20:34:55.0268 4584 AudioEndpointBuilder - ok20:34:55.0283 4584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll20:34:55.0283 4584 AudioSrv - ok20:34:55.0377 4584 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe20:34:55.0377 4584 avast! Antivirus - ok20:34:55.0424 4584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll20:34:55.0424 4584 AxInstSV - ok20:34:55.0470 4584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys20:34:55.0486 4584 b06bdrv - ok20:34:55.0517 4584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys20:34:55.0517 4584 b57nd60a - ok20:34:55.0564 4584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll20:34:55.0564 4584 BDESVC - ok20:34:55.0595 4584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys20:34:55.0595 4584 Beep - ok20:34:55.0658 4584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll20:34:55.0658 4584 BFE - ok20:34:55.0704 4584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll20:34:55.0720 4584 BITS - ok20:34:55.0767 4584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys20:34:55.0767 4584 blbdrive - ok20:34:55.0814 4584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys20:34:55.0814 4584 bowser - ok20:34:55.0876 4584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys20:34:55.0876 4584 BrFiltLo - ok20:34:55.0907 4584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys20:34:55.0907 4584 BrFiltUp - ok20:34:56.0001 4584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll20:34:56.0001 4584 Browser - ok20:34:56.0094 4584 BrowserProtect - ok20:34:56.0188 4584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys20:34:56.0188 4584 Brserid - ok20:34:56.0204 4584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys20:34:56.0204 4584 BrSerWdm - ok20:34:56.0250 4584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys20:34:56.0250 4584 BrUsbMdm - ok20:34:56.0250 4584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys20:34:56.0250 4584 BrUsbSer - ok20:34:56.0344 4584 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys20:34:56.0360 4584 BTATH_A2DP - ok20:34:56.0375 4584 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys20:34:56.0375 4584 btath_avdt - ok20:34:56.0391 4584 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys20:34:56.0391 4584 BTATH_BUS - ok20:34:56.0438 4584 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys20:34:56.0438 4584 BTATH_HCRP - ok20:34:56.0469 4584 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys20:34:56.0469 4584 BTATH_LWFLT - ok20:34:56.0500 4584 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys20:34:56.0500 4584 BTATH_RCP - ok20:34:56.0547 4584 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys20:34:56.0547 4584 BTATH_VDP - ok20:34:56.0625 4584 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys20:34:56.0625 4584 BtFilter - ok20:34:56.0672 4584 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys20:34:56.0672 4584 BthEnum - ok20:34:56.0718 4584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys20:34:56.0718 4584 BTHMODEM - ok20:34:56.0750 4584 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys20:34:56.0765 4584 BthPan - ok20:34:56.0812 4584 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys20:34:56.0812 4584 BTHPORT - ok20:34:56.0859 4584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll20:34:56.0859 4584 bthserv - ok20:34:56.0890 4584 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys20:34:56.0890 4584 BTHUSB - ok20:34:56.0921 4584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys20:34:56.0921 4584 cdfs - ok20:34:56.0952 4584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys20:34:56.0952 4584 cdrom - ok20:34:56.0999 4584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll20:34:56.0999 4584 CertPropSvc - ok20:34:57.0062 4584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys20:34:57.0062 4584 circlass - ok20:34:57.0093 4584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys20:34:57.0093 4584 CLFS - ok20:34:57.0140 4584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe20:34:57.0155 4584 clr_optimization_v2.0.50727_32 - ok20:34:57.0171 4584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe20:34:57.0171 4584 clr_optimization_v2.0.50727_64 - ok20:34:57.0249 4584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe20:34:57.0249 4584 clr_optimization_v4.0.30319_32 - ok20:34:57.0311 4584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe20:34:57.0311 4584 clr_optimization_v4.0.30319_64 - ok20:34:57.0342 4584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys20:34:57.0342 4584 CmBatt - ok20:34:57.0358 4584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys20:34:57.0358 4584 cmdide - ok20:34:57.0405 4584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys20:34:57.0420 4584 CNG - ok20:34:57.0452 4584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys20:34:57.0467 4584 Compbatt - ok20:34:57.0498 4584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys20:34:57.0498 4584 CompositeBus - ok20:34:57.0530 4584 COMSysApp - ok20:34:57.0576 4584 [ 453A8D09DB02EB0DF64709B1603EAA2C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe20:34:57.0576 4584 cphs - ok20:34:57.0608 4584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys20:34:57.0623 4584 crcdisk - ok20:34:57.0670 4584 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll20:34:57.0670 4584 CryptSvc - ok20:34:57.0779 4584 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe20:34:57.0779 4584 DCDhcpService - ok20:34:57.0873 4584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll20:34:57.0888 4584 DcomLaunch - ok20:34:57.0920 4584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll20:34:57.0920 4584 defragsvc - ok20:34:57.0966 4584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys20:34:57.0966 4584 DfsC - ok20:34:58.0013 4584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll20:34:58.0013 4584 Dhcp - ok20:34:58.0029 4584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys20:34:58.0029 4584 discache - ok20:34:58.0076 4584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys20:34:58.0076 4584 Disk - ok20:34:58.0122 4584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll20:34:58.0122 4584 Dnscache - ok20:34:58.0138 4584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll20:34:58.0154 4584 dot3svc - ok20:34:58.0169 4584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll20:34:58.0169 4584 DPS - ok20:34:58.0216 4584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys20:34:58.0216 4584 drmkaud - ok20:34:58.0247 4584 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys20:34:58.0263 4584 DXGKrnl - ok20:34:58.0294 4584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll20:34:58.0294 4584 EapHost - ok20:34:58.0372 4584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys20:34:58.0403 4584 ebdrv - ok20:34:58.0434 4584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe20:34:58.0434 4584 EFS - ok20:34:58.0497 4584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe20:34:58.0497 4584 ehRecvr - ok20:34:58.0528 4584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe20:34:58.0528 4584 ehSched - ok20:34:58.0575 4584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys20:34:58.0575 4584 elxstor - ok20:34:58.0590 4584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys20:34:58.0590 4584 ErrDev - ok20:34:58.0637 4584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll20:34:58.0637 4584 EventSystem - ok20:34:58.0684 4584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys20:34:58.0684 4584 exfat - ok20:34:58.0715 4584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys20:34:58.0715 4584 fastfat - ok20:34:58.0762 4584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe20:34:58.0778 4584 Fax - ok20:34:58.0793 4584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys20:34:58.0793 4584 fdc - ok20:34:58.0840 4584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll20:34:58.0840 4584 fdPHost - ok20:34:58.0856 4584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll20:34:58.0856 4584 FDResPub - ok20:34:58.0902 4584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys20:34:58.0902 4584 FileInfo - ok20:34:58.0902 4584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys20:34:58.0918 4584 Filetrace - ok20:34:58.0934 4584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys20:34:58.0934 4584 flpydisk - ok20:34:58.0949 4584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys20:34:58.0965 4584 FltMgr - ok20:34:58.0996 4584 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll20:34:59.0012 4584 FontCache - ok20:34:59.0058 4584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe20:34:59.0058 4584 FontCache3.0.0.0 - ok20:34:59.0090 4584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys20:34:59.0090 4584 FsDepends - ok20:34:59.0136 4584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys20:34:59.0136 4584 Fs_Rec - ok20:34:59.0183 4584 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys20:34:59.0183 4584 fvevol - ok20:34:59.0230 4584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys20:34:59.0230 4584 gagp30kx - ok20:34:59.0292 4584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll20:34:59.0292 4584 gpsvc - ok20:34:59.0386 4584 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe20:34:59.0386 4584 gupdate - ok20:34:59.0402 4584 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe20:34:59.0417 4584 gupdatem - ok20:34:59.0448 4584 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe20:34:59.0448 4584 gusvc - ok20:34:59.0464 4584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys20:34:59.0464 4584 hcw85cir - ok20:34:59.0526 4584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys20:34:59.0526 4584 HdAudAddService - ok20:34:59.0573 4584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys20:34:59.0573 4584 HDAudBus - ok20:34:59.0589 4584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys20:34:59.0589 4584 HidBatt - ok20:34:59.0604 4584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys20:34:59.0604 4584 HidBth - ok20:34:59.0620 4584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys20:34:59.0636 4584 HidIr - ok20:34:59.0667 4584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll20:34:59.0667 4584 hidserv - ok20:34:59.0714 4584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys20:34:59.0714 4584 HidUsb - ok20:34:59.0745 4584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll20:34:59.0745 4584 hkmsvc - ok20:34:59.0760 4584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll20:34:59.0776 4584 HomeGroupListener - ok20:34:59.0807 4584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll20:34:59.0807 4584 HomeGroupProvider - ok20:34:59.0870 4584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys20:34:59.0870 4584 HpSAMD - ok20:34:59.0916 4584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys20:34:59.0916 4584 HTTP - ok20:34:59.0948 4584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys20:34:59.0948 4584 hwpolicy - ok20:34:59.0994 4584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys20:35:00.0010 4584 i8042prt - ok20:35:00.0057 4584 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys20:35:00.0057 4584 iaStor - ok20:35:00.0135 4584 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe20:35:00.0135 4584 IAStorDataMgrSvc - ok20:35:00.0182 4584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys20:35:00.0182 4584 iaStorV - ok20:35:00.0228 4584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe20:35:00.0228 4584 idsvc - ok20:35:00.0478 4584 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys20:35:00.0525 4584 igfx - ok20:35:00.0556 4584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys20:35:00.0556 4584 iirsp - ok20:35:00.0618 4584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll20:35:00.0634 4584 IKEEXT - ok20:35:00.0790 4584 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys20:35:00.0806 4584 IntcAzAudAddService - ok20:35:00.0852 4584 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys20:35:00.0868 4584 IntcDAud - ok20:35:00.0946 4584 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe20:35:00.0946 4584 Intel® Capability Licensing Service Interface - ok20:35:00.0977 4584 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe20:35:00.0977 4584 Intel® ME Service - ok20:35:00.0993 4584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys20:35:00.0993 4584 intelide - ok20:35:01.0040 4584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys20:35:01.0040 4584 intelppm - ok20:35:01.0102 4584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll20:35:01.0102 4584 IPBusEnum - ok20:35:01.0133 4584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys20:35:01.0133 4584 IpFilterDriver - ok20:35:01.0211 4584 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll20:35:01.0211 4584 IpHlpSvc - ok20:35:01.0242 4584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys20:35:01.0242 4584 IPMIDRV - ok20:35:01.0258 4584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys20:35:01.0258 4584 IPNAT - ok20:35:01.0289 4584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys20:35:01.0289 4584 IRENUM - ok20:35:01.0320 4584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys20:35:01.0320 4584 isapnp - ok20:35:01.0336 4584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys20:35:01.0352 4584 iScsiPrt - ok20:35:01.0398 4584 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys20:35:01.0398 4584 iusb3hcs - ok20:35:01.0414 4584 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys20:35:01.0430 4584 iusb3hub - ok20:35:01.0476 4584 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys20:35:01.0492 4584 iusb3xhc - ok20:35:01.0523 4584 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe20:35:01.0523 4584 jhi_service - ok20:35:01.0570 4584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys20:35:01.0570 4584 kbdclass - ok20:35:01.0617 4584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys20:35:01.0617 4584 kbdhid - ok20:35:01.0648 4584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe20:35:01.0648 4584 KeyIso - ok20:35:01.0664 4584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys20:35:01.0679 4584 KSecDD - ok20:35:01.0695 4584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys20:35:01.0695 4584 KSecPkg - ok20:35:01.0695 4584 Scan interrupted by user!20:35:01.0695 4584 ================ Scan global ===============================20:35:01.0695 4584 Scan interrupted by user!20:35:01.0695 4584 ================ Scan MBR ==================================20:35:01.0695 4584 Scan interrupted by user!20:35:01.0695 4584 ================ Scan VBR ==================================20:35:01.0695 4584 Scan interrupted by user!20:35:01.0695 4584 ============================================================20:35:01.0695 4584 Scan finished20:35:01.0695 4584 ============================================================ Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690075 Share Posted June 12, 2013 Malwarebytes Anti-Rootkit logs -- mbar----------------------------------------------------------------------------------------------------Malwarebytes Anti-Rootkit BETA 1.06.0.1003www.malwarebytes.orgDatabase version: v2013.05.07.10Windows 7 Service Pack 1 x64 FAT32Internet Explorer 10.0.9200.16576user :: USER-PC [administrator]6/11/2013 9:43:05 PMmbar-log-2013-06-11 (21-43-05).txtScan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2PScan options disabled: Deep Anti-Rootkit Scan | PUPObjects scanned: 221919Time elapsed: 32 minute(s), 55 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)Physical Sectors Detected: 0(No malicious items detected)(end)=============================================================SYSTEM LOG-----------------------------------------------------------------------------------------------------------------------------------------Malwarebytes Anti-Rootkit BETA 1.06.0.1003© Malwarebytes Corporation 2011-2012OS version: 6.1.7601 Windows 7 Service Pack 1 x64Account is AdministrativeInternet Explorer version: 10.0.9200.16576File system is: FAT32Disk drives: C:\ DRIVE_FIXEDCPU speed: 2.494000 GHzMemory total: 6340063232, free: 5104533504Host not foundInitializing...------------ Kernel report ------------ 06/11/2013 20:40:17------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\system32\DRIVERS\iusb3hcs.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\DRIVERS\compbatt.sys\SystemRoot\system32\DRIVERS\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\wd.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\System32\Drivers\aswVmm.sys\SystemRoot\System32\Drivers\aswRvrt.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\aswSnx.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\Drivers\aswTdi.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\System32\Drivers\aswrdr2.sys\SystemRoot\system32\drivers\ws2ifsl.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\termdd.sys\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\System32\Drivers\aswSP.SYS\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\igdkmd64.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\DRIVERS\iusb3xhc.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\HECIx64.sys\SystemRoot\system32\drivers\usbehci.sys\SystemRoot\system32\drivers\USBPORT.SYS\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\athrx.sys\SystemRoot\system32\DRIVERS\vwifibus.sys\SystemRoot\system32\DRIVERS\SFEP.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\btath_bus.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\DRIVERS\iusb3hub.sys\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\DRIVERS\IntcDAud.sys\SystemRoot\system32\DRIVERS\btfilter.sys\SystemRoot\System32\Drivers\BTHUSB.sys\SystemRoot\System32\Drivers\bthport.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\system32\DRIVERS\rfcomm.sys\SystemRoot\system32\drivers\BthEnum.sys\SystemRoot\system32\DRIVERS\bthpan.sys\SystemRoot\system32\drivers\btath_avdt.sys\SystemRoot\system32\drivers\btath_vdp.sys\SystemRoot\system32\DRIVERS\btath_rcp.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\drivers\btath_a2dp.sys\SystemRoot\system32\DRIVERS\btath_hcrp.sys\SystemRoot\system32\DRIVERS\btath_flt.sys\SystemRoot\system32\DRIVERS\btath_lwflt.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\system32\drivers\luafv.sys\??\C:\Windows\system32\drivers\aswMonFlt.sys\SystemRoot\System32\Drivers\aswFsBlk.SYS\SystemRoot\System32\cdd.dll\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\DRIVERS\asyncmac.sys\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\System32\Drivers\fastfat.SYS\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\mbamswissarmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\shlwapi.dll\Windows\System32\clbcatq.dll\Windows\System32\imm32.dll\Windows\System32\advapi32.dll\Windows\System32\nsi.dll\Windows\System32\difxapi.dll\Windows\System32\imagehlp.dll\Windows\System32\comdlg32.dll\Windows\System32\psapi.dll\Windows\System32\urlmon.dll\Windows\System32\normaliz.dll\Windows\System32\sechost.dll\Windows\System32\setupapi.dll\Windows\System32\rpcrt4.dll\Windows\System32\msctf.dll\Windows\System32\lpk.dll\Windows\System32\ws2_32.dll\Windows\System32\gdi32.dll\Windows\System32\wininet.dll\Windows\System32\kernel32.dll\Windows\System32\shell32.dll\Windows\System32\usp10.dll\Windows\System32\oleaut32.dll\Windows\System32\msvcrt.dll\Windows\System32\iertutil.dll\Windows\System32\ole32.dll\Windows\System32\Wldap32.dll\Windows\System32\user32.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa8009596790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000008a\Lower Device Object: 0xfffffa8005e15b00Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa8008ab1060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xfffffa80065f9050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Device number: 0, partition: 2Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa8008ab1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8008ab1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8008ab1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa80065f9050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\Windows\system32\drivers...<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: CAD94FFPartition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 1464938496 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 750156374016 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa8009596790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8005e7e040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8009596790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8005e15b00, DeviceName: \Device\0000008a\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: C7406CPartition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 64 Numsec = 15974336 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 8178892800 bytesSector size: 512 bytesDone!Infected: c:\$Recycle.Bin\S-1-5-18\$a3db5c8a26836a3bf882bc85a28ab884\@ --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-609671668-3261406088-2255839349-1000\$a3db5c8a26836a3bf882bc85a28ab884\@ --> [Trojan.Siredef.C]Infected: c:\Users\user\AppData\Local\Temp\srisxue\sqsucpj\wow64.dll --> [Rootkit.0Access]Infected: c:\$Recycle.Bin\S-1-5-18\$a3db5c8a26836a3bf882bc85a28ab884\U --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-609671668-3261406088-2255839349-1000\$a3db5c8a26836a3bf882bc85a28ab884\U --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$a3db5c8a26836a3bf882bc85a28ab884\L --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-609671668-3261406088-2255839349-1000\$a3db5c8a26836a3bf882bc85a28ab884\L --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-18\$a3db5c8a26836a3bf882bc85a28ab884 --> [Trojan.Siredef.C]Infected: c:\$Recycle.Bin\S-1-5-21-609671668-3261406088-2255839349-1000\$a3db5c8a26836a3bf882bc85a28ab884 --> [Trojan.Siredef.C]Infected: HKLM\SOFTWARE\CLASSES\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\INPROCSERVER32| --> [Trojan.0Access]Scan finishedCreating System Restore point...Cleaning up...<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesExecuting an action fixdamage.exe...Success!Queuing an action fixdamage.exeRemoval scheduling successful. System shutdown needed.System shutdown occurred=======================================---------------------------------------Malwarebytes Anti-Rootkit BETA 1.06.0.1003© Malwarebytes Corporation 2011-2012OS version: 6.1.7601 Windows 7 Service Pack 1 x64Account is AdministrativeInternet Explorer version: 10.0.9200.16576File system is: FAT32Disk drives: C:\ DRIVE_FIXEDCPU speed: 2.494000 GHzMemory total: 6340063232, free: 4872683520Initializing...------------ Kernel report ------------ 06/11/2013 21:42:54------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\system32\DRIVERS\iusb3hcs.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\DRIVERS\compbatt.sys\SystemRoot\system32\DRIVERS\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\wd.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\System32\Drivers\aswVmm.sys\SystemRoot\System32\Drivers\aswRvrt.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\aswSnx.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\Drivers\aswTdi.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\System32\Drivers\aswrdr2.sys\SystemRoot\system32\drivers\ws2ifsl.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\DRIVERS\termdd.sys\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\System32\Drivers\aswSP.SYS\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\igdkmd64.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\DRIVERS\iusb3xhc.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\HECIx64.sys\SystemRoot\system32\drivers\usbehci.sys\SystemRoot\system32\drivers\USBPORT.SYS\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\athrx.sys\SystemRoot\system32\DRIVERS\vwifibus.sys\SystemRoot\system32\DRIVERS\SFEP.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\btath_bus.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\DRIVERS\iusb3hub.sys\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\DRIVERS\IntcDAud.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\btfilter.sys\SystemRoot\System32\Drivers\BTHUSB.sys\SystemRoot\System32\Drivers\bthport.sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\system32\DRIVERS\USBSTOR.SYS\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\system32\DRIVERS\rfcomm.sys\SystemRoot\system32\drivers\BthEnum.sys\SystemRoot\system32\DRIVERS\bthpan.sys\SystemRoot\system32\drivers\btath_avdt.sys\SystemRoot\system32\drivers\btath_vdp.sys\SystemRoot\system32\DRIVERS\btath_rcp.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\drivers\btath_a2dp.sys\SystemRoot\system32\DRIVERS\btath_hcrp.sys\SystemRoot\system32\DRIVERS\btath_flt.sys\SystemRoot\system32\DRIVERS\btath_lwflt.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\system32\drivers\luafv.sys\??\C:\Windows\system32\drivers\aswMonFlt.sys\SystemRoot\System32\Drivers\aswFsBlk.SYS\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\System32\Drivers\fastfat.SYS\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\System32\drivers\tcpipreg.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\WUDFRd.sys\SystemRoot\system32\DRIVERS\asyncmac.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\mbamswissarmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\msctf.dll\Windows\System32\Wldap32.dll\Windows\System32\iertutil.dll\Windows\System32\gdi32.dll\Windows\System32\psapi.dll\Windows\System32\user32.dll\Windows\System32\lpk.dll\Windows\System32\sechost.dll\Windows\System32\imagehlp.dll\Windows\System32\wininet.dll\Windows\System32\msvcrt.dll\Windows\System32\ws2_32.dll\Windows\System32\imm32.dll\Windows\System32\oleaut32.dll\Windows\System32\nsi.dll\Windows\System32\setupapi.dll\Windows\System32\difxapi.dll\Windows\System32\clbcatq.dll\Windows\System32\shell32.dll\Windows\System32\comdlg32.dll\Windows\System32\shlwapi.dll\Windows\System32\advapi32.dll\Windows\System32\normaliz.dll\Windows\System32\kernel32.dll\Windows\System32\rpcrt4.dll\Windows\System32\ole32.dll\Windows\System32\urlmon.dll\Windows\System32\usp10.dll\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll\Windows\System32\cfgmgr32.dll\Windows\System32\devobj.dll\Windows\System32\crypt32.dll\Windows\System32\wintrust.dll\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll\Windows\System32\comctl32.dll\Windows\System32\KernelBase.dll\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll\Windows\System32\msasn1.dll\Windows\SysWOW64\normaliz.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xfffffa800adf6060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\0000007c\Lower Device Object: 0xfffffa800adf3750Lower Device Driver Name: \Driver\USBSTOR\<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa8008ab2060Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xfffffa8006286050Lower Device Driver Name: \Driver\iaStor\<<<2>>>Device number: 0, partition: 2Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa8008ab2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa8008ab2b90, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa8008ab2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8006286050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\Windows\system32\drivers...<<<2>>>Device number: 0, partition: 2<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: CAD94FFPartition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 1464938496 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 750156374016 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...Done!Physical Sector Size: 512Drive: 1, DevicePointer: 0xfffffa800adf6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa800add6040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa800adf6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa800adf3750, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\------------ End ----------Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: C7406CPartition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 64 Numsec = 15974336 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 8178892800 bytesSector size: 512 bytesDone!Scan finished=======================================Removal queue found; removal startedRemoving c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_1_0_64_i.mbam...Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_1_r.mbam...Removal finished Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690076 Share Posted June 12, 2013 ComboFix.txt logComboFix 13-06-08.02 - user 06/11/2013 22:21:33.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6046.4761 [GMT -4:00]Running from: c:\users\user\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\Install.exeC:\prefs.jsc:\program files (x86)\PricePeepc:\program files (x86)\PricePeep\installer.icoc:\program files (x86)\PricePeep\pricepeep.crxc:\program files (x86)\PricePeep\uninstall.exec:\program files (x86)\Smiley Bar for Facebook\ScRIpthost.dllc:\users\user\AppData\Roaming\technic-launcher.jarc:\windows\SysWow64\frapsvid.dll..((((((((((((((((((((((((( Files Created from 2013-05-12 to 2013-06-12 )))))))))))))))))))))))))))))))..2013-06-12 02:25 . 2013-06-12 02:25 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-12 00:40 . 2013-06-12 02:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-06-06 23:46 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-06-06 23:46 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys2013-06-06 23:46 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-06-06 23:46 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys2013-06-06 23:46 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-06-06 23:46 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-06-06 23:46 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-06-06 23:45 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2013-06-06 23:45 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe2013-06-06 23:44 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr2013-06-06 23:44 . 2013-06-06 23:44 -------- d-----w- c:\program files\AVAST Software2013-06-06 23:40 . 2013-06-06 23:44 -------- d-----w- c:\programdata\AVAST Software2013-06-06 22:50 . 2013-05-03 20:15 75016696 ----a-w- c:\windows\system32\MRT.exe2013-06-06 17:52 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll2013-06-06 17:52 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll2013-06-06 17:49 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys2013-06-06 17:25 . 2013-06-06 17:25 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-06-06 16:16 . 2013-06-06 16:16 -------- d-----w- C:\TDSSKiller_Quarantine2013-06-05 18:48 . 2013-06-05 18:48 -------- d-----w- c:\program files (x86)\ESET2013-06-05 17:44 . 2013-06-05 17:44 -------- d-----w- c:\users\user\AppData\Roaming\SUPERAntiSpyware.com2013-06-05 17:40 . 2013-06-05 17:44 -------- d-----w- c:\program files\SUPERAntiSpyware2013-06-05 17:40 . 2013-06-05 17:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com2013-06-05 16:26 . 2013-06-05 16:26 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes2013-06-05 16:23 . 2013-06-05 16:23 -------- d-----w- c:\programdata\Malwarebytes2013-06-05 16:23 . 2013-04-04 21:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-06-05 16:23 . 2013-06-05 16:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-06-05 16:22 . 2013-06-05 16:22 -------- d-----w- c:\users\user\AppData\Local\Programs2013-05-30 21:14 . 2013-05-30 21:14 -------- d-sh--w- c:\windows\system32\%APPDATA%2013-05-26 16:18 . 2013-05-26 16:18 -------- d-----w- c:\users\user\.minecraft2013-05-24 22:28 . 2013-05-25 21:57 -------- d-----w- c:\users\user\AppData\Roaming\.technic2013-05-16 21:34 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2013-05-16 21:34 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-05-16 21:34 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll2013-05-16 21:33 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll2013-05-16 21:33 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe2013-05-16 21:33 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll2013-05-16 21:33 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll2013-05-16 21:33 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll2013-05-16 21:33 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll2013-05-16 21:33 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-05-21 22:53 . 2013-02-24 20:26 325920 ----a-w- c:\windows\SysWow64\Sendori.dll2013-05-16 21:26 . 2012-11-10 00:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-16 21:26 . 2012-11-10 00:49 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-04-17 00:11 . 2013-02-24 20:26 325920 ----a-w- c:\windows\SysWow64\Sendori.dll.old.fbxs2013-04-13 05:49 . 2013-06-06 17:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49 . 2013-06-06 17:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49 . 2013-06-06 17:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49 . 2013-06-06 17:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45 . 2013-06-06 17:52 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45 . 2013-06-06 17:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll2013-04-12 14:45 . 2013-04-25 19:51 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys2013-03-19 06:04 . 2013-04-12 20:06 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe2013-03-19 05:46 . 2013-04-12 20:06 43520 ----a-w- c:\windows\system32\csrsrv.dll2013-03-19 05:04 . 2013-04-12 20:06 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2013-03-19 05:04 . 2013-04-12 20:06 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2013-03-19 04:47 . 2013-04-12 20:06 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll2013-03-19 03:06 . 2013-04-12 20:06 112640 ----a-w- c:\windows\system32\smss.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-17 1521352].[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]2012-11-13 01:13 247264 ----a-w- c:\program files (x86)\Delta\delta\1.8.4.1\bh\delta.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]2012-10-17 08:46 1521352 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]2012-07-04 22:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-17 1521352]"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.4.1\deltaTlbr.dll" [2012-11-13 321504]"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040].[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1][HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd].[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}][HKEY_CLASSES_ROOT\delta.deltadskBnd.1][HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}][HKEY_CLASSES_ROOT\delta.deltadskBnd].[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}][HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1][HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}][HKEY_CLASSES_ROOT\SWEETIE.IEToolbar].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]@="".R2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe;c:\programdata\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R2 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x]R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]S2 24x7HelpSvc;24x7HelpService;c:\program files (x86)\24x7Help\App24x7Svc.exe;c:\program files (x86)\24x7Help\App24x7Svc.exe [x]S2 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]S2 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]S2 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [x]S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-06-06 18:12 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-10 21:26].2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-10 00:49].2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-10 00:49].2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-609671668-3261406088-2255839349-1000Core.job- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 01:01].2013-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-609671668-3261406088-2255839349-1000UA.job- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-24 01:01]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.com./mLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 10.0.0.1TCP: Interfaces\{EE7642BF-84ED-454B-B212-D0603DD946E6}: NameServer = 10.0.0.1.- - - - ORPHANS REMOVED - - - -.BHO-{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - c:\program files (x86)\Smiley Bar for Facebook\ScriptHost.dllBHO-{A716CD2C-6737-2E54-8616-9B74D653A760} - c:\programdata\Zoomex\50e899c84b8f8.dllBHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo\YontooIEClient.dllWow6432Node-HKLM-Run-<NO NAME> - (no file)Wow6432Node-HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exeSafeBoot-35929106.sysSafeBoot-43541006.sysSafeBoot-81197698.sysSafeBoot-95567489.sysHKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startAddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exeAddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exeAddRemove-ExpressFiles - c:\program files (x86)\ExpressFiles\uninstall.exeAddRemove-FRAPS Packages - c:\users\user\AppData\Roaming\0T1F0D1F2W1G1I1F1T1Q\FRAPS Packages\uninstaller.exeAddRemove-Hoolapp for Android - c:\users\user\AppData\Roaming\HoolappforAndroid\UpdateProc\UpdateTask.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]@Denied: (2) (LocalSystem)"Timestamp"=hex:e0,43,25,95,19,0e,ce,01.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-06-11 22:26:18ComboFix-quarantined-files.txt 2013-06-12 02:26.Pre-Run: 700,805,857,280 bytes freePost-Run: 700,377,149,440 bytes free.- - End Of File - - A3B94335F1838532D0B2FC460D0F3DA7D41D8CD98F00B204E9800998ECF8427E Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690077 Share Posted June 12, 2013 Security Check Check-up Results of screen317's Security Check version 0.99.64 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 9 Java version out of Date! Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.94 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 7%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690085 Share Posted June 12, 2013 I see you interrupted the TDSSKiller scan- please re-run it and let it finish scanning. Please post the log when it's finished. Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690086 Share Posted June 12, 2013 23:53:34.0325 2112 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:1923:53:34.0325 2112 ============================================================23:53:34.0325 2112 Current date / time: 2013/06/11 23:53:34.032523:53:34.0325 2112 SystemInfo:23:53:34.0325 2112 23:53:34.0325 2112 OS Version: 6.1.7601 ServicePack: 1.023:53:34.0325 2112 Product type: Workstation23:53:34.0325 2112 ComputerName: USER-PC23:53:34.0325 2112 UserName: user23:53:34.0325 2112 Windows directory: C:\Windows23:53:34.0325 2112 System windows directory: C:\Windows23:53:34.0325 2112 Running under WOW6423:53:34.0325 2112 Processor architecture: Intel x6423:53:34.0325 2112 Number of processors: 423:53:34.0325 2112 Page size: 0x100023:53:34.0325 2112 Boot type: Normal boot23:53:34.0325 2112 ============================================================23:53:35.0448 2112 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004023:53:35.0448 2112 Drive \Device\Harddisk1\DR2 - Size: 0x1E7800000 (7.62 Gb), SectorSize: 0x200, Cylinders: 0x3E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'23:53:35.0463 2112 ============================================================23:53:35.0463 2112 \Device\Harddisk0\DR0:23:53:35.0463 2112 MBR partitions:23:53:35.0463 2112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200023:53:35.0463 2112 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5751300023:53:35.0463 2112 \Device\Harddisk1\DR2:23:53:35.0463 2112 MBR partitions:23:53:35.0463 2112 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x40, BlocksNum 0xF3BFC023:53:35.0463 2112 ============================================================23:53:35.0479 2112 C: <-> \Device\Harddisk0\DR0\Partition223:53:35.0479 2112 ============================================================23:53:35.0479 2112 Initialize success23:53:35.0479 2112 ============================================================23:53:37.0304 4156 ============================================================23:53:37.0304 4156 Scan started23:53:37.0304 4156 Mode: Manual;23:53:37.0304 4156 ============================================================23:53:37.0616 4156 ================ Scan system memory ========================23:53:37.0616 4156 System memory - ok23:53:37.0616 4156 ================ Scan services =============================23:53:37.0835 4156 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE23:53:37.0835 4156 !SASCORE - ok23:53:38.0084 4156 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys23:53:38.0100 4156 1394ohci - ok23:53:38.0287 4156 [ A6A3D0150C13B63AA6F8861715A2CAA8 ] 24x7HelpSvc C:\Program Files (x86)\24x7Help\App24x7Svc.exe23:53:38.0287 4156 24x7HelpSvc - ok23:53:38.0349 4156 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe23:53:38.0365 4156 ACDaemon - ok23:53:38.0381 4156 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys23:53:38.0381 4156 ACPI - ok23:53:38.0427 4156 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys23:53:38.0427 4156 AcpiPmi - ok23:53:38.0552 4156 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe23:53:38.0552 4156 AdobeFlashPlayerUpdateSvc - ok23:53:38.0583 4156 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys23:53:38.0599 4156 adp94xx - ok23:53:38.0646 4156 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys23:53:38.0646 4156 adpahci - ok23:53:38.0677 4156 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys23:53:38.0677 4156 adpu320 - ok23:53:38.0708 4156 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll23:53:38.0708 4156 AeLookupSvc - ok23:53:38.0755 4156 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys23:53:38.0755 4156 AFD - ok23:53:38.0786 4156 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys23:53:38.0786 4156 agp440 - ok23:53:38.0817 4156 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe23:53:38.0833 4156 ALG - ok23:53:38.0864 4156 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys23:53:38.0864 4156 aliide - ok23:53:38.0880 4156 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys23:53:38.0880 4156 amdide - ok23:53:38.0895 4156 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys23:53:38.0911 4156 AmdK8 - ok23:53:38.0927 4156 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys23:53:38.0942 4156 AmdPPM - ok23:53:38.0973 4156 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys23:53:38.0973 4156 amdsata - ok23:53:38.0973 4156 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys23:53:38.0989 4156 amdsbs - ok23:53:39.0005 4156 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys23:53:39.0005 4156 amdxata - ok23:53:39.0051 4156 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys23:53:39.0051 4156 AppID - ok23:53:39.0067 4156 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll23:53:39.0083 4156 AppIDSvc - ok23:53:39.0098 4156 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll23:53:39.0114 4156 Appinfo - ok23:53:39.0192 4156 [ 07E65A14A406BA2C7114EAD176D1927F ] Application Sendori C:\Program Files (x86)\Sendori\SendoriSvc.exe23:53:39.0207 4156 Application Sendori - ok23:53:39.0270 4156 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys23:53:39.0270 4156 arc - ok23:53:39.0285 4156 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys23:53:39.0285 4156 arcsas - ok23:53:39.0332 4156 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys23:53:39.0332 4156 aswFsBlk - ok23:53:39.0363 4156 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys23:53:39.0363 4156 aswMonFlt - ok23:53:39.0379 4156 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys23:53:39.0379 4156 aswRdr - ok23:53:39.0395 4156 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys23:53:39.0395 4156 aswRvrt - ok23:53:39.0441 4156 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys23:53:39.0441 4156 aswSnx - ok23:53:39.0457 4156 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys23:53:39.0457 4156 aswSP - ok23:53:39.0488 4156 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys23:53:39.0488 4156 aswTdi - ok23:53:39.0488 4156 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys23:53:39.0488 4156 aswVmm - ok23:53:39.0535 4156 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys23:53:39.0535 4156 AsyncMac - ok23:53:39.0551 4156 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys23:53:39.0566 4156 atapi - ok23:53:39.0597 4156 [ BCC09E0B0362741D0C084828A1B950F3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys23:53:39.0597 4156 AthBTPort - ok23:53:39.0660 4156 [ 1FDE0AAAEA06519AAE98CCF24715B765 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe23:53:39.0660 4156 AtherosSvc - ok23:53:39.0738 4156 [ 237EE0B7A65D55E08EB7530F77423480 ] athr C:\Windows\system32\DRIVERS\athrx.sys23:53:39.0769 4156 athr - ok23:53:39.0800 4156 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll23:53:39.0816 4156 AudioEndpointBuilder - ok23:53:39.0816 4156 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll23:53:39.0831 4156 AudioSrv - ok23:53:39.0894 4156 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe23:53:39.0894 4156 avast! Antivirus - ok23:53:39.0972 4156 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll23:53:39.0972 4156 AxInstSV - ok23:53:40.0003 4156 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys23:53:40.0019 4156 b06bdrv - ok23:53:40.0050 4156 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys23:53:40.0050 4156 b57nd60a - ok23:53:40.0081 4156 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll23:53:40.0081 4156 BDESVC - ok23:53:40.0112 4156 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys23:53:40.0128 4156 Beep - ok23:53:40.0175 4156 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll23:53:40.0190 4156 BFE - ok23:53:40.0221 4156 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll23:53:40.0237 4156 BITS - ok23:53:40.0268 4156 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys23:53:40.0268 4156 blbdrive - ok23:53:40.0299 4156 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys23:53:40.0299 4156 bowser - ok23:53:40.0315 4156 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys23:53:40.0315 4156 BrFiltLo - ok23:53:40.0346 4156 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys23:53:40.0346 4156 BrFiltUp - ok23:53:40.0377 4156 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys23:53:40.0377 4156 BridgeMP - ok23:53:40.0424 4156 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll23:53:40.0424 4156 Browser - ok23:53:40.0502 4156 BrowserProtect - ok23:53:40.0533 4156 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys23:53:40.0533 4156 Brserid - ok23:53:40.0549 4156 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys23:53:40.0549 4156 BrSerWdm - ok23:53:40.0565 4156 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys23:53:40.0580 4156 BrUsbMdm - ok23:53:40.0596 4156 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys23:53:40.0596 4156 BrUsbSer - ok23:53:40.0643 4156 [ 9455A8F85BE24514E50AFE90D4C976DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys23:53:40.0643 4156 BTATH_A2DP - ok23:53:40.0658 4156 [ 2D27F7A831657D63AFC78E5E78DCA83F ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys23:53:40.0658 4156 btath_avdt - ok23:53:40.0674 4156 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys23:53:40.0674 4156 BTATH_BUS - ok23:53:40.0721 4156 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys23:53:40.0736 4156 BTATH_HCRP - ok23:53:40.0752 4156 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys23:53:40.0752 4156 BTATH_LWFLT - ok23:53:40.0814 4156 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys23:53:40.0814 4156 BTATH_RCP - ok23:53:40.0830 4156 [ 680BE9ED6431DAFA844F5F7B61B11F9A ] BTATH_VDP C:\Windows\system32\drivers\btath_vdp.sys23:53:40.0845 4156 BTATH_VDP - ok23:53:40.0892 4156 [ EA92CE309DD24F489FDB149847AE6835 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys23:53:40.0892 4156 BtFilter - ok23:53:40.0923 4156 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys23:53:40.0923 4156 BthEnum - ok23:53:40.0939 4156 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys23:53:40.0939 4156 BTHMODEM - ok23:53:40.0970 4156 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys23:53:40.0986 4156 BthPan - ok23:53:41.0017 4156 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys23:53:41.0033 4156 BTHPORT - ok23:53:41.0048 4156 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll23:53:41.0064 4156 bthserv - ok23:53:41.0064 4156 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys23:53:41.0079 4156 BTHUSB - ok23:53:41.0095 4156 catchme - ok23:53:41.0126 4156 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys23:53:41.0126 4156 cdfs - ok23:53:41.0157 4156 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys23:53:41.0157 4156 cdrom - ok23:53:41.0204 4156 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll23:53:41.0204 4156 CertPropSvc - ok23:53:41.0235 4156 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys23:53:41.0235 4156 circlass - ok23:53:41.0267 4156 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys23:53:41.0282 4156 CLFS - ok23:53:41.0329 4156 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe23:53:41.0329 4156 clr_optimization_v2.0.50727_32 - ok23:53:41.0360 4156 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe23:53:41.0376 4156 clr_optimization_v2.0.50727_64 - ok23:53:41.0438 4156 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe23:53:41.0469 4156 clr_optimization_v4.0.30319_32 - ok23:53:41.0516 4156 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe23:53:41.0532 4156 clr_optimization_v4.0.30319_64 - ok23:53:41.0563 4156 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys23:53:41.0563 4156 CmBatt - ok23:53:41.0579 4156 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys23:53:41.0579 4156 cmdide - ok23:53:41.0610 4156 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys23:53:41.0610 4156 CNG - ok23:53:41.0641 4156 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys23:53:41.0641 4156 Compbatt - ok23:53:41.0672 4156 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys23:53:41.0672 4156 CompositeBus - ok23:53:41.0688 4156 COMSysApp - ok23:53:41.0719 4156 [ 453A8D09DB02EB0DF64709B1603EAA2C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe23:53:41.0735 4156 cphs - ok23:53:41.0766 4156 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys23:53:41.0766 4156 crcdisk - ok23:53:41.0813 4156 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll23:53:41.0813 4156 CryptSvc - ok23:53:41.0922 4156 [ 461A0688205D088D2A2EBEEDEE81622E ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe23:53:41.0922 4156 DCDhcpService - ok23:53:41.0953 4156 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll23:53:41.0969 4156 DcomLaunch - ok23:53:42.0015 4156 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll23:53:42.0031 4156 defragsvc - ok23:53:42.0047 4156 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys23:53:42.0047 4156 DfsC - ok23:53:42.0093 4156 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll23:53:42.0109 4156 Dhcp - ok23:53:42.0140 4156 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys23:53:42.0140 4156 discache - ok23:53:42.0171 4156 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys23:53:42.0171 4156 Disk - ok23:53:42.0218 4156 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll23:53:42.0218 4156 Dnscache - ok23:53:42.0249 4156 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll23:53:42.0249 4156 dot3svc - ok23:53:42.0265 4156 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll23:53:42.0265 4156 DPS - ok23:53:42.0312 4156 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys23:53:42.0312 4156 drmkaud - ok23:53:42.0359 4156 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys23:53:42.0359 4156 DXGKrnl - ok23:53:42.0390 4156 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll23:53:42.0405 4156 EapHost - ok23:53:42.0499 4156 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys23:53:42.0593 4156 ebdrv - ok23:53:42.0608 4156 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe23:53:42.0608 4156 EFS - ok23:53:42.0671 4156 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe23:53:42.0686 4156 ehRecvr - ok23:53:42.0717 4156 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe23:53:42.0717 4156 ehSched - ok23:53:42.0749 4156 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys23:53:42.0764 4156 elxstor - ok23:53:42.0780 4156 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys23:53:42.0780 4156 ErrDev - ok23:53:42.0827 4156 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll23:53:42.0842 4156 EventSystem - ok23:53:42.0873 4156 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys23:53:42.0873 4156 exfat - ok23:53:42.0889 4156 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys23:53:42.0905 4156 fastfat - ok23:53:42.0936 4156 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe23:53:42.0951 4156 Fax - ok23:53:42.0967 4156 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys23:53:42.0967 4156 fdc - ok23:53:42.0998 4156 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll23:53:42.0998 4156 fdPHost - ok23:53:43.0014 4156 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll23:53:43.0014 4156 FDResPub - ok23:53:43.0045 4156 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys23:53:43.0045 4156 FileInfo - ok23:53:43.0045 4156 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys23:53:43.0061 4156 Filetrace - ok23:53:43.0061 4156 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys23:53:43.0076 4156 flpydisk - ok23:53:43.0092 4156 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys23:53:43.0107 4156 FltMgr - ok23:53:43.0139 4156 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll23:53:43.0170 4156 FontCache - ok23:53:43.0201 4156 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe23:53:43.0201 4156 FontCache3.0.0.0 - ok23:53:43.0217 4156 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys23:53:43.0232 4156 FsDepends - ok23:53:43.0263 4156 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys23:53:43.0263 4156 Fs_Rec - ok23:53:43.0295 4156 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys23:53:43.0295 4156 fvevol - ok23:53:43.0310 4156 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys23:53:43.0310 4156 gagp30kx - ok23:53:43.0357 4156 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll23:53:43.0373 4156 gpsvc - ok23:53:43.0419 4156 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe23:53:43.0419 4156 gupdate - ok23:53:43.0435 4156 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe23:53:43.0435 4156 gupdatem - ok23:53:43.0466 4156 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe23:53:43.0466 4156 gusvc - ok23:53:43.0497 4156 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys23:53:43.0497 4156 hcw85cir - ok23:53:43.0529 4156 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys23:53:43.0529 4156 HdAudAddService - ok23:53:43.0560 4156 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys23:53:43.0560 4156 HDAudBus - ok23:53:43.0591 4156 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys23:53:43.0591 4156 HidBatt - ok23:53:43.0591 4156 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys23:53:43.0607 4156 HidBth - ok23:53:43.0622 4156 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys23:53:43.0622 4156 HidIr - ok23:53:43.0638 4156 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll23:53:43.0638 4156 hidserv - ok23:53:43.0669 4156 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys23:53:43.0669 4156 HidUsb - ok23:53:43.0685 4156 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll23:53:43.0700 4156 hkmsvc - ok23:53:43.0700 4156 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll23:53:43.0700 4156 HomeGroupListener - ok23:53:43.0731 4156 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll23:53:43.0731 4156 HomeGroupProvider - ok23:53:43.0763 4156 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys23:53:43.0763 4156 HpSAMD - ok23:53:43.0794 4156 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys23:53:43.0809 4156 HTTP - ok23:53:43.0825 4156 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys23:53:43.0825 4156 hwpolicy - ok23:53:43.0872 4156 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys23:53:43.0872 4156 i8042prt - ok23:53:43.0903 4156 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys23:53:43.0919 4156 iaStor - ok23:53:44.0012 4156 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe23:53:44.0012 4156 IAStorDataMgrSvc - ok23:53:44.0043 4156 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys23:53:44.0059 4156 iaStorV - ok23:53:44.0106 4156 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe23:53:44.0121 4156 idsvc - ok23:53:44.0355 4156 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys23:53:44.0574 4156 igfx - ok23:53:44.0605 4156 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys23:53:44.0605 4156 iirsp - ok23:53:44.0652 4156 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll23:53:44.0667 4156 IKEEXT - ok23:53:44.0792 4156 [ 602788BF364D43E5878AA1B4F85C232B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys23:53:44.0808 4156 IntcAzAudAddService - ok23:53:44.0855 4156 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys23:53:44.0855 4156 IntcDAud - ok23:53:44.0933 4156 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe23:53:44.0933 4156 Intel® Capability Licensing Service Interface - ok23:53:44.0964 4156 [ 9571D8BDB56EBC52280E8020574508E6 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe23:53:44.0964 4156 Intel® ME Service - ok23:53:44.0979 4156 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys23:53:44.0979 4156 intelide - ok23:53:45.0011 4156 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys23:53:45.0011 4156 intelppm - ok23:53:45.0042 4156 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll23:53:45.0057 4156 IPBusEnum - ok23:53:45.0073 4156 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys23:53:45.0073 4156 IpFilterDriver - ok23:53:45.0151 4156 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll23:53:45.0151 4156 IpHlpSvc - ok23:53:45.0182 4156 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys23:53:45.0182 4156 IPMIDRV - ok23:53:45.0213 4156 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys23:53:45.0213 4156 IPNAT - ok23:53:45.0229 4156 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys23:53:45.0245 4156 IRENUM - ok23:53:45.0260 4156 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys23:53:45.0276 4156 isapnp - ok23:53:45.0291 4156 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys23:53:45.0291 4156 iScsiPrt - ok23:53:45.0323 4156 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys23:53:45.0323 4156 iusb3hcs - ok23:53:45.0338 4156 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys23:53:45.0338 4156 iusb3hub - ok23:53:45.0369 4156 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys23:53:45.0385 4156 iusb3xhc - ok23:53:45.0416 4156 [ DBD76BC1D498FE368F2C8CB76C3E00A4 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe23:53:45.0416 4156 jhi_service - ok23:53:45.0447 4156 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys23:53:45.0447 4156 kbdclass - ok23:53:45.0479 4156 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys23:53:45.0479 4156 kbdhid - ok23:53:45.0494 4156 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe23:53:45.0494 4156 KeyIso - ok23:53:45.0525 4156 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys23:53:45.0525 4156 KSecDD - ok23:53:45.0541 4156 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys23:53:45.0541 4156 KSecPkg - ok23:53:45.0588 4156 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys23:53:45.0588 4156 ksthunk - ok23:53:45.0619 4156 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll23:53:45.0635 4156 KtmRm - ok23:53:45.0666 4156 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll23:53:45.0681 4156 LanmanServer - ok23:53:45.0713 4156 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll23:53:45.0713 4156 LanmanWorkstation - ok23:53:45.0744 4156 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys23:53:45.0744 4156 lltdio - ok23:53:45.0791 4156 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll23:53:45.0806 4156 lltdsvc - ok23:53:45.0806 4156 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll23:53:45.0822 4156 lmhosts - ok23:53:45.0869 4156 [ 86E4CC39C953D11EF57CF54C4DC78238 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe23:53:45.0884 4156 LMS - ok23:53:45.0915 4156 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys23:53:45.0915 4156 LSI_FC - ok23:53:45.0931 4156 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys23:53:45.0947 4156 LSI_SAS - ok23:53:45.0947 4156 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys23:53:45.0962 4156 LSI_SAS2 - ok23:53:45.0978 4156 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys23:53:45.0993 4156 LSI_SCSI - ok23:53:46.0025 4156 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys23:53:46.0025 4156 luafv - ok23:53:46.0040 4156 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll23:53:46.0056 4156 Mcx2Svc - ok23:53:46.0071 4156 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys23:53:46.0071 4156 megasas - ok23:53:46.0118 4156 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys23:53:46.0118 4156 MegaSR - ok23:53:46.0149 4156 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys23:53:46.0149 4156 MEIx64 - ok23:53:46.0196 4156 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll23:53:46.0196 4156 MMCSS - ok23:53:46.0196 4156 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys23:53:46.0212 4156 Modem - ok23:53:46.0243 4156 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys23:53:46.0243 4156 monitor - ok23:53:46.0274 4156 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys23:53:46.0274 4156 mouclass - ok23:53:46.0305 4156 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys23:53:46.0321 4156 mouhid - ok23:53:46.0321 4156 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys23:53:46.0337 4156 mountmgr - ok23:53:46.0352 4156 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys23:53:46.0352 4156 mpio - ok23:53:46.0368 4156 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys23:53:46.0368 4156 mpsdrv - ok23:53:46.0415 4156 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll23:53:46.0430 4156 MpsSvc - ok23:53:46.0461 4156 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys23:53:46.0461 4156 MRxDAV - ok23:53:46.0493 4156 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys23:53:46.0508 4156 mrxsmb - ok23:53:46.0524 4156 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys23:53:46.0524 4156 mrxsmb10 - ok23:53:46.0555 4156 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys23:53:46.0571 4156 mrxsmb20 - ok23:53:46.0586 4156 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys23:53:46.0586 4156 msahci - ok23:53:46.0602 4156 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys23:53:46.0602 4156 msdsm - ok23:53:46.0633 4156 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe23:53:46.0633 4156 MSDTC - ok23:53:46.0680 4156 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys23:53:46.0680 4156 Msfs - ok23:53:46.0695 4156 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys23:53:46.0711 4156 mshidkmdf - ok23:53:46.0727 4156 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys23:53:46.0727 4156 msisadrv - ok23:53:46.0742 4156 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll23:53:46.0758 4156 MSiSCSI - ok23:53:46.0758 4156 msiserver - ok23:53:46.0773 4156 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys23:53:46.0773 4156 MSKSSRV - ok23:53:46.0805 4156 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys23:53:46.0805 4156 MSPCLOCK - ok23:53:46.0851 4156 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys23:53:46.0851 4156 MSPQM - ok23:53:46.0867 4156 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys23:53:46.0867 4156 MsRPC - ok23:53:46.0898 4156 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys23:53:46.0898 4156 mssmbios - ok23:53:46.0929 4156 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys23:53:46.0929 4156 MSTEE - ok23:53:46.0945 4156 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys23:53:46.0945 4156 MTConfig - ok23:53:46.0961 4156 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys23:53:46.0961 4156 Mup - ok23:53:46.0992 4156 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll23:53:47.0007 4156 napagent - ok23:53:47.0054 4156 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys23:53:47.0054 4156 NativeWifiP - ok23:53:47.0101 4156 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys23:53:47.0117 4156 NDIS - ok23:53:47.0132 4156 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys23:53:47.0148 4156 NdisCap - ok23:53:47.0179 4156 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys23:53:47.0179 4156 NdisTapi - ok23:53:47.0179 4156 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys23:53:47.0179 4156 Ndisuio - ok23:53:47.0210 4156 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys23:53:47.0210 4156 NdisWan - ok23:53:47.0226 4156 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys23:53:47.0226 4156 NDProxy - ok23:53:47.0257 4156 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys23:53:47.0257 4156 NetBIOS - ok23:53:47.0273 4156 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys23:53:47.0288 4156 NetBT - ok23:53:47.0288 4156 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe23:53:47.0304 4156 Netlogon - ok23:53:47.0335 4156 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll23:53:47.0335 4156 Netman - ok23:53:47.0351 4156 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll23:53:47.0366 4156 netprofm - ok23:53:47.0382 4156 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe23:53:47.0382 4156 NetTcpPortSharing - ok23:53:47.0413 4156 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys23:53:47.0413 4156 nfrd960 - ok23:53:47.0444 4156 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll23:53:47.0444 4156 NlaSvc - ok23:53:47.0460 4156 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys23:53:47.0460 4156 Npfs - ok23:53:47.0491 4156 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll23:53:47.0491 4156 nsi - ok23:53:47.0491 4156 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys23:53:47.0491 4156 nsiproxy - ok23:53:47.0538 4156 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys23:53:47.0553 4156 Ntfs - ok23:53:47.0585 4156 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys23:53:47.0585 4156 Null - ok23:53:47.0600 4156 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys23:53:47.0600 4156 nvraid - ok23:53:47.0631 4156 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys23:53:47.0631 4156 nvstor - ok23:53:47.0647 4156 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys23:53:47.0647 4156 nv_agp - ok23:53:47.0663 4156 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys23:53:47.0663 4156 ohci1394 - ok23:53:47.0694 4156 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll23:53:47.0694 4156 p2pimsvc - ok23:53:47.0709 4156 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll23:53:47.0725 4156 p2psvc - ok23:53:47.0741 4156 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys23:53:47.0741 4156 Parport - ok23:53:47.0772 4156 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys23:53:47.0772 4156 partmgr - ok23:53:47.0787 4156 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll23:53:47.0803 4156 PcaSvc - ok23:53:47.0834 4156 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys23:53:47.0834 4156 pci - ok23:53:47.0850 4156 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys23:53:47.0850 4156 pciide - ok23:53:47.0865 4156 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys23:53:47.0865 4156 pcmcia - ok23:53:47.0881 4156 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys23:53:47.0881 4156 pcw - ok23:53:47.0912 4156 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys23:53:47.0912 4156 PEAUTH - ok23:53:47.0928 4156 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe23:53:47.0959 4156 PerfHost - ok23:53:48.0021 4156 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll23:53:48.0037 4156 pla - ok23:53:48.0099 4156 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll23:53:48.0099 4156 PlugPlay - ok23:53:48.0131 4156 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll23:53:48.0131 4156 PNRPAutoReg - ok23:53:48.0162 4156 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll23:53:48.0162 4156 PNRPsvc - ok23:53:48.0209 4156 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll23:53:48.0209 4156 PolicyAgent - ok23:53:48.0240 4156 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll23:53:48.0240 4156 Power - ok23:53:48.0287 4156 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys23:53:48.0287 4156 PptpMiniport - ok23:53:48.0287 4156 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys23:53:48.0302 4156 Processor - ok23:53:48.0318 4156 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll23:53:48.0318 4156 ProfSvc - ok23:53:48.0333 4156 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe23:53:48.0333 4156 ProtectedStorage - ok23:53:48.0365 4156 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys23:53:48.0365 4156 Psched - ok23:53:48.0411 4156 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys23:53:48.0427 4156 ql2300 - ok23:53:48.0443 4156 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys23:53:48.0443 4156 ql40xx - ok23:53:48.0458 4156 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll23:53:48.0458 4156 QWAVE - ok23:53:48.0474 4156 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys23:53:48.0474 4156 QWAVEdrv - ok23:53:48.0489 4156 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys23:53:48.0489 4156 RasAcd - ok23:53:48.0521 4156 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys23:53:48.0521 4156 RasAgileVpn - ok23:53:48.0552 4156 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll23:53:48.0552 4156 RasAuto - ok23:53:48.0567 4156 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys23:53:48.0567 4156 Rasl2tp - ok23:53:48.0614 4156 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll23:53:48.0614 4156 RasMan - ok23:53:48.0630 4156 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys23:53:48.0630 4156 RasPppoe - ok23:53:48.0661 4156 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys23:53:48.0661 4156 RasSstp - ok23:53:48.0677 4156 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys23:53:48.0677 4156 rdbss - ok23:53:48.0692 4156 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys23:53:48.0692 4156 rdpbus - ok23:53:48.0708 4156 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys23:53:48.0708 4156 RDPCDD - ok23:53:48.0739 4156 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys23:53:48.0739 4156 RDPENCDD - ok23:53:48.0739 4156 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys23:53:48.0739 4156 RDPREFMP - ok23:53:48.0770 4156 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys23:53:48.0770 4156 RDPWD - ok23:53:48.0801 4156 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys23:53:48.0817 4156 rdyboost - ok23:53:48.0848 4156 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll23:53:48.0848 4156 RemoteAccess - ok23:53:48.0879 4156 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll23:53:48.0879 4156 RemoteRegistry - ok23:53:48.0926 4156 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys23:53:48.0926 4156 RFCOMM - ok23:53:48.0942 4156 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll23:53:48.0942 4156 RpcEptMapper - ok23:53:48.0973 4156 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe23:53:48.0973 4156 RpcLocator - ok23:53:48.0989 4156 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll23:53:49.0004 4156 RpcSs - ok23:53:49.0020 4156 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys23:53:49.0020 4156 rspndr - ok23:53:49.0035 4156 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe23:53:49.0035 4156 SamSs - ok23:53:49.0113 4156 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS23:53:49.0113 4156 SASDIFSV - ok23:53:49.0129 4156 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS23:53:49.0129 4156 SASKUTIL - ok23:53:49.0160 4156 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys23:53:49.0160 4156 sbp2port - ok23:53:49.0191 4156 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll23:53:49.0207 4156 SCardSvr - ok23:53:49.0223 4156 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys23:53:49.0223 4156 scfilter - ok23:53:49.0254 4156 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll23:53:49.0269 4156 Schedule - ok23:53:49.0316 4156 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll23:53:49.0316 4156 SCPolicySvc - ok23:53:49.0347 4156 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll23:53:49.0347 4156 SDRSVC - ok23:53:49.0379 4156 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys23:53:49.0394 4156 secdrv - ok23:53:49.0410 4156 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll23:53:49.0425 4156 seclogon - ok23:53:49.0441 4156 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll23:53:49.0457 4156 SENS - ok23:53:49.0457 4156 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll23:53:49.0457 4156 SensrSvc - ok23:53:49.0488 4156 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys23:53:49.0488 4156 Serenum - ok23:53:49.0503 4156 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys23:53:49.0503 4156 Serial - ok23:53:49.0535 4156 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys23:53:49.0550 4156 sermouse - ok23:53:49.0628 4156 [ 3E0E4879CDA4F1F2D1361345969BD034 ] Service Sendori C:\Program Files (x86)\Sendori\Sendori.Service.exe23:53:49.0628 4156 Service Sendori - ok23:53:49.0675 4156 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll23:53:49.0675 4156 SessionEnv - ok23:53:49.0722 4156 [ 70F9C476B62DE4F2823E918A6C181ADE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys23:53:49.0722 4156 SFEP - ok23:53:49.0737 4156 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys23:53:49.0737 4156 sffdisk - ok23:53:49.0753 4156 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys23:53:49.0769 4156 sffp_mmc - ok23:53:49.0769 4156 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys23:53:49.0769 4156 sffp_sd - ok23:53:49.0784 4156 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys23:53:49.0784 4156 sfloppy - ok23:53:49.0847 4156 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll23:53:49.0847 4156 SharedAccess - ok23:53:49.0893 4156 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll23:53:49.0893 4156 ShellHWDetection - ok23:53:49.0925 4156 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys23:53:49.0925 4156 SiSRaid2 - ok23:53:49.0956 4156 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys23:53:49.0956 4156 SiSRaid4 - ok23:53:50.0034 4156 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe23:53:50.0034 4156 SkypeUpdate - ok23:53:50.0065 4156 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys23:53:50.0065 4156 Smb - ok23:53:50.0174 4156 [ 35234024A40976C906D80B8DFC441EF2 ] sndappv2 C:\Program Files (x86)\Sendori\sndappv2.exe23:53:50.0252 4156 sndappv2 - ok23:53:50.0299 4156 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe23:53:50.0299 4156 SNMPTRAP - ok23:53:50.0330 4156 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys23:53:50.0330 4156 spldr - ok23:53:50.0361 4156 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe23:53:50.0361 4156 Spooler - ok23:53:50.0502 4156 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe23:53:50.0595 4156 sppsvc - ok23:53:50.0611 4156 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll23:53:50.0611 4156 sppuinotify - ok23:53:50.0642 4156 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys23:53:50.0642 4156 srv - ok23:53:50.0673 4156 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys23:53:50.0673 4156 srv2 - ok23:53:50.0689 4156 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys23:53:50.0689 4156 srvnet - ok23:53:50.0720 4156 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll23:53:50.0720 4156 SSDPSRV - ok23:53:50.0736 4156 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll23:53:50.0736 4156 SstpSvc - ok23:53:50.0767 4156 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys23:53:50.0767 4156 stexstor - ok23:53:50.0798 4156 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll23:53:50.0814 4156 stisvc - ok23:53:50.0814 4156 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys23:53:50.0814 4156 swenum - ok23:53:50.0845 4156 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll23:53:50.0845 4156 swprv - ok23:53:50.0892 4156 [ 321EA1320771419C0956DE50F270C3E5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys23:53:50.0892 4156 SynTP - ok23:53:50.0939 4156 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll23:53:50.0970 4156 SysMain - ok23:53:50.0985 4156 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll23:53:50.0985 4156 TabletInputService - ok23:53:51.0017 4156 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll23:53:51.0032 4156 TapiSrv - ok23:53:51.0032 4156 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll23:53:51.0048 4156 TBS - ok23:53:51.0110 4156 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys23:53:51.0126 4156 Tcpip - ok23:53:51.0157 4156 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys23:53:51.0157 4156 TCPIP6 - ok23:53:51.0188 4156 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys23:53:51.0188 4156 tcpipreg - ok23:53:51.0219 4156 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys23:53:51.0219 4156 TDPIPE - ok23:53:51.0235 4156 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys23:53:51.0235 4156 TDTCP - ok23:53:51.0266 4156 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys23:53:51.0266 4156 tdx - ok23:53:51.0297 4156 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys23:53:51.0297 4156 TermDD - ok23:53:51.0329 4156 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll23:53:51.0344 4156 TermService - ok23:53:51.0360 4156 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll23:53:51.0360 4156 Themes - ok23:53:51.0360 4156 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll23:53:51.0375 4156 THREADORDER - ok23:53:51.0391 4156 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll23:53:51.0407 4156 TrkWks - ok23:53:51.0469 4156 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe23:53:51.0485 4156 TrustedInstaller - ok23:53:51.0500 4156 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys23:53:51.0500 4156 tssecsrv - ok23:53:51.0563 4156 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys23:53:51.0578 4156 TsUsbFlt - ok23:53:51.0594 4156 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys23:53:51.0609 4156 TsUsbGD - ok23:53:51.0656 4156 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys23:53:51.0672 4156 tunnel - ok23:53:51.0672 4156 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys23:53:51.0687 4156 uagp35 - ok23:53:51.0703 4156 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys23:53:51.0750 4156 udfs - ok23:53:51.0797 4156 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe23:53:51.0797 4156 UI0Detect - ok23:53:51.0859 4156 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys23:53:51.0875 4156 uliagpkx - ok23:53:51.0890 4156 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys23:53:51.0890 4156 umbus - ok23:53:51.0906 4156 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys23:53:51.0906 4156 UmPass - ok23:53:51.0937 4156 [ D80B1075B69B57A3AB78F750CE463ECE ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe23:53:51.0953 4156 UNS - ok23:53:51.0984 4156 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll23:53:51.0999 4156 upnphost - ok23:53:52.0062 4156 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys23:53:52.0062 4156 usbaudio - ok23:53:52.0093 4156 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys23:53:52.0093 4156 usbccgp - ok23:53:52.0124 4156 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys23:53:52.0124 4156 usbcir - ok23:53:52.0155 4156 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys23:53:52.0171 4156 usbehci - ok23:53:52.0187 4156 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys23:53:52.0202 4156 usbhub - ok23:53:52.0218 4156 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys23:53:52.0218 4156 usbohci - ok23:53:52.0249 4156 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys23:53:52.0265 4156 usbprint - ok23:53:52.0296 4156 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS23:53:52.0296 4156 USBSTOR - ok23:53:52.0311 4156 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys23:53:52.0327 4156 usbuhci - ok23:53:52.0343 4156 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys23:53:52.0343 4156 usbvideo - ok23:53:52.0374 4156 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll23:53:52.0389 4156 UxSms - ok23:53:52.0452 4156 [ 203FD19D70549A2939E1AE3A36608151 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe23:53:52.0467 4156 VAIO Event Service - ok23:53:52.0530 4156 [ 59308CD511A5F3EE33595FFD46F76B31 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe23:53:52.0561 4156 VAIO Power Management - ok23:53:52.0592 4156 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe23:53:52.0592 4156 VaultSvc - ok23:53:52.0639 4156 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys23:53:52.0639 4156 vdrvroot - ok23:53:52.0748 4156 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe23:53:52.0779 4156 vds - ok23:53:52.0826 4156 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys23:53:52.0826 4156 vga - ok23:53:52.0842 4156 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys23:53:52.0842 4156 VgaSave - ok23:53:52.0857 4156 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys23:53:52.0857 4156 vhdmp - ok23:53:52.0889 4156 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys23:53:52.0889 4156 viaide - ok23:53:52.0920 4156 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys23:53:52.0920 4156 volmgr - ok23:53:52.0935 4156 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys23:53:52.0935 4156 volmgrx - ok23:53:52.0935 4156 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys23:53:52.0951 4156 volsnap - ok23:53:52.0967 4156 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys23:53:52.0967 4156 vsmraid - ok23:53:53.0045 4156 [ 596E65BDEE804CC6658A39756CC61849 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe23:53:53.0045 4156 VSNService - ok23:53:53.0138 4156 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe23:53:53.0185 4156 VSS - ok23:53:53.0279 4156 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe23:53:53.0294 4156 VUAgent - ok23:53:53.0310 4156 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys23:53:53.0325 4156 vwifibus - ok23:53:53.0341 4156 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys23:53:53.0341 4156 vwififlt - ok23:53:53.0357 4156 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll23:53:53.0372 4156 W32Time - ok23:53:53.0388 4156 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys23:53:53.0388 4156 WacomPen - ok23:53:53.0435 4156 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe23:53:53.0435 4156 WajamUpdater - ok23:53:53.0466 4156 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys23:53:53.0466 4156 WANARP - ok23:53:53.0466 4156 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys23:53:53.0466 4156 Wanarpv6 - ok23:53:53.0528 4156 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe23:53:53.0575 4156 WatAdminSvc - ok23:53:53.0622 4156 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe23:53:53.0669 4156 wbengine - ok23:53:53.0684 4156 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll23:53:53.0700 4156 WbioSrvc - ok23:53:53.0731 4156 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll23:53:53.0747 4156 wcncsvc - ok23:53:53.0762 4156 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll23:53:53.0762 4156 WcsPlugInService - ok23:53:53.0778 4156 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys23:53:53.0778 4156 Wd - ok23:53:53.0856 4156 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys23:53:53.0887 4156 Wdf01000 - ok23:53:53.0903 4156 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll23:53:53.0903 4156 WdiServiceHost - ok23:53:53.0903 4156 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll23:53:53.0903 4156 WdiSystemHost - ok23:53:53.0934 4156 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll23:53:53.0949 4156 WebClient - ok23:53:53.0965 4156 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll23:53:53.0965 4156 Wecsvc - ok23:53:53.0981 4156 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll23:53:53.0981 4156 wercplsupport - ok23:53:54.0027 4156 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll23:53:54.0027 4156 WerSvc - ok23:53:54.0059 4156 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys23:53:54.0059 4156 WfpLwf - ok23:53:54.0074 4156 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys23:53:54.0074 4156 WIMMount - ok23:53:54.0105 4156 WinDefend - ok23:53:54.0105 4156 WinHttpAutoProxySvc - ok23:53:54.0183 4156 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll23:53:54.0199 4156 Winmgmt - ok23:53:54.0261 4156 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll23:53:54.0324 4156 WinRM - ok23:53:54.0386 4156 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys23:53:54.0386 4156 WinUsb - ok23:53:54.0464 4156 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll23:53:54.0480 4156 Wlansvc - ok23:53:54.0511 4156 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys23:53:54.0511 4156 WmiAcpi - ok23:53:54.0542 4156 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe23:53:54.0542 4156 wmiApSrv - ok23:53:54.0573 4156 WMPNetworkSvc - ok23:53:54.0605 4156 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll23:53:54.0620 4156 WPCSvc - ok23:53:54.0636 4156 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll23:53:54.0636 4156 WPDBusEnum - ok23:53:54.0667 4156 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys23:53:54.0667 4156 ws2ifsl - ok23:53:54.0714 4156 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll23:53:54.0714 4156 wscsvc - ok23:53:54.0729 4156 WSearch - ok23:53:54.0854 4156 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll23:53:54.0917 4156 wuauserv - ok23:53:54.0948 4156 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys23:53:54.0948 4156 WudfPf - ok23:53:54.0979 4156 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys23:53:54.0995 4156 WUDFRd - ok23:53:55.0010 4156 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll23:53:55.0026 4156 wudfsvc - ok23:53:55.0057 4156 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll23:53:55.0073 4156 WwanSvc - ok23:53:55.0151 4156 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe23:53:55.0166 4156 YahooAUService - ok23:53:55.0197 4156 [ A5B25E310678175F4779499FFF7D0994 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe23:53:55.0197 4156 ZAtheros Bt&Wlan Coex Agent - ok23:53:55.0213 4156 ================ Scan global ===============================23:53:55.0244 4156 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll23:53:55.0291 4156 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll23:53:55.0307 4156 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll23:53:55.0338 4156 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll23:53:55.0385 4156 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe23:53:55.0385 4156 [Global] - ok23:53:55.0385 4156 ================ Scan MBR ==================================23:53:55.0400 4156 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR023:53:56.0352 4156 \Device\Harddisk0\DR0 - ok23:53:56.0352 4156 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR223:54:02.0483 4156 \Device\Harddisk1\DR2 - ok23:54:02.0483 4156 ================ Scan VBR ==================================23:54:02.0498 4156 [ 75855CD18CBF785031F8EDD7A89B033D ] \Device\Harddisk0\DR0\Partition123:54:02.0498 4156 \Device\Harddisk0\DR0\Partition1 - ok23:54:02.0514 4156 [ A7E12EE5F0F983D9183A353EB01BCA11 ] \Device\Harddisk0\DR0\Partition223:54:02.0514 4156 \Device\Harddisk0\DR0\Partition2 - ok23:54:02.0529 4156 [ 03204B642CF98CB39EEEC6C3BBC63895 ] \Device\Harddisk1\DR2\Partition123:54:02.0529 4156 \Device\Harddisk1\DR2\Partition1 - ok23:54:02.0529 4156 ============================================================23:54:02.0529 4156 Scan finished23:54:02.0529 4156 ============================================================23:54:02.0529 2140 Detected object count: 023:54:02.0529 2140 Actual detected object count: 0 Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690087 Share Posted June 12, 2013 I'm not seeing anything too suspicious. I'd like to run a few more scans to get a better look.----------Step 1----------------Please download AdwCleaner by Xplode onto your desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[R1].txt as well.----------Step 2----------------We need to create a New FULL OTL ReportPlease download OTL from here if you have not done so already:Main Mirror[*]Save it to your desktop.[*]Double click on the OTL icon on your desktop.[*]Click the "Scan All Users" checkbox.[*]Change the "Extra Registry" option to "SafeList"[*]Push the Run Scan button.[*]Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimized----------Step 3 (note: this scan may take a little time)----------------I'd like us to scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window.ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on to download the ESET Smart Installer. Save it to your desktop.Double click on the icon on your desktop.[*]Check [*]Click the button.[*]Accept any security warnings from your browser.[*]Check [*]Push the Start button.[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[*]When the scan completes, push [*]Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[*]Push the button.[*]Push A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt----------Step 4----------------Please post the AdwCleaner logfile, the OTL.txt and Extras.txt, and the ESET online scan log in your next reply.Let me know how things go. Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690099 Share Posted June 12, 2013 AdwCleaner=====================================# AdwCleaner v2.303 - Logfile created 06/12/2013 at 00:06:47# Updated 08/06/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : user - USER-PC# Boot Mode : Normal# Running from : C:\Users\user\Desktop\AdwCleaner.exe# Option [search]***** [services] *****Found : 24x7HelpSvcFound : BrowserProtectFound : WajamUpdater***** [Files / Folders] *****File Found : C:\ENDFolder Found : C:\Program Files (x86)\Ask.comFolder Found : C:\Program Files (x86)\BabylonToolbarFolder Found : C:\Program Files (x86)\DeltaFolder Found : C:\Program Files (x86)\ExpressFilesFolder Found : C:\Program Files (x86)\file scoutFolder Found : C:\Program Files (x86)\Search Results ToolbarFolder Found : C:\Program Files (x86)\Shopping Sidekick PluginFolder Found : C:\Program Files (x86)\Smiley Bar for FacebookFolder Found : C:\Program Files (x86)\SweetIMFolder Found : C:\Program Files (x86)\WajamFolder Found : C:\Program Files (x86)\YontooFolder Found : C:\Program Files (x86)\ZoomexFolder Found : C:\ProgramData\AskFolder Found : C:\ProgramData\BabylonFolder Found : C:\ProgramData\boost_interprocessFolder Found : C:\ProgramData\Browser ManagerFolder Found : C:\ProgramData\BrowserProtectFolder Found : C:\ProgramData\InstallMateFolder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 HelpFolder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoomexFolder Found : C:\ProgramData\PremiumFolder Found : C:\ProgramData\SweetIMFolder Found : C:\ProgramData\Tarma InstallerFolder Found : C:\ProgramData\ZoomexFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmloFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphhFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehojFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekknFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjpFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbombFolder Found : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcjFolder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}Folder Found : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}***** [Registry] *****Key Found : HKCU\Software\24x7HELPKey Found : HKCU\Software\APNKey Found : HKCU\Software\AppDataLow\Software\AskToolbarKey Found : HKCU\Software\AppDataLow\Software\CrossriderKey Found : HKCU\Software\AppDataLow\Software\PricePeepKey Found : HKCU\Software\AppDataLow\Software\Shopping Sidekick PluginKey Found : HKCU\Software\AppDataLow\SProtectorKey Found : HKCU\Software\Ask.comKey Found : HKCU\Software\BabylonToolbarKey Found : HKCU\Software\DataMngr_ToolbarKey Found : HKCU\Software\DeltaKey Found : HKCU\Software\ExpressFilesKey Found : HKCU\Software\filescoutKey Found : HKCU\Software\IMKey Found : HKCU\Software\ImInstallerKey Found : HKCU\Software\InstallCoreKey Found : HKCU\Software\InstalledBrowserExtensionsKey Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettingsKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}Key Found : HKCU\Software\PrivitizeVPNInstallDatesKey Found : HKCU\Software\StartSearchKey Found : HKCU\Software\WajamKey Found : HKCU\Software\5f08dd9b06fea47Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Found : HKLM\Software\24x7HELPKey Found : HKLM\Software\APNKey Found : HKLM\Software\AskToolbarKey Found : HKLM\Software\BabylonKey Found : HKLM\Software\BabylonToolbarKey Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}Key Found : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Found : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\escort.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXEKey Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLLKey Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLLKey Found : HKLM\SOFTWARE\Classes\bKey Found : HKLM\SOFTWARE\Classes\Babylon.dskBndKey Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCoreKey Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlprKey Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHOKey Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.SandboxKey Found : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCoreKey Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPaneKey Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvcKey Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvcKey Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1Key Found : HKLM\Software\Classes\Installer\Features\237AA359BFA99C94484AF769ACA080ADKey Found : HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEFKey Found : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4BKey Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50BKey Found : HKLM\Software\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080ADKey Found : HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEFKey Found : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4BKey Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50BKey Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtilsKey Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimatorKey Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1Key Found : HKLM\SOFTWARE\Classes\Prod.capKey Found : HKLM\SOFTWARE\Classes\ScriptHost.ToolKey Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1Key Found : HKLM\SOFTWARE\Classes\sim-packagesKey Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHOKey Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloaderKey Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.ApiKey Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1Key Found : HKLM\Software\DataMngrKey Found : HKLM\Software\DeltaKey Found : HKLM\Software\ExpressFilesKey Found : HKLM\Software\InstallCoreKey Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exeKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\SP GlobalKey Found : HKLM\Software\SProtectorKey Found : HKLM\Software\WajamKey Found : HKLM\SOFTWARE\Wow6432Node\5f08dd9b06fea47Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmloKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekknKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjpKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbombKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlcKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcjKey Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefphKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbarKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DeltaKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeepKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for FacebookKey Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajamKey Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdaterKey Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Found : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Found : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Found : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}Key Found : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Found : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}Key Found : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Found : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}Key Found : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}Key Found : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}Key Found : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}Key Found : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Found : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphhKey Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdaterKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEFKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Key Found : HKU\S-1-5-21-609671668-3261406088-2255839349-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Found : HKU\S-1-5-21-609671668-3261406088-2255839349-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]Value Found : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16576[OK] Registry is clean.-\\ Google Chrome v27.0.1453.110*************************AdwCleaner[R1].txt - [32980 octets] - [12/06/2013 00:06:47]########## EOF - C:\AdwCleaner[R1].txt - [33041 octets] ########## Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690100 Share Posted June 12, 2013 OTL log-------------------------------------------------OTL logfile created on: 6/12/2013 12:08:04 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.10.9200.16576)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy5.90 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 78.30% Memory free11.81 Gb Paging File | 10.46 Gb Available in Paging File | 88.61% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 698.54 Gb Total Space | 651.71 Gb Free Space | 93.30% Space Free | Partition Type: NTFSDrive E: | 7.60 Gb Total Space | 6.89 Gb Free Space | 90.66% Space Free | Partition Type: FAT32Computer Name: USER-PC | User Name: user | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/06/12 00:04:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exePRC - [2013/05/21 18:53:04 | 000,196,896 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriUp.exePRC - [2013/05/21 18:53:04 | 000,119,072 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriSvc.exePRC - [2013/05/21 18:53:02 | 003,623,200 | ---- | M] (Sendori) -- C:\Program Files (x86)\Sendori\sndappv2.exePRC - [2013/05/21 18:53:02 | 000,019,744 | ---- | M] (sendori) -- C:\Program Files (x86)\Sendori\Sendori.Service.exePRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exePRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exePRC - [2013/03/12 10:36:26 | 000,342,608 | ---- | M] (PCRx.com, LLC) -- C:\Program Files (x86)\24x7Help\App24x7Svc.exePRC - [2012/10/05 11:08:42 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exePRC - [2012/04/04 02:46:44 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exePRC - [2012/04/04 02:46:04 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC - [2012/04/04 02:45:54 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exePRC - [2012/04/04 02:45:26 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exePRC - [2012/03/07 22:57:48 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exePRC - [2012/03/07 22:57:46 | 000,065,464 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exePRC - [2012/02/23 21:09:58 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exePRC - [2011/11/30 00:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exePRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe========== Modules (No Company Name) ==================== Services (SafeList) ==========SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)SRV:64bit: - [2012/10/26 13:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)SRV:64bit: - [2012/03/26 13:24:10 | 000,978,056 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)SRV:64bit: - [2012/03/21 21:08:20 | 000,112,256 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)SRV:64bit: - [2012/02/03 02:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®SRV:64bit: - [2012/01/10 17:45:32 | 000,535,688 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV - [2013/05/21 18:53:04 | 000,119,072 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sendori\SendoriSvc.exe -- (Application Sendori)SRV - [2013/05/21 18:53:02 | 003,623,200 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\sndappv2.exe -- (sndappv2)SRV - [2013/05/21 18:53:02 | 000,019,744 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\Sendori.Service.exe -- (Service Sendori)SRV - [2013/05/16 17:26:08 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2013/03/12 10:36:26 | 000,342,608 | ---- | M] (PCRx.com, LLC) [Auto | Running] -- C:\Program Files (x86)\24x7Help\App24x7Svc.exe -- (24x7HelpSvc)SRV - [2012/11/09 15:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012/10/05 11:08:42 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)SRV - [2012/04/04 02:46:44 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [2012/04/04 02:46:04 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)SRV - [2012/04/04 02:45:54 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®SRV - [2012/04/04 02:45:26 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)SRV - [2012/04/03 08:16:00 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)SRV - [2012/03/07 22:57:46 | 000,065,464 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)SRV - [2012/02/23 21:09:58 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)SRV - [2012/02/23 20:51:40 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)SRV - [2011/11/30 00:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2010/03/18 15:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)========== Driver Services (SafeList) ==========DRV:64bit: - [2013/05/09 04:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)DRV:64bit: - [2013/05/09 04:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)DRV:64bit: - [2013/05/09 04:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)DRV:64bit: - [2012/04/04 08:46:18 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)DRV:64bit: - [2012/04/04 02:45:40 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)DRV:64bit: - [2012/04/04 02:40:08 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)DRV:64bit: - [2012/04/04 02:40:04 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)DRV:64bit: - [2012/04/04 02:40:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)DRV:64bit: - [2012/04/03 08:23:22 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)DRV:64bit: - [2012/04/03 08:19:26 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2012/02/23 21:01:04 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)DRV:64bit: - [2012/02/23 21:00:34 | 000,421,664 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_vdp.sys -- (BTATH_VDP)DRV:64bit: - [2012/02/23 21:00:16 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)DRV:64bit: - [2012/02/23 21:00:04 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)DRV:64bit: - [2012/02/23 20:59:34 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)DRV:64bit: - [2012/02/23 20:59:16 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)DRV:64bit: - [2012/02/23 20:59:04 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)DRV:64bit: - [2012/02/23 20:58:46 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)DRV:64bit: - [2012/02/23 20:58:28 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)DRV:64bit: - [2012/02/22 03:27:36 | 002,807,808 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)DRV:64bit: - [2011/11/29 23:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [2007/08/03 09:35:54 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKLM\..\SearchScopes\{B1D4E0E0-43ED-40F5-A092-58AE8D19E088}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10009&barid={2A595088-5778-11E2-9A07-08EDB9B06076}IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.com./IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com./IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 3F E7 CF 10 BE CD 01 [binary data]IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRIE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=118718&tt=0213_7&babsrc=SP_ss&mntrId=46c04c6600000000000008edb9b06075IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{6E0CF89A-8DB6-4F00-A0E4-CE0702DFF055}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=3FA6C7B7-3E3A-4778-A738-8BE5DE9F240F&apn_sauid=E9BDD3BF-A9A1-44BD-8B53-DB7C397BF30FIE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{B1D4E0E0-43ED-40F5-A092-58AE8D19E088}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10009&barid={2A595088-5778-11E2-9A07-08EDB9B06076}IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://searchab.com/?aff=7&uid=2e78f469-577b-11e2-9a07-08edb9b06076&q={searchTerms}IE - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\user\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/01/07 18:33:37 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\user\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013/01/07 18:33:37 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/01/07 18:34:21 | 000,000,000 | ---D | M][2013/01/07 18:33:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions[2013/01/07 18:33:37 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks[2012/12/25 13:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions========== Chrome ==========CHR - homepage: http://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1QzutDzz0E0D0Bzy0BtDyCtDyByCyE0CyCyCtN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=159086521&ir=CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dllCHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dllCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dllCHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllCHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllCHR - Extension: Ask Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.33308_0\CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0\CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\CHR - Extension: Newtab = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.18_0\CHR - Extension: Google Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\CHR - Extension: Shopping Sidekick Plugin = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.23.46_0\crossriderCHR - Extension: Shopping Sidekick Plugin = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.23.46_0\CHR - Extension: Delta Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\CHR - Extension: Smiley Bar for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.5_0\CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\CHR - Extension: PricePeep = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.1.355.0_0\CHR - Extension: Zoomex = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\meljbdedhckbenkhpiifnigmigiaglnc\1\CHR - Extension: SweetPacks Chrome Extension = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.2.0.0_0\CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\CHR - Extension: Ask Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.33308_0\CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.1.3_0\CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\CHR - Extension: Newtab = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\7.0.18_0\CHR - Extension: Google Search = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\CHR - Extension: Shopping Sidekick Plugin = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.23.46_0\crossriderCHR - Extension: Shopping Sidekick Plugin = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlopielgodpjhkbapdlbbicpiefpaack\1.23.46_0\CHR - Extension: Delta Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.1_0\CHR - Extension: Smiley Bar for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.5_0\CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\CHR - Extension: PricePeep = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.1.355.0_0\CHR - Extension: Zoomex = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\meljbdedhckbenkhpiifnigmigiaglnc\1\CHR - Extension: SweetPacks Chrome Extension = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.2.0.0_0\CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\O1 HOSTS File: ([2013/06/11 22:25:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll (Babylon BHO)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)O2 - BHO: (Smiley Bar for Facebook) - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files (x86)\Smiley Bar for Facebook\ScriptHost.dll File not foundO2 - BHO: (Zoomex) - {A716CD2C-6737-2E54-8616-9B74D653A760} - C:\ProgramData\Zoomex\50e899c84b8f8.dll File not foundO2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.4.1\bh\delta.dll (Delta-search.com)O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not foundO3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.4.1\deltaTlbr.dll (Delta-search.com)O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll (Babylon Ltd.)O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O3:64bit: - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)O13 - gopher Prefix: missingO16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE7642BF-84ED-454B-B212-D0603DD946E6}: DhcpNameServer = 10.0.0.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE7642BF-84ED-454B-B212-D0603DD946E6}: NameServer = 216.146.35.240,216.146.36.240,10.0.0.1O18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ==========[2013/06/12 00:06:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe[2013/06/11 23:53:20 | 002,240,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\user\Desktop\tdsskiller.exe[2013/06/11 22:43:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN[2013/06/11 22:19:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2013/06/11 22:19:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2013/06/11 22:19:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2013/06/11 22:19:17 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/06/11 22:19:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt[2013/06/06 19:46:04 | 000,378,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys[2013/06/06 19:46:04 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys[2013/06/06 19:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus[2013/06/06 19:46:03 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys[2013/06/06 19:46:01 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys[2013/06/06 19:46:01 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys[2013/06/06 19:45:54 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe[2013/06/06 19:45:54 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys[2013/06/06 19:44:51 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr[2013/06/06 19:44:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software[2013/06/06 19:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software[2013/06/06 13:52:01 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll[2013/06/06 13:51:51 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll[2013/06/06 13:51:41 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll[2013/06/06 13:51:41 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll[2013/06/06 13:51:41 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll[2013/06/06 13:51:41 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll[2013/06/06 13:51:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs[2013/06/06 13:51:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs[2013/06/06 13:51:41 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs[2013/06/06 13:51:41 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs[2013/06/06 13:51:41 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs[2013/06/06 13:51:41 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs[2013/06/06 13:51:41 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs[2013/06/06 13:51:41 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs[2013/06/06 13:51:41 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs[2013/06/06 13:51:41 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs[2013/06/06 13:51:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs[2013/06/06 13:51:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs[2013/06/06 13:51:41 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs[2013/06/06 13:51:41 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs[2013/06/06 13:51:41 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs[2013/06/06 13:51:41 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs[2013/06/06 13:51:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs[2013/06/06 13:51:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs[2013/06/06 13:51:41 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs[2013/06/06 13:51:41 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs[2013/06/06 13:51:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs[2013/06/06 13:51:41 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs[2013/06/06 13:51:41 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs[2013/06/06 13:51:13 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll[2013/06/06 13:51:12 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll[2013/06/06 13:51:12 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll[2013/06/06 13:51:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe[2013/06/06 13:51:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll[2013/06/06 13:51:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll[2013/06/06 13:51:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll[2013/06/06 13:51:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll[2013/06/06 13:51:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll[2013/06/06 13:51:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll[2013/06/06 13:51:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll[2013/06/06 13:51:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll[2013/06/06 13:51:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll[2013/06/06 13:51:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll[2013/06/06 13:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll[2013/06/06 13:51:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll[2013/06/06 13:51:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll[2013/06/06 13:51:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll[2013/06/06 13:51:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll[2013/06/06 13:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/06/06 13:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll[2013/06/06 13:51:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll[2013/06/06 13:31:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/06/06 13:31:07 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/06/06 13:31:07 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/06/06 13:31:07 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/06/06 13:31:07 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat[2013/06/06 13:31:07 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe[2013/06/06 13:31:07 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll[2013/06/06 13:31:07 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/06/06 13:31:07 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2013/06/06 13:31:07 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/06/06 13:31:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/06/06 13:31:07 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/06/06 13:31:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/06/06 13:31:07 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/06/06 13:31:07 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/06/06 13:31:07 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll[2013/06/06 13:31:07 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec[2013/06/06 13:31:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/06/06 13:31:07 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/06/06 13:31:07 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll[2013/06/06 13:31:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/06/06 13:31:07 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/06/06 13:31:07 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll[2013/06/06 13:31:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll[2013/06/06 13:31:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2013/06/06 13:31:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/06/06 13:31:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/06/06 13:31:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe[2013/06/06 13:31:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/06/06 13:31:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/06/06 13:31:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll[2013/06/06 13:31:07 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe[2013/06/06 13:31:07 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/06/06 13:31:07 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/06/06 13:31:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll[2013/06/06 13:31:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll[2013/06/06 13:31:07 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll[2013/06/06 13:31:07 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/06/06 13:31:07 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/06/06 13:31:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/06/06 13:31:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/06/06 13:31:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll[2013/06/06 13:31:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/06/06 13:31:07 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe[2013/06/06 13:31:07 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe[2013/06/06 13:31:07 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/06/06 13:31:07 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll[2013/06/06 13:31:07 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/06/06 13:31:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx[2013/06/06 13:31:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/06/06 13:31:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/06/06 13:31:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/06/06 13:31:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2013/06/06 13:31:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll[2013/06/06 13:31:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/06/06 13:31:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/06/06 13:31:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/06/06 13:31:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2013/06/06 13:31:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll[2013/06/06 13:31:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/06/06 13:31:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll[2013/06/06 13:31:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2013/06/06 13:31:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/06/06 13:31:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll[2013/06/06 13:31:07 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/06/06 13:31:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe[2013/06/06 13:31:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe[2013/06/06 13:31:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/06/06 13:25:55 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll[2013/06/06 13:25:55 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll[2013/06/06 13:25:55 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll[2013/06/06 13:25:55 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll[2013/06/06 13:25:55 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll[2013/06/06 13:25:55 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll[2013/06/06 13:25:55 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll[2013/06/06 13:25:55 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll[2013/06/06 13:25:55 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll[2013/06/06 13:25:55 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll[2013/06/06 13:25:55 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll[2013/06/06 13:25:55 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll[2013/06/06 13:25:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/06/06 13:25:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/06/06 13:25:55 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/06/06 13:25:55 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/06/06 13:25:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll[2013/06/06 13:25:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/06/06 13:25:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/06/06 13:25:55 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/06/06 13:25:55 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/06/06 13:25:54 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll[2013/06/06 13:25:54 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll[2013/06/06 13:25:54 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll[2013/06/06 13:25:54 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll[2013/06/06 13:25:54 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll[2013/06/06 13:25:54 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll[2013/06/06 13:25:54 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll[2013/06/06 13:25:54 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll[2013/06/06 13:25:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll[2013/06/06 13:25:54 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll[2013/06/06 13:25:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll[2013/06/06 12:16:42 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine[2013/06/05 14:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET[2013/06/05 13:44:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com[2013/06/05 13:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware[2013/06/05 13:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com[2013/06/05 13:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware[2013/06/05 12:26:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes[2013/06/05 12:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/06/05 12:23:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys[2013/06/05 12:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes[2013/06/05 12:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware[2013/06/05 12:22:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Programs[2013/05/30 17:14:59 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%[2013/05/30 16:10:06 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices[2013/05/26 12:18:40 | 000,000,000 | ---D | C] -- C:\Users\user\.minecraft[2013/05/24 18:28:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\.technic[2013/05/16 17:34:03 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys[2013/05/16 17:34:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll[2013/05/16 17:33:56 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll[2013/05/16 17:33:56 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll[2013/05/16 17:33:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll[2013/05/16 17:33:56 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe========== Files - Modified Within 30 Days ==========[2013/06/12 00:04:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe[2013/06/12 00:04:04 | 000,648,201 | ---- | M] () -- C:\Users\user\Desktop\AdwCleaner.exe[2013/06/11 23:59:35 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/06/11 23:59:35 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/06/11 23:55:17 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2013/06/11 23:55:17 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2013/06/11 23:55:17 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2013/06/11 23:50:56 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/06/11 23:50:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/06/11 23:50:27 | 460,079,103 | -HS- | M] () -- C:\hiberfil.sys[2013/06/11 23:36:10 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-609671668-3261406088-2255839349-1000UA.job[2013/06/11 23:15:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/06/11 23:11:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/06/11 22:25:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2013/06/11 20:31:34 | 000,001,808 | ---- | M] () -- C:\Users\user\Documents\SUPERAntiSpyware Free Edition.lnk[2013/06/11 20:00:14 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\user\Desktop\tdsskiller.exe[2013/06/06 19:46:04 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk[2013/06/06 19:45:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt[2013/06/06 18:51:22 | 000,000,206 | ---- | M] () -- C:\Windows\SysNative\MRT.INI[2013/06/06 16:24:39 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-609671668-3261406088-2255839349-1000Core.job[2013/06/06 13:31:07 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/06/06 13:31:07 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/06/06 13:31:07 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/06/06 13:31:07 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat[2013/06/06 13:31:07 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat[2013/06/06 13:31:07 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe[2013/06/06 13:31:07 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll[2013/06/06 13:31:07 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/06/06 13:31:07 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll[2013/06/06 13:31:07 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll[2013/06/06 13:31:07 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/06/06 13:31:07 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll[2013/06/06 13:31:07 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/06/06 13:31:07 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/06/06 13:31:07 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/06/06 13:31:07 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll[2013/06/06 13:31:07 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec[2013/06/06 13:31:07 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/06/06 13:31:07 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec[2013/06/06 13:31:07 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll[2013/06/06 13:31:07 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/06/06 13:31:07 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/06/06 13:31:07 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll[2013/06/06 13:31:07 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll[2013/06/06 13:31:07 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll[2013/06/06 13:31:07 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll[2013/06/06 13:31:07 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/06/06 13:31:07 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe[2013/06/06 13:31:07 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll[2013/06/06 13:31:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe[2013/06/06 13:31:07 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll[2013/06/06 13:31:07 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe[2013/06/06 13:31:07 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe[2013/06/06 13:31:07 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/06/06 13:31:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll[2013/06/06 13:31:07 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll[2013/06/06 13:31:07 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll[2013/06/06 13:31:07 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll[2013/06/06 13:31:07 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll[2013/06/06 13:31:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll[2013/06/06 13:31:07 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll[2013/06/06 13:31:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll[2013/06/06 13:31:07 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/06/06 13:31:07 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe[2013/06/06 13:31:07 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe[2013/06/06 13:31:07 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll[2013/06/06 13:31:07 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll[2013/06/06 13:31:07 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/06/06 13:31:07 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx[2013/06/06 13:31:07 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe[2013/06/06 13:31:07 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe[2013/06/06 13:31:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll[2013/06/06 13:31:07 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll[2013/06/06 13:31:07 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll[2013/06/06 13:31:07 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx[2013/06/06 13:31:07 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll[2013/06/06 13:31:07 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll[2013/06/06 13:31:07 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe[2013/06/06 13:31:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll[2013/06/06 13:31:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll[2013/06/06 13:31:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll[2013/06/06 13:31:07 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll[2013/06/06 13:31:07 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll[2013/06/06 13:31:07 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll[2013/06/06 13:31:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf[2013/06/06 13:31:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf[2013/06/06 13:31:07 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll[2013/06/06 13:31:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe[2013/06/06 13:31:07 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe[2013/06/06 13:31:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe[2013/06/06 13:25:55 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll[2013/06/06 13:25:55 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll[2013/06/06 13:25:55 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll[2013/06/06 13:25:55 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll[2013/06/06 13:25:55 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll[2013/06/06 13:25:55 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll[2013/06/06 13:25:55 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll[2013/06/06 13:25:55 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll[2013/06/06 13:25:55 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll[2013/06/06 13:25:55 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll[2013/06/06 13:25:55 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll[2013/06/06 13:25:55 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll[2013/06/06 13:25:55 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll[2013/06/06 13:25:55 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/06/06 13:25:55 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll[2013/06/06 13:25:55 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/06/06 13:25:55 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/06/06 13:25:55 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll[2013/06/06 13:25:55 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll[2013/06/06 13:25:55 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/06/06 13:25:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/06/06 13:25:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll[2013/06/06 13:25:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/06/06 13:25:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll[2013/06/06 13:25:54 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll[2013/06/06 13:25:54 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll[2013/06/06 13:25:54 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll[2013/06/06 13:25:54 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll[2013/06/06 13:25:54 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll[2013/06/06 13:25:54 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll[2013/06/06 13:25:54 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll[2013/06/06 13:25:54 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll[2013/06/06 13:25:54 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll[2013/06/06 13:25:54 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll[2013/06/05 13:40:23 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk[2013/06/05 12:23:05 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/30 16:14:18 | 000,000,000 | ---- | M] () -- C:\END[2013/05/25 11:05:10 | 001,263,084 | ---- | M] () -- C:\Users\user\Desktop\Survival Horror 1.2.zip[2013/05/24 18:28:52 | 002,468,600 | ---- | M] () -- C:\Users\user\Desktop\TechnicLauncher.exe[2013/05/21 18:53:02 | 000,325,920 | ---- | M] (Sendori) -- C:\Windows\SysWow64\Sendori.dll[2013/05/17 15:27:55 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2013/05/16 17:26:07 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/05/16 17:26:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl========== Files Created - No Company Name ==========[2013/06/12 00:05:28 | 000,648,201 | ---- | C] () -- C:\Users\user\Desktop\AdwCleaner.exe[2013/06/11 22:19:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2013/06/11 22:19:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2013/06/11 22:19:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2013/06/11 22:19:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2013/06/11 22:19:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2013/06/11 20:31:34 | 000,001,808 | ---- | C] () -- C:\Users\user\Documents\SUPERAntiSpyware Free Edition.lnk[2013/06/06 19:46:04 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk[2013/06/06 19:46:01 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys[2013/06/06 19:46:00 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys[2013/06/06 19:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt[2013/06/06 18:51:22 | 000,000,206 | ---- | C] () -- C:\Windows\SysNative\MRT.INI[2013/06/06 13:31:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf[2013/06/06 13:31:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf[2013/06/05 13:40:23 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk[2013/06/05 12:23:05 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk[2013/05/25 11:05:10 | 001,263,084 | ---- | C] () -- C:\Users\user\Desktop\Survival Horror 1.2.zip[2013/05/24 18:28:38 | 002,468,600 | ---- | C] () -- C:\Users\user\Desktop\TechnicLauncher.exe[2013/02/24 16:35:04 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/02/24 16:26:51 | 000,751,141 | ---- | C] () -- C:\Windows\unins000.exe[2013/02/24 16:26:51 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\LAGARITH.DLL[2013/02/24 16:26:51 | 000,060,782 | ---- | C] () -- C:\Windows\unins000.dat[2013/02/24 13:33:14 | 000,077,671 | ---- | C] () -- C:\Users\user\AppData\Local\funmoods_2.0.1.crx[2013/01/02 13:47:46 | 000,703,007 | ---- | C] () -- C:\Users\user\AppData\Roaming\technic-launcher.jar.bak[2012/11/08 19:34:18 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin[2012/11/08 19:34:16 | 000,557,476 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin[2012/11/08 19:34:14 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll[2012/11/08 19:34:12 | 012,978,688 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll[2012/02/03 02:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll========== ZeroAccess Check ==========[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]< End of report > Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690101 Share Posted June 12, 2013 OTL Extras log======================================OTL Extras logfile created on: 6/12/2013 12:08:04 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.10.9200.16576)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy5.90 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 78.30% Memory free11.81 Gb Paging File | 10.46 Gb Available in Paging File | 88.61% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 698.54 Gb Total Space | 651.71 Gb Free Space | 93.30% Space Free | Partition Type: NTFSDrive E: | 7.60 Gb Total Space | 6.89 Gb Free Space | 90.66% Space Free | Partition Type: FAT32Computer Name: USER-PC | User Name: user | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.).url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation).html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)[HKEY_USERS\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Classes\<extension>].html [@ = ChromeHTML] -- Reg Error: Key error. File not found========== Shell Spawning ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)exefile [open] -- "%1" %*helpfile [open] -- Reg Error: Key error.htmlfile [edit] -- Reg Error: Key error.htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [explore] -- Reg Error: Value error.Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.========== Security Center Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"cval" = 1"FirewallDisableNotify" = 0"AntiVirusDisableNotify" = 0"UpdatesDisableNotify" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]"AntiVirusOverride" = 0"AntiSpywareOverride" = 0"FirewallOverride" = 064bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0========== Firewall Settings ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile][HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"DisableNotifications" = 0"EnableFirewall" = 1[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]"DisableNotifications" = 0"EnableFirewall" = 1========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]========== Vista Active Open Ports Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]========== Vista Active Application Exception List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]========== HKEY_LOCAL_MACHINE Uninstall List ==========64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64"{3AF5FAB4-8D3F-4398-A173-C51DE116D842}" = ZoomEx"{549AD5FB-F52D-4307-864A-C0008FB35D96}" = VCCx64"{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.12.02"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile"SynTPDeinstKey" = Synaptics Pointing Device Driver"WinRAR archiver" = WinRAR 4.20 (64-bit)"ZoomEx" =[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect"{177586E7-E42E-4F38-83D1-D15B4AF5B714}" = Delta Chrome Toolbar"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer"{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{53820F89-063F-10D7-7457-06C201F4CBF0}" ="{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components"{662140BE-138C-4DC1-B4CD-B62C6C855A25}" = Pirate101"{6FD21053-829D-40E7-B04C-CAFB7D5CD025}" = KUx86"{70991E0A-1108-437E-BA7D-085702C670C0}" ="{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{803E4FA5-A940-4420-B89D-A8BC2E160247}" ="{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar"{8E797841-A110-41FD-B17A-3ABC0641187A}" = VAIO Control Center"{91B9368F-6C6F-3DB5-9CBA-6CAD56035B26}" = Google Talk Plugin"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7"{A49A517F-5332-4665-922C-6D9AD31ADD4F}" = VSNx86"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1" = 24x7 Help"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86"{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}" = VCCx86"{E727B31A-8B24-4C1C-934A-69634E0D2C0B}" = Qualcomm Atheros WiFi Driver Installation"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center"{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1" = Ezvid"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"avast" = avast! Free Antivirus"BabylonToolbar" = Babylon toolbar"delta" = Delta toolbar "ESET Online Scanner" = ESET Online Scanner v3"Flash Player Pro_is1" = Flash Player Pro V5.4"Fraps" = Fraps"Google Chrome" = Google Chrome"LAGARITH" = Lagarith lossless video codec (Remove Only)"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300"PricePeep" = PricePeep"PrivitizeVPN" = PrivitizeVPN"Sendori" = Sendori"Smiley Bar for Facebook" = Smiley Bar for Facebook"SP_5dec30d7" ="VideoPerformer" = VideoPerformer"Wajam" = Wajam"Yahoo! Companion" = Yahoo! Toolbar"Yahoo! Messenger" = Yahoo! Messenger"Yahoo! Software Update" = Yahoo! Software Update========== HKEY_USERS Uninstall List ==========[HKEY_USERS\S-1-5-21-609671668-3261406088-2255839349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater========== Last 20 Event Log Errors ==========[ Application Events ]Error - 6/11/2013 9:33:51 PM | Computer Name = user-PC | Source = SendoriService | ID = 99Description = Object reference not set to an instance of an object.Error - 6/11/2013 10:43:09 PM | Computer Name = user-PC | Source = WinMgmt | ID = 10Description =Error - 6/11/2013 10:44:35 PM | Computer Name = user-PC | Source = SendoriService | ID = 99Description = Object reference not set to an instance of an object.Error - 6/11/2013 10:52:01 PM | Computer Name = user-PC | Source = WinMgmt | ID = 10Description =Error - 6/11/2013 10:53:31 PM | Computer Name = user-PC | Source = SendoriService | ID = 99Description = Object reference not set to an instance of an object.Error - 6/11/2013 11:11:14 PM | Computer Name = user-PC | Source = SideBySide | ID = 16842832Description = Activation context generation failed for "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.Error - 6/11/2013 11:44:46 PM | Computer Name = user-PC | Source = WinMgmt | ID = 10Description =Error - 6/11/2013 11:46:17 PM | Computer Name = user-PC | Source = SendoriService | ID = 99Description = Object reference not set to an instance of an object.Error - 6/11/2013 11:51:06 PM | Computer Name = user-PC | Source = WinMgmt | ID = 10Description =Error - 6/11/2013 11:52:35 PM | Computer Name = user-PC | Source = SendoriService | ID = 99Description = Object reference not set to an instance of an object.[ System Events ]Error - 4/28/2013 3:30:09 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7006Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5Error - 4/28/2013 3:30:10 PM | Computer Name = user-PC | Source = NetBT | ID = 4321Description = The name "USER-PC :0" could not be registered on the interface with IP address 10.0.0.21. The computer with the IP address 10.0.0.11 did not allow the name to be claimed by this computer.Error - 4/28/2013 3:30:12 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7006Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5Error - 4/28/2013 3:30:18 PM | Computer Name = user-PC | Source = NetBT | ID = 4321Description = The name "USER-PC :0" could not be registered on the interface with IP address 10.0.0.21. The computer with the IP address 10.0.0.11 did not allow the name to be claimed by this computer.Error - 4/28/2013 3:31:34 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7022Description = The Service Sendori service hung on starting.Error - 4/28/2013 3:31:36 PM | Computer Name = user-PC | Source = Server | ID = 2505Description = The server could not bind to the transport \Device\NetBT_Tcpip_{EE7642BF-84ED-454B-B212-D0603DD946E6} because another computer on the network has the same name. The server could not start.Error - 4/28/2013 3:31:36 PM | Computer Name = user-PC | Source = NetBT | ID = 4321Description = The name "USER-PC :20" could not be registered on the interface with IP address 10.0.0.21. The computer with the IP address 10.0.0.11 did not allow the name to be claimed by this computer.Error - 4/28/2013 3:32:15 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7023Description = The Function Discovery Resource Publication service terminated with the following error: %%-2147024891Error - 4/28/2013 3:32:15 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7001Description = The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891Error - 4/28/2013 3:32:43 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7006Description = The ScRegSetValueExW call failed for FailureActions with the following error: %%5< End of report > Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690102 Share Posted June 12, 2013 ESET Scan Log======================================C:\TDSSKiller_Quarantine\06.06.2013_09.14.49\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.BC trojan cleaned by deleting - quarantinedC:\TDSSKiller_Quarantine\06.06.2013_09.14.49\mbr0000\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYZ trojan cleaned by deleting - quarantined Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690104 Share Posted June 12, 2013 ----------Step 1----------------We need to run an OTL FixPlease reopen on your desktop.Copy and Paste the following code into the textbox.:OTL:OTL[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]:Commands[purity][emptytemp][emptyjava][emptyflash][Reboot]Push OTL may ask to reboot the machine. Please do so if asked.Click the OK button.A report will open. Copy and Paste that report in your next reply.----------Step 2----------------Instructions for DELETE:Close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.You will be prompted to restart your computer. A text file will open after the restart.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[s1].txt as well.----------Step 3----------------Please post the OTL and AdwCleaner reports in your next reply. How are things running now? Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690108 Share Posted June 12, 2013 Booting up is super slow, after the Welcome screen, it sits at a black screen for about 2 minutes before finally getting to desktopOTL LOG-----------------------------------------------------All processes killed========== OTL ==================== OTL ==========C:\Windows\assembly\Desktop.ini moved successfully.File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.========== COMMANDS ==========[EMPTYTEMP]User: All UsersUser: Default->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytesUser: Default User->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 0 bytesUser: Public->Temp folder emptied: 0 bytesUser: user->Temp folder emptied: 0 bytes->Temporary Internet Files folder emptied: 4089503 bytes->Java cache emptied: 233938 bytes->Google Chrome cache emptied: 11150231 bytes->Flash cache emptied: 536 bytes%systemdrive% .tmp files removed: 0 bytes%systemroot% .tmp files removed: 0 bytes%systemroot%\System32 .tmp files removed: 0 bytes%systemroot%\System32 (64bit) .tmp files removed: 0 bytes%systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 153778 bytes%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128141852 bytesRecycleBin emptied: 15469651 bytesTotal Files Cleaned = 152.00 mb[EMPTYJAVA]User: All UsersUser: DefaultUser: Default UserUser: PublicUser: user->Java cache emptied: 0 bytesTotal Java Files Cleaned = 0.00 mb[EMPTYFLASH]User: All UsersUser: DefaultUser: Default UserUser: PublicUser: user->Flash cache emptied: 0 bytesTotal Flash Files Cleaned = 0.00 mbOTL by OldTimer - Version 3.2.69.0 log created on 06122013_014419Files\Folders moved on Reboot...C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.File move failed. C:\Windows\temp\sndappv2.log scheduled to be moved on reboot.C:\Windows\temp\~DF8C65D56E8AF55691.TMP moved successfully.PendingFileRenameOperations files...Registry entries deleted on Reboot... Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690109 Share Posted June 12, 2013 AdwCleaner LOG===================================# AdwCleaner v2.303 - Logfile created 06/12/2013 at 01:50:12# Updated 08/06/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : user - USER-PC# Boot Mode : Normal# Running from : C:\Users\user\Desktop\AdwCleaner.exe# Option [Delete]***** [services] *****Stopped & Deleted : 24x7HelpSvcStopped & Deleted : BrowserProtectStopped & Deleted : WajamUpdater***** [Files / Folders] *****Deleted on reboot : C:\ProgramData\Browser ManagerFile Deleted : C:\ENDFolder Deleted : C:\Program Files (x86)\Ask.comFolder Deleted : C:\Program Files (x86)\BabylonToolbarFolder Deleted : C:\Program Files (x86)\DeltaFolder Deleted : C:\Program Files (x86)\ExpressFilesFolder Deleted : C:\Program Files (x86)\file scoutFolder Deleted : C:\Program Files (x86)\Search Results ToolbarFolder Deleted : C:\Program Files (x86)\Shopping Sidekick PluginFolder Deleted : C:\Program Files (x86)\Smiley Bar for FacebookFolder Deleted : C:\Program Files (x86)\SweetIMFolder Deleted : C:\Program Files (x86)\WajamFolder Deleted : C:\Program Files (x86)\YontooFolder Deleted : C:\Program Files (x86)\ZoomexFolder Deleted : C:\ProgramData\AskFolder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\boost_interprocessFolder Deleted : C:\ProgramData\BrowserProtectFolder Deleted : C:\ProgramData\InstallMateFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 HelpFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoomexFolder Deleted : C:\ProgramData\PremiumFolder Deleted : C:\ProgramData\SweetIMFolder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\ProgramData\ZoomexFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmloFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphhFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehojFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekknFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjpFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbombFolder Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcjFolder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}Folder Deleted : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}***** [Registry] *****Key Deleted : HKCU\Software\24x7HELPKey Deleted : HKCU\Software\APNKey Deleted : HKCU\Software\AppDataLow\Software\AskToolbarKey Deleted : HKCU\Software\AppDataLow\Software\CrossriderKey Deleted : HKCU\Software\AppDataLow\Software\PricePeepKey Deleted : HKCU\Software\AppDataLow\Software\Shopping Sidekick PluginKey Deleted : HKCU\Software\AppDataLow\SProtectorKey Deleted : HKCU\Software\Ask.comKey Deleted : HKCU\Software\BabylonToolbarKey Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKCU\Software\DeltaKey Deleted : HKCU\Software\ExpressFilesKey Deleted : HKCU\Software\filescoutKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\InstalledBrowserExtensionsKey Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettingsKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}Key Deleted : HKCU\Software\PrivitizeVPNInstallDatesKey Deleted : HKCU\Software\StartSearchKey Deleted : HKCU\Software\WajamKey Deleted : HKCU\Software\5f08dd9b06fea47Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\Software\24x7HELPKey Deleted : HKLM\Software\APNKey Deleted : HKLM\Software\AskToolbarKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\BabylonToolbarKey Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Key Deleted : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLLKey Deleted : HKLM\SOFTWARE\Classes\bKey Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBndKey Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCoreKey Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlprKey Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.BHOKey Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.SandboxKey Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021802.Sandbox.1Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCoreKey Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPaneKey Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1Key Deleted : HKLM\Software\Classes\Installer\Features\237AA359BFA99C94484AF769ACA080ADKey Deleted : HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEFKey Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4BKey Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50BKey Deleted : HKLM\Software\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080ADKey Deleted : HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEFKey Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4BKey Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50BKey Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtilsKey Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimatorKey Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\ScriptHost.ToolKey Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1Key Deleted : HKLM\SOFTWARE\Classes\sim-packagesKey Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHOKey Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloaderKey Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.ApiKey Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1Key Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\DeltaKey Deleted : HKLM\Software\ExpressFilesKey Deleted : HKLM\Software\InstallCoreKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exeKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\Software\SP GlobalKey Deleted : HKLM\Software\SProtectorKey Deleted : HKLM\Software\WajamKey Deleted : HKLM\SOFTWARE\Wow6432Node\5f08dd9b06fea47Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmloKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekknKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjpKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbombKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlcKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcjKey Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefphKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A716CD2C-6737-2E54-8616-9B74D653A760}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbarKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DeltaKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeepKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for FacebookKey Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajamKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdaterKey Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphhKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdaterKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEFKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]***** [internet Browsers] *****-\\ Internet Explorer v10.0.9200.16576[OK] Registry is clean.-\\ Google Chrome v27.0.1453.110*************************AdwCleaner[R1].txt - [32987 octets] - [12/06/2013 00:06:47]AdwCleaner[s1].txt - [35237 octets] - [12/06/2013 01:50:12]########## EOF - C:\AdwCleaner[s1].txt - [35298 octets] ########## Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690110 Share Posted June 12, 2013 AdwCleaner got rid of a bunch of junk, so try rebooting now. Is it still really slow?Edit: It's 1AM here so I'll check back tomorrow morning. Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690113 Share Posted June 12, 2013 WOW from Welcome to Desktop almost instantly!! Much faster, are we clean now? Tanks so much for the help tonight, hopefully can finish this up tommorow. Thank you! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690118 Share Posted June 12, 2013 Glad to hear things are running better. Judging by your last few logs, I'd say your system is clean. Before we move on, please take the time to install the following updates. Program updates are a critical part of your computer's safety net, as outdated applications leave you vulnerable to malware.---------Your version of Avast antivirus is outdated. Please download the latest one from here: http://www.avast.com/en-us/index---------Upgrade Java : (64 bits)Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 3 .Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.Check the box that says: "Accept License Agreement.".Click on the link to download Windows Offline Installation 64 bit ( jre-7u3-windows-x64.exe) and save it to your desktop. Do NOT use the Sun Download Manager..Close any programs you may have running - especially your web browser.Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.Check any item with Java Runtime Environment (JRE or J2SE) in the name.Click the Remove or Change/Remove button.Repeat as many times as necessary to remove each Java version.Reboot your computer once all Java components are removed.Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u3-windows-x64.exe and select "Run as an Administrator.")---------Please let me know how the updates went, as failed updates may be dule to malware. Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690220 Share Posted June 12, 2013 Updates went OK Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690225 Share Posted June 12, 2013 Glad to hear the updates went successfully!Unless there are any other issues, I will now provide you with some steps to better protect your computer.First, however we need to remove ComboFix.The following will implement some cleanup procedures as well as reset System Restore points:Click Start > Run and copy/paste the following bolded text into the Run box and click OK:ComboFix /Uninstall -------------------Let's remove OTL and the other tools we used as well:Reopen on your desktop.Click on You will be prompted to reboot your system. Please do so.-------------------Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future. Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.-------------------It is really dangerous to go online without an antivirus. Without one, you are extremely likely to get infected and the consequences could be even worse next time. All of the following are excellent free antiviruses. Be sure to only install one.avast!.AntiVirAVGMicrosoft Security Essentials-------------------Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:Spybot-Search & DestroyA tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features if you don't have the resident part of another anti-spyware program running.SpywareBlasterA tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.SpywareGuardA tutorial on using SpywareGuard for real-time protection against spyware and hijackers may be found here.-------------------Please, consider maintaining a firewall with HIPS (Host Intrusion Prevention Systems). Firewalls are extremely important and are the first part of your computer's defense. HIPS stops malware by monitoring its behavior and it's very important, too. A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.If you are using the Windows Firewall please note that it doesn't monitor or block outbound traffic and is therefore less effective than other free alternatives.These firewalls are good and do have free versions availableOutpost Firewall Free Online Armor FirewallA tutorial on understanding and using firewalls may be found here.-------------------Please keep your security programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time.-------------------Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:http://www.spywarewa...nti-spyware.htmA similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.-------------------Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Opera is another good option.If you are interested, Firefox may be downloaded from hereOpera is available here: http://www.opera.com/download/-------------------For more useful information, please also read Tony Klein's excellent article: How did I get infected in the first placeHopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.-------------------I would grateful if you could reply to this post so that I know you have read it and, if you have no other questions, the thread can then be closed.I will leave the thread open for a few more days. If you need anything, just come back here and let me know. After that time you will have to send me a PM.---------------------------------------------------------My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against malware, then click here: Every little bit helps. -DFB Link to post Share on other sites More sharing options...
loveyeshu Posted June 12, 2013 Author ID:690237 Share Posted June 12, 2013 Thank you so much for all your help, it was awesome and super fast!! I will definitely be donating for your help. Thank you!! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 12, 2013 ID:690239 Share Posted June 12, 2013 Thank you very much, I appreciate it. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 13, 2013 Root Admin ID:690412 Share Posted June 13, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts