Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google redirect malware to multiple websites


  • This topic is locked This topic is locked
11 replies to this topic

#1 dabishop

dabishop

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 21 July 2012 - 01:48 PM

I have experiencing an issue with google redirect to multiple websites.


14:42:11.0422 5668 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
14:42:11.0788 5668 ============================================================
14:42:11.0788 5668 Current date / time: 2012/07/21 14:42:11.0788
14:42:11.0788 5668 SystemInfo:
14:42:11.0788 5668
14:42:11.0788 5668 OS Version: 6.1.7601 ServicePack: 1.0
14:42:11.0788 5668 Product type: Workstation
14:42:11.0788 5668 ComputerName: NEILnoname-PC
14:42:11.0788 5668 UserName: Neil noname
14:42:11.0788 5668 Windows directory: C:\windows
14:42:11.0788 5668 System windows directory: C:\windows
14:42:11.0788 5668 Running under WOW64
14:42:11.0788 5668 Processor architecture: Intel x64
14:42:11.0788 5668 Number of processors: 2
14:42:11.0788 5668 Page size: 0x1000
14:42:11.0788 5668 Boot type: Normal boot
14:42:11.0788 5668 ============================================================
14:42:12.0177 5668 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:12.0185 5668 ============================================================
14:42:12.0185 5668 \Device\Harddisk0\DR0:
14:42:12.0185 5668 MBR partitions:
14:42:12.0185 5668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
14:42:12.0185 5668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1F9C8C00
14:42:12.0215 5668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1FA2E400, BlocksNum 0x3C7E000
14:42:12.0215 5668 ============================================================
14:42:12.0269 5668 C: <-> \Device\Harddisk0\DR0\Partition1
14:42:12.0331 5668 D: <-> \Device\Harddisk0\DR0\Partition2
14:42:12.0331 5668 ============================================================
14:42:12.0331 5668 Initialize success
14:42:12.0331 5668 ============================================================
14:42:14.0359 3732 ============================================================
14:42:14.0359 3732 Scan started
14:42:14.0359 3732 Mode: Manual;
14:42:14.0359 3732 ============================================================
14:42:15.0168 3732 !SASCORE (6b9a496ed67631da8adb802461876c36) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:42:15.0172 3732 !SASCORE - ok
14:42:15.0391 3732 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
14:42:15.0403 3732 1394ohci - ok
14:42:15.0474 3732 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
14:42:15.0480 3732 ACPI - ok
14:42:15.0527 3732 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
14:42:15.0529 3732 AcpiPmi - ok
14:42:15.0578 3732 ACPIVPC (2e68544bce94de6677f700cf1d582b6d) C:\windows\system32\DRIVERS\AcpiVpc.sys
14:42:15.0579 3732 ACPIVPC - ok
14:42:15.0743 3732 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:15.0745 3732 AdobeARMservice - ok
14:42:15.0987 3732 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:42:15.0991 3732 AdobeFlashPlayerUpdateSvc - ok
14:42:16.0072 3732 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
14:42:16.0082 3732 adp94xx - ok
14:42:16.0141 3732 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
14:42:16.0159 3732 adpahci - ok
14:42:16.0206 3732 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
14:42:16.0215 3732 adpu320 - ok
14:42:16.0256 3732 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
14:42:16.0257 3732 AeLookupSvc - ok
14:42:16.0357 3732 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
14:42:16.0364 3732 AFD - ok
14:42:16.0424 3732 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
14:42:16.0427 3732 agp440 - ok
14:42:16.0479 3732 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
14:42:16.0493 3732 ALG - ok
14:42:16.0555 3732 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
14:42:16.0557 3732 aliide - ok
14:42:16.0723 3732 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
14:42:16.0745 3732 Amazon Download Agent - ok
14:42:16.0802 3732 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
14:42:16.0804 3732 amdide - ok
14:42:16.0850 3732 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
14:42:16.0852 3732 AmdK8 - ok
14:42:16.0869 3732 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
14:42:16.0870 3732 AmdPPM - ok
14:42:16.0922 3732 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
14:42:16.0924 3732 amdsata - ok
14:42:16.0976 3732 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
14:42:16.0986 3732 amdsbs - ok
14:42:17.0014 3732 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
14:42:17.0016 3732 amdxata - ok
14:42:17.0072 3732 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
14:42:17.0072 3732 AppID - ok
14:42:17.0122 3732 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
14:42:17.0122 3732 AppIDSvc - ok
14:42:17.0182 3732 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
14:42:17.0182 3732 Appinfo - ok
14:42:17.0342 3732 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:42:17.0342 3732 Apple Mobile Device - ok
14:42:17.0452 3732 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
14:42:17.0452 3732 arc - ok
14:42:17.0472 3732 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
14:42:17.0472 3732 arcsas - ok
14:42:17.0602 3732 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:42:17.0612 3732 aspnet_state - ok
14:42:17.0652 3732 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
14:42:17.0652 3732 AsyncMac - ok
14:42:17.0722 3732 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
14:42:17.0722 3732 atapi - ok
14:42:17.0862 3732 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:42:17.0993 3732 AudioEndpointBuilder - ok
14:42:18.0010 3732 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
14:42:18.0017 3732 AudioSrv - ok
14:42:18.0562 3732 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
14:42:18.0696 3732 AVGIDSAgent - ok
14:42:18.0899 3732 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
14:42:18.0903 3732 AVGIDSDriver - ok
14:42:18.0959 3732 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
14:42:18.0961 3732 AVGIDSEH - ok
14:42:18.0999 3732 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
14:42:19.0000 3732 AVGIDSFilter - ok
14:42:19.0077 3732 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\windows\system32\DRIVERS\avgldx64.sys
14:42:19.0090 3732 Avgldx64 - ok
14:42:19.0120 3732 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\windows\system32\DRIVERS\avgmfx64.sys
14:42:19.0130 3732 Avgmfx64 - ok
14:42:19.0160 3732 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\windows\system32\DRIVERS\avgrkx64.sys
14:42:19.0160 3732 Avgrkx64 - ok
14:42:19.0200 3732 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\windows\system32\DRIVERS\avgtdia.sys
14:42:19.0200 3732 Avgtdia - ok
14:42:19.0300 3732 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
14:42:19.0300 3732 avgwd - ok
14:42:19.0370 3732 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
14:42:19.0370 3732 AxInstSV - ok
14:42:19.0450 3732 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
14:42:19.0460 3732 b06bdrv - ok
14:42:19.0510 3732 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
14:42:19.0520 3732 b57nd60a - ok
14:42:19.0620 3732 BcmSqlStartupSvc (6163664c7e9cd110af70180c126c3fdc) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:42:19.0620 3732 BcmSqlStartupSvc - ok
14:42:19.0690 3732 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
14:42:19.0690 3732 BDESVC - ok
14:42:19.0720 3732 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
14:42:19.0730 3732 Beep - ok
14:42:19.0910 3732 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
14:42:19.0920 3732 BFE - ok
14:42:20.0040 3732 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\system32\qmgr.dll
14:42:20.0060 3732 BITS - ok
14:42:20.0152 3732 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
14:42:20.0154 3732 blbdrive - ok
14:42:20.0289 3732 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
14:42:20.0296 3732 Bonjour Service - ok
14:42:20.0363 3732 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
14:42:20.0378 3732 bowser - ok
14:42:20.0409 3732 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
14:42:20.0411 3732 BrFiltLo - ok
14:42:20.0444 3732 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
14:42:20.0446 3732 BrFiltUp - ok
14:42:20.0482 3732 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
14:42:20.0497 3732 Bridge0 - ok
14:42:20.0537 3732 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
14:42:20.0552 3732 BridgeMP - ok
14:42:20.0593 3732 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
14:42:20.0615 3732 Browser - ok
14:42:20.0667 3732 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
14:42:20.0693 3732 Brserid - ok
14:42:20.0706 3732 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
14:42:20.0708 3732 BrSerWdm - ok
14:42:20.0733 3732 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
14:42:20.0734 3732 BrUsbMdm - ok
14:42:20.0775 3732 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
14:42:20.0776 3732 BrUsbSer - ok
14:42:20.0834 3732 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
14:42:20.0837 3732 BthEnum - ok
14:42:20.0877 3732 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
14:42:20.0881 3732 BTHMODEM - ok
14:42:20.0907 3732 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
14:42:20.0922 3732 BthPan - ok
14:42:21.0014 3732 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
14:42:21.0032 3732 BTHPORT - ok
14:42:21.0116 3732 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
14:42:21.0129 3732 bthserv - ok
14:42:21.0153 3732 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
14:42:21.0154 3732 BTHUSB - ok
14:42:21.0349 3732 Cam5607 (c9b6e9df902d86a63791191ca2445ec7) C:\windows\system32\Drivers\BisonC07.sys
14:42:21.0394 3732 Cam5607 - ok
14:42:21.0438 3732 catchme - ok
14:42:21.0489 3732 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
14:42:21.0491 3732 cdfs - ok
14:42:21.0557 3732 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
14:42:21.0578 3732 cdrom - ok
14:42:21.0644 3732 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:42:21.0658 3732 CertPropSvc - ok
14:42:21.0714 3732 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
14:42:21.0715 3732 circlass - ok
14:42:21.0781 3732 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
14:42:21.0798 3732 CLFS - ok
14:42:21.0873 3732 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:42:21.0875 3732 clr_optimization_v2.0.50727_32 - ok
14:42:21.0932 3732 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:42:21.0935 3732 clr_optimization_v2.0.50727_64 - ok
14:42:22.0041 3732 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:42:22.0043 3732 clr_optimization_v4.0.30319_32 - ok
14:42:22.0131 3732 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:42:22.0134 3732 clr_optimization_v4.0.30319_64 - ok
14:42:22.0177 3732 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
14:42:22.0178 3732 CmBatt - ok
14:42:22.0209 3732 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
14:42:22.0209 3732 cmdide - ok
14:42:22.0299 3732 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
14:42:22.0312 3732 CNG - ok
14:42:22.0367 3732 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
14:42:22.0368 3732 Compbatt - ok
14:42:22.0430 3732 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
14:42:22.0432 3732 CompositeBus - ok
14:42:22.0442 3732 COMSysApp - ok
14:42:22.0471 3732 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
14:42:22.0472 3732 crcdisk - ok
14:42:22.0514 3732 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
14:42:22.0527 3732 CryptSvc - ok
14:42:22.0585 3732 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\windows\system32\DRIVERS\ctxusbm.sys
14:42:22.0587 3732 ctxusbm - ok
14:42:22.0646 3732 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\windows\system32\DRIVERS\dc3d.sys
14:42:22.0648 3732 dc3d - ok
14:42:22.0742 3732 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:42:22.0748 3732 DcomLaunch - ok
14:42:22.0909 3732 DDNIMSGService (1fa2e249364050217091ca073f5cf9eb) C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
14:42:22.0911 3732 DDNIMSGService - ok
14:42:22.0955 3732 DDNIService (2bddf5b479bdb30651f06f59645ea733) C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
14:42:22.0957 3732 DDNIService - ok
14:42:23.0020 3732 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
14:42:23.0058 3732 defragsvc - ok
14:42:23.0105 3732 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
14:42:23.0107 3732 DfsC - ok
14:42:23.0272 3732 DfSdkS (d51b32ba3897f630d99713b74b40d6a2) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
14:42:23.0285 3732 DfSdkS - ok
14:42:23.0355 3732 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
14:42:23.0374 3732 Dhcp - ok
14:42:23.0428 3732 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
14:42:23.0429 3732 discache - ok
14:42:23.0475 3732 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
14:42:23.0477 3732 Disk - ok
14:42:23.0524 3732 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
14:42:23.0548 3732 Dnscache - ok
14:42:23.0625 3732 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
14:42:23.0659 3732 dot3svc - ok
14:42:23.0700 3732 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
14:42:23.0711 3732 DPS - ok
14:42:23.0738 3732 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
14:42:23.0739 3732 drmkaud - ok
14:42:23.0834 3732 dsNcAdpt (3eef0b3489edbf725564e17c77cabafd) C:\windows\system32\DRIVERS\dsNcAdpt.sys
14:42:23.0836 3732 dsNcAdpt - ok
14:42:23.0986 3732 dsNcService (b9750c064b43c7a3bbc8a74f1127aa4e) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
14:42:23.0994 3732 dsNcService - ok
14:42:24.0160 3732 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
14:42:24.0210 3732 DXGKrnl - ok
14:42:24.0270 3732 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
14:42:24.0280 3732 EapHost - ok
14:42:24.0633 3732 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
14:42:24.0688 3732 ebdrv - ok
14:42:24.0889 3732 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
14:42:24.0890 3732 EFS - ok
14:42:25.0039 3732 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
14:42:25.0059 3732 ehRecvr - ok
14:42:25.0110 3732 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
14:42:25.0113 3732 ehSched - ok
14:42:25.0222 3732 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
14:42:25.0249 3732 elxstor - ok
14:42:25.0304 3732 enecir (524c79054636d2e5751169005006460b) C:\windows\system32\DRIVERS\enecir.sys
14:42:25.0309 3732 enecir - ok
14:42:25.0355 3732 enecirhid (e17eb95358f396e27d573a1b20f891f8) C:\windows\system32\DRIVERS\enecirhid.sys
14:42:25.0357 3732 enecirhid - ok
14:42:25.0375 3732 enecirhidma (8492d808c79bd6fe439f77be84956cdf) C:\windows\system32\DRIVERS\enecirhidma.sys
14:42:25.0375 3732 enecirhidma - ok
14:42:25.0411 3732 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
14:42:25.0412 3732 ErrDev - ok
14:42:25.0476 3732 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
14:42:25.0495 3732 EventSystem - ok
14:42:25.0565 3732 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
14:42:25.0576 3732 exfat - ok
14:42:25.0591 3732 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
14:42:25.0594 3732 fastfat - ok
14:42:25.0718 3732 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
14:42:25.0731 3732 Fax - ok
14:42:25.0817 3732 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
14:42:25.0819 3732 fdc - ok
14:42:25.0834 3732 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
14:42:25.0835 3732 fdPHost - ok
14:42:25.0855 3732 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
14:42:25.0857 3732 FDResPub - ok
14:42:25.0879 3732 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
14:42:25.0881 3732 FileInfo - ok
14:42:25.0889 3732 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
14:42:25.0891 3732 Filetrace - ok
14:42:25.0915 3732 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
14:42:25.0916 3732 flpydisk - ok
14:42:25.0948 3732 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
14:42:25.0957 3732 FltMgr - ok
14:42:26.0112 3732 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
14:42:26.0147 3732 FontCache - ok
14:42:26.0257 3732 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:42:26.0267 3732 FontCache3.0.0.0 - ok
14:42:26.0337 3732 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
14:42:26.0337 3732 FsDepends - ok
14:42:26.0377 3732 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\windows\system32\DRIVERS\fssfltr.sys
14:42:26.0377 3732 fssfltr - ok
14:42:26.0597 3732 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:42:26.0637 3732 fsssvc - ok
14:42:26.0827 3732 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
14:42:26.0827 3732 Fs_Rec - ok
14:42:26.0877 3732 funfrm (6ccf66bca3d24146cb8b0930dba1448f) C:\windows\system32\drivers\funfrm.sys
14:42:26.0877 3732 funfrm - ok
14:42:26.0947 3732 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
14:42:26.0947 3732 fvevol - ok
14:42:26.0997 3732 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
14:42:26.0997 3732 gagp30kx - ok
14:42:27.0047 3732 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:42:27.0047 3732 GEARAspiWDM - ok
14:42:27.0173 3732 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
14:42:27.0189 3732 gpsvc - ok
14:42:27.0283 3732 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:42:27.0285 3732 gupdate - ok
14:42:27.0309 3732 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:42:27.0310 3732 gupdatem - ok
14:42:27.0341 3732 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
14:42:27.0344 3732 hcw85cir - ok
14:42:27.0415 3732 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
14:42:27.0442 3732 HdAudAddService - ok
14:42:27.0480 3732 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
14:42:27.0481 3732 HDAudBus - ok
14:42:27.0507 3732 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
14:42:27.0508 3732 HidBatt - ok
14:42:27.0531 3732 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
14:42:27.0533 3732 HidBth - ok
14:42:27.0560 3732 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
14:42:27.0562 3732 HidIr - ok
14:42:27.0589 3732 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
14:42:27.0591 3732 hidserv - ok
14:42:27.0622 3732 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
14:42:27.0623 3732 HidUsb - ok
14:42:27.0670 3732 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
14:42:27.0672 3732 hkmsvc - ok
14:42:27.0716 3732 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
14:42:27.0739 3732 HomeGroupListener - ok
14:42:27.0809 3732 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
14:42:27.0822 3732 HomeGroupProvider - ok
14:42:27.0870 3732 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
14:42:27.0871 3732 HpSAMD - ok
14:42:27.0949 3732 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
14:42:27.0965 3732 HTTP - ok
14:42:28.0012 3732 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
14:42:28.0012 3732 hwpolicy - ok
14:42:28.0040 3732 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
14:42:28.0042 3732 i8042prt - ok
14:42:28.0167 3732 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:42:28.0172 3732 IAANTMON - ok
14:42:28.0253 3732 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys
14:42:28.0259 3732 iaStor - ok
14:42:28.0333 3732 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
14:42:28.0371 3732 iaStorV - ok
14:42:28.0554 3732 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:42:28.0581 3732 idsvc - ok
14:42:29.0204 3732 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
14:42:29.0268 3732 igfx - ok
14:42:29.0387 3732 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
14:42:29.0387 3732 IGRS - ok
14:42:29.0538 3732 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
14:42:29.0540 3732 iirsp - ok
14:42:29.0691 3732 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
14:42:29.0716 3732 IKEEXT - ok
14:42:30.0024 3732 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\windows\system32\drivers\RTKVHD64.sys
14:42:30.0064 3732 IntcAzAudAddService - ok
14:42:30.0218 3732 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
14:42:30.0220 3732 intelide - ok
14:42:30.0262 3732 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
14:42:30.0263 3732 intelppm - ok
14:42:30.0301 3732 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
14:42:30.0313 3732 IPBusEnum - ok
14:42:30.0363 3732 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
14:42:30.0377 3732 IpFilterDriver - ok
14:42:30.0425 3732 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
14:42:30.0429 3732 IPMIDRV - ok
14:42:30.0451 3732 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
14:42:30.0456 3732 IPNAT - ok
14:42:30.0650 3732 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
14:42:30.0666 3732 iPod Service - ok
14:42:30.0694 3732 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
14:42:30.0695 3732 IRENUM - ok
14:42:30.0731 3732 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
14:42:30.0732 3732 isapnp - ok
14:42:30.0828 3732 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
14:42:30.0844 3732 iScsiPrt - ok
14:42:30.0913 3732 k57nd60a (08dd34f74d65e1c8f238565570952630) C:\windows\system32\DRIVERS\k57nd60a.sys
14:42:30.0928 3732 k57nd60a - ok
14:42:30.0953 3732 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
14:42:30.0954 3732 kbdclass - ok
14:42:31.0005 3732 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
14:42:31.0006 3732 kbdhid - ok
14:42:31.0048 3732 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:42:31.0050 3732 KeyIso - ok
14:42:31.0095 3732 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
14:42:31.0109 3732 KSecDD - ok
14:42:31.0159 3732 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
14:42:31.0168 3732 KSecPkg - ok
14:42:31.0187 3732 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
14:42:31.0189 3732 ksthunk - ok
14:42:31.0247 3732 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
14:42:31.0266 3732 KtmRm - ok
14:42:31.0334 3732 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
14:42:31.0346 3732 LanmanServer - ok
14:42:31.0406 3732 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
14:42:31.0440 3732 LanmanWorkstation - ok
14:42:31.0453 3732 Lbd - ok
14:42:31.0602 3732 Lenovo ReadyComm AppSvc (4f83c51720243d6016e6ecd0f2e1b274) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
14:42:31.0621 3732 Lenovo ReadyComm AppSvc - ok
14:42:31.0717 3732 Lenovo ReadyComm ConnSvc (56688ee2c359bb14479b89a50358faa2) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
14:42:31.0743 3732 Lenovo ReadyComm ConnSvc - ok
14:42:31.0781 3732 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
14:42:31.0783 3732 lltdio - ok
14:42:31.0839 3732 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
14:42:31.0853 3732 lltdsvc - ok
14:42:31.0876 3732 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
14:42:31.0878 3732 lmhosts - ok
14:42:31.0918 3732 LPCFilter (16679269303613c4ce7c8ff03413410f) C:\windows\system32\DRIVERS\LPCFilter.sys
14:42:31.0920 3732 LPCFilter - ok
14:42:31.0979 3732 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
14:42:31.0991 3732 LSI_FC - ok
14:42:32.0028 3732 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
14:42:32.0041 3732 LSI_SAS - ok
14:42:32.0065 3732 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
14:42:32.0067 3732 LSI_SAS2 - ok
14:42:32.0096 3732 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
14:42:32.0109 3732 LSI_SCSI - ok
14:42:32.0138 3732 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
14:42:32.0140 3732 luafv - ok
14:42:32.0180 3732 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
14:42:32.0182 3732 Mcx2Svc - ok
14:42:32.0214 3732 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
14:42:32.0215 3732 megasas - ok
14:42:32.0258 3732 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
14:42:32.0266 3732 MegaSR - ok
14:42:32.0400 3732 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:42:32.0402 3732 Microsoft Office Groove Audit Service - ok
14:42:32.0458 3732 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:42:32.0461 3732 MMCSS - ok
14:42:32.0489 3732 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
14:42:32.0491 3732 Modem - ok
14:42:32.0522 3732 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
14:42:32.0523 3732 monitor - ok
14:42:32.0552 3732 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
14:42:32.0554 3732 mouclass - ok
14:42:32.0599 3732 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
14:42:32.0601 3732 mouhid - ok
14:42:32.0655 3732 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
14:42:32.0656 3732 mountmgr - ok
14:42:32.0722 3732 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:42:32.0733 3732 MozillaMaintenance - ok
14:42:32.0788 3732 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
14:42:32.0822 3732 mpio - ok
14:42:32.0875 3732 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
14:42:32.0881 3732 mpsdrv - ok
14:42:33.0051 3732 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
14:42:33.0069 3732 MpsSvc - ok
14:42:33.0111 3732 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
14:42:33.0127 3732 MRxDAV - ok
14:42:33.0171 3732 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
14:42:33.0185 3732 mrxsmb - ok
14:42:33.0233 3732 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
14:42:33.0242 3732 mrxsmb10 - ok
14:42:33.0262 3732 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
14:42:33.0278 3732 mrxsmb20 - ok
14:42:33.0326 3732 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
14:42:33.0329 3732 msahci - ok
14:42:33.0388 3732 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
14:42:33.0404 3732 msdsm - ok
14:42:33.0446 3732 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
14:42:33.0461 3732 MSDTC - ok
14:42:33.0516 3732 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
14:42:33.0517 3732 Msfs - ok
14:42:33.0529 3732 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
14:42:33.0530 3732 mshidkmdf - ok
14:42:33.0546 3732 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
14:42:33.0547 3732 msisadrv - ok
14:42:33.0593 3732 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
14:42:33.0608 3732 MSiSCSI - ok
14:42:33.0612 3732 msiserver - ok
14:42:33.0647 3732 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
14:42:33.0647 3732 MSKSSRV - ok
14:42:33.0658 3732 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
14:42:33.0659 3732 MSPCLOCK - ok
14:42:33.0675 3732 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
14:42:33.0675 3732 MSPQM - ok
14:42:33.0765 3732 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
14:42:33.0771 3732 MsRPC - ok
14:42:33.0817 3732 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
14:42:33.0818 3732 mssmbios - ok
14:42:33.0903 3732 MSSQL$MSSMLBIZ - ok
14:42:33.0971 3732 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:42:33.0972 3732 MSSQLServerADHelper - ok
14:42:34.0015 3732 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
14:42:34.0016 3732 MSTEE - ok
14:42:34.0044 3732 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
14:42:34.0046 3732 MTConfig - ok
14:42:34.0069 3732 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
14:42:34.0070 3732 Mup - ok
14:42:34.0136 3732 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
14:42:34.0167 3732 napagent - ok
14:42:34.0204 3732 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
14:42:34.0244 3732 NativeWifiP - ok
14:42:34.0370 3732 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
14:42:34.0384 3732 NDIS - ok
14:42:34.0424 3732 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
14:42:34.0425 3732 NdisCap - ok
14:42:34.0443 3732 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
14:42:34.0444 3732 NdisTapi - ok
14:42:34.0457 3732 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
14:42:34.0458 3732 Ndisuio - ok
14:42:34.0498 3732 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
14:42:34.0500 3732 NdisWan - ok
14:42:34.0550 3732 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
14:42:34.0552 3732 NDProxy - ok
14:42:34.0598 3732 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
14:42:34.0599 3732 NetBIOS - ok
14:42:34.0667 3732 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
14:42:34.0674 3732 NetBT - ok
14:42:34.0829 3732 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:42:34.0831 3732 Netlogon - ok
14:42:34.0903 3732 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
14:42:34.0916 3732 Netman - ok
14:42:35.0036 3732 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:35.0039 3732 NetMsmqActivator - ok
14:42:35.0056 3732 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:35.0057 3732 NetPipeActivator - ok
14:42:35.0102 3732 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
14:42:35.0112 3732 netprofm - ok
14:42:35.0141 3732 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:35.0143 3732 NetTcpActivator - ok
14:42:35.0147 3732 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:42:35.0148 3732 NetTcpPortSharing - ok
14:42:35.0615 3732 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\windows\system32\DRIVERS\netw5v64.sys
14:42:35.0711 3732 netw5v64 - ok
14:42:35.0878 3732 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
14:42:35.0880 3732 nfrd960 - ok
14:42:35.0945 3732 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
14:42:35.0956 3732 NlaSvc - ok
14:42:35.0966 3732 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
14:42:35.0969 3732 Npfs - ok
14:42:36.0000 3732 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
14:42:36.0002 3732 nsi - ok
14:42:36.0010 3732 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
14:42:36.0011 3732 nsiproxy - ok
14:42:36.0184 3732 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
14:42:36.0221 3732 Ntfs - ok
14:42:36.0383 3732 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\windows\system32\DRIVERS\NuidFltr.sys
14:42:36.0384 3732 NuidFltr - ok
14:42:36.0400 3732 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
14:42:36.0401 3732 Null - ok
14:42:36.0462 3732 NVHDA (cddd4478757288df4bb1494bfd084259) C:\windows\system32\drivers\nvhda64v.sys
14:42:36.0464 3732 NVHDA - ok
14:42:37.0437 3732 nvlddmkm (b8a1174bfd21af0379b4807bfc85fa66) C:\windows\system32\DRIVERS\nvlddmkm.sys
14:42:37.0713 3732 nvlddmkm - ok
14:42:37.0923 3732 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
14:42:37.0929 3732 nvraid - ok
14:42:38.0021 3732 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
14:42:38.0052 3732 nvstor - ok
14:42:38.0140 3732 nvsvc (8c639660b1cb88a966674fc13b8f43a2) C:\windows\system32\nvvsvc.exe
14:42:38.0147 3732 nvsvc - ok
14:42:38.0190 3732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
14:42:38.0205 3732 nv_agp - ok
14:42:38.0391 3732 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:42:38.0391 3732 odserv - ok
14:42:38.0447 3732 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
14:42:38.0449 3732 ohci1394 - ok
14:42:38.0504 3732 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:42:38.0512 3732 ose - ok
14:42:38.0572 3732 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:42:38.0578 3732 p2pimsvc - ok
14:42:38.0649 3732 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
14:42:38.0665 3732 p2psvc - ok
14:42:38.0701 3732 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
14:42:38.0715 3732 Parport - ok
14:42:38.0761 3732 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
14:42:38.0763 3732 partmgr - ok
14:42:38.0796 3732 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
14:42:38.0804 3732 PcaSvc - ok
14:42:38.0863 3732 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
14:42:38.0880 3732 pci - ok
14:42:38.0900 3732 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
14:42:38.0901 3732 pciide - ok
14:42:38.0936 3732 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
14:42:38.0952 3732 pcmcia - ok
14:42:38.0981 3732 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
14:42:38.0983 3732 pcw - ok
14:42:39.0064 3732 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
14:42:39.0082 3732 PEAUTH - ok
14:42:39.0217 3732 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
14:42:39.0220 3732 PerfHost - ok
14:42:39.0417 3732 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
14:42:39.0443 3732 pla - ok
14:42:39.0562 3732 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
14:42:39.0579 3732 PlugPlay - ok
14:42:39.0627 3732 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
14:42:39.0630 3732 PNRPAutoReg - ok
14:42:39.0676 3732 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
14:42:39.0680 3732 PNRPsvc - ok
14:42:39.0812 3732 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
14:42:39.0836 3732 PolicyAgent - ok
14:42:39.0899 3732 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
14:42:39.0903 3732 Power - ok
14:42:39.0995 3732 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
14:42:40.0010 3732 PptpMiniport - ok
14:42:40.0049 3732 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
14:42:40.0050 3732 Processor - ok
14:42:40.0095 3732 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
14:42:40.0108 3732 ProfSvc - ok
14:42:40.0144 3732 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:42:40.0145 3732 ProtectedStorage - ok
14:42:40.0192 3732 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
14:42:40.0194 3732 Psched - ok
14:42:40.0199 3732 PS_MDP - ok
14:42:40.0334 3732 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
14:42:40.0365 3732 ql2300 - ok
14:42:40.0483 3732 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
14:42:40.0498 3732 ql40xx - ok
14:42:40.0537 3732 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
14:42:40.0547 3732 QWAVE - ok
14:42:40.0577 3732 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
14:42:40.0577 3732 QWAVEdrv - ok
14:42:40.0599 3732 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
14:42:40.0600 3732 RasAcd - ok
14:42:40.0644 3732 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
14:42:40.0645 3732 RasAgileVpn - ok
14:42:40.0660 3732 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
14:42:40.0663 3732 RasAuto - ok
14:42:40.0702 3732 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
14:42:40.0717 3732 Rasl2tp - ok
14:42:40.0776 3732 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
14:42:40.0800 3732 RasMan - ok
14:42:40.0833 3732 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
14:42:40.0835 3732 RasPppoe - ok
14:42:40.0854 3732 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
14:42:40.0855 3732 RasSstp - ok
14:42:40.0885 3732 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
14:42:40.0891 3732 rdbss - ok
14:42:40.0906 3732 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
14:42:40.0907 3732 rdpbus - ok
14:42:40.0925 3732 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
14:42:40.0926 3732 RDPCDD - ok
14:42:40.0944 3732 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
14:42:40.0944 3732 RDPENCDD - ok
14:42:40.0951 3732 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
14:42:40.0952 3732 RDPREFMP - ok
14:42:41.0003 3732 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
14:42:41.0014 3732 RDPWD - ok
14:42:41.0046 3732 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
14:42:41.0056 3732 rdyboost - ok
14:42:41.0069 3732 ReadyComm.DirectRouter - ok
14:42:41.0132 3732 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
14:42:41.0134 3732 RemoteAccess - ok
14:42:41.0177 3732 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
14:42:41.0191 3732 RemoteRegistry - ok
14:42:41.0231 3732 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
14:42:41.0244 3732 RFCOMM - ok
14:42:41.0352 3732 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
14:42:41.0355 3732 RichVideo - ok
14:42:41.0398 3732 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
14:42:41.0400 3732 RpcEptMapper - ok
14:42:41.0431 3732 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
14:42:41.0433 3732 RpcLocator - ok
14:42:41.0500 3732 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
14:42:41.0503 3732 RpcSs - ok
14:42:41.0558 3732 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
14:42:41.0559 3732 rspndr - ok
14:42:41.0593 3732 RSUSBSTOR (8c22f21c924413d4e109995f748e18bb) C:\windows\system32\Drivers\RtsUStor.sys
14:42:41.0604 3732 RSUSBSTOR - ok
14:42:41.0610 3732 RtsUIR - ok
14:42:41.0641 3732 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:42:41.0656 3732 SamSs - ok
14:42:41.0762 3732 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:42:41.0764 3732 SASDIFSV - ok
14:42:41.0800 3732 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:42:41.0801 3732 SASKUTIL - ok
14:42:41.0859 3732 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
14:42:41.0872 3732 sbp2port - ok
14:42:41.0927 3732 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
14:42:41.0968 3732 SCardSvr - ok
14:42:42.0021 3732 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\windows\system32\drivers\SCDEmu.sys
14:42:42.0023 3732 SCDEmu - ok
14:42:42.0084 3732 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
14:42:42.0086 3732 scfilter - ok
14:42:42.0259 3732 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
14:42:42.0285 3732 Schedule - ok
14:42:42.0311 3732 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
14:42:42.0312 3732 SCPolicySvc - ok
14:42:42.0354 3732 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
14:42:42.0364 3732 SDRSVC - ok
14:42:42.0431 3732 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
14:42:42.0434 3732 secdrv - ok
14:42:42.0460 3732 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
14:42:42.0463 3732 seclogon - ok
14:42:42.0486 3732 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
14:42:42.0488 3732 SENS - ok
14:42:42.0494 3732 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
14:42:42.0496 3732 SensrSvc - ok
14:42:42.0529 3732 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
14:42:42.0530 3732 Serenum - ok
14:42:42.0551 3732 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
14:42:42.0553 3732 Serial - ok
14:42:42.0596 3732 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
14:42:42.0597 3732 sermouse - ok
14:42:42.0646 3732 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
14:42:42.0662 3732 SessionEnv - ok
14:42:42.0704 3732 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
14:42:42.0705 3732 sffdisk - ok
14:42:42.0715 3732 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
14:42:42.0716 3732 sffp_mmc - ok
14:42:42.0733 3732 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
14:42:42.0734 3732 sffp_sd - ok
14:42:42.0777 3732 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
14:42:42.0778 3732 sfloppy - ok
14:42:42.0847 3732 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
14:42:42.0885 3732 SharedAccess - ok
14:42:42.0986 3732 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
14:42:43.0004 3732 ShellHWDetection - ok
14:42:43.0047 3732 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
14:42:43.0049 3732 SiSRaid2 - ok
14:42:43.0089 3732 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
14:42:43.0094 3732 SiSRaid4 - ok
14:42:43.0144 3732 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
14:42:43.0158 3732 Smb - ok
14:42:43.0226 3732 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
14:42:43.0229 3732 SNMPTRAP - ok
14:42:43.0237 3732 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
14:42:43.0239 3732 spldr - ok
14:42:43.0333 3732 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
14:42:43.0342 3732 Spooler - ok
14:42:43.0664 3732 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
14:42:43.0721 3732 sppsvc - ok
14:42:43.0884 3732 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
14:42:43.0890 3732 sppuinotify - ok
14:42:44.0042 3732 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:42:44.0047 3732 SQLBrowser - ok
14:42:44.0115 3732 SQLWriter (3c432a96363097870995e2a3c8b66abd) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:42:44.0120 3732 SQLWriter - ok
14:42:44.0212 3732 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
14:42:44.0229 3732 srv - ok
14:42:44.0268 3732 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
14:42:44.0274 3732 srv2 - ok
14:42:44.0302 3732 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
14:42:44.0315 3732 srvnet - ok
14:42:44.0371 3732 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
14:42:44.0379 3732 SSDPSRV - ok
14:42:44.0398 3732 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
14:42:44.0400 3732 SstpSvc - ok
14:42:44.0427 3732 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
14:42:44.0429 3732 stexstor - ok
14:42:44.0490 3732 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
14:42:44.0503 3732 stisvc - ok
14:42:44.0540 3732 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
14:42:44.0541 3732 swenum - ok
14:42:44.0617 3732 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
14:42:44.0628 3732 swprv - ok
14:42:44.0703 3732 SynTP (12a35e44d8647985fcdb8d298a590134) C:\windows\system32\DRIVERS\SynTP.sys
14:42:44.0713 3732 SynTP - ok
14:42:44.0957 3732 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
14:42:44.0982 3732 SysMain - ok
14:42:45.0113 3732 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
14:42:45.0123 3732 TabletInputService - ok
14:42:45.0179 3732 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
14:42:45.0195 3732 TapiSrv - ok
14:42:45.0223 3732 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
14:42:45.0226 3732 TBS - ok
14:42:45.0449 3732 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
14:42:45.0511 3732 Tcpip - ok
14:42:45.0780 3732 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
14:42:45.0790 3732 TCPIP6 - ok
14:42:45.0902 3732 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
14:42:45.0902 3732 tcpipreg - ok
14:42:45.0942 3732 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
14:42:45.0942 3732 TDPIPE - ok
14:42:45.0986 3732 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
14:42:45.0987 3732 TDTCP - ok
14:42:46.0021 3732 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
14:42:46.0026 3732 tdx - ok
14:42:46.0065 3732 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
14:42:46.0067 3732 TermDD - ok
14:42:46.0151 3732 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
14:42:46.0165 3732 TermService - ok
14:42:46.0191 3732 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
14:42:46.0194 3732 Themes - ok
14:42:46.0220 3732 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
14:42:46.0222 3732 THREADORDER - ok
14:42:46.0241 3732 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
14:42:46.0244 3732 TrkWks - ok
14:42:46.0294 3732 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
14:42:46.0297 3732 TrustedInstaller - ok
14:42:46.0333 3732 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
14:42:46.0335 3732 tssecsrv - ok
14:42:46.0420 3732 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
14:42:46.0422 3732 TsUsbFlt - ok
14:42:46.0462 3732 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
14:42:46.0464 3732 tunnel - ok
14:42:46.0491 3732 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
14:42:46.0496 3732 uagp35 - ok
14:42:46.0531 3732 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
14:42:46.0541 3732 udfs - ok
14:42:46.0577 3732 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
14:42:46.0580 3732 UI0Detect - ok
14:42:46.0627 3732 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
14:42:46.0629 3732 uliagpkx - ok
14:42:46.0666 3732 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
14:42:46.0668 3732 umbus - ok
14:42:46.0695 3732 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
14:42:46.0696 3732 UmPass - ok
14:42:46.0733 3732 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
14:42:46.0747 3732 upnphost - ok
14:42:46.0824 3732 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\windows\system32\Drivers\usbaapl64.sys
14:42:46.0827 3732 USBAAPL64 - ok
14:42:46.0883 3732 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
14:42:46.0897 3732 usbccgp - ok
14:42:46.0928 3732 USBCCID - ok
14:42:46.0994 3732 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
14:42:46.0994 3732 usbcir - ok
14:42:47.0048 3732 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
14:42:47.0049 3732 usbehci - ok
14:42:47.0093 3732 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
14:42:47.0110 3732 usbhub - ok
14:42:47.0135 3732 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
14:42:47.0136 3732 usbohci - ok
14:42:47.0167 3732 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
14:42:47.0168 3732 usbprint - ok
14:42:47.0208 3732 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
14:42:47.0230 3732 USBSTOR - ok
14:42:47.0252 3732 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\DRIVERS\usbuhci.sys
14:42:47.0253 3732 usbuhci - ok
14:42:47.0283 3732 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
14:42:47.0296 3732 usbvideo - ok
14:42:47.0316 3732 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
14:42:47.0319 3732 UxSms - ok
14:42:47.0362 3732 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
14:42:47.0363 3732 VaultSvc - ok
14:42:47.0406 3732 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
14:42:47.0407 3732 vdrvroot - ok
14:42:47.0491 3732 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
14:42:47.0511 3732 vds - ok
14:42:47.0568 3732 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
14:42:47.0570 3732 vga - ok
14:42:47.0595 3732 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
14:42:47.0597 3732 VgaSave - ok
14:42:47.0655 3732 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
14:42:47.0667 3732 vhdmp - ok
14:42:47.0678 3732 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
14:42:47.0680 3732 viaide - ok
14:42:47.0703 3732 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
14:42:47.0705 3732 volmgr - ok
14:42:47.0795 3732 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
14:42:47.0800 3732 volmgrx - ok
14:42:47.0849 3732 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
14:42:47.0861 3732 volsnap - ok
14:42:47.0923 3732 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
14:42:47.0937 3732 vsmraid - ok
14:42:48.0095 3732 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
14:42:48.0140 3732 VSS - ok
14:42:48.0290 3732 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
14:42:48.0290 3732 vwifibus - ok
14:42:48.0360 3732 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
14:42:48.0370 3732 W32Time - ok
14:42:48.0400 3732 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
14:42:48.0400 3732 WacomPen - ok
14:42:48.0463 3732 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:42:48.0465 3732 WANARP - ok
14:42:48.0470 3732 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
14:42:48.0471 3732 Wanarpv6 - ok
14:42:48.0610 3732 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
14:42:48.0631 3732 WatAdminSvc - ok
14:42:48.0808 3732 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
14:42:48.0843 3732 wbengine - ok
14:42:48.0973 3732 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
14:42:48.0984 3732 WbioSrvc - ok
14:42:49.0043 3732 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
14:42:49.0057 3732 wcncsvc - ok
14:42:49.0076 3732 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
14:42:49.0080 3732 WcsPlugInService - ok
14:42:49.0119 3732 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
14:42:49.0121 3732 Wd - ok
14:42:49.0189 3732 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
14:42:49.0199 3732 Wdf01000 - ok
14:42:49.0224 3732 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:42:49.0227 3732 WdiServiceHost - ok
14:42:49.0231 3732 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
14:42:49.0233 3732 WdiSystemHost - ok
14:42:49.0269 3732 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
14:42:49.0270 3732 wdmirror - ok
14:42:49.0292 3732 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
14:42:49.0304 3732 WebClient - ok
14:42:49.0337 3732 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
14:42:49.0347 3732 Wecsvc - ok
14:42:49.0373 3732 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
14:42:49.0375 3732 wercplsupport - ok
14:42:49.0409 3732 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
14:42:49.0412 3732 WerSvc - ok
14:42:49.0448 3732 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
14:42:49.0449 3732 WfpLwf - ok
14:42:49.0480 3732 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
14:42:49.0500 3732 WimFltr - ok
14:42:49.0510 3732 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
14:42:49.0510 3732 WIMMount - ok
14:42:49.0550 3732 WinDefend - ok
14:42:49.0610 3732 WinHttpAutoProxySvc - ok
14:42:49.0680 3732 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
14:42:49.0700 3732 Winmgmt - ok
14:42:49.0942 3732 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
14:42:49.0994 3732 WinRM - ok
14:42:50.0223 3732 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
14:42:50.0225 3732 WinUsb - ok
14:42:50.0378 3732 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
14:42:50.0428 3732 Wlansvc - ok
14:42:50.0533 3732 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:42:50.0535 3732 wlcrasvc - ok
14:42:50.0865 3732 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:42:50.0912 3732 wlidsvc - ok
14:42:51.0056 3732 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
14:42:51.0057 3732 WmiAcpi - ok
14:42:51.0135 3732 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
14:42:51.0138 3732 wmiApSrv - ok
14:42:51.0182 3732 WMPNetworkSvc - ok
14:42:51.0210 3732 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
14:42:51.0212 3732 WPCSvc - ok
14:42:51.0257 3732 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
14:42:51.0274 3732 WPDBusEnum - ok
14:42:51.0300 3732 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
14:42:51.0300 3732 ws2ifsl - ok
14:42:51.0318 3732 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
14:42:51.0323 3732 wscsvc - ok
14:42:51.0327 3732 WSearch - ok
14:42:51.0377 3732 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
14:42:51.0379 3732 wsvd - ok
14:42:51.0645 3732 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
14:42:51.0696 3732 wuauserv - ok
14:42:51.0972 3732 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
14:42:51.0987 3732 WudfPf - ok
14:42:52.0023 3732 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
14:42:52.0036 3732 WUDFRd - ok
14:42:52.0057 3732 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
14:42:52.0059 3732 wudfsvc - ok
14:42:52.0098 3732 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
14:42:52.0107 3732 WwanSvc - ok
14:42:52.0142 3732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:42:52.0471 3732 \Device\Harddisk0\DR0 - ok
14:42:52.0475 3732 Boot (0x1200) (2b1e119e0250a48e15a9f5224a0a62ab) \Device\Harddisk0\DR0\Partition0
14:42:52.0477 3732 \Device\Harddisk0\DR0\Partition0 - ok
14:42:52.0493 3732 Boot (0x1200) (654c8f791f867b14b8fb8aafbb1e7d68) \Device\Harddisk0\DR0\Partition1
14:42:52.0496 3732 \Device\Harddisk0\DR0\Partition1 - ok
14:42:52.0522 3732 Boot (0x1200) (36acd53b2e9d4aba1a8d7c35dd3f42a8) \Device\Harddisk0\DR0\Partition2
14:42:52.0524 3732 \Device\Harddisk0\DR0\Partition2 - ok
14:42:52.0524 3732 ============================================================
14:42:52.0524 3732 Scan finished
14:42:52.0525 3732 ============================================================
14:42:52.0545 6664 Detected object count: 0
14:42:52.0545 6664 Actual detected object count: 0

BC AdBot (Login to Remove)

 


#2 dabishop

dabishop
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 21 July 2012 - 06:58 PM

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:46 PM, on 6/3/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekkosearch.mystart.com/blekkotb_soc/?source=a545ea26&toolbarid=blekkotb_soc&u=9B5FD1D9EFBD709AA6EF214FCBFFB4E4&tbp=homepage&v=2_0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: CrossriderApp0003491 - {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash - res://C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://webvpn-be02.jpmorganchase.com/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DDNIMSGService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
O23 - Service: DDNIService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14176 bytes

#3 dabishop

dabishop
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 21 July 2012 - 08:32 PM

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG PC Tuneup 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Malwarebytes' Anti-Malware
AVG PC Tuneup 2011
Java™ 6 Update 29
Adobe Flash Player 11.3.300.265
Adobe Reader X (10.1.3)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Trend Micro HiJackThis HiJackThis.exe
``````````End of Log````````````





Farbar Service Scanner Version: 19-07-2012
Ran by Neil
noname (administrator) on 21-07-2012 at 20:02:38
Running from "C:\Users\Neil noname\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



MiniToolBox by Farbar Version: 15-07-2012
Ran by Neil noname (administrator) on 21-07-2012 at 20:04:22
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:8888;https=127.0.0.1:8888

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global mldversion=version2


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Neilnoname-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-50-88-8C-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-22-DA-AC-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-26-C6-18-78-B0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::14e5:2a59:844f:39c2%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.143(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 21, 2012 7:25:27 PM
Lease Expires . . . . . . . . . . : Sunday, July 22, 2012 7:41:01 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234890950
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-9A-CC-DE-00-26-C6-18-78-B0
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CBA4F422-DAC9-4B7B-B683-9865CD578504}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{91B8C55F-9407-4D1A-A547-4EB082A687BD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4009:801::1000
74.125.225.5
74.125.225.6
74.125.225.7
74.125.225.8
74.125.225.9
74.125.225.14
74.125.225.0
74.125.225.1
74.125.225.2
74.125.225.3
74.125.225.4


Pinging google.com [74.125.225.137] with 32 bytes of data:
Reply from 74.125.225.137: bytes=32 time=18ms TTL=54
Reply from 74.125.225.137: bytes=32 time=18ms TTL=54

Ping statistics for 74.125.225.137:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 18ms, Average = 18ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=135ms TTL=43
Reply from 98.139.183.24: bytes=32 time=71ms TTL=43

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 135ms, Average = 103ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 ff 50 88 8c 05 ......Juniper Network Connect Virtual Adapter
11...00 26 22 da ac ef ......Broadcom NetLink ™ Gigabit Ethernet
10...00 26 c6 18 78 b0 ......Intel® WiFi Link 5100 AGN
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.143 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.143 281
192.168.0.143 255.255.255.255 On-link 192.168.0.143 281
192.168.0.255 255.255.255.255 On-link 192.168.0.143 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.143 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.143 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::14e5:2a59:844f:39c2/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 10 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 10 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/21/2012 05:43:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11341

Error: (07/21/2012 05:43:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11341

Error: (07/21/2012 05:43:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/21/2012 05:43:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10280

Error: (07/21/2012 05:43:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10280

Error: (07/21/2012 05:43:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/21/2012 05:43:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (07/21/2012 05:43:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (07/21/2012 05:43:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/21/2012 05:43:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8127


System errors:
=============
Error: (07/21/2012 07:26:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/21/2012 07:25:29 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (07/21/2012 04:23:14 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/21/2012 04:23:14 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/21/2012 04:23:14 PM) (Source: PCTCore) (User: )
Description: @5647

Error: (07/21/2012 04:18:13 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd

Error: (07/21/2012 04:17:37 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (07/21/2012 04:17:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:13:35 PM on ?7/?21/?2012 was unexpected.

Error: (07/20/2012 00:19:30 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (07/19/2012 06:23:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.1.377)
Ad-Aware
Ad-Aware (Version: 8.2.0)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Email Scanner for Outlook (Version: 1.0.0)
Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine
Amazon Games & Software Downloader (Version: 2.0.2.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ashampoo WinOptimizer 6.60 (Version: 6.6.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.1913)
AVG PC Tuneup 2011
BitTorrent (Version: 7.6.1)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.26.01)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
Cisco Connect (Version: 1.2.10260.0)
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
D3DX10 (Version: 15.4.2368.0902)
Dell Webcam Central
DIBS (Version: 1.7.0)
Dolby Control Center (Version: 2.1)
Dropbox (Version: 1.2.52)
EasyCapture (Version: V4.0.09.08241)
ENE CIR Receiver Driver (Version: 2.7.4.0)
Energy Management (Version: 4.4.1.1)
Evernote v. 4.5.4 (Version: 4.5.4.6497)
Facebook Plug-In
Fiddler2 (Version: 2.4.0.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
Flash Saving Plugin (Version: 1.2)
FoxTab Video Player
Free RAR Extract Frog (Version: 1.80)
Google Chrome (Version: 20.0.1132.57)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.2.4.8431)
Google Update Helper (Version: 1.3.21.115)
H&R Block Deluxe + Efile + State 2009 (Version: 09.04.6901)
H&R Block Ohio 2009 (Version: 1.09.3201)
HiJackThis (Version: 1.0.0)
iCloud (Version: 1.1.0.40)
Intel® Matrix Storage Manager
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Java™ SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.0.3 (64-bit) (Version: 2.0.3)
JavaFX 2.0.3 SDK (64-bit) (Version: 2.0.3)
Juniper Networks Cache Cleaner 6.5.0 (Version: 6.5.0.15255)
Juniper Networks Host Checker (Version: 6.5.0.15255)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.15255)
Juniper Networks Setup Client (Version: 2.1.2.5973)
Juniper Terminal Services Client (Version: 6.5.0.15255)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.99.3 (for Windows)
Lenovo First Boot (Version: 1.7.2.2)
Lenovo Idea Central (Version: 1.7.2.3)
Lenovo Idea Notes (Version: 1.5.1)
Lenovo OneKey Recovery (Version: 7.0.0723)
Lenovo ReadyComm 5 (Version: 5.1.1.17)
Lenovo ReadyComm 5.0 Service (Version: 5.0.0.1)
Lenovo SlideNav (Version: 1.50.0819.0001)
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
MediaShow (Version: 4.1.3117.14639)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliType Pro 7.0 (Version: 7.0.260.0)
Microsoft Mathematics (64-bit) (Version: 4.0)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Reader
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C# 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319)
MobileMe Control Panel (Version: 3.1.8.0)
Mobipocket Reader 6.2 (Version: 6.2.608)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Notepad++ (Version: 5.9.8)
NVIDIA Drivers (Version: 1.10.61.39)
Onekey Theater (Version: 0.0.0.13C)
PDFZilla V1.2.9
Power2Go (Version: 5.6.0.4809d1)
PowerISO (Version: 4.6)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20109)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30101)
Safari (Version: 5.34.55.3)
StarCraft II (Version: 1.4.3.21029)
SUPERAntiSpyware (Version: 5.0.1108)
SWF Opener (Version: 1.3)
Synaptics Pointing Device Driver (Version: 13.2.7.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 1.0.50.26C)
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
VeriFace (Version: 3.6.0.0812)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VoiceOver Kit (Version: 1.42.128.0)
WinArchiver (Version: 2.8)
Windows 7 Codec Pack 2.2.0
Windows Driver Package - Lenovo (ACPIVPC) System (05/19/2009 4.4.0.1) (Version: 05/19/2009 4.4.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
World of Warcraft (Version: 4.3.3.15354)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 4090.6 MB
Available physical RAM: 2515.62 MB
Total Pagefile: 8179.39 MB
Available Pagefile: 6227.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:252.89 GB) (Free:154.7 GB) NTFS
2 Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:29.23 GB) NTFS

========================= Users: ========================================

User accounts for \\NEILnoname-PC

Administrator Guest Neil noname


**** End of log ****




Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.21.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Neil noname :: NEILnoname-PC [administrator]

7/21/2012 8:12:18 PM
mbam-log-2012-07-21 (20-12-18).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 383788
Time elapsed: 1 hour(s), 6 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab Video Player (Adware.Agent) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Program Files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Neil noname\Downloads\movie_player_1280.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\Neil noname\Downloads\VideoPlayerSetup.exe (Adware.Agent) -> Quarantined and deleted successfully.

(end)

Edited by dabishop, 21 July 2012 - 08:54 PM.


#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:28 PM

Posted 26 July 2012 - 01:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461784 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 dabishop

dabishop
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 26 July 2012 - 09:00 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Neil noname at 21:26:13 on 2012-07-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2418 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\nvvsvc.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarDriverAdapter_550vista.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Neil noname\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = hxxp://lenovo.live.com/
uInternet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
uInternet Settings,ProxyOverride = <-loopback>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Google Update] "C:\Users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
mRun: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
mRun: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\NEILRA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoResolveTrack = 1 (0x1)
mPolicies-explorer: NoFileAssociate = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://webvpn-be02.jpmorganchase.com/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\34F657274797162746 : DhcpNameServer = 10.24.32.1
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\5435F5E45677D27657563747 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66EAE7B8-8DFF-46F6-8BC0-89C27503C9BA}\84F6D65626163756 : DhcpNameServer = 209.143.0.10 66.209.140.124 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
mRun-x64: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
mRun-x64: [OnekeyDM] C:\Program Files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe
mRun-x64: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun-x64: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun-x64: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun-x64: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Neil noname\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Neil noname\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Neil noname\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Neil noname\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\system32\C2MP\npdivx32.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\system32\DRIVERS\avgrkx64.sys --> C:\windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\system32\DRIVERS\avgldx64.sys --> C:\windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\system32\DRIVERS\avgmfx64.sys --> C:\windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\windows\system32\DRIVERS\avgtdia.sys --> C:\windows\system32\DRIVERS\avgtdia.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\windows\system32\DRIVERS\ctxusbm.sys --> C:\windows\system32\DRIVERS\ctxusbm.sys [?]
R1 funfrm;funfrm;C:\windows\system32\drivers\funfrm.sys --> C:\windows\system32\drivers\funfrm.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-7-18 146816]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-1-21 172720]
R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-3-4 160432]
R2 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-14 38152]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys --> C:\windows\system32\DRIVERS\AcpiVpc.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys --> C:\windows\system32\DRIVERS\k57nd60a.sys [?]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\system32\DRIVERS\netw5v64.sys --> C:\windows\system32\DRIVERS\netw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\windows\system32\drivers\nvhda64v.sys --> C:\windows\system32\drivers\nvhda64v.sys [?]
R3 wdmirror;wdmirror;C:\windows\system32\DRIVERS\WDMirror.sys --> C:\windows\system32\DRIVERS\WDMirror.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-24 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-15 250056]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2010-4-6 401920]
S3 Bridge0;Bridge0;C:\windows\system32\drivers\WDBridge.sys --> C:\windows\system32\drivers\WDBridge.sys [?]
S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [2010-9-4 544768]
S3 enecir;ENE CIR Receiver;C:\windows\system32\DRIVERS\enecir.sys --> C:\windows\system32\DRIVERS\enecir.sys [?]
S3 enecirhid;ENE CIR HID Receiver;C:\windows\system32\DRIVERS\enecirhid.sys --> C:\windows\system32\DRIVERS\enecirhid.sys [?]
S3 enecirhidma;ENE CIR HIDmini Filter;C:\windows\system32\DRIVERS\enecirhidma.sys --> C:\windows\system32\DRIVERS\enecirhidma.sys [?]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-24 136176]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-11-22 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-22 472328]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-3 113120]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-22 00:34:52 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-22 00:34:10 772544 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-07-21 23:23:40 39184 ----a-w- C:\windows\System32\Partizan.exe
2012-07-21 23:22:55 -------- d-----w- C:\ProgramData\RegRun
2012-07-21 23:22:50 2 --shatr- C:\windows\winstart.bat
2012-07-21 23:22:45 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-07-21 18:53:38 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-07-21 18:46:55 251528 ----a-w- C:\windows\System32\drivers\PCTSD64.sys
2012-07-21 18:46:55 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-07-21 18:46:36 -------- d-----w- C:\ProgramData\PC Tools
2012-07-21 18:46:35 -------- d-----w- C:\Users\Neil noname\AppData\Roaming\TestApp
2012-07-21 18:27:29 -------- d-----w- C:\Program Files (x86)\Fiddler2
2012-07-12 02:56:10 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-07-12 00:32:17 2004480 ----a-w- C:\windows\System32\msxml6.dll
2012-07-04 21:14:12 -------- d-----w- C:\Users\Neil noname\AppData\Local\{66B48FA0-D05A-4154-8731-9B101287BF28}
2012-07-03 22:08:55 -------- d-----w- C:\Users\Neil noname\AppData\Local\{A12A7211-35C5-4AB9-B173-03E7685EFF46}
2012-07-03 01:17:15 -------- d-----w- C:\Users\Neil noname\AppData\Local\{05F98411-3199-4A2D-A595-668C4E993B97}
2012-06-29 20:13:19 -------- d-----w- C:\_OTL
2012-06-29 20:06:56 -------- d-----w- C:\Users\Neil noname\AppData\Local\{A519A285-0B85-4A82-944B-92810C402D1A}
2012-06-29 20:06:50 -------- d-----w- C:\Users\Neil noname\AppData\Local\{B723CC63-0582-4100-B77D-410202695802}
.
==================== Find3M ====================
.
2012-07-12 01:05:19 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 01:05:19 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-07-06 02:06:20 687544 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-07-03 17:46:44 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-01-28 05:39:28 378 ----a-w- C:\Program Files (x86)\temp995.bat
.
============= FINISH: 21:26:43.31 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/30/2009 7:00:44 PM
System Uptime: 7/26/2012 7:02:00 PM (2 hours ago)
.
Motherboard: LENOVO | | KIWB1
Processor: Intel® Core™2 Duo CPU P8700 @ 2.53GHz | U2E1 | 2534/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 253 GiB total, 176.585 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 29.226 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ENE0201\3&11583659&2
Manufacturer:
Name:
PNP Device ID: ACPI\ENE0201\3&11583659&2
Service:
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&2503BC79&0&1
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&2503BC79&0&1
Service:
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&35150C36&0&2
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&35150C36&0&2
Service:
.
==== System Restore Points ===================
.
RP250: 7/21/2012 7:41:50 PM - RegRun Virus Scan
RP251: 7/21/2012 7:54:45 PM - Removed HiJackThis
RP252: 7/21/2012 8:32:54 PM - Installed Java™ 7 Update 5
RP253: 7/21/2012 8:34:16 PM - Installed JavaFX 2.1.1
RP254: 7/21/2012 8:43:00 PM - Removed Evernote v. 4.5.4
RP255: 7/21/2012 8:45:26 PM - Removed Mobipocket Reader 6.2
RP256: 7/21/2012 8:47:45 PM - Removed H&R Block Ohio 2009.
RP257: 7/21/2012 8:48:32 PM - Removed H&R Block Deluxe + Efile + State 2009.
RP258: 7/21/2012 8:53:58 PM - Removed Ventrilo Client for Windows x64
RP259: 7/21/2012 9:48:31 PM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Ad-Aware
Ad-Aware Browsing Protection
Ad-Aware Email Scanner for Outlook
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Amazon Games & Software Downloader
Apple Application Support
Apple Software Update
Ashampoo WinOptimizer 6.60
AVG PC Tuneup 2011
BitTorrent
Business Contact Manager for Outlook 2007 SP2
Cisco Connect
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
D3DX10
Dell Webcam Central
DIBS
Dropbox
EasyCapture
Energy Management
Facebook Plug-In
Fiddler2
FileZilla Client 3.5.3
Free RAR Extract Frog
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
HiJackThis
Java Auto Updater
Java™ 6 Update 29
Java™ 7 Update 5
JavaFX 2.1.1
Juniper Networks Cache Cleaner 6.5.0
Juniper Networks Host Checker
Juniper Networks Network Connect 6.5.0
Juniper Networks Setup Client
Juniper Terminal Services Client
Junk Mail filter update
Lenovo First Boot
Lenovo Idea Central
Lenovo Idea Notes
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Lenovo SlideNav
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 1.62.0.1300
MediaShow
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft Visual C# 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Notepad++
Onekey Theater
Power2Go
PowerISO
QuickTime
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Visual C# 2010 Express - ENU (KB2251489)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
VeriFace
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VoiceOver Kit
WinArchiver
Windows 7 Codec Pack 2.2.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
7/26/2012 7:47:20 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
7/21/2012 7:25:29 PM, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
7/21/2012 4:23:14 PM, Error: PCTCore [280] -
7/20/2012 12:19:30 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
.
==== End Of File ===========================

#6 dabishop

dabishop
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 26 July 2012 - 09:32 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-26 22:32:14
Windows 6.1.7601 Service Pack 1
Running: dmgcey0y.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002269ec2d88
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002269ec2d88 (not active ControlSet)

---- EOF - GMER 1.0.15 ----

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:28 PM

Posted 27 July 2012 - 12:35 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 dabishop

dabishop
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:12:28 PM

Posted 28 July 2012 - 07:08 PM

ComboFix 12-07-27.03 - Neil noname 07/28/2012 19:56:15.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.2709 [GMT -4:00]
Running from: c:\users\Neil noname\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-28 to 2012-07-29 )))))))))))))))))))))))))))))))
.
.
2012-07-29 00:02 . 2012-07-29 00:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-29 00:02 . 2012-07-29 00:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-22 00:35 . 2012-07-22 00:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-22 00:34 . 2012-07-22 00:34 -------- d-----w- c:\program files (x86)\Oracle
2012-07-22 00:34 . 2012-07-06 02:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-21 23:23 . 2012-07-21 23:23 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-07-21 23:22 . 2012-07-21 23:53 -------- d-----w- c:\programdata\RegRun
2012-07-21 23:22 . 2012-07-21 23:22 2 --shatr- c:\windows\winstart.bat
2012-07-21 23:22 . 2012-07-21 23:53 -------- d-----w- c:\program files (x86)\UnHackMe
2012-07-21 18:53 . 2012-07-22 00:08 -------- d-----w- c:\program files (x86)\PC Tools
2012-07-21 18:46 . 2012-07-22 00:08 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-07-21 18:46 . 2012-05-11 15:14 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-07-21 18:46 . 2012-07-21 23:54 -------- d-----w- c:\programdata\PC Tools
2012-07-21 18:46 . 2012-07-21 18:46 -------- d-----w- c:\users\Neil noname\AppData\Roaming\TestApp
2012-07-21 18:27 . 2012-07-21 18:27 -------- d-----w- c:\program files (x86)\Fiddler2
2012-07-12 02:56 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-12 00:32 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-29 20:13 . 2012-06-29 20:13 -------- d-----w- C:\_OTL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-27 23:05 . 2012-05-16 01:11 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-27 23:05 . 2011-06-26 10:50 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 02:52 . 2009-12-29 05:54 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-06 02:06 . 2012-01-15 23:07 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-03 17:46 . 2010-03-08 02:30 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-04 00:02 . 2012-06-04 00:02 388096 ----a-r- c:\users\Neil noname\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-02 22:19 . 2012-06-21 00:43 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 00:43 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 00:43 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 00:43 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 00:43 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 00:43 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 00:43 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-21 00:42 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-21 00:42 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-04 11:06 . 2012-06-14 18:58 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 18:58 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 18:58 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 18:58 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-01-28 05:39 . 2012-01-28 05:39 378 ----a-w- c:\program files (x86)\temp995.bat
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-25_00.22.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2012-02-01 02:15 . 2011-11-17 05:28 96768 c:\windows\SysWOW64\sspicli.dll
+ 2012-07-12 00:32 . 2012-06-02 04:34 96768 c:\windows\SysWOW64\sspicli.dll
- 2012-02-01 02:15 . 2011-11-17 05:34 22016 c:\windows\SysWOW64\secur32.dll
+ 2012-07-12 00:32 . 2012-06-02 04:40 22016 c:\windows\SysWOW64\secur32.dll
- 2012-06-14 21:25 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-07-12 02:51 . 2012-06-02 08:17 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-07-12 02:51 . 2012-06-02 08:22 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-06-14 21:25 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-06-14 21:25 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2012-07-12 02:51 . 2012-06-02 08:21 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2009-07-14 04:54 . 2012-07-27 23:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-06-24 17:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-27 23:05 65536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-27 23:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-24 17:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-23 02:25 . 2012-07-26 11:48 71622 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-26 11:48 54126 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-03 03:04 . 2012-07-26 11:48 25414 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-141985954-1552009316-2749100623-1004_UserData.bin
- 2012-06-14 21:25 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll
+ 2012-07-12 02:51 . 2012-06-02 11:57 96768 c:\windows\system32\mshtmled.dll
- 2012-06-14 21:25 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-07-12 02:51 . 2012-06-02 12:03 86528 c:\windows\system32\migration\WininetPlugin.dll
+ 2012-07-12 02:51 . 2012-06-02 12:03 85504 c:\windows\system32\jsproxy.dll
- 2012-06-14 21:25 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll
+ 2009-07-14 05:30 . 2012-07-22 00:53 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-06-03 21:03 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-07-12 00:32 . 2012-06-02 05:48 95600 c:\windows\system32\drivers\ksecdd.sys
- 2012-02-01 02:15 . 2011-11-17 06:49 95600 c:\windows\system32\drivers\ksecdd.sys
- 2009-12-01 06:57 . 2012-06-23 12:47 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-01 06:57 . 2012-07-27 23:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-01 06:57 . 2012-07-27 23:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-01 06:57 . 2012-06-23 12:47 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-27 23:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-23 12:47 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-07-27 23:09 18784 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-07-13 22:10 . 2012-07-13 22:10 25600 c:\windows\Installer\5757706.msi
- 2012-06-24 18:47 . 2012-06-24 18:47 35088 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-24 18:47 . 2012-07-12 02:55 35088 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-24 18:47 . 2012-07-12 02:55 18704 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\mspicons.exe
- 2012-06-24 18:47 . 2012-06-24 18:47 18704 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\mspicons.exe
- 2012-06-24 18:47 . 2012-06-24 18:47 20240 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-06-24 18:47 . 2012-07-12 02:55 20240 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-10-27 02:59 . 2006-10-27 02:59 98072 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VIEWMODL.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 63312 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SUMINFO.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 58184 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PROPMGR.DLL
+ 2006-10-27 02:57 . 2006-10-27 02:57 21320 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IMWIZ.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 84352 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DBSHARE.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 59200 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\CODEEDIT.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 54104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SCANOST.EXE
+ 2011-07-20 11:28 . 2011-07-20 11:28 75624 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\RM.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 38248 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\RECALL.DLL
+ 2011-05-27 01:18 . 2011-05-27 01:18 52088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLVBA.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 34208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\DUMPSTER.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 87408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\DLGSETP.DLL
+ 2012-07-12 00:32 . 2010-06-26 03:24 2048 c:\windows\SysWOW64\msxml3r.dll
- 2009-07-14 00:19 . 2009-07-14 01:07 2048 c:\windows\SysWOW64\msxml3r.dll
- 2009-07-14 00:41 . 2009-07-14 01:30 2048 c:\windows\system32\msxml3r.dll
+ 2012-07-12 00:32 . 2010-06-26 03:55 2048 c:\windows\system32\msxml3r.dll
- 2012-06-24 21:41 . 2012-06-24 21:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-26 11:46 . 2012-07-26 11:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-24 21:41 . 2012-06-24 21:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-26 11:46 . 2012-07-26 11:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-12 02:51 . 2012-06-02 08:23 231936 c:\windows\SysWOW64\url.dll
- 2012-06-14 21:25 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll
+ 2012-07-12 00:32 . 2012-06-02 04:40 225280 c:\windows\SysWOW64\schannel.dll
- 2009-07-13 23:33 . 2009-07-14 01:16 219136 c:\windows\SysWOW64\ncrypt.dll
+ 2012-07-12 00:32 . 2012-06-02 04:39 219136 c:\windows\SysWOW64\ncrypt.dll
+ 2012-07-27 23:05 . 2012-07-27 23:05 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe
+ 2012-07-27 22:27 . 2012-07-27 22:27 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.exe
+ 2012-07-27 22:27 . 2012-07-27 22:27 466632 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_ActiveX.dll
+ 2012-05-16 01:11 . 2012-07-27 23:05 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-05-16 01:11 . 2012-06-23 12:47 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-06-14 21:25 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-07-12 02:51 . 2012-06-02 08:19 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-07-22 00:34 . 2012-07-06 02:06 227760 c:\windows\SysWOW64\javaws.exe
+ 2012-01-15 23:07 . 2012-07-22 00:33 174064 c:\windows\SysWOW64\javaw.exe
+ 2012-01-15 23:07 . 2012-07-22 00:33 174064 c:\windows\SysWOW64\java.exe
+ 2012-07-12 02:51 . 2012-06-02 08:20 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-06-14 21:25 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-06-14 21:25 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll
+ 2012-07-12 02:51 . 2012-06-02 08:14 176640 c:\windows\SysWOW64\ieui.dll
+ 2009-11-22 11:13 . 2012-07-22 01:27 118664 c:\windows\SysWOW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
- 2011-08-21 18:29 . 2010-11-20 12:18 805376 c:\windows\SysWOW64\cdosys.dll
+ 2012-07-12 00:32 . 2012-06-06 05:03 805376 c:\windows\SysWOW64\cdosys.dll
+ 2009-12-01 02:25 . 2012-07-28 23:24 374330 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-01 00:36 . 2012-07-28 01:15 305416 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2012-06-14 21:25 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll
+ 2012-07-12 02:51 . 2012-06-02 12:04 237056 c:\windows\system32\url.dll
- 2012-02-01 02:15 . 2011-11-17 06:35 340992 c:\windows\system32\schannel.dll
+ 2012-07-12 00:32 . 2012-06-02 05:45 340992 c:\windows\system32\schannel.dll
+ 2012-07-12 00:32 . 2012-06-02 05:44 307200 c:\windows\system32\ncrypt.dll
- 2009-07-13 23:49 . 2009-07-14 01:41 307200 c:\windows\system32\ncrypt.dll
+ 2012-07-27 23:05 . 2012-07-27 23:05 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_Plugin.exe
+ 2012-07-27 22:26 . 2012-07-27 22:26 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe
+ 2012-07-27 22:26 . 2012-07-27 22:26 513224 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.dll
+ 2012-07-12 02:51 . 2012-06-02 12:00 818688 c:\windows\system32\jscript.dll
- 2012-06-14 21:25 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll
- 2012-06-14 21:25 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe
+ 2012-07-12 02:51 . 2012-06-02 12:01 173056 c:\windows\system32\ieUnatt.exe
- 2012-06-14 21:25 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll
+ 2012-07-12 02:51 . 2012-06-02 11:54 248320 c:\windows\system32\ieui.dll
+ 2009-07-14 04:45 . 2012-07-22 01:27 446368 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:30 . 2012-07-22 00:53 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-06-03 21:03 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-07-22 00:53 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-06-03 21:03 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-07-12 00:32 . 2012-06-02 05:48 151920 c:\windows\system32\drivers\ksecpkg.sys
+ 2012-07-12 00:32 . 2012-06-02 05:50 458704 c:\windows\system32\drivers\cng.sys
+ 2012-07-03 01:21 . 2012-07-03 01:21 219368 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\reliability\Sqm\Manifest\Sqm27.bin
+ 2009-07-14 05:01 . 2012-07-25 02:28 426260 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-22 00:35 . 2012-07-22 00:35 179200 c:\windows\Installer\17617b.msi
+ 2012-07-22 00:34 . 2012-07-22 00:34 461312 c:\windows\Installer\17616b.msi
- 2012-06-24 18:47 . 2012-06-24 18:47 327952 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\visicon.exe
+ 2012-06-24 18:47 . 2012-07-12 02:55 327952 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\visicon.exe
- 2012-06-24 18:47 . 2012-06-24 18:47 217864 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\misc.exe
+ 2012-06-24 18:47 . 2012-07-12 02:55 217864 c:\windows\Installer\{90120000-0051-0000-0000-0000000FF1CE}\misc.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2006-10-27 02:59 . 2006-10-27 02:59 421688 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\XFUNC.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 727872 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISWEB.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 459552 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISUTILS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 563992 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISSUPP.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 282928 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISSHE.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 131896 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISOCX.DLL
+ 2006-10-27 19:09 . 2006-10-27 19:09 183592 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISIO.EXE
+ 2006-10-27 19:09 . 2006-10-27 19:09 386848 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISGRF.DLL
+ 2006-10-27 19:09 . 2006-10-27 19:09 141088 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISDLGU.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 220968 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISCOLOR.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 132928 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VERBWIND.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 966456 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\TIMESOLN.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 100168 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\STYLEMGR.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 196960 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SQLSHARE.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 212760 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SHAPNUM.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 180032 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SAVWBVML.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 184128 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SAVWBRAS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 116568 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SAVWBHF.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 397608 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SAVASWEB.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 169800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\REPORT.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 771400 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PROPRPT.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 120088 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PROJMODL.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 570664 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PE.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 346456 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\PDSBASE.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 338264 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ORMELEMS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 464704 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ORGCHWIZ.DLL
+ 2006-10-27 19:09 . 2006-10-27 19:09 145208 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MSOUTLS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 508712 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\MODELENG.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 356200 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\LOGVIEW.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 740704 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\LOGELEMS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 384816 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\LGND.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 234816 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IXUTIL.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 171336 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IMWDD.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 147776 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IMUTIL.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 553800 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\IMCOMMON.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 325928 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\HVAC.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 969512 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\GANTT.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 265064 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\EXTRACT.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 110944 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ELEMUTIL.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 200008 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ELEMENTS.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 152384 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\EDITORS.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 188712 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\EDITOR.EXE
+ 2006-10-27 02:58 . 2006-10-27 02:58 144664 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DWGCNV.DLL
+ 2006-10-27 19:09 . 2006-10-27 19:09 986928 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DRILLDWN.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 949024 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DBWIZ.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 703288 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DBENGR.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 361256 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DATAGATH.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 510776 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\CMAX20.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 591160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\BSTORM.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 142160 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\BRTVIEW.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 460096 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\AECUTILS.DLL
+ 2006-10-27 02:59 . 2006-10-27 02:59 913720 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\AEC.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 282032 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SCNPST64.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 273832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SCNPST32.DLL
+ 2011-07-27 09:55 . 2011-07-27 09:55 410992 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\RTFHTML.DLL
+ 2011-07-20 12:06 . 2011-07-20 12:06 770480 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\REGFORM.EXE
+ 2011-07-20 11:28 . 2011-07-20 11:28 421736 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\PSTPRX32.DLL
+ 2011-05-31 21:15 . 2011-05-31 21:15 177040 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLPH.DLL
+ 2011-07-27 09:55 . 2011-07-27 09:55 596888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLMIME.DLL
+ 2011-05-27 01:18 . 2011-05-27 01:18 136536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLCTL.DLL
+ 2011-07-27 11:03 . 2011-07-27 11:03 194448 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OMSXP32.DLL
+ 2011-07-27 11:03 . 2011-07-27 11:03 661888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OMSMAIN.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 253824 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OLKFSTUB.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 340320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MIMEDIR.DLL
+ 2012-03-08 08:05 . 2012-03-08 08:05 117160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IPOMINT.DLL
+ 2011-07-20 12:06 . 2011-07-20 12:06 176024 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IPOLK.DLL
+ 2011-07-20 11:28 . 2011-07-20 11:28 138088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IMPMAIL.DLL
+ 2009-02-26 17:09 . 2009-02-26 17:09 154000 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ENVELOPE.DLL
+ 2011-05-27 01:18 . 2011-05-27 01:18 115584 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\EMABLT32.DLL
+ 2011-07-27 09:55 . 2011-07-27 09:55 128376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\CONTAB32.DLL
+ 2012-07-12 02:52 . 2012-07-12 02:52 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2012-03-08 08:05 . 2012-03-08 08:05 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2012-07-12 02:51 . 2012-06-02 08:25 1129472 c:\windows\SysWOW64\wininet.dll
- 2012-06-14 21:25 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-07-12 02:51 . 2012-06-02 08:26 1103872 c:\windows\SysWOW64\urlmon.dll
- 2012-06-14 21:25 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll
+ 2012-07-12 00:32 . 2012-06-06 05:05 1390080 c:\windows\SysWOW64\msxml6.dll
- 2011-08-21 18:29 . 2010-11-20 12:19 1390080 c:\windows\SysWOW64\msxml6.dll
+ 2012-07-12 00:32 . 2012-06-06 05:05 1236992 c:\windows\SysWOW64\msxml3.dll
- 2011-08-21 18:29 . 2010-11-20 12:19 1236992 c:\windows\SysWOW64\msxml3.dll
+ 2012-07-27 23:05 . 2012-07-27 23:05 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
+ 2012-07-27 23:05 . 2012-07-27 23:05 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
- 2012-06-14 21:25 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-07-12 02:51 . 2012-06-02 08:33 1800192 c:\windows\SysWOW64\jscript9.dll
- 2012-06-14 21:25 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll
+ 2012-07-12 02:51 . 2012-06-02 08:19 1793024 c:\windows\SysWOW64\iertutil.dll
- 2012-06-14 21:25 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-07-12 02:51 . 2012-06-02 08:43 9737728 c:\windows\SysWOW64\ieframe.dll
- 2012-06-14 21:25 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll
+ 2012-07-12 02:51 . 2012-06-02 12:05 1392128 c:\windows\system32\wininet.dll
- 2012-06-14 21:25 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll
+ 2012-07-12 02:51 . 2012-06-02 12:05 1346048 c:\windows\system32\urlmon.dll
+ 2012-07-12 00:32 . 2012-06-06 06:06 1881600 c:\windows\system32\msxml3.dll
- 2012-06-14 21:25 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll
+ 2012-07-12 02:51 . 2012-06-02 12:12 2311680 c:\windows\system32\jscript9.dll
- 2012-06-14 21:25 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll
+ 2012-07-12 02:51 . 2012-06-02 11:59 2144768 c:\windows\system32\iertutil.dll
- 2011-08-21 18:21 . 2010-11-20 13:25 1133568 c:\windows\system32\cdosys.dll
+ 2012-07-12 00:32 . 2012-06-06 06:02 1133568 c:\windows\system32\cdosys.dll
- 2009-07-14 04:45 . 2012-06-22 02:02 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-07-22 01:30 7172107 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-15 05:44 . 2012-07-25 02:28 7144216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-141985954-1552009316-2749100623-1004-8192.dat
+ 2011-09-15 22:37 . 2011-09-15 22:37 9186816 c:\windows\Installer\530a7.msp
+ 2012-05-30 11:18 . 2012-05-30 11:18 1739264 c:\windows\Installer\3653fe.msp
+ 2012-06-19 16:54 . 2012-06-19 16:54 2239488 c:\windows\Installer\3653e8.msp
+ 2012-06-19 16:54 . 2012-06-19 16:54 5009920 c:\windows\Installer\3653d1.msp
+ 2012-04-05 02:37 . 2012-04-05 02:37 2540544 c:\windows\Installer\3653ba.msp
+ 2012-04-05 02:37 . 2012-04-05 02:37 3149824 c:\windows\Installer\365395.msp
+ 2012-07-18 20:42 . 2012-07-18 20:42 7931392 c:\windows\Installer\364a673.msi
+ 2009-12-09 23:05 . 2012-07-12 02:56 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-12-09 23:05 . 2012-06-14 21:36 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-12-09 23:05 . 2012-07-12 02:56 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2006-10-27 02:58 . 2006-10-27 02:58 2222904 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISFILT.DLL
+ 2006-10-27 02:58 . 2006-10-27 02:58 6180664 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISBRGR.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 1492264 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\UML.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 1837344 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\SG.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 1241928 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\ORGCHART.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 1179424 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\FACILITY.DLL
+ 2006-10-27 03:00 . 2006-10-27 03:00 1929512 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\DWGDP.DLL
+ 2011-07-27 09:55 . 2011-07-27 09:55 3004800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OLMAPI32.DLL
+ 2011-07-27 10:09 . 2011-07-27 10:09 5310848 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IPEDITOR.DLL
+ 2011-07-27 10:09 . 2011-07-27 10:09 5484416 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IPDESIGN.DLL
+ 2011-07-27 10:09 . 2011-07-27 10:09 1460088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\INFOPATH.EXE
+ 2012-07-12 00:32 . 2012-06-09 04:41 12873728 c:\windows\SysWOW64\shell32.dll
+ 2012-07-12 02:51 . 2012-06-02 09:07 12314624 c:\windows\SysWOW64\mshtml.dll
- 2012-06-14 21:25 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-07-12 20:48 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2012-07-12 00:32 . 2012-06-09 05:43 14172672 c:\windows\system32\shell32.dll
- 2012-02-15 14:39 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll
- 2012-06-14 21:25 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll
+ 2012-07-12 02:51 . 2012-06-02 12:49 17807360 c:\windows\system32\mshtml.dll
+ 2012-07-27 23:05 . 2012-07-27 23:05 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll
- 2012-06-14 21:25 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll
+ 2012-07-12 02:51 . 2012-06-02 12:17 10924032 c:\windows\system32\ieframe.dll
+ 2009-04-14 08:16 . 2009-04-14 08:16 15166464 c:\windows\Installer\53134.msp
+ 2012-05-30 11:18 . 2012-05-30 11:18 11885056 c:\windows\Installer\36542e.msp
+ 2012-07-22 00:32 . 2012-07-22 00:32 17379840 c:\windows\Installer\176167.msi
+ 2006-10-27 19:09 . 2006-10-27 19:09 11644720 c:\windows\Installer\$PatchCache$\Managed\00002109150000000000000000F01FEC\12.0.4518\VISLIB.DLL
+ 2011-08-03 23:18 . 2011-08-03 23:18 12997488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLOOK.EXE
+ 2011-09-15 22:35 . 2011-09-15 22:35 106095104 c:\windows\Installer\5311d.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-07-29 5464448]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
"IdeaNotesUser"="c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe" [2009-08-24 221872]
"OnekeyDM"="c:\program files (x86)\Lenovo\OnekeyDM\OnekeyDM.exe" [2009-03-27 468480]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2009-11-22 3122440]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Lenovo SlideNav"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe" [2009-08-19 839680]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Neil noname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2009-11-04 22528]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-25 544768]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 14848]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 6656]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 136176]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-25 113120]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-05 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]
S1 funfrm;funfrm; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-07-19 146816]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 DDNIMSGService;DDNIMSGService;c:\program files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-01-21 172720]
S2 DDNIService;DDNIService;c:\program files (x86)\DDNI\DIBS\DDNIService.exe [2010-03-04 160432]
S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 26128]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-07 317480]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-05-14 5435904]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-01-29 86120]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 23:05]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-25 03:19]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004Core.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-141985954-1552009316-2749100623-1004UA.job
- c:\users\Neil noname\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-01 02:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Neil noname\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-22 10:58 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-08-26 4366192]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-06-01 2342800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-07 16416360]
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.live.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
uInternet Settings,ProxyOverride = <-loopback>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Neil noname\AppData\Roaming\Mozilla\Firefox\Profiles\obd844ux.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 250
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-28 20:04:28
ComboFix-quarantined-files.txt 2012-07-29 00:04
ComboFix2.txt 2012-06-25 00:25
ComboFix3.txt 2012-06-17 12:56
ComboFix4.txt 2012-06-04 02:15
.
Pre-Run: 191,569,924,096 bytes free
Post-Run: 191,485,796,352 bytes free
.
- - End Of File - - 37EE5FEED0483DAEEED7F2243561D583

Still occurring.

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:28 PM

Posted 28 July 2012 - 08:31 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:28 PM

Posted 30 July 2012 - 11:27 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:28 PM

Posted 02 August 2012 - 11:23 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:28 PM

Posted 05 August 2012 - 11:15 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users