Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware on laptop


  • This topic is locked This topic is locked
41 replies to this topic

#1 orapaho

orapaho

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 09 January 2014 - 11:00 PM

I was originally in  a different form under am i infected http://www.bleepingcomputer.com/forums/t/513596/internet-opens-up-to-dosearchescom-instead-of-my-google-homepage/

 

So I have already done Mbam, MbamAntirootkit, Security Checkup, FSS, Minitoolbox, and Rkill  under that posting.

 

My laptop will inevitably shut itself off after 15-20 minutes, with no relation to the battery.   I did have a BSOD screen last week and I had to use a windows installation disc to boot up and restore my computer somewhat.  I am still getting alot of adware popping up.

 

Here is the DDS Attach  followed by the DDS file

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/2/2010 7:48:49 PM
System Uptime: 1/9/2014 6:25:54 PM (1 hours ago)
.
Motherboard: Micro-Star International |  | MS-1683
Processor: Pentium® Dual-Core CPU       T4500  @ 2.30GHz | CPU 1 | 1196/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 173 GiB total, 20.516 GiB free.
D: is FIXED (NTFS) - 115 GiB total, 97.051 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Description: Microsoft ACPI-Compliant Control Method Battery
Device ID: ACPI\PNP0C0A\1
Manufacturer: Microsoft
Name: Microsoft ACPI-Compliant Control Method Battery
PNP Device ID: ACPI\PNP0C0A\1
Service: CmBatt
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9
Device ID: ROOT\NET\0000
Manufacturer: TAP-Win32 Provider V9
Name: TAP-Win32 Adapter V9
PNP Device ID: ROOT\NET\0000
Service: tap0901
.
==== System Restore Points ===================
.
RP439: 1/6/2014 8:43:41 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acoustica Effects Pack
Acrobat.com
Adobe AIR
Adobe Audition CS5.5
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 9
Adobe Reader X (10.1.8)
Aleks 3.18
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Brochures & Flyers
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Funhouse II
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Photo Prints
ArcSoft Print Creations - Poster Creator
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft WebCam Companion 3
avast! Free Antivirus
Bonjour
BurnRecovery
Camera Recorder
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon MP Navigator EX 4.1
Canon MX700 series
Canon MX700 series User Registration
Canon MX880 series MP Drivers
Canon MX880 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner
Compatibility Pack for the 2007 Office system
EasyBits GO
Elements 9 Organizer
Elements STI Installer
ESET Online Scanner v3
File Type Assistant
Finger Sensing Pad Driver
Free File Viewer 2011
Garmin City Navigator North America NT 2012.40 Update
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
iCloud
iTunes
Java 7 Update 21
Java Auto Updater
Java™ 6 Update 30
JavaFX 2.1.1
Junk Mail filter update
LegalSounds Music Downloader 1.8
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (French) 2007
Microsoft Office OneNote MUI (Spanish) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (Spanish) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mise à jour Microsoft Office Excel 2007 Help  (KB963678)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669)
Mise à jour Microsoft Office Word 2007 Help  (KB963665)
Mixed In Key 2.5
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
msi Software Install
MSVCRT
Native Instruments Controller Editor
Native Instruments Service Center
Native Instruments Traktor 2
Native Instruments Traktor Audio 10
Native Instruments Traktor Audio 2
Native Instruments Traktor Audio 6
NVIDIA Control Panel 306.97
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 306.97
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Update 1.10.8
NVIDIA Update Components
office Convert Pdf to Jpg Jpeg Tiff Free 6.5
PayPal Plug-In
PeerBlock 1.1 (r518)
Phone to PC 4.1.4.2
PrivitizeVPN
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Revo Uninstaller 1.93
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
SmartSound Quicktracks for Premiere Elements 9.0
Smilebox
Soluto
Speccy
Spotify
SUPERAntiSpyware
SureThing CD Labeler Deluxe
System Control Manager
The Weather Channel Desktop 6
TunnelBear 1.0.31
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.1.2
Vuze
Vuze Remote Toolbar v8.5
Windows Driver Package - Ralink Technology, Corp. (netr28) Net  (07/06/2010 3.01.08.0001)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinPatrol
WinRAR archiver
WinZip 15.0
Xvid Video Codec
Yahoo! BrowserPlus 2.9.8
.
==== Event Viewer Messages From Past Week ========
.
1/9/2014 6:26:35 PM, Error: Service Control Manager [7000]  - The vToolbarUpdater17.2.0 service failed to start due to the following error:  The system cannot find the file specified.
1/8/2014 2:13:12 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
1/6/2014 9:13:10 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Soluto PCGenome Core Service service to connect.
1/6/2014 9:13:10 PM, Error: Service Control Manager [7000]  - The Soluto PCGenome Core Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/6/2014 8:11:51 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS_Install.
.
==== End Of File ===========================
 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.5.1
Run by Daniel at 19:21:45 on 2014-01-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2815.1206 [GMT -8:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\nvvsvc.exe
C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\rundll32.exe
c:\program files\soluto\soluto.exe
C:\windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\FSP\FspUip.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: OToolbarHelper Class: {EAD3A971-6A23-4246-8691-C9244E858967} - c:\program files\paypal\paypal plug-in\PayPalHelper.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: PayPal Plug-In: {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - c:\program files\paypal\paypal plug-in\OToolbar.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] c:\program files\common files\apple\internet services\BookmarkDAV_client.exe
uRun: [AppleIEDAV] c:\program files\common files\apple\internet services\AppleIEDAV.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [fspuip] "c:\program files\fsp\fspuip.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [20131121] c:\program files\avast software\avast\setup\emupdate\1d4d423c-0c9a-4e21-b7d4-c43abbdba5e1.exe /check
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvLsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6A2C4BD1-A532-448C-86CC-D0496604806D} : DHCPNameServer = 172.26.38.1 172.26.38.2
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\16D656279636163726563747E6564723 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\16D656279636163726563747E6564723 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\4414E49454C4D2D43594F5E4564777F627B6 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\4414E49454C4D2D43594F5E4564777F627B6 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\daniel\appdata\roaming\mozilla\firefox\profiles\xdcv2wub.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\daniel\appdata\local\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\users\daniel\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\users\daniel\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-12-10 21:21; avg@toolbar; c:\programdata\avg safeguard toolbar\firefoxext\17.2.0.38
FF - ExtSQL: 2013-12-17 21:30; vuze@mybrowserbar.com; c:\program files\vuze remote toolbar\FF
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-16 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-16 175176]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2012-7-11 51144]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-5-13 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-5-13 369584]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-10-1 37664]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-5-13 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-5-13 66336]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2010-1-7 17408]
R3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\drivers\fspad_wlh32.sys [2010-1-7 43008]
R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2012-12-6 2046560]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-9 14848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-12-9 49664]
.
=============== Created Last 30 ================
.
2014-01-08 06:22:45    104664    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-05 22:34:30    --------    d-sh--w-    C:\found.010
2014-01-05 22:22:25    --------    d-----w-    C:\AdwCleaner
2014-01-05 21:47:58    --------    d-sh--w-    C:\found.009
2014-01-05 20:50:20    --------    d-sh--w-    C:\found.008
2014-01-05 07:40:07    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-05 07:39:11    74456    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-12-23 07:18:44    --------    d-----w-    c:\programdata\Oracle
2013-12-14 19:57:25    --------    d-sh--w-    C:\found.007
2013-12-14 08:11:54    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2013-12-14 08:11:53    164864    ----a-w-    c:\program files\windows media player\wmplayer.exe
2013-12-13 03:58:28    301568    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-13 03:58:26    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2013-12-13 03:58:25    121856    ----a-w-    c:\windows\system32\wshom.ocx
2013-12-13 03:58:24    141824    ----a-w-    c:\windows\system32\wscript.exe
2013-12-13 03:58:23    163840    ----a-w-    c:\windows\system32\scrrun.dll
2013-12-13 03:58:23    126976    ----a-w-    c:\windows\system32\cscript.exe
2013-12-13 03:58:20    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-12-13 03:58:16    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-12-13 03:58:04    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-12-13 03:58:03    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-12-13 03:58:03    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
.
==================== Find3M  ====================
.
2013-12-11 08:36:05    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 08:36:05    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-11-26 09:23:02    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 09:22:11    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56    61952    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 08:52:26    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16    553472    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 07:32:06    1928192    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33    1820160    ----a-w-    c:\windows\system32\wininet.dll
2013-11-13 07:16:04    37664    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2013-10-31 07:46:16    770344    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-10-31 07:46:16    61680    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2013-10-31 07:46:16    49376    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-10-31 07:46:16    175176    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-10-31 07:46:15    66336    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-10-31 07:45:43    41664    ----a-w-    c:\windows\avastSS.scr
.
============= FINISH: 19:24:33.52 ===============
 



BC AdBot (Login to Remove)

 


#2 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 14 January 2014 - 03:03 PM

Hi and Welcome!!   
 
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 
Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 

**WARNING**Unfortunately one or more of the infections I have identified are Backdoor Trojans, IRCBots or other Malware capable of stealing very important information. You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft. More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.
 
Unfortunately I have found what is known as the ZeroAccess rootkit on your system. It is an especially nasty infection that can take quite some time to clean as well as may have damaged your system files itself. As a warning, during the cleaning (if you choose to do so) you may lose internet access with this computer and in the end we may need to reinstall the operating system anyway depending on the extent of the infection.
 
If you would like to format and reinstall your Operating System please let me know and we can assist you with that.
 
If you would like to continue with the cleaning, please continue with the following instructions and I will be more than happy to help.   :)
----------
 

weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#3 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 15 January 2014 - 01:08 AM

Wow that sounds like a serious infection thank you in advance.  I have a back up of my files from 6 months back.  I suppose if I backed things up on the external hard drive, the malware/virus would spread to that device too?

 

Here is the log:

 

22:01:56.0819 0464  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:02:00.0035 0464  ============================================================
22:02:00.0035 0464  Current date / time: 2014/01/14 22:02:00.0035
22:02:00.0035 0464  SystemInfo:
22:02:00.0035 0464  
22:02:00.0036 0464  OS Version: 6.1.7601 ServicePack: 1.0
22:02:00.0036 0464  Product type: Workstation
22:02:00.0036 0464  ComputerName: DANIEL-MSI
22:02:00.0036 0464  UserName: Daniel
22:02:00.0036 0464  Windows directory: C:\windows
22:02:00.0036 0464  System windows directory: C:\windows
22:02:00.0036 0464  Processor architecture: Intel x86
22:02:00.0036 0464  Number of processors: 2
22:02:00.0036 0464  Page size: 0x1000
22:02:00.0037 0464  Boot type: Normal boot
22:02:00.0037 0464  ============================================================
22:02:01.0740 0464  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:02:01.0757 0464  ============================================================
22:02:01.0757 0464  \Device\Harddisk0\DR0:
22:02:01.0757 0464  MBR partitions:
22:02:01.0757 0464  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x15997000
22:02:01.0757 0464  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16DC9800, BlocksNum 0xE664800
22:02:01.0757 0464  ============================================================
22:02:01.0787 0464  C: <-> \Device\Harddisk0\DR0\Partition1
22:02:01.0821 0464  D: <-> \Device\Harddisk0\DR0\Partition2
22:02:01.0821 0464  ============================================================
22:02:01.0821 0464  Initialize success
22:02:01.0821 0464  ============================================================
22:02:04.0159 5212  ============================================================
22:02:04.0159 5212  Scan started
22:02:04.0159 5212  Mode: Manual;
22:02:04.0159 5212  ============================================================
22:02:05.0502 5212  ================ Scan system memory ========================
22:02:05.0502 5212  System memory - ok
22:02:05.0503 5212  ================ Scan services =============================
22:02:05.0641 5212  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:02:05.0644 5212  !SASCORE - ok
22:02:05.0894 5212  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
22:02:05.0899 5212  1394ohci - ok
22:02:05.0960 5212  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
22:02:05.0966 5212  ACPI - ok
22:02:06.0021 5212  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
22:02:06.0023 5212  AcpiPmi - ok
22:02:06.0148 5212  [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
22:02:06.0154 5212  AdobeActiveFileMonitor9.0 - ok
22:02:06.0370 5212  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:02:06.0371 5212  AdobeARMservice - ok
22:02:06.0535 5212  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:02:06.0540 5212  AdobeFlashPlayerUpdateSvc - ok
22:02:06.0594 5212  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
22:02:06.0603 5212  adp94xx - ok
22:02:06.0637 5212  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
22:02:06.0644 5212  adpahci - ok
22:02:06.0665 5212  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
22:02:06.0670 5212  adpu320 - ok
22:02:06.0723 5212  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
22:02:06.0726 5212  AeLookupSvc - ok
22:02:06.0817 5212  [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD             C:\windows\system32\drivers\afd.sys
22:02:06.0824 5212  AFD - ok
22:02:06.0884 5212  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
22:02:06.0887 5212  agp440 - ok
22:02:06.0942 5212  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\windows\system32\DRIVERS\djsvs.sys
22:02:06.0946 5212  aic78xx - ok
22:02:07.0009 5212  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\windows\System32\alg.exe
22:02:07.0011 5212  ALG - ok
22:02:07.0068 5212  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
22:02:07.0070 5212  aliide - ok
22:02:07.0107 5212  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
22:02:07.0109 5212  amdagp - ok
22:02:07.0137 5212  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
22:02:07.0157 5212  amdide - ok
22:02:07.0197 5212  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
22:02:07.0200 5212  AmdK8 - ok
22:02:07.0225 5212  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
22:02:07.0228 5212  AmdPPM - ok
22:02:07.0292 5212  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\windows\system32\drivers\amdsata.sys
22:02:07.0296 5212  amdsata - ok
22:02:07.0339 5212  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
22:02:07.0343 5212  amdsbs - ok
22:02:07.0355 5212  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\windows\system32\drivers\amdxata.sys
22:02:07.0358 5212  amdxata - ok
22:02:07.0393 5212  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\windows\system32\drivers\appid.sys
22:02:07.0396 5212  AppID - ok
22:02:07.0442 5212  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
22:02:07.0444 5212  AppIDSvc - ok
22:02:07.0492 5212  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\windows\System32\appinfo.dll
22:02:07.0494 5212  Appinfo - ok
22:02:07.0636 5212  [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:02:07.0641 5212  Apple Mobile Device - ok
22:02:07.0717 5212  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\windows\system32\DRIVERS\arc.sys
22:02:07.0723 5212  arc - ok
22:02:07.0741 5212  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
22:02:07.0745 5212  arcsas - ok
22:02:07.0834 5212  [ DFD07F0A36BD4F7E7AD2BC5548213694 ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
22:02:07.0836 5212  ArcSoftKsUFilter - ok
22:02:08.0002 5212  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:02:08.0015 5212  aspnet_state - ok
22:02:08.0078 5212  [ 7D9088EAB3C1B8A068FC7E4E1B77879B ] aswFsBlk        C:\windows\system32\drivers\aswFsBlk.sys
22:02:08.0081 5212  aswFsBlk - ok
22:02:08.0130 5212  [ F698E89A6C8476C49278CD5D3A0AAD45 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
22:02:08.0155 5212  aswMonFlt - ok
22:02:08.0229 5212  [ 30402D9D54DF3CA9183678C7ADF77F3F ] aswRdr          C:\windows\System32\Drivers\aswrdr2.sys
22:02:08.0233 5212  aswRdr - ok
22:02:08.0301 5212  [ 4A98AD4CF303D4416E9BA914216822BB ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
22:02:08.0304 5212  aswRvrt - ok
22:02:08.0406 5212  [ 0BE94F7E943A3DEA83B32937218ABCAB ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
22:02:08.0421 5212  aswSnx - ok
22:02:08.0478 5212  [ B2D7E7DF02C5A86465F988BE9BF33EAB ] aswSP           C:\windows\system32\drivers\aswSP.sys
22:02:08.0486 5212  aswSP - ok
22:02:08.0539 5212  [ AEE20B454E1982AFC1BF81B41E143BF7 ] aswTdi          C:\windows\system32\drivers\aswTdi.sys
22:02:08.0542 5212  aswTdi - ok
22:02:08.0625 5212  [ 101157826C32D0759D8F53950BE891AF ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
22:02:08.0630 5212  aswVmm - ok
22:02:08.0648 5212  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
22:02:08.0650 5212  AsyncMac - ok
22:02:08.0704 5212  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\windows\system32\drivers\atapi.sys
22:02:08.0707 5212  atapi - ok
22:02:08.0766 5212  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:02:08.0777 5212  AudioEndpointBuilder - ok
22:02:08.0796 5212  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
22:02:08.0803 5212  Audiosrv - ok
22:02:08.0917 5212  [ 2B243715E7697E5AAA858CEB6AF680BC ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:02:08.0919 5212  avast! Antivirus - ok
22:02:09.0132 5212  [ 15ACA2AD17ACECA4814F249783E63AD3 ] avgtp           C:\windows\system32\drivers\avgtpx86.sys
22:02:09.0134 5212  avgtp - ok
22:02:09.0186 5212  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
22:02:09.0189 5212  AxInstSV - ok
22:02:09.0234 5212  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\windows\system32\DRIVERS\bxvbdx.sys
22:02:09.0244 5212  b06bdrv - ok
22:02:09.0261 5212  b57nd60x - ok
22:02:09.0317 5212  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
22:02:09.0320 5212  BDESVC - ok
22:02:09.0417 5212  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
22:02:09.0420 5212  Beep - ok
22:02:09.0474 5212  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\windows\System32\bfe.dll
22:02:09.0488 5212  BFE - ok
22:02:09.0580 5212  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\system32\qmgr.dll
22:02:09.0598 5212  BITS - ok
22:02:09.0626 5212  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
22:02:09.0642 5212  blbdrive - ok
22:02:09.0743 5212  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:02:09.0752 5212  Bonjour Service - ok
22:02:09.0841 5212  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
22:02:09.0844 5212  bowser - ok
22:02:09.0888 5212  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
22:02:09.0891 5212  BrFiltLo - ok
22:02:09.0899 5212  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
22:02:09.0901 5212  BrFiltUp - ok
22:02:09.0957 5212  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys
22:02:09.0960 5212  BridgeMP - ok
22:02:10.0036 5212  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\windows\System32\browser.dll
22:02:10.0041 5212  Browser - ok
22:02:10.0089 5212  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\windows\System32\Drivers\Brserid.sys
22:02:10.0096 5212  Brserid - ok
22:02:10.0124 5212  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
22:02:10.0127 5212  BrSerWdm - ok
22:02:10.0153 5212  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
22:02:10.0155 5212  BrUsbMdm - ok
22:02:10.0165 5212  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
22:02:10.0167 5212  BrUsbSer - ok
22:02:10.0182 5212  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
22:02:10.0186 5212  BTHMODEM - ok
22:02:10.0239 5212  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\windows\system32\bthserv.dll
22:02:10.0241 5212  bthserv - ok
22:02:10.0277 5212  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
22:02:10.0281 5212  cdfs - ok
22:02:10.0343 5212  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\windows\system32\drivers\cdrom.sys
22:02:10.0347 5212  cdrom - ok
22:02:10.0388 5212  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\windows\System32\certprop.dll
22:02:10.0390 5212  CertPropSvc - ok
22:02:10.0425 5212  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
22:02:10.0428 5212  circlass - ok
22:02:10.0510 5212  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
22:02:10.0517 5212  CLFS - ok
22:02:10.0603 5212  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:02:10.0606 5212  clr_optimization_v2.0.50727_32 - ok
22:02:10.0673 5212  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:02:10.0737 5212  clr_optimization_v4.0.30319_32 - ok
22:02:10.0760 5212  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
22:02:10.0762 5212  CmBatt - ok
22:02:10.0803 5212  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
22:02:10.0805 5212  cmdide - ok
22:02:10.0867 5212  [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG             C:\windows\system32\Drivers\cng.sys
22:02:10.0875 5212  CNG - ok
22:02:10.0918 5212  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
22:02:10.0921 5212  Compbatt - ok
22:02:10.0962 5212  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
22:02:10.0965 5212  CompositeBus - ok
22:02:10.0973 5212  COMSysApp - ok
22:02:11.0086 5212  cpuz135 - ok
22:02:11.0105 5212  cpuz136 - ok
22:02:11.0148 5212  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
22:02:11.0151 5212  crcdisk - ok
22:02:11.0206 5212  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc        C:\windows\system32\cryptsvc.dll
22:02:11.0211 5212  CryptSvc - ok
22:02:11.0259 5212  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
22:02:11.0274 5212  DcomLaunch - ok
22:02:11.0335 5212  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\windows\System32\defragsvc.dll
22:02:11.0341 5212  defragsvc - ok
22:02:11.0415 5212  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
22:02:11.0418 5212  DfsC - ok
22:02:11.0472 5212  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
22:02:11.0480 5212  Dhcp - ok
22:02:11.0531 5212  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
22:02:11.0534 5212  discache - ok
22:02:11.0550 5212  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
22:02:11.0553 5212  Disk - ok
22:02:11.0622 5212  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
22:02:11.0628 5212  Dnscache - ok
22:02:11.0672 5212  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\windows\System32\dot3svc.dll
22:02:11.0678 5212  dot3svc - ok
22:02:11.0718 5212  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\windows\system32\dps.dll
22:02:11.0724 5212  DPS - ok
22:02:11.0785 5212  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
22:02:11.0787 5212  drmkaud - ok
22:02:15.0013 5212  [ F3E32083283E3838E6CE039F34438D5C ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
22:02:18.0983 5212  Suspicious file (Forged): C:\windows\System32\drivers\dxgkrnl.sys. Real md5: F3E32083283E3838E6CE039F34438D5C, Fake md5: 71BC35067CABC02C9453AEAA42B2E43E
22:02:18.0987 5212  DXGKrnl ( ForgedFile.Multi.Generic ) - warning
22:02:18.0987 5212  DXGKrnl - detected ForgedFile.Multi.Generic (1)
22:02:19.0057 5212  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\windows\System32\eapsvc.dll
22:02:19.0061 5212  EapHost - ok
22:02:19.0159 5212  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\windows\system32\DRIVERS\evbdx.sys
22:02:19.0236 5212  ebdrv - ok
22:02:19.0270 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS             C:\windows\System32\lsass.exe
22:02:19.0276 5212  EFS - ok
22:02:19.0376 5212  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
22:02:19.0390 5212  ehRecvr - ok
22:02:19.0435 5212  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\windows\ehome\ehsched.exe
22:02:19.0439 5212  ehSched - ok
22:02:19.0500 5212  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
22:02:19.0510 5212  elxstor - ok
22:02:19.0547 5212  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
22:02:19.0550 5212  ErrDev - ok
22:02:19.0649 5212  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\windows\system32\es.dll
22:02:19.0659 5212  EventSystem - ok
22:02:19.0682 5212  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\windows\system32\drivers\exfat.sys
22:02:19.0687 5212  exfat - ok
22:02:19.0756 5212  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\windows\system32\drivers\fastfat.sys
22:02:19.0761 5212  fastfat - ok
22:02:19.0827 5212  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\windows\system32\fxssvc.exe
22:02:19.0840 5212  Fax - ok
22:02:19.0862 5212  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\windows\system32\DRIVERS\fdc.sys
22:02:19.0865 5212  fdc - ok
22:02:19.0918 5212  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\windows\system32\fdPHost.dll
22:02:19.0923 5212  fdPHost - ok
22:02:19.0958 5212  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
22:02:19.0962 5212  FDResPub - ok
22:02:20.0026 5212  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
22:02:20.0029 5212  FileInfo - ok
22:02:20.0058 5212  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
22:02:20.0060 5212  Filetrace - ok
22:02:20.0075 5212  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
22:02:20.0077 5212  flpydisk - ok
22:02:20.0109 5212  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
22:02:20.0117 5212  FltMgr - ok
22:02:20.0312 5212  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\windows\system32\FntCache.dll
22:02:20.0367 5212  FontCache - ok
22:02:20.0527 5212  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:02:20.0530 5212  FontCache3.0.0.0 - ok
22:02:20.0549 5212  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
22:02:20.0552 5212  FsDepends - ok
22:02:20.0587 5212  [ 8042377EDEF55850F275B36F6E8B24AB ] fspad_wlh32     C:\windows\system32\DRIVERS\fspad_wlh32.sys
22:02:20.0590 5212  fspad_wlh32 - ok
22:02:20.0644 5212  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
22:02:20.0646 5212  Fs_Rec - ok
22:02:20.0706 5212  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
22:02:20.0711 5212  fvevol - ok
22:02:20.0767 5212  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
22:02:20.0771 5212  gagp30kx - ok
22:02:20.0823 5212  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
22:02:20.0826 5212  GEARAspiWDM - ok
22:02:20.0899 5212  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\windows\System32\gpsvc.dll
22:02:20.0913 5212  gpsvc - ok
22:02:20.0971 5212  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
22:02:20.0974 5212  hcw85cir - ok
22:02:21.0020 5212  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:02:21.0028 5212  HdAudAddService - ok
22:02:21.0068 5212  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
22:02:21.0071 5212  HDAudBus - ok
22:02:21.0149 5212  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
22:02:21.0153 5212  HidBatt - ok
22:02:21.0172 5212  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
22:02:21.0176 5212  HidBth - ok
22:02:21.0199 5212  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
22:02:21.0202 5212  HidIr - ok
22:02:21.0241 5212  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\windows\System32\hidserv.dll
22:02:21.0246 5212  hidserv - ok
22:02:21.0293 5212  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\drivers\hidusb.sys
22:02:21.0296 5212  HidUsb - ok
22:02:21.0328 5212  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
22:02:21.0333 5212  hkmsvc - ok
22:02:21.0387 5212  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:02:21.0396 5212  HomeGroupListener - ok
22:02:21.0449 5212  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:02:21.0460 5212  HomeGroupProvider - ok
22:02:21.0510 5212  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
22:02:21.0514 5212  HpSAMD - ok
22:02:21.0632 5212  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
22:02:21.0642 5212  HTTP - ok
22:02:21.0675 5212  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
22:02:21.0678 5212  hwpolicy - ok
22:02:21.0744 5212  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
22:02:21.0748 5212  i8042prt - ok
22:02:21.0784 5212  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
22:02:21.0815 5212  iaStorV - ok
22:02:21.0903 5212  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:02:21.0925 5212  idsvc - ok
22:02:21.0943 5212  IEEtwCollectorService - ok
22:02:21.0994 5212  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
22:02:21.0996 5212  iirsp - ok
22:02:22.0055 5212  [ B9C54120F46392100478F58F374E5709 ] IKEEXT          C:\windows\System32\ikeext.dll
22:02:22.0072 5212  IKEEXT - ok
22:02:22.0244 5212  [ 8B27C21412AE4404EB0ACFE1D98579EC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
22:02:22.0297 5212  IntcAzAudAddService - ok
22:02:22.0346 5212  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
22:02:22.0351 5212  intelide - ok
22:02:22.0392 5212  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
22:02:22.0394 5212  intelppm - ok
22:02:22.0455 5212  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\windows\system32\ipbusenum.dll
22:02:22.0462 5212  IPBusEnum - ok
22:02:22.0488 5212  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
22:02:22.0494 5212  IpFilterDriver - ok
22:02:22.0553 5212  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
22:02:22.0570 5212  iphlpsvc - ok
22:02:22.0620 5212  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
22:02:22.0624 5212  IPMIDRV - ok
22:02:22.0668 5212  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\windows\system32\drivers\ipnat.sys
22:02:22.0672 5212  IPNAT - ok
22:02:22.0753 5212  [ 066F2BBE2EEC9A42B065B552BF356B4E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:02:22.0764 5212  iPod Service - ok
22:02:22.0789 5212  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
22:02:22.0792 5212  IRENUM - ok
22:02:22.0840 5212  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
22:02:22.0843 5212  isapnp - ok
22:02:22.0869 5212  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
22:02:22.0875 5212  iScsiPrt - ok
22:02:22.0934 5212  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
22:02:22.0937 5212  kbdclass - ok
22:02:23.0020 5212  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
22:02:23.0023 5212  kbdhid - ok
22:02:23.0037 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso          C:\windows\system32\lsass.exe
22:02:23.0043 5212  KeyIso - ok
22:02:23.0098 5212  [ F286830298323272260332D6ABC905C1 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
22:02:23.0101 5212  KSecDD - ok
22:02:23.0138 5212  [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
22:02:23.0143 5212  KSecPkg - ok
22:02:23.0200 5212  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\windows\system32\msdtckrm.dll
22:02:23.0211 5212  KtmRm - ok
22:02:23.0254 5212  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\System32\srvsvc.dll
22:02:23.0266 5212  LanmanServer - ok
22:02:23.0313 5212  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:02:23.0325 5212  LanmanWorkstation - ok
22:02:23.0382 5212  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
22:02:23.0385 5212  lltdio - ok
22:02:23.0429 5212  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\windows\System32\lltdsvc.dll
22:02:23.0438 5212  lltdsvc - ok
22:02:23.0455 5212  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\windows\System32\lmhsvc.dll
22:02:23.0461 5212  lmhosts - ok
22:02:23.0495 5212  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
22:02:23.0498 5212  LSI_FC - ok
22:02:23.0541 5212  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
22:02:23.0545 5212  LSI_SAS - ok
22:02:23.0565 5212  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
22:02:23.0568 5212  LSI_SAS2 - ok
22:02:23.0585 5212  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
22:02:23.0591 5212  LSI_SCSI - ok
22:02:23.0646 5212  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\windows\system32\drivers\luafv.sys
22:02:23.0650 5212  luafv - ok
22:02:23.0855 5212  [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC           C:\windows\system32\DRIVERS\lvuvc.sys
22:02:24.0005 5212  LVUVC - ok
22:02:24.0053 5212  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
22:02:24.0059 5212  Mcx2Svc - ok
22:02:24.0104 5212  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
22:02:24.0107 5212  megasas - ok
22:02:24.0128 5212  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
22:02:24.0134 5212  MegaSR - ok
22:02:24.0166 5212  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\windows\system32\mmcss.dll
22:02:24.0172 5212  MMCSS - ok
22:02:24.0229 5212  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\windows\system32\drivers\modem.sys
22:02:24.0232 5212  Modem - ok
22:02:24.0259 5212  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
22:02:24.0260 5212  monitor - ok
22:02:24.0310 5212  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
22:02:24.0313 5212  mouclass - ok
22:02:24.0363 5212  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
22:02:24.0366 5212  mouhid - ok
22:02:24.0448 5212  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
22:02:24.0451 5212  mountmgr - ok
22:02:24.0544 5212  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:02:24.0547 5212  MozillaMaintenance - ok
22:02:24.0613 5212  [ FEE0BADED54222E9F1DAE9541212AAB1 ] MpFilter        C:\windows\system32\DRIVERS\MpFilter.sys
22:02:24.0618 5212  MpFilter - ok
22:02:24.0641 5212  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
22:02:24.0645 5212  mpio - ok
22:02:24.0674 5212  [ 2C3489660D4A8D514C123C3F0D67DF46 ] MpNWMon         C:\windows\system32\DRIVERS\MpNWMon.sys
22:02:24.0678 5212  MpNWMon - ok
22:02:24.0749 5212  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
22:02:24.0752 5212  mpsdrv - ok
22:02:24.0818 5212  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
22:02:24.0836 5212  MpsSvc - ok
22:02:24.0896 5212  [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
22:02:24.0899 5212  MRxDAV - ok
22:02:24.0966 5212  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
22:02:24.0971 5212  mrxsmb - ok
22:02:25.0046 5212  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
22:02:25.0053 5212  mrxsmb10 - ok
22:02:25.0129 5212  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
22:02:25.0133 5212  mrxsmb20 - ok
22:02:25.0173 5212  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
22:02:25.0176 5212  msahci - ok
22:02:25.0216 5212  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\windows\system32\drivers\msdsm.sys
22:02:25.0221 5212  msdsm - ok
22:02:25.0263 5212  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\windows\System32\msdtc.exe
22:02:25.0270 5212  MSDTC - ok
22:02:25.0312 5212  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
22:02:25.0315 5212  Msfs - ok
22:02:25.0335 5212  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
22:02:25.0337 5212  mshidkmdf - ok
22:02:25.0379 5212  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
22:02:25.0382 5212  msisadrv - ok
22:02:25.0424 5212  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
22:02:25.0430 5212  MSiSCSI - ok
22:02:25.0437 5212  msiserver - ok
22:02:25.0511 5212  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
22:02:25.0514 5212  MSKSSRV - ok
22:02:25.0572 5212  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
22:02:25.0584 5212  MSPCLOCK - ok
22:02:25.0628 5212  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
22:02:25.0660 5212  MSPQM - ok
22:02:25.0700 5212  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
22:02:25.0705 5212  MsRPC - ok
22:02:25.0766 5212  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
22:02:25.0768 5212  mssmbios - ok
22:02:25.0799 5212  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
22:02:25.0802 5212  MSTEE - ok
22:02:25.0826 5212  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
22:02:25.0828 5212  MTConfig - ok
22:02:25.0855 5212  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\windows\system32\Drivers\mup.sys
22:02:25.0858 5212  Mup - ok
22:02:25.0906 5212  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
22:02:25.0919 5212  napagent - ok
22:02:25.0990 5212  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
22:02:25.0996 5212  NativeWifiP - ok
22:02:26.0064 5212  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
22:02:26.0085 5212  NDIS - ok
22:02:26.0155 5212  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
22:02:26.0158 5212  NdisCap - ok
22:02:26.0190 5212  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
22:02:26.0192 5212  NdisTapi - ok
22:02:26.0255 5212  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
22:02:26.0259 5212  Ndisuio - ok
22:02:26.0302 5212  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
22:02:26.0307 5212  NdisWan - ok
22:02:26.0348 5212  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
22:02:26.0351 5212  NDProxy - ok
22:02:26.0423 5212  [ 1352E1648213551923A0A822E441553C ] Netaapl         C:\windows\system32\DRIVERS\netaapl.sys
22:02:26.0426 5212  Netaapl - ok
22:02:26.0485 5212  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
22:02:26.0488 5212  NetBIOS - ok
22:02:26.0548 5212  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
22:02:26.0553 5212  NetBT - ok
22:02:26.0582 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon        C:\windows\system32\lsass.exe
22:02:26.0588 5212  Netlogon - ok
22:02:26.0647 5212  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
22:02:26.0659 5212  Netman - ok
22:02:26.0709 5212  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:02:26.0712 5212  NetMsmqActivator - ok
22:02:26.0745 5212  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:02:26.0748 5212  NetPipeActivator - ok
22:02:26.0799 5212  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
22:02:26.0812 5212  netprofm - ok
22:02:26.0925 5212  [ 6B125FF82D34255F42853E11A9AE9E48 ] netr28          C:\windows\system32\DRIVERS\netr28.sys
22:02:26.0961 5212  netr28 - ok
22:02:26.0998 5212  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:02:27.0001 5212  NetTcpActivator - ok
22:02:27.0017 5212  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:02:27.0021 5212  NetTcpPortSharing - ok
22:02:27.0069 5212  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
22:02:27.0072 5212  nfrd960 - ok
22:02:27.0252 5212  [ BD7A1D7BEF2C0FDE73F7B87971ED9D2F ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
22:02:27.0294 5212  NIHardwareService - ok
22:02:27.0367 5212  [ 7B01C6172CFD0B10116175E09200D4B4 ] NisDrv          C:\windows\system32\DRIVERS\NisDrvWFP.sys
22:02:27.0370 5212  NisDrv - ok
22:02:27.0418 5212  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
22:02:27.0429 5212  NlaSvc - ok
22:02:27.0474 5212  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
22:02:27.0477 5212  Npfs - ok
22:02:27.0526 5212  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\windows\system32\nsisvc.dll
22:02:27.0533 5212  nsi - ok
22:02:27.0577 5212  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
22:02:27.0580 5212  nsiproxy - ok
22:02:27.0655 5212  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
22:02:27.0677 5212  Ntfs - ok
22:02:27.0717 5212  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
22:02:27.0720 5212  Null - ok
22:02:27.0742 5212  [ B5E37E31C053BC9950455A257526514B ] NVENETFD        C:\windows\system32\DRIVERS\nvm62x32.sys
22:02:27.0750 5212  NVENETFD - ok
22:02:27.0823 5212  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\windows\system32\drivers\nvhda32v.sys
22:02:27.0828 5212  NVHDA - ok
22:02:28.0134 5212  [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
22:02:28.0432 5212  nvlddmkm - ok
22:02:28.0511 5212  [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET           C:\windows\system32\DRIVERS\nvmf6232.sys
22:02:28.0519 5212  NVNET - ok
22:02:28.0558 5212  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
22:02:28.0562 5212  nvraid - ok
22:02:28.0635 5212  [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu           C:\windows\system32\DRIVERS\nvsmu.sys
22:02:28.0637 5212  nvsmu - ok
22:02:28.0696 5212  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
22:02:28.0701 5212  nvstor - ok
22:02:28.0745 5212  [ 3FF57A9A657C9690ECBC8B1E3B6E3979 ] nvstor32        C:\windows\system32\DRIVERS\nvstor32.sys
22:02:28.0750 5212  nvstor32 - ok
22:02:28.0841 5212  [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc           C:\windows\system32\nvvsvc.exe
22:02:28.0858 5212  nvsvc - ok
22:02:28.0973 5212  [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:02:28.0987 5212  nvUpdatusService - ok
22:02:29.0033 5212  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
22:02:29.0037 5212  nv_agp - ok
22:02:29.0127 5212  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:02:29.0135 5212  odserv - ok
22:02:29.0172 5212  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
22:02:29.0176 5212  ohci1394 - ok
22:02:29.0255 5212  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:02:29.0258 5212  ose - ok
22:02:29.0336 5212  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
22:02:29.0348 5212  p2pimsvc - ok
22:02:29.0372 5212  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
22:02:29.0385 5212  p2psvc - ok
22:02:29.0429 5212  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\windows\system32\DRIVERS\parport.sys
22:02:29.0432 5212  Parport - ok
22:02:29.0469 5212  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\windows\system32\drivers\partmgr.sys
22:02:29.0473 5212  partmgr - ok
22:02:29.0491 5212  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
22:02:29.0494 5212  Parvdm - ok
22:02:29.0535 5212  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
22:02:29.0545 5212  PcaSvc - ok
22:02:29.0595 5212  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\windows\system32\drivers\pci.sys
22:02:29.0600 5212  pci - ok
22:02:29.0657 5212  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
22:02:29.0660 5212  pciide - ok
22:02:29.0705 5212  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
22:02:29.0710 5212  pcmcia - ok
22:02:29.0757 5212  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\windows\system32\drivers\pcw.sys
22:02:29.0760 5212  pcw - ok
22:02:29.0816 5212  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
22:02:29.0829 5212  PEAUTH - ok
22:02:29.0932 5212  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\windows\system32\pla.dll
22:02:29.0964 5212  pla - ok
22:02:30.0023 5212  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
22:02:30.0037 5212  PlugPlay - ok
22:02:30.0077 5212  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
22:02:30.0085 5212  PNRPAutoReg - ok
22:02:30.0102 5212  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
22:02:30.0113 5212  PNRPsvc - ok
22:02:30.0185 5212  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
22:02:30.0195 5212  PolicyAgent - ok
22:02:30.0260 5212  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\windows\system32\umpo.dll
22:02:30.0271 5212  Power - ok
22:02:30.0341 5212  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
22:02:30.0345 5212  PptpMiniport - ok
22:02:30.0374 5212  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\windows\system32\DRIVERS\processr.sys
22:02:30.0377 5212  Processor - ok
22:02:30.0442 5212  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\windows\system32\profsvc.dll
22:02:30.0452 5212  ProfSvc - ok
22:02:30.0472 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\windows\system32\lsass.exe
22:02:30.0477 5212  ProtectedStorage - ok
22:02:30.0552 5212  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
22:02:30.0554 5212  Psched - ok
22:02:30.0606 5212  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\windows\system32\Drivers\PxHelp20.sys
22:02:30.0609 5212  PxHelp20 - ok
22:02:30.0665 5212  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
22:02:30.0692 5212  ql2300 - ok
22:02:30.0735 5212  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
22:02:30.0739 5212  ql40xx - ok
22:02:30.0796 5212  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\windows\system32\qwave.dll
22:02:30.0806 5212  QWAVE - ok
22:02:30.0827 5212  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
22:02:30.0829 5212  QWAVEdrv - ok
22:02:30.0837 5212  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
22:02:30.0840 5212  RasAcd - ok
22:02:30.0878 5212  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
22:02:30.0881 5212  RasAgileVpn - ok
22:02:30.0921 5212  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\windows\System32\rasauto.dll
22:02:30.0930 5212  RasAuto - ok
22:02:30.0950 5212  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
22:02:30.0954 5212  Rasl2tp - ok
22:02:31.0012 5212  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
22:02:31.0026 5212  RasMan - ok
22:02:31.0055 5212  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
22:02:31.0060 5212  RasPppoe - ok
22:02:31.0073 5212  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
22:02:31.0077 5212  RasSstp - ok
22:02:31.0132 5212  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
22:02:31.0138 5212  rdbss - ok
22:02:31.0181 5212  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
22:02:31.0183 5212  rdpbus - ok
22:02:31.0225 5212  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
22:02:31.0227 5212  RDPCDD - ok
22:02:31.0268 5212  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
22:02:31.0271 5212  RDPENCDD - ok
22:02:31.0309 5212  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
22:02:31.0311 5212  RDPREFMP - ok
22:02:31.0393 5212  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
22:02:31.0395 5212  RdpVideoMiniport - ok
22:02:31.0453 5212  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
22:02:31.0459 5212  RDPWD - ok
22:02:31.0536 5212  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
22:02:31.0541 5212  rdyboost - ok
22:02:31.0591 5212  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
22:02:31.0598 5212  RemoteAccess - ok
22:02:31.0635 5212  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
22:02:31.0644 5212  RemoteRegistry - ok
22:02:31.0664 5212  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
22:02:31.0673 5212  RpcEptMapper - ok
22:02:31.0721 5212  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
22:02:31.0726 5212  RpcLocator - ok
22:02:31.0774 5212  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\windows\System32\rpcss.dll
22:02:31.0786 5212  RpcSs - ok
22:02:31.0831 5212  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
22:02:31.0834 5212  rspndr - ok
22:02:31.0842 5212  RSUSBSTOR - ok
22:02:31.0869 5212  [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167         C:\windows\system32\DRIVERS\Rt86win7.sys
22:02:31.0874 5212  RTL8167 - ok
22:02:31.0896 5212  RtsUIR - ok
22:02:31.0917 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs           C:\windows\system32\lsass.exe
22:02:31.0922 5212  SamSs - ok
22:02:31.0990 5212  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:02:31.0992 5212  SASDIFSV - ok
22:02:32.0037 5212  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:02:32.0040 5212  SASKUTIL - ok
22:02:32.0063 5212  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
22:02:32.0067 5212  sbp2port - ok
22:02:32.0106 5212  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
22:02:32.0116 5212  SCardSvr - ok
22:02:32.0137 5212  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
22:02:32.0140 5212  scfilter - ok
22:02:32.0238 5212  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
22:02:32.0259 5212  Schedule - ok
22:02:32.0281 5212  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\windows\System32\certprop.dll
22:02:32.0284 5212  SCPolicySvc - ok
22:02:32.0335 5212  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\windows\system32\drivers\sdbus.sys
22:02:32.0339 5212  sdbus - ok
22:02:32.0381 5212  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
22:02:32.0392 5212  SDRSVC - ok
22:02:32.0434 5212  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
22:02:32.0437 5212  secdrv - ok
22:02:32.0472 5212  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
22:02:32.0481 5212  seclogon - ok
22:02:32.0497 5212  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\system32\sens.dll
22:02:32.0506 5212  SENS - ok
22:02:32.0522 5212  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
22:02:32.0531 5212  SensrSvc - ok
22:02:32.0553 5212  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
22:02:32.0556 5212  Serenum - ok
22:02:32.0608 5212  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
22:02:32.0612 5212  Serial - ok
22:02:32.0632 5212  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
22:02:32.0635 5212  sermouse - ok
22:02:32.0691 5212  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
22:02:32.0701 5212  SessionEnv - ok
22:02:32.0745 5212  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
22:02:32.0748 5212  sffdisk - ok
22:02:32.0768 5212  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
22:02:32.0770 5212  sffp_mmc - ok
22:02:32.0789 5212  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
22:02:32.0792 5212  sffp_sd - ok
22:02:32.0831 5212  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
22:02:32.0834 5212  sfloppy - ok
22:02:32.0899 5212  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
22:02:32.0909 5212  SharedAccess - ok
22:02:32.0962 5212  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:02:32.0976 5212  ShellHWDetection - ok
22:02:33.0002 5212  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
22:02:33.0006 5212  sisagp - ok
22:02:33.0052 5212  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
22:02:33.0055 5212  SiSRaid2 - ok
22:02:33.0077 5212  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
22:02:33.0081 5212  SiSRaid4 - ok
22:02:33.0273 5212  [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:02:33.0378 5212  Skype C2C Service - ok
22:02:33.0458 5212  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:02:33.0461 5212  SkypeUpdate - ok
22:02:33.0483 5212  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\windows\system32\DRIVERS\smb.sys
22:02:33.0487 5212  Smb - ok
22:02:33.0547 5212  [ 19301C27F3425DC39F6C599F527E507D ] smserial        C:\windows\system32\DRIVERS\smserial.sys
22:02:33.0567 5212  smserial - ok
22:02:33.0633 5212  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
22:02:33.0642 5212  SNMPTRAP - ok
22:02:33.0701 5212  [ FF35C2D01AC36B446A1B997F305F0FC2 ] Soluto          C:\windows\system32\DRIVERS\Soluto.sys
22:02:33.0705 5212  Soluto - ok
22:02:33.0814 5212  [ C4710D7911A20F70D126DB7571C3004A ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
22:02:33.0819 5212  SolutoLauncherService - ok
22:02:33.0908 5212  [ BCA25A87AD78FEDAC5C5ABD92DB3BECD ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe
22:02:33.0931 5212  SolutoRemoteService - ok
22:02:33.0985 5212  [ E2774CDAC3BDCDC188891236F64594DC ] SolutoService   C:\Program Files\Soluto\SolutoService.exe
22:02:33.0992 5212  SolutoService - ok
22:02:34.0004 5212  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\windows\system32\drivers\spldr.sys
22:02:34.0007 5212  spldr - ok
22:02:34.0051 5212  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\windows\System32\spoolsv.exe
22:02:34.0065 5212  Spooler - ok
22:02:34.0203 5212  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
22:02:34.0293 5212  sppsvc - ok
22:02:34.0351 5212  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\windows\system32\sppuinotify.dll
22:02:34.0360 5212  sppuinotify - ok
22:02:34.0421 5212  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\windows\system32\DRIVERS\srv.sys
22:02:34.0429 5212  srv - ok
22:02:34.0491 5212  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
22:02:34.0498 5212  srv2 - ok
22:02:34.0546 5212  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
22:02:34.0550 5212  srvnet - ok
22:02:34.0587 5212  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
22:02:34.0599 5212  SSDPSRV - ok
22:02:34.0639 5212  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\windows\system32\sstpsvc.dll
22:02:34.0650 5212  SstpSvc - ok
22:02:34.0692 5212  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
22:02:34.0695 5212  stexstor - ok
22:02:34.0774 5212  [ EDB05BD63148796F23EA78506404A538 ] StillCam        C:\windows\system32\drivers\serscan.sys
22:02:34.0778 5212  StillCam - ok
22:02:34.0839 5212  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
22:02:34.0857 5212  StiSvc - ok
22:02:34.0909 5212  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
22:02:34.0912 5212  swenum - ok
22:02:34.0969 5212  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\windows\System32\swprv.dll
22:02:34.0983 5212  swprv - ok
22:02:35.0071 5212  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\windows\system32\sysmain.dll
22:02:35.0100 5212  SysMain - ok
22:02:35.0157 5212  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
22:02:35.0167 5212  TabletInputService - ok
22:02:35.0225 5212  [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901         C:\windows\system32\DRIVERS\tap0901.sys
22:02:35.0228 5212  tap0901 - ok
22:02:35.0266 5212  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\windows\System32\tapisrv.dll
22:02:35.0279 5212  TapiSrv - ok
22:02:35.0321 5212  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\windows\System32\tbssvc.dll
22:02:35.0331 5212  TBS - ok
22:02:35.0416 5212  [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
22:02:35.0441 5212  Tcpip - ok
22:02:35.0474 5212  [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
22:02:35.0488 5212  TCPIP6 - ok
22:02:35.0534 5212  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
22:02:35.0542 5212  tcpipreg - ok
22:02:35.0580 5212  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
22:02:35.0583 5212  TDPIPE - ok
22:02:35.0621 5212  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
22:02:35.0625 5212  TDTCP - ok
22:02:35.0699 5212  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
22:02:35.0703 5212  tdx - ok
22:02:35.0724 5212  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
22:02:35.0727 5212  TermDD - ok
22:02:35.0782 5212  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\windows\System32\termsrv.dll
22:02:35.0799 5212  TermService - ok
22:02:35.0842 5212  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
22:02:35.0852 5212  Themes - ok
22:02:35.0868 5212  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\windows\system32\mmcss.dll
22:02:35.0875 5212  THREADORDER - ok
22:02:35.0937 5212  [ A6E20B094A8D3E3F46D10BBE7E1EBB82 ] tmtdi           C:\windows\system32\DRIVERS\tmtdi.sys
22:02:35.0941 5212  tmtdi - ok
22:02:35.0989 5212  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
22:02:35.0999 5212  TrkWks - ok
22:02:36.0063 5212  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:02:36.0069 5212  TrustedInstaller - ok
22:02:36.0115 5212  [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
22:02:36.0118 5212  tssecsrv - ok
22:02:36.0208 5212  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
22:02:36.0212 5212  TsUsbFlt - ok
22:02:36.0257 5212  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
22:02:36.0261 5212  tunnel - ok
22:02:36.0317 5212  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
22:02:36.0321 5212  uagp35 - ok
22:02:36.0364 5212  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
22:02:36.0370 5212  udfs - ok
22:02:36.0417 5212  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\windows\system32\UI0Detect.exe
22:02:36.0426 5212  UI0Detect - ok
22:02:36.0457 5212  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
22:02:36.0460 5212  uliagpkx - ok
22:02:36.0474 5212  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\windows\system32\DRIVERS\umbus.sys
22:02:36.0479 5212  umbus - ok
22:02:36.0514 5212  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
22:02:36.0517 5212  UmPass - ok
22:02:36.0574 5212  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
22:02:36.0588 5212  upnphost - ok
22:02:36.0638 5212  [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL         C:\windows\system32\Drivers\usbaapl.sys
22:02:36.0641 5212  USBAAPL - ok
22:02:36.0679 5212  [ A1977C315BF5691DA99235AA4A6907AF ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
22:02:36.0683 5212  usbaudio - ok
22:02:36.0747 5212  [ 71D97F1A3CC47A56728F7A400A3F8295 ] usbccgp         C:\windows\system32\drivers\usbccgp.sys
22:02:36.0751 5212  usbccgp - ok
22:02:36.0760 5212  USBCCID - ok
22:02:36.0810 5212  [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir          C:\windows\system32\drivers\usbcir.sys
22:02:36.0814 5212  usbcir - ok
22:02:36.0868 5212  [ C4FB8E7ADEA9B5CEEA885A1B504B7E40 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
22:02:36.0872 5212  usbehci - ok
22:02:36.0893 5212  [ 86AA95ACB611001E26CD2C0145F2225A ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
22:02:36.0901 5212  usbhub - ok
22:02:36.0943 5212  [ DCDF9855145A14DFCA0AB32308871961 ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
22:02:36.0946 5212  usbohci - ok
22:02:36.0999 5212  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
22:02:37.0002 5212  usbprint - ok
22:02:37.0051 5212  [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan         C:\windows\system32\drivers\usbscan.sys
22:02:37.0055 5212  usbscan - ok
22:02:37.0083 5212  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
22:02:37.0087 5212  USBSTOR - ok
22:02:37.0127 5212  [ 8E51D04175BAA14C4F79AA5F6D248770 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
22:02:37.0130 5212  usbuhci - ok
22:02:37.0167 5212  [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
22:02:37.0173 5212  usbvideo - ok
22:02:37.0218 5212  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\windows\System32\uxsms.dll
22:02:37.0229 5212  UxSms - ok
22:02:37.0251 5212  [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc        C:\windows\system32\lsass.exe
22:02:37.0257 5212  VaultSvc - ok
22:02:37.0270 5212  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
22:02:37.0274 5212  vdrvroot - ok
22:02:37.0343 5212  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\windows\System32\vds.exe
22:02:37.0361 5212  vds - ok
22:02:37.0403 5212  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
22:02:37.0406 5212  vga - ok
22:02:37.0425 5212  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\windows\System32\drivers\vga.sys
22:02:37.0429 5212  VgaSave - ok
22:02:37.0495 5212  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
22:02:37.0501 5212  vhdmp - ok
22:02:37.0537 5212  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
22:02:37.0541 5212  viaagp - ok
22:02:37.0587 5212  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\windows\system32\DRIVERS\viac7.sys
22:02:37.0591 5212  ViaC7 - ok
22:02:37.0630 5212  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
22:02:37.0634 5212  viaide - ok
22:02:37.0668 5212  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
22:02:37.0672 5212  volmgr - ok
22:02:37.0720 5212  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
22:02:37.0728 5212  volmgrx - ok
22:02:37.0771 5212  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\windows\system32\drivers\volsnap.sys
22:02:37.0778 5212  volsnap - ok
22:02:37.0803 5212  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
22:02:37.0809 5212  vsmraid - ok
22:02:37.0866 5212  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\windows\system32\vssvc.exe
22:02:37.0895 5212  VSS - ok
22:02:37.0940 5212  vToolbarUpdater17.2.0 - ok
22:02:37.0962 5212  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
22:02:37.0965 5212  vwifibus - ok
22:02:37.0998 5212  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
22:02:38.0002 5212  vwififlt - ok
22:02:38.0018 5212  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
22:02:38.0020 5212  vwifimp - ok
22:02:38.0063 5212  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\windows\system32\w32time.dll
22:02:38.0077 5212  W32Time - ok
22:02:38.0118 5212  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
22:02:38.0127 5212  WacomPen - ok
22:02:38.0161 5212  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
22:02:38.0165 5212  WANARP - ok
22:02:38.0173 5212  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
22:02:38.0176 5212  Wanarpv6 - ok
22:02:38.0265 5212  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
22:02:38.0291 5212  WatAdminSvc - ok
22:02:38.0334 5212  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
22:02:38.0364 5212  wbengine - ok
22:02:38.0404 5212  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
22:02:38.0415 5212  WbioSrvc - ok
22:02:38.0469 5212  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\windows\System32\wcncsvc.dll
22:02:38.0485 5212  wcncsvc - ok
22:02:38.0526 5212  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:02:38.0536 5212  WcsPlugInService - ok
22:02:38.0575 5212  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
22:02:38.0578 5212  Wd - ok
22:02:38.0626 5212  [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
22:02:38.0638 5212  Wdf01000 - ok
22:02:38.0659 5212  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
22:02:38.0670 5212  WdiServiceHost - ok
22:02:38.0678 5212  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\windows\system32\wdi.dll
22:02:38.0689 5212  WdiSystemHost - ok
22:02:38.0726 5212  [ 75E8EBD7040CE238684333F97014762A ] WebClient       C:\windows\System32\webclnt.dll
22:02:38.0740 5212  WebClient - ok
22:02:38.0779 5212  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
22:02:38.0791 5212  Wecsvc - ok
22:02:38.0804 5212  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\windows\System32\wercplsupport.dll
22:02:38.0815 5212  wercplsupport - ok
22:02:38.0832 5212  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
22:02:38.0843 5212  WerSvc - ok
22:02:38.0908 5212  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
22:02:38.0912 5212  WfpLwf - ok
22:02:38.0926 5212  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
22:02:38.0929 5212  WIMMount - ok
22:02:39.0018 5212  [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:02:39.0031 5212  WinDefend - ok
22:02:39.0066 5212  WinHttpAutoProxySvc - ok
22:02:39.0174 5212  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
22:02:39.0179 5212  Winmgmt - ok
22:02:39.0247 5212  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\windows\system32\WsmSvc.dll
22:02:39.0278 5212  WinRM - ok
22:02:39.0375 5212  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
22:02:39.0379 5212  WinUsb - ok
22:02:39.0453 5212  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\windows\System32\wlansvc.dll
22:02:39.0477 5212  Wlansvc - ok
22:02:39.0515 5212  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
22:02:39.0518 5212  WmiAcpi - ok
22:02:39.0560 5212  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
22:02:39.0563 5212  wmiApSrv - ok
22:02:39.0656 5212  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:02:39.0678 5212  WMPNetworkSvc - ok
22:02:39.0715 5212  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
22:02:39.0725 5212  WPCSvc - ok
22:02:39.0771 5212  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
22:02:39.0783 5212  WPDBusEnum - ok
22:02:39.0842 5212  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
22:02:39.0844 5212  ws2ifsl - ok
22:02:39.0896 5212  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\system32\wscsvc.dll
22:02:39.0907 5212  wscsvc - ok
22:02:39.0925 5212  WSearch - ok
22:02:40.0033 5212  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
22:02:40.0084 5212  wuauserv - ok
22:02:40.0150 5212  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
22:02:40.0154 5212  WudfPf - ok
22:02:40.0188 5212  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
22:02:40.0194 5212  WUDFRd - ok
22:02:40.0265 5212  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
22:02:40.0277 5212  wudfsvc - ok
22:02:40.0340 5212  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\windows\System32\wwansvc.dll
22:02:40.0352 5212  WwanSvc - ok
22:02:40.0410 5212  ================ Scan global ===============================
22:02:40.0504 5212  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
22:02:40.0558 5212  [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
22:02:40.0580 5212  [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
22:02:40.0617 5212  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
22:02:40.0684 5212  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
22:02:40.0697 5212  [Global] - ok
22:02:40.0698 5212  ================ Scan MBR ==================================
22:02:40.0715 5212  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:02:40.0876 5212  \Device\Harddisk0\DR0 - ok
22:02:40.0877 5212  ================ Scan VBR ==================================
22:02:40.0889 5212  [ 3FB453D45083640CF69166A58C6C1524 ] \Device\Harddisk0\DR0\Partition1
22:02:40.0891 5212  \Device\Harddisk0\DR0\Partition1 - ok
22:02:40.0914 5212  [ 47C488A83F7D5043947C9B1A68C8C0DF ] \Device\Harddisk0\DR0\Partition2
22:02:40.0917 5212  \Device\Harddisk0\DR0\Partition2 - ok
22:02:40.0918 5212  ============================================================
22:02:40.0918 5212  Scan finished
22:02:40.0918 5212  ============================================================
22:02:40.0941 4304  Detected object count: 1
22:02:40.0941 4304  Actual detected object count: 1
22:03:05.0230 4304  DXGKrnl ( ForgedFile.Multi.Generic ) - skipped by user
22:03:05.0231 4304  DXGKrnl ( ForgedFile.Multi.Generic ) - User select action: Skip
22:04:37.0598 2996  Deinitialize success
 



#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 15 January 2014 - 11:13 AM

Hi,
 

I suppose if I backed things up on the external hard drive, the malware/virus would spread to that device too?

No not this one....as long as you just were backing up documents and not actual software and the like.   :)
 
-------------------------
 
ComboFix
 
Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2
 
**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.


 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 17 January 2014 - 01:30 AM

here is the log:

 

ComboFix 14-01-16.03 - Daniel 01/16/2014  22:10:14.9.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2815.1796 [GMT -8:00]
Running from: c:\users\Daniel\Downloads\ComboFixyaz72.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\50d67d11972ac6.17585898.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\background.html
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\content.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\lsdb.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\manifest.json
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akeifjaiodhlimapgbbjoklllgfojodm\3.2_0\sqlite.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\50d67e14765448.67641672.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\background.html
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\content.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\lsdb.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\manifest.json
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhdkigcfggkfmmcmkjphpkceeebnafg\3.2_0\sqlite.js
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_akeifjaiodhlimapgbbjoklllgfojodm_0.localstorage
c:\users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjhdkigcfggkfmmcmkjphpkceeebnafg_0.localstorage
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome.manifest
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\asyncDB.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\background.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\browserAction.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\contextMenu.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\dbManager.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\dom_bg.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\fileManager.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefox.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefoxNotifications.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\firefoxOmnibox.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\message.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\pageAction.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\request.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\tabs.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\api\webRequest.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\background.html
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\baseObject.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\browser.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\console.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\consts.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\delegate.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\extensionDataStore.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\folderIOWrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\httpObserver.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\IDBWrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\installer.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\logFile.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\prefs.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\progressListenerObserver.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\registry.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\reloadObserver.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\reports.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\requestObject.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\searchSettings.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\uninstallObserver.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\updateManager.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\utils.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\core\xhr.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\dialog.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\main.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\options.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\options.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\search_dialog.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\defaults\preferences\prefs.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\manifest.xml
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins.json
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\1_base.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\102_dealply_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\103_intext_5_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\105_corticas_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\108_icm_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\119_similar_web_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\120_luck_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\138_getdeal_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\17_jQuery.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\182_openUrl.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\189_active_sanity.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\190_pops_5_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\197_kreapixel_pops_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\200_foxydeal_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\204_pricedetect_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\207_dbWrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\208_gam_manager.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\21_debug.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\22_resources.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\28_initializer.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\47_resources_background.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\64_appApiMessage.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\7_hooks.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\72_appApiValidation.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\98_omniCommands.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\userCode\background.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\userCode\extension.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\install.rdf
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\locale\en-US\translations.dtd
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\button1.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\button2.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\button3.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\button4.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\button5.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\crossrider_statusbar.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\icon128.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\icon16.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\icon24.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\icon48.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\panelarrow-up.png
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\popup.html
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\skin.css
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\skin\update.css
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com\bootstrap.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com\chrome.manifest
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com\content\bg.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com\content\zy.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67d1197353@50d67d119738c.com\install.rdf
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com\bootstrap.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com\chrome.manifest
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com\content\bg.js
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com\content\zy.xul
c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\extensions\50d67e14765dc@50d67e1476615.com\install.rdf
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-17 to 2014-01-17  )))))))))))))))))))))))))))))))
.
.
2014-01-17 06:22 . 2014-01-17 06:22    --------    d-----w-    c:\users\Daniel\AppData\Local\temp
2014-01-17 06:22 . 2014-01-17 06:22    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-01-16 06:02 . 2014-01-16 06:02    --------    d-----w-    c:\users\Daniel\AppData\Roaming\AVAST Software
2014-01-16 05:48 . 2014-01-16 05:48    66752    ----a-w-    c:\windows\system32\drivers\aswStm.sys
2014-01-15 05:38 . 2013-11-26 10:10    2349056    ----a-w-    c:\windows\system32\win32k.sys
2014-01-15 05:38 . 2013-11-26 11:11    240576    ----a-w-    c:\windows\system32\drivers\netio.sys
2014-01-15 05:38 . 2013-11-27 01:13    284672    ----a-w-    c:\windows\system32\drivers\usbport.sys
2014-01-15 05:38 . 2013-11-27 01:13    43520    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2014-01-15 05:38 . 2013-11-27 01:14    258560    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2014-01-15 05:38 . 2013-11-27 01:13    76288    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2014-01-15 05:38 . 2013-11-27 01:13    20480    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2014-01-15 05:38 . 2013-11-27 01:13    24064    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2014-01-15 05:38 . 2013-11-27 01:13    6016    ----a-w-    c:\windows\system32\drivers\usbd.sys
2014-01-10 04:09 . 2014-01-10 04:10    --------    d-----w-    c:\program files\Vuze
2014-01-08 06:22 . 2014-01-08 06:22    104664    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-05 22:34 . 2014-01-05 22:34    --------    d-----w-    C:\found.010
2014-01-05 22:22 . 2014-01-05 22:26    --------    d-----w-    C:\AdwCleaner
2014-01-05 21:47 . 2014-01-05 21:47    --------    d-----w-    C:\found.009
2014-01-05 20:50 . 2014-01-05 20:50    --------    d-----w-    C:\found.008
2014-01-05 07:40 . 2014-01-08 14:20    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-05 07:39 . 2014-01-08 06:22    74456    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-12-23 07:18 . 2013-12-23 07:18    --------    d-----w-    c:\programdata\Oracle
2013-12-18 18:42 . 2013-12-18 18:42    187248    ----a-w-    c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-16 05:48 . 2013-03-16 19:11    180248    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-01-16 05:48 . 2013-03-16 19:11    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-01-16 05:48 . 2012-05-14 07:33    410528    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2014-01-16 05:48 . 2012-05-14 07:33    79720    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-01-16 05:48 . 2012-05-14 07:33    775952    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-01-16 05:48 . 2012-05-14 07:32    67824    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-01-16 05:48 . 2012-05-14 07:32    43152    ----a-w-    c:\windows\avastSS.scr
2014-01-16 05:48 . 2012-05-14 07:32    270240    ----a-w-    c:\windows\system32\aswBoot.exe
2013-12-19 13:11 . 2012-05-14 07:33    56080    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2013-12-11 08:36 . 2012-05-06 23:31    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-12-11 08:36 . 2011-08-21 18:28    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-06 08:39 . 2013-12-06 08:39    646144    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-06 08:39 . 2013-12-06 08:39    194048    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-06 08:39 . 2013-12-06 08:39    86016    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-06 08:39 . 2013-12-06 08:39    74240    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-06 08:39 . 2013-12-06 08:39    71680    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-06 08:39 . 2013-12-06 08:39    645120    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-06 08:39 . 2013-12-06 08:39    62464    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-06 08:39 . 2013-12-06 08:39    61952    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-06 08:39 . 2013-12-06 08:39    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-06 08:39 . 2013-12-06 08:39    454656    ----a-w-    c:\windows\system32\vbscript.dll
2013-12-06 08:39 . 2013-12-06 08:39    36352    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-06 08:39 . 2013-12-06 08:39    34816    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-06 08:39 . 2013-12-06 08:39    337408    ----a-w-    c:\windows\system32\html.iec
2013-12-06 08:39 . 2013-12-06 08:39    24576    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-06 08:39 . 2013-12-06 08:39    182272    ----a-w-    c:\windows\system32\msls31.dll
2013-12-06 08:39 . 2013-12-06 08:39    151552    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-06 08:39 . 2013-12-06 08:39    139264    ----a-w-    c:\windows\system32\wextract.exe
2013-12-06 08:39 . 2013-12-06 08:39    13312    ----a-w-    c:\windows\system32\mshta.exe
2013-12-06 08:39 . 2013-12-06 08:39    111616    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-06 08:39 . 2013-12-06 08:39    1051136    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-11-26 09:23 . 2013-12-14 15:30    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 09:22 . 2013-12-14 15:30    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53 . 2013-12-14 15:30    61952    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 08:52 . 2013-12-14 15:30    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29 . 2013-12-14 15:30    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 08:29 . 2013-12-14 15:30    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28 . 2013-12-14 15:30    553472    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:16 . 2013-12-14 15:30    4243968    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 07:32 . 2013-12-14 15:30    1928192    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 06:33 . 2013-12-14 15:30    1820160    ----a-w-    c:\windows\system32\wininet.dll
2013-11-23 18:26 . 2013-12-13 03:58    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-11-13 07:16 . 2013-10-02 04:08    37664    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2013-11-12 02:07 . 2013-12-13 03:58    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-10-30 02:19 . 2013-12-13 03:58    301568    ----a-w-    c:\windows\system32\msieftp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-16 05:48    259464    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-15 5625624]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fspuip"="c:\program files\FSP\fspuip.exe" [2009-12-17 3350528]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2013-04-04 887432]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-16 3764024]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-08-21 273528]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Soluto"="c:\program files\soluto\soluto.exe" [2013-01-01 1229448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Spotify"="c:\users\Daniel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe"  -osboot
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-01-16 66752]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe [2013-01-01 1239552]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2013-01-01 51144]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-01-16 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-01-16 410528]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-11-13 37664]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-09-08 116608]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-01-16 67824]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe [2013-01-01 167048]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2013-01-01 542344]
S3 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 17408]
S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x32.sys [x]
S3 fspad_wlh32;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh32;c:\windows\system32\DRIVERS\fspad_wlh32.sys [2009-12-17 43008]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2012-12-06 2046560]
S3 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 3857408]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 08:36]
.
2013-01-04 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files\FreeFileViewer\FFVCheckForUpdates.exe [2011-11-22 23:24]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000Core.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
2014-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-927333513-3874424503-187824201-1000UA.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-04 00:29]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{13F0D9B1-99B4-4A92-A7C4-84DEF28F053F}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\16D656279636163726563747E6564723: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{6C2213EC-ED0E-489B-92B1-47BFED634941}\4414E49454C4D2D43594F5E4564777F627B6: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL -
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-12-10 21:21; avg@toolbar; c:\programdata\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38
FF - ExtSQL: 2013-12-17 21:30; vuze@mybrowserbar.com; c:\program files\Vuze Remote Toolbar\FF
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-iCloudServices - c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
HKCU-Run-ApplePhotoStreams - c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU-Run-AppleIEDAV - c:\program files\Common Files\Apple\Internet Services\AppleIEDAV.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Enum\Root\*PNP30df\0000]
@DACL=(02 0000)
"Service"="1264026743"
"ClassGUID"="{4D36E97D-E325-11CE-BFC1-08002BE10318}"
"Class"="System"
"DeviceDesc"="PCI bus"
"Mfg"="Technologies Inc"
"LocationInformation"="on Microsoft ACPI-Compliant System"
"ConfigFlags"=dword:00000000
"Capabilities"=dword:00000000
"ContainerID"="{00000000-0000-0000-FFFF-FFFFFFFFFFFF}"
.
Completion time: 2014-01-16  22:25:11
ComboFix-quarantined-files.txt  2014-01-17 06:25
.
Pre-Run: 20,689,162,240 bytes free
Post-Run: 20,320,575,488 bytes free
.
- - End Of File - - 93080B029346D31AA7E1E8F56645ED52
A36C5E4F47E84449FF07ED3517B43A31
 



#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 17 January 2014 - 12:33 PM

81mYIKe.jpg  AdwCleaner
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 18 January 2014 - 11:40 AM

here is the log:

# AdwCleaner v3.017 - Report created 18/01/2014 at 08:36:36
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Daniel - DANIEL-MSI
# Running from : C:\Users\Daniel\Desktop\AdwCleaner(1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Found : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Found C:\Program Files\Vuze
Folder Found C:\Users\Daniel\AppData\Local\AVG SafeGuard toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\prefs.js ]


[ File : C:\Users\fixme\AppData\Roaming\Mozilla\Firefox\Profiles\6kvpve4s.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [44931 octets] - [05/01/2014 14:22:42]
AdwCleaner[R1].txt - [1835 octets] - [18/01/2014 08:30:48]
AdwCleaner[R2].txt - [1694 octets] - [18/01/2014 08:36:36]
AdwCleaner[S0].txt - [45799 octets] - [05/01/2014 14:25:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1815 octets] ##########



#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 18 January 2014 - 11:43 AM

81mYIKe.jpg  AdwCleaner
 
Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

------------
 
Post the new log and let me know how your system is running.   :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 18 January 2014 - 02:11 PM

Yes I actually did clean the first time, I forgot to post that log

 

# AdwCleaner v3.017 - Report created 18/01/2014 at 08:41:21
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Daniel - DANIEL-MSI
# Running from : C:\Users\Daniel\Desktop\AdwCleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Users\Daniel\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\xdcv2wub.default\prefs.js ]


[ File : C:\Users\fixme\AppData\Roaming\Mozilla\Firefox\Profiles\6kvpve4s.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [44931 octets] - [05/01/2014 14:22:42]
AdwCleaner[R1].txt - [1835 octets] - [18/01/2014 08:30:48]
AdwCleaner[R2].txt - [1895 octets] - [18/01/2014 08:36:36]
AdwCleaner[S0].txt - [45799 octets] - [05/01/2014 14:25:06]
AdwCleaner[S1].txt - [1836 octets] - [18/01/2014 08:41:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1896 octets] ##########
 



#10 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 18 January 2014 - 04:35 PM

and let me know how your system is running. 

 


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#11 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 19 January 2014 - 01:45 AM

System is running alot better, I noticed after running the combofix.  no more redirecting, when I do internet searches. 



#12 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 19 January 2014 - 10:20 AM

Good....let's get some updates and check for anything else hiding...
 
VBJ9QO9.jpgJava
 
Please go to Start > Control Panel > Programs and Features > uninstall all the Java Programs you see, now download the latest Java from the following link and install it:
 
http://java.com/en/download/index.jsp
----------
 
See this page for instructions on how to clear java's cache.
 
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked

    • Downloaded Applets
      Downloaded Applications
      Installed Applications and Applets
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Java Control Panel.

----------
 

GUZVCQN.jpgMalwarebytes
 
Please open Malwarebytes, update it and then run a Quick Scan.  Save the log that is created for your next reply.
----------
 

ESET Online Scanner
 
Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#13 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 19 January 2014 - 11:56 AM

I should have mentioned this earlier.  When I first boot up and my desktop comes up on the screen I got a message  about dwm.exe.   "The program cant start bcause dwmredir.dll is missing from your computer.  try reinstalling the program to fix this problem.  "

 

I will post again.  after i follow your last set of instructions.  Thank you.



#14 orapaho

orapaho
  • Topic Starter

  • Members
  • 160 posts
  • OFFLINE
  •  
  • Local time:12:47 AM

Posted 19 January 2014 - 12:05 PM

I uninstalled almost all the java programs.  When I tried to uninstall the java SE runtime environment 6 update 30, it gave me an error message   internal error 2753  regutils.dll...... so I could not uninstall Java ™ 6 update 20

will carry on with the rest of your instructions.



#15 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:47 AM

Posted 19 January 2014 - 06:51 PM

Ok that is fine.  :)


WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users