Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC is running slow at times


  • Please log in to reply
10 replies to this topic

#1 eolson23

eolson23

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 22 January 2014 - 12:12 PM

I think I have some malware issues. Computer seems to run slow at times, especially at start up. any help please?



BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:34 PM

Posted 22 January 2014 - 01:30 PM

Please download and install Speccy to provide us with information about your computer.  When  FileHippo opens, click on Download latest version in the upper right pane.
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
 

 
Double click on the download and choose to run the program.
 
A screen similar to the one below will open, click any key to run the program.
 
securitycheck_zpscfb86945.png
 
When the scan is finished you will have a log similar to the one below, copy and then paste your log in your next post.
 
securitylog_zps5e004078.png
 
 

Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  When the installation has finished, make sure you leave both of these checked:
 
    Update Malwarebytes' Anti-Malware
 
    Launch Malwarebytes' Anti-Malware
 
Then click on Finish.
 
3)  MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. 
 
4)  Click on perform Quick Scan, then click on the Scan button.
 
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
 
5)  The scan will now begin, this may take some time to complete so please be patient.
 
6)  When the scan is finished click on Show Results to display all objects found.
 
7)  Click OK to close the message box and continue with the removal process.
 
8)  Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
 
Make sure that every item shown in the results has a check mark in the box next to it, then click on Remove Selected.
 
9)  When removal is completed, a log will open in Notepad.
 
This log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of the log in your next post, then exit MBAM.
 
Important:  If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
 
Please copy the Malwarebytes log and paste it in your next post.
 
To locate this file right click on the Start orb and choose Open Windows Explorer, then click on C: drive.
 
When the C: drive opens click on the following:  ProgramData, Malwarebytes, Malwarebytes' Anti-Malware, Logs.  
 
If there is more than one log, choose the log with the date that you ran scan that I requested.
 
 
If there are a large number of items found you can go into Settings and click on Scanner Settings to change the setting in Action for potentially unwanted programs (PUP) to Show in results list and check for removal.
 
Malwarebytessettings_zpsb9b50638.png

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 eolson23

eolson23
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 22 January 2014 - 01:42 PM

http://speccy.piriform.com/results/yor7HlEWjh2yoW3KmS0KZ0b



#4 eolson23

eolson23
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 22 January 2014 - 02:18 PM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.22.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Eric :: BART-OFFICE [administrator]

1/22/2014 12:55:11 PM
mbam-log-2014-01-22 (12-55-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 285490
Time elapsed: 11 minute(s), 40 second(s)

Memory Processes Detected: 2
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> 1872 -> Delete on reboot.
C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe (PUP.Optional.MindSpark) -> 1248 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 56
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCR\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{5B4144E1-B61D-495a-9A50-CD1A95D86D15} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCR\BrowserConnection.Loader.1 (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCR\BrowserConnection.Loader (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\MySearchDial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DATAMNGR (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MySearchDial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

Registry Values Detected: 13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|60697 (Backdoor.Andromeda.AMZ) -> Data: c:\progra~3\msdmihks.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Data: Searchqu Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Data:  -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.0.14.0 -> Quarantined and deleted successfully.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {50CBC094-FC10-11E0-B275-BCAEC5B77BEE} -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DataMngr|Folder (PUP.Optional.Searchqu.A) -> Data: C:\Program Files (x86)\Windows Searchqu Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.0.14.0 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DATAMNGR (PUP.Optional.Datamngr.A) -> Data: C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|InboxAce Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|InboxAce_1g Browser Plugin Loader (PUP.Optional.MindSpark) -> Data: C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\lsnfd|ImagePath (PUP.Optional.Linksicle) -> Data: system32\drivers\lsnfd.sys -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {50CBC094-FC10-11E0-B275-BCAEC5B77BEE} -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (http://start.mysearchdial.com/?f=1&a=sumamsd1103&cd=2XzuyEtN2Y1L1Qzu0B0C0A0E0CyD0ByByB0B0E0E0E0DtCzytN0D0Tzu0SyCzytBtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=542871359&ir=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 17
C:\Users\Eric\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Eric\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\IE (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\Apps (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0 (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

Files Detected: 68
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\ProgramData\msdmihks.exe (Backdoor.Andromeda.AMZ) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\uninstall.exe (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2333744010-1300449783-1706459261-1000\$R0KXGE9.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\1825544cos7030674.exe (Trojan.FakeAlert.3CH) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\541A.exe (Trojan.Downloader.ED) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\gnrleciapjrikhtqtrm.bfg (Trojan.Ransom.PA) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\ICReinstall_IrfanViewSetup.exe (PUP.Optional.Installcore) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\kkvmircl.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\msi15079.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\msi39954.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\msi54767.exe (Spyware.ZeuS) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\newsetup.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\pjdxarjk.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\rjjmanpw.exe (Spyware.ZeuS) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\is1615585457\183798697_stp.EXE (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\is1615585457\183798626_stp\linksicle-setup-1.8.2.0.exe (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\is1852162411\204744313_stp\BatBrowseSetup.exe (PUP.Optional.BatBrowse.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\is1852162411\204744430_stp\GreatArcadeHits.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\Eric\Downloads\marineemail (1).exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Eric\Downloads\marineemail.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Temporary Internet Files\Content.IE5\24IKHNY9\Setup[1].exe (MSIL.Solimba) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Temporary Internet Files\Content.IE5\G127BOYX\Setup[1].exe (MSIL.Solimba) -> Quarantined and deleted successfully.
C:\Windows\Installer\55b41e4.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Temp\searchqutoolbar-manifest.xml (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.
C:\Users\Eric\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gSrchMn.exe (PUP.Optional.MindSpark) -> Quarantined and deleted successfully.
C:\Program Files (x86)\InboxAce_1g\bar\1.bin\1gbrmon.exe (PUP.Optional.MindSpark) -> Delete on reboot.
C:\Program Files (x86)\Windows Searchqu Toolbar\sysid.ini (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Windows Searchqu Toolbar\uninstall.exe (PUP.Optional.SearchQu) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\BabSolution\CR\visualBee.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.
C:\ProgramData\SearchNewTab\data\SearchNewTab.dat (PUP.Optional.SearchNewTab) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc\src.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc\STTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\MySearchDial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\addon.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\amazon_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\blocklist.json (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DT.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\facebook_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\imdb_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\search_here_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\twitter_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\update.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\wikipedia_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\youtube_ie.ico (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\background.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\icon.png (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\Manifest.json (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\page.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

(end)


the screen317 thing I did said NOTHING FOUND and then froze. should I do that one again?


Edited by hamluis, 22 January 2014 - 02:42 PM.
Moved from Win 7 to Am I Infected - Hamluis.


#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:34 PM

Posted 22 January 2014 - 02:31 PM

Did you restart the computer after running the scan?

 

If you did not, please do so.

 

I am going to see if I can get this topic moved to the Am I Infected forum where those with the specific knowledge can help clean your computer.

 

 

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET Online Scan in a new window.
    ESET OnlineScan

  • Click the esetonlinebtn.png button.

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.

       

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.

       

  • Check "YES, I accept the Terms of Use."

  • Click the Start button.

  • Accept any security warnings from your browser.

  • Under scan settings, check "Scan Archives"and "Remove found threats"

  • Click Advanced settings and select the following:

     

    • Scan potentially unwanted applications

    • Scan for potentially unsafe applications

    • Enable Anti-Stealth technology

       

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

  • When the scan completes, click List Threats

  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

  • Click the Back button.

  • Click the Finish button.


Edited by dc3, 22 January 2014 - 02:33 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:34 PM

Posted 22 January 2014 - 02:38 PM



 

the screen317 thing I did said NOTHING FOUND and then froze. should I do that one again?

 

No, we can do this another way.

 

Please download MiniToolBox  , save it to your desktop and run it.
 
 Checkmark the following.
 
 
 List Installed Programs
 
 
 Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 eolson23

eolson23
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 23 January 2014 - 09:29 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Eric (administrator) on 23-01-2014 at 08:28:34
Running from "C:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5NZDV2EO"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 1.2.0)
7-Zip 9.20
7-zip v9.20 (Version: v9.20)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.38)
Adobe Reader X (10.1.9) (Version: 10.1.9)
AI Manager (Version: 1.08.07)
AMD USB Filter Driver (Version: 1.0.15.94)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression 2 (Version: 2.0.27.836)
ASUS Backup Wizard (Version: 1.00.09)
ASUS VIBE (Version: 1.0.188)
ASUSUpdate (Version: 7.18.03)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Best Buy pc app (Version: 3.1.1.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Core Implementation (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Full New (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Light (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2206.39615)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0210.2206.39615)
Catalyst Control Center InstallProxy (Version: 2010.0210.2206.39615)
Catalyst Control Center Localization All (Version: 2010.0210.2206.39615)
CCC Help Chinese Standard (Version: 2010.0210.2205.39615)
CCC Help Chinese Traditional (Version: 2010.0210.2205.39615)
CCC Help Czech (Version: 2010.0210.2205.39615)
CCC Help Danish (Version: 2010.0210.2205.39615)
CCC Help Dutch (Version: 2010.0210.2205.39615)
CCC Help English (Version: 2010.0210.2205.39615)
CCC Help Finnish (Version: 2010.0210.2205.39615)
CCC Help French (Version: 2010.0210.2205.39615)
CCC Help German (Version: 2010.0210.2205.39615)
CCC Help Greek (Version: 2010.0210.2205.39615)
CCC Help Hungarian (Version: 2010.0210.2205.39615)
CCC Help Italian (Version: 2010.0210.2205.39615)
CCC Help Japanese (Version: 2010.0210.2205.39615)
CCC Help Korean (Version: 2010.0210.2205.39615)
CCC Help Norwegian (Version: 2010.0210.2205.39615)
CCC Help Polish (Version: 2010.0210.2205.39615)
CCC Help Portuguese (Version: 2010.0210.2205.39615)
CCC Help Russian (Version: 2010.0210.2205.39615)
CCC Help Spanish (Version: 2010.0210.2205.39615)
CCC Help Swedish (Version: 2010.0210.2205.39615)
CCC Help Thai (Version: 2010.0210.2205.39615)
CCC Help Turkish (Version: 2010.0210.2205.39615)
ccc-core-static (Version: 2010.0210.2206.39615)
ccc-utility64 (Version: 2010.0210.2206.39615)
Corel Applications
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
Easy Burner (Version: 2.4644.00021)
ebi.BookReader3J (Version: 3.75.14)
EDT for Windows V4.02 (Version: 4.02)
EPU-4 Engine (Version: 1.00.25)
FastStone Image Viewer 4.6 (Version: 4.6)
Fotogalerie (Version: 16.4.3508.0205)
Free M4a to MP3 Converter 7.1
Galería de fotos (Version: 16.4.3508.0205)
Galerie de photos (Version: 16.4.3508.0205)
Google Chrome (Version: 32.0.1700.76)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.3)
GrampsAIO (Version: 3.3.1-2)
Helios 11.7.5  (Version: 11.7.5)
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
HP Officejet 6500 E710n-z Product Improvement Study (Version: 22.50.231.0)
HP Update (Version: 5.002.006.003)
I.R.I.S. OCR (Version: 12.3.4.0)
InboxAce Internet Explorer Toolbar
iTunes (Version: 11.1.0.126)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 16.4.3508.0205)
jZip
LogMeIn (Version: 4.1.1578)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Marketsplash Shortcuts (Version: 1.0.1.7)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Basic 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.8305.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
MotionTools (Version: 1.1.6723)
Movie Maker (Version: 16.4.3508.0205)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Pavtube Video Converter Ver 4.2.0.4076
Photo Common (Version: 16.4.3508.0205)
Photo Gallery (Version: 16.4.3508.0205)
Platform (Version: 1.34)
QuickBooks (Version: 20.0.4015.807)
QuickBooks Pro 2010 (Version: 20.0.4015.807)
QuickTime (Version: 7.74.80.86)
ReaConverter 6.9 Standard
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Registry Easy v5.6 (Version: 5.6)
Revo Uninstaller 1.93 (Version: 1.93)
ROBLOX Player
SAMSUNG Intelli-studio (Version: 3.1.32.1)
Security Server
Speccy (Version: 1.24)
UltraVNC 1.0.8.2 (Version: 1.0.8.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIA Platform Device Manager (Version: 1.34)
Webroot SecureAnywhere (Version: 8.0.4.46)
Windows Live (Version: 16.4.3508.0205)
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Mail (Version: 16.4.3508.0205)
Windows Live Messenger (Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinFF 1.4.0

**** End of log ****



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:34 PM

Posted 23 January 2014 - 11:49 AM

You have not posted the ESET results, please do so.


Edited by dc3, 23 January 2014 - 12:51 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:34 PM

Posted 23 January 2014 - 01:06 PM

Your Java and Adobe Reader are out of date, I would suggest updating both of them.

 

You should uninstall Coupon Printer for Windows.

 

 

I would also suggest that you run AdwCleaner.

 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 

Please download Autoruns.
 
Open Downloads in your browser and click on the Autoruns download.
 
Click on Run to initiate the installation.
 
When Autoruns loads you will see an image similar to the one below.
 
autorunsscreen_zps2ac55e2e.png
 
Click on File, then click on Save.
 
You will see an image similar to the one below.
 
autorunsscreen1_zps8a35cb1a.png
 
Choose Desktop as the destination, then click on the down arrow in the Save as type: box and click on Text (*.txt), then click on Save.
 
There will be a Text icon on the desktop titled AutoRuns, click on it to open the log.
 
Copy the log and paste it in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#10 eolson23

eolson23
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 23 January 2014 - 02:12 PM

# AdwCleaner v3.017 - Report created 23/01/2014 at 13:08:02
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Eric - BART-OFFICE
# Running from : C:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24IKHNY9\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : InboxAce_1gService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\saafEE. save
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saafEE. save
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\InboxAce_1g
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\VisualBee
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Users\Eric\AppData\Local\iac
Folder Deleted : C:\Users\Eric\AppData\Local\InboxAce_1g
Folder Deleted : C:\Users\Eric\AppData\Local\jZip
Folder Deleted : C:\Users\Eric\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Eric\AppData\Local\PackageAware
Folder Deleted : C:\Users\Eric\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Eric\AppData\Local\Temp\jZip
Folder Deleted : C:\Users\Eric\AppData\LocalLow\InboxAce_1g
Folder Deleted : C:\Users\Eric\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\Eric\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Eric\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Eric\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Eric\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Eric\AppData\Roaming\WebCake
Folder Deleted : C:\Users\Eric\Documents\Mobogenie
Folder Deleted : C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
File Deleted : C:\END
File Deleted : C:\Users\Eric\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\Eric\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxAce_1g Browser Plugin Loader 64]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3775AFD7-5921-4571-968F-85A631203D1C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3775AFD7-5921-4571-968F-85A631203D1C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3775AFD7-5921-4571-968F-85A631203D1C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\mysearchdial
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [13268 octets] - [23/01/2014 13:06:42]
AdwCleaner[S0].txt - [12696 octets] - [23/01/2014 13:08:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12757 octets] ##########



#11 eolson23

eolson23
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 23 January 2014 - 02:15 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 10:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "12/11/2013 3:24 AM"
+ "InboxAce Home Page Guard 64 bit" "" "" "File not found: C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "1/23/2014 1:09 PM"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe" "11/21/2013 10:56 AM"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "4/16/2013 9:13 PM"
+ "InboxAce EPM Support" "" "" "File not found: C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" ""
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe" "9/18/2013 12:16 AM"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "5/1/2013 4:42 AM"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Oracle Corporation" "c:\program files (x86)\common files\java\java update\jusched.exe" "7/2/2013 10:16 AM"
+ "WRSVC" "Webroot SecureAnywhere" "Webroot" "c:\program files\webroot\wrsa.exe" "1/17/2014 7:07 PM"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "1/10/2014 12:25 PM"
+ "Install Webroot FF RunOnce.lnk" "Webroot Installer" "Webroot Software, Inc." "c:\program files (x86)\common files\wruninstall.exe" "11/8/2012 9:52 PM"
+ "Install Webroot IE RunOnce.lnk" "Webroot Installer" "Webroot Software, Inc." "c:\program files (x86)\common files\wruninstall.exe" "11/8/2012 9:52 PM"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office\osa9.exe" "2/17/1999 2:05 PM"
+ "QuickBooks Update Agent.lnk" "QuickBooks Automatic Update" "Intuit Inc." "c:\program files (x86)\common files\intuit\quickbooks\qbupdate\qbupdate.exe" "2/4/2012 4:53 AM"
+ "Security-Eyes Server.lnk" "Local Server" "" "c:\program files (x86)\security_server\securityserverui.exe" "5/30/2008 4:24 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "8/5/2009 12:13 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 5:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "8/5/2009 12:13 PM"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\32.0.1700.76\installer\chrmstp.exe" "1/11/2014 2:21 AM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 5:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "7/15/2013 8:37 AM"
+ "YjgPack" "" "" "c:\users\eric\appdata\local\yjgpack\netcommsxx64.dll" "12/23/2013 11:13 PM"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "7/13/2009 10:53 PM"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll" "2/26/2009 5:28 AM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context64.dll" "12/31/1969 6:00 PM"
+ "jZip" "" "" "File not found: C:\Program Files (x86)\jZip\jZipShell64x.dll" ""
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll" "1/13/2014 6:30 PM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context.dll" "12/31/1969 6:00 PM"
+ "jZip" "" "" "File not found: C:\Program Files (x86)\jZip\jZipShell.dll" ""
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\syswow64\wrusr.dll" "1/13/2014 6:30 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "10/13/2011 9:17 AM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context64.dll" "12/31/1969 6:00 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "10/13/2011 9:17 AM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context.dll" "12/31/1969 6:00 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll" "2/10/2010 8:59 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 7:32 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 7:09 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "2/24/2012 10:14 AM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "12/18/2013 11:07 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "2/24/2012 10:14 AM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context64.dll" "12/31/1969 6:00 PM"
+ "jZip" "" "" "File not found: C:\Program Files (x86)\jZip\jZipShell64x.dll" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll" "1/13/2014 6:30 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "2/24/2012 10:14 AM"
+ "GetExeInfoShellExt" "" "" "c:\program files (x86)\reaconverter 6.9 standard\context.dll" "12/31/1969 6:00 PM"
+ "jZip" "" "" "File not found: C:\Program Files (x86)\jZip\jZipShell.dll" ""
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\syswow64\wrusr.dll" "1/13/2014 6:30 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "1/7/2014 1:03 PM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll" "9/11/2012 12:15 AM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll" "9/11/2012 12:15 AM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\amd64\skydriveshell64.dll" "9/11/2012 12:15 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "1/23/2014 1:13 PM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll" "9/11/2012 12:29 AM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll" "9/11/2012 12:29 AM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\eric\appdata\local\microsoft\skydrive\16.4.6013.0910\skydriveshell.dll" "9/11/2012 12:29 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "1/7/2014 1:03 PM"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "12/4/2013 9:35 PM"
+ "Webroot Vault" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar64.dll" "11/8/2012 9:48 PM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 4:11 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "1/23/2014 1:13 PM"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "12/4/2013 9:47 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll" "10/8/2013 8:43 AM"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll" "10/8/2013 8:43 AM"
+ "Toolbar BHO" "" "" "File not found: C:\PROGRA~2\INBOXA~2\bar\1.bin\1gbar.dll" ""
+ "Webroot Vault" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar.dll" "11/8/2012 9:50 PM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 3:46 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" "" "12/12/2013 3:16 AM"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll" "12/4/2013 9:35 PM"
+ "Webroot Toolbar" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar64.dll" "11/8/2012 9:48 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "1/15/2014 10:20 AM"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll" "12/4/2013 9:47 PM"
+ "Webroot Toolbar" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar.dll" "11/8/2012 9:50 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "12/12/2013 3:16 AM"
+ "Webroot" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar64.dll" "11/8/2012 9:48 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "1/15/2014 10:20 AM"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "2/6/2013 12:43 AM"
+ "Webroot" "Webroot Toolbar" "" "c:\programdata\wrdata\pkg\lpbar.dll" "11/8/2012 9:50 PM"
"Task Scheduler" "" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 12.0 r0" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/13/2013 7:45 PM"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "6/1/2011 6:46 PM"
+ "\ASUS\AsBackupWizard_Run" "Helper tool for run ASUS Backup Wizard" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asbackupwizard\asrunbkwizardhelper.exe" "4/23/2010 3:24 AM"
+ "\ASUS\ASUS RegRun Loader" "" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\aasp\1.00.97\asloader.exe" "8/19/2009 8:13 PM"
+ "\ASUS\ASUS SIX Engine" "" "" "c:\program files (x86)\asus\epu-4 engine\fourengine.exe" "6/4/2009 1:10 AM"
+ "\ASUS\ASUS Update Checker" "UpdateChecker MFC Application" "ASUSTeK Computer Inc." "c:\program files (x86)\asus\asusupdate\updatechecker\updatechecker.exe" "10/7/2009 7:09 PM"
+ "\DTReg" "" "" "File not found: C:\Users\Eric\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 12:10 AM"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 12:10 AM"
+ "\HPCustParticipation HP Officejet 6500 E710n-z" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp officejet 6500 e710n-z\bin\hpcustpartic.exe" "11/16/2010 11:28 PM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "2/6/2013 12:43 AM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 2:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 6:24 PM"
+ "\Vital Backup" "" "" "c:\vital.bat" "3/11/2011 5:08 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "1/22/2014 12:47 PM"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe" "3/17/2010 9:01 PM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "11/21/2013 10:55 AM"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "12/13/2013 7:45 PM"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe" "1/26/2011 4:55 PM"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "5/17/2012 9:06 PM"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "8/30/2011 11:52 PM"
+ "Device Handle Service" "Device Handle" "ASUSTeK Computer Inc." "c:\windows\syswow64\ashookdevice.exe" "8/19/2009 7:55 AM"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe" "2/6/2013 12:39 AM"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 12:10 AM"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "3/9/2010 12:10 AM"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe" "3/2/2012 3:13 PM"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "9/18/2013 12:16 AM"
+ "LMIGuardianSvc" "Support LogMeIn processes with quality assurance feedback" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\lmiguardiansvc.exe" "8/9/2010 9:59 AM"
+ "LMIMaint" "LogMeIn Maintenance Service" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\ramaint.exe" "12/8/2010 6:08 AM"
+ "LogMeIn" "LogMeIn" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\logmein.exe" "11/8/2010 4:58 AM"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe" "3/19/2003 3:55 AM"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll" "5/14/2009 5:19 AM"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe" "7/19/2011 11:12 PM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "10/26/2006 3:00 PM"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll" "5/14/2009 5:19 AM"
+ "QBCFMonitorService" "QuickBooks Company File Monitoring Service" "Intuit" "c:\program files (x86)\common files\intuit\quickbooks\qbcfmonitorservice.exe" "2/4/2012 6:40 AM"
+ "QBFCService" "QuickBooks FCS module" "Intuit Inc." "c:\program files (x86)\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe" "7/23/2009 10:10 PM"
+ "uvnc_service" "Provides secure remote desktop sharing" "UltraVNC" "c:\program files\ultravnc\winvnc.exe" "12/6/2009 9:48 AM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "7/17/2012 4:11 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 5:18 AM"
+ "WRSVC" "Webroot SecureAnywhere Internet Security Plus v8.0.4.46" "Webroot" "c:\program files\webroot\wrsa.exe" "1/17/2014 7:07 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "1/22/2014 12:47 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 5:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 11:30 AM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 6:04 PM"
+ "Afc" "Arcsoft® ASPI Shell" "Arcsoft, Inc." "c:\windows\syswow64\drivers\afc.sys" "7/11/2006 11:48 PM"
+ "ahcix64s" "AMD AHCI Compatible Controller Driver for Windows - AMD64 platform" "Advanced Micro Devices, Inc" "c:\windows\system32\drivers\ahcix64s.sys" "10/21/2009 7:40 AM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 5:19 PM"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys" "1/26/2011 4:48 PM"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys" "1/26/2011 4:13 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 6:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 12:36 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 10:18 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 3:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 1:27 PM"
+ "AsIO" "" "" "c:\windows\syswow64\drivers\asio.sys" "8/3/2009 1:03 AM"
+ "AsUpIO" "" "" "c:\windows\syswow64\drivers\asupio.sys" "7/5/2009 8:21 PM"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys" "1/28/2010 7:03 PM"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys" "1/26/2011 4:48 PM"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys" "5/5/2009 9:00 AM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 4:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 5:14 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 7:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 7:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 7:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 6:11 AM"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys" ""
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 5:19 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 10:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 4:52 PM"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys" "5/3/2012 1:56 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 2:26 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 12:32 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 6:46 PM"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys" "5/6/2009 12:22 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 3:47 PM"
+ "LMIInfo" "RemotelyAnywhere Kernel Information Provider" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\rainfo.sys" "1/4/2008 12:57 PM"
+ "lmimirr" "LogMeIn Mirror Miniport Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmimirr.sys" "4/10/2007 4:32 PM"
+ "LMIRfsDriver" "LogMeIn Rfs Drivemap Driver" "LogMeIn, Inc." "c:\windows\system32\drivers\lmirfsdriver.sys" "7/14/2008 10:26 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 4:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 6:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 6:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 4:13 PM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 7:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 7:25 PM"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys" "7/15/2009 9:31 PM"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys" "2/25/2009 9:02 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 3:11 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 2:59 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 2:45 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 5:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 7:18 PM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "6/23/2010 3:10 AM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 7:18 AM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 12:28 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 3:56 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 5:03 PM"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "11/27/2012 5:38 PM"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys" "12/22/2009 2:26 AM"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys" "3/2/2010 5:30 AM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 5:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 7:18 PM"
+ "WRkrn" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\drivers\wrkrn.sys" "1/13/2014 6:30 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "10/9/2013 2:30 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 7:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "1/23/2014 1:09 PM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 7:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 5:59 AM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\racodec.ax" "12/8/2010 6:08 AM"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x64\racodec.ax" "12/8/2010 6:08 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax" "2/10/2010 8:57 PM"
+ "Axis HTTP Multipart Source Filter" "AxisHTTPMPSrcFilter" "Axis Communications AB" "c:\program files (x86)\security_server\axis_filters\axishttpmpsrcfilter.ax" "11/30/2006 9:32 AM"
+ "Axis MPEG Audio Transform" "MPEG Audio Transform Filter" "Axis Communications" "c:\program files (x86)\security_server\axis_filters\mpegaudiotransformfilter.ax" "3/10/2003 7:28 AM"
+ "Axis MPEG HTTP Stream Source" "HTTP Stream Source Filter" "Axis Communications" "c:\program files (x86)\security_server\axis_filters\httpstreamsourcefilter.ax" "11/13/2003 3:59 AM"
+ "Axis Overlay" "Axis Overlay" "Axis Communications AB" "c:\program files (x86)\security_server\axis_filters\axisoverlay.ax" "7/1/2004 6:04 AM"
+ "AXIS Picture Events" "AXIS Picture Events Filter" "Axis Communications" "c:\program files (x86)\security_server\axis_filters\axpiceventsfilter.ax" "9/26/2005 5:02 AM"
+ "Axis Time Shifter" "TimeShifter" "Axis Communications AB" "c:\program files (x86)\security_server\axis_filters\axistimeshifter.ax" "3/11/2003 1:47 AM"
+ "AxisRTPSrcFilter" "AXIS RTP Source Filter" "Axis Communications" "c:\program files (x86)\security_server\axis_filters\axisrtpsrcfilter.ax" "11/22/2006 3:32 AM"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "Capture File Writer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "CCL RTP Receiver V300" "1206" "Faraday Technology Corporation" "c:\windows\syswow64\receiverfilter.ax" "12/6/2007 4:05 AM"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "Infinite Pin Tee" "ProVideo Filter" "ProVideo Multimedia." "c:\windows\syswow64\pvdemux.ax" "11/17/2005 4:27 AM"
+ "LogMeIn Video Decoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x86\racodec.ax" "12/8/2010 6:07 AM"
+ "LogMeIn Video Encoder" "LogMeIn Video Codec" "LogMeIn, Inc." "c:\program files (x86)\logmein\x86\racodec.ax" "12/8/2010 6:07 AM"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "2/10/2010 8:57 PM"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "2/10/2010 8:57 PM"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "2/10/2010 8:57 PM"
+ "PV_CallBackRender2" "DXMedia Filter" "ProVideo" "c:\windows\syswow64\pv_cbrender.ax" "8/15/2006 8:45 PM"
+ "PV_CallBackRender3" "DXMedia Filter" "ProVideo" "c:\windows\syswow64\receivercbrender.ax" "4/28/2008 12:48 AM"
+ "Record Queue" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "Samsung AAC Decoding Filter" "AAC Decoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraacd.dll" "3/13/2009 3:23 AM"
+ "Samsung AAC Encoder Filter" "AAC Encoder Filter Dll" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtraace.dll" "3/13/2009 3:23 AM"
+ "Samsung AVI Muxer" "AviMuxer" "" "c:\program files (x86)\samsung\intelli-studio\filters\ssavimux.dll" "6/20/2010 8:29 PM"
+ "Samsung H264 Decoder" "HTH264Dec1" "Honest Technology" "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll" "2/6/2012 2:50 AM"
+ "Samsung H264 Encoding Filter" "Pixtree h264 video encoder dshow filter" "PIXTREE, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvef.dll" "6/3/2010 8:59 PM"
+ "Samsung MJPEG Decoder" "HTH264Dec1" "Honest Technology" "c:\program files (x86)\samsung\intelli-studio\filters\pxtrvdf.dll" "2/6/2012 2:50 AM"
+ "Samsung MJPEG Encoder" "HTMJpegEncoder Dynamic Link Library" "Honest Technology" "c:\program files (x86)\samsung\intelli-studio\filters\ssmjpgen.dll" "6/22/2010 2:40 AM"
+ "Samsung MP4 Muxer Filter" "" "" "c:\program files (x86)\samsung\intelli-studio\filters\ssmp4mux.ax" "2/2/2012 12:58 AM"
+ "Samsung MPEG-4 Splitter Filter" "Pixtree MP4 Splitter Filter" "Pixtree, Inc." "c:\program files (x86)\samsung\intelli-studio\filters\pxtrmp4s.dll" "10/18/2011 2:04 AM"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WM VIH2 Fix" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Audio Mixer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT DV Extract" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT DV Extract Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WMT Format Conversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Sample Info Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Screen Capture filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Switch Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Virtual Renderer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Virtual Source" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 12:40 AM"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files (x86)\movie maker 2.6\wmm2filt.dll" "3/30/2007 5:37 PM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 10:53 PM"
+ "LogMeInCredProv" "LogMeIn Remote Control Helper" "LogMeIn, Inc." "c:\windows\system32\lmiinit.dll" "12/8/2010 6:08 AM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "7/17/2012 4:11 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "6/7/2013 9:43 AM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "8/30/2011 11:44 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 3:45 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 3:45 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "6/7/2013 9:43 AM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "8/30/2011 11:53 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 4:09 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 4:09 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "1/23/2014 1:09 PM"
+ "HP 5412 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5412lm.dll" "10/27/2010 4:34 AM"
+ "HP Discovery Port Monitor (HP Officejet 6500 E710n-z)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm5412.dll" "11/16/2010 11:24 PM"
+ "LogMeIn Printer Port Monitor" "RemotelyAnywhere Printer Port Monitor" "LogMeIn, Inc." "c:\windows\system32\lmiport.dll" "12/8/2010 6:10 AM"
+ "PCL hpz3lwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3lwn7.dll" "7/13/2009 7:28 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" "" "1/23/2014 1:09 PM"
+ "digest.dll" "" "" "File not found: digest.dll" ""
+ "msapsspc.dll" "" "" "File not found: msapsspc.dll" ""
+ "msnsspc.dll" "" "" "File not found: msnsspc.dll" ""
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" "" "7/13/2009 10:49 PM"
+ "LMIRfsClientNP" "LogMeIn Virtual Disk Network" "LogMeIn, Inc." "c:\windows\system32\lmirfsclientnp.dll" "12/8/2010 6:08 AM"
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users