Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't open Malwarebytes free version on Windows 7 Laptop


  • This topic is locked This topic is locked
4 replies to this topic

#1 Drfever

Drfever

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 21 November 2014 - 02:45 PM

My brother in law who has a very weak knowledge of computers has obvious issues affecting his laptop's performance.  It is obviously infected by spyware, trojans and viruses.   I tried downloading the free malwarebytes to his computer to run a scan but it will not open.

 

I was able to download and use awccleaner to remove some infestations along with the free Norton Eraser but I trust Malwarebytes the most.

 

It is since running a bit smoother but I still want to run the scan.

 

I saw another topic that was locked. http://www.bleepingcomputer.com/forums/t/549399/malwarebytes-wont-start/

 

Using the information from that thread, I have used the clean uninstall tool from malwarebytes and have re-installed the application.

 

I downloaded the Farbar Recovery Scan tool for his 65 bit system and completed the scans as per the instructions.

 

I have pasted the FRST.txt in my next reply and then attached the Addition.txt in my reply.

 

Please advise if more information is needed.



BC AdBot (Login to Remove)

 


#2 Drfever

Drfever
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 21 November 2014 - 02:51 PM

Here is the FRST.txt as instructed to paste:    attached is the Addition.txt document 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014
Ran by VBD (administrator) on VBD-PC on 21-11-2014 14:42:23
Running from C:\Users\VBD\Desktop\Farbar
Loaded Profile: VBD (Available profiles: VBD)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mindspark) C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93barsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Users\VBD\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Mindspark) C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\APPINTEGRATOR.EXE
(Mindspark) C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\AppIntegrator64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SuddenlyMusic EPM Support] => C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93medint.exe [12872 2014-09-08] (Mindspark)
HKLM-x32\...\Run: [SuddenlyMusic AppIntegrator 32-bit] => C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\AppIntegrator.exe [225864 2014-09-08] (Mindspark)
HKLM-x32\...\Run: [SuddenlyMusic AppIntegrator 64-bit] => C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\AppIntegrator64.exe [258632 2014-09-08] (Mindspark)
HKLM-x32\...\Run: [SuddenlyMusic Search Scope Monitor] => C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93SrchMn.exe [55880 2014-09-08] (Mindspark)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mbot_ca_164] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [Google Update] => C:\Users\VBD\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-11-07] (Google Inc.)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [SkyDrive] => C:\Users\VBD\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-08] (Microsoft Corporation)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [GoogleChromeAutoLaunch_39B9E38256F04F92BC552DB45868A62A] => C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe [856904 2014-11-14] (Google Inc.)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Policies\Explorer: [HideSCAHealth] 1
IFEO\a.exe: [Debugger] svchost.exe
IFEO\aAvgApi.exe: [Debugger] svchost.exe
IFEO\AAWTray.exe: [Debugger] svchost.exe
IFEO\About.exe: [Debugger] svchost.exe
IFEO\ackwin32.exe: [Debugger] svchost.exe
IFEO\Ad-Aware.exe: [Debugger] svchost.exe
IFEO\adaware.exe: [Debugger] svchost.exe
IFEO\advxdwin.exe: [Debugger] svchost.exe
IFEO\AdwarePrj.exe: [Debugger] svchost.exe
IFEO\agent.exe: [Debugger] svchost.exe
IFEO\agentsvr.exe: [Debugger] svchost.exe
IFEO\agentw.exe: [Debugger] svchost.exe
IFEO\alertsvc.exe: [Debugger] svchost.exe
IFEO\alevir.exe: [Debugger] svchost.exe
IFEO\alogserv.exe: [Debugger] svchost.exe
IFEO\AlphaAV: [Debugger] svchost.exe
IFEO\AlphaAV.exe: [Debugger] svchost.exe
IFEO\AluSchedulerSvc.exe: [Debugger] svchost.exe
IFEO\amon9x.exe: [Debugger] svchost.exe
IFEO\anti-trojan.exe: [Debugger] svchost.exe
IFEO\Anti-Virus Professional.exe: [Debugger] svchost.exe
IFEO\AntispywarXP2009.exe: [Debugger] svchost.exe
IFEO\antivirus.exe: [Debugger] svchost.exe
IFEO\AntivirusPlus: [Debugger] svchost.exe
IFEO\AntivirusPlus.exe: [Debugger] svchost.exe
IFEO\AntivirusPro_2010.exe: [Debugger] svchost.exe
IFEO\AntivirusXP: [Debugger] svchost.exe
IFEO\AntivirusXP.exe: [Debugger] svchost.exe
IFEO\antivirusxppro2009.exe: [Debugger] svchost.exe
IFEO\AntiVirus_Pro.exe: [Debugger] svchost.exe
IFEO\ants.exe: [Debugger] svchost.exe
IFEO\apimonitor.exe: [Debugger] svchost.exe
IFEO\aplica32.exe: [Debugger] svchost.exe
IFEO\apvxdwin.exe: [Debugger] svchost.exe
IFEO\arr.exe: [Debugger] svchost.exe
IFEO\ashAvast.exe: [Debugger] svchost.exe
IFEO\ashBug.exe: [Debugger] svchost.exe
IFEO\ashChest.exe: [Debugger] svchost.exe
IFEO\ashCnsnt.exe: [Debugger] svchost.exe
IFEO\ashDisp.exe: [Debugger] svchost.exe
IFEO\ashLogV.exe: [Debugger] svchost.exe
IFEO\ashMaiSv.exe: [Debugger] svchost.exe
IFEO\ashPopWz.exe: [Debugger] svchost.exe
IFEO\ashQuick.exe: [Debugger] svchost.exe
IFEO\ashServ.exe: [Debugger] svchost.exe
IFEO\ashSimp2.exe: [Debugger] svchost.exe
IFEO\ashSimpl.exe: [Debugger] svchost.exe
IFEO\ashSkPcc.exe: [Debugger] svchost.exe
IFEO\ashSkPck.exe: [Debugger] svchost.exe
IFEO\ashUpd.exe: [Debugger] svchost.exe
IFEO\ashWebSv.exe: [Debugger] svchost.exe
IFEO\aswChLic.exe: [Debugger] svchost.exe
IFEO\aswRegSvr.exe: [Debugger] svchost.exe
IFEO\aswRunDll.exe: [Debugger] svchost.exe
IFEO\aswUpdSv.exe: [Debugger] svchost.exe
IFEO\atcon.exe: [Debugger] svchost.exe
IFEO\atguard.exe: [Debugger] svchost.exe
IFEO\atro55en.exe: [Debugger] svchost.exe
IFEO\atupdater.exe: [Debugger] svchost.exe
IFEO\atwatch.exe: [Debugger] svchost.exe
IFEO\au.exe: [Debugger] svchost.exe
IFEO\aupdate.exe: [Debugger] svchost.exe
IFEO\auto-protect.nav80try.exe: [Debugger] svchost.exe
IFEO\autodown.exe: [Debugger] svchost.exe
IFEO\autotrace.exe: [Debugger] svchost.exe
IFEO\autoupdate.exe: [Debugger] svchost.exe
IFEO\av360.exe: [Debugger] svchost.exe
IFEO\avadmin.exe: [Debugger] svchost.exe
IFEO\avastSvc.exe: [Debugger] svchost.exe
IFEO\avastUI.exe: [Debugger] svchost.exe
IFEO\AVCare.exe: [Debugger] svchost.exe
IFEO\avcenter.exe: [Debugger] svchost.exe
IFEO\avciman.exe: [Debugger] svchost.exe
IFEO\avconfig.exe: [Debugger] svchost.exe
IFEO\avconsol.exe: [Debugger] svchost.exe
IFEO\ave32.exe: [Debugger] svchost.exe
IFEO\AVENGINE.EXE: [Debugger] svchost.exe
IFEO\avgcc32.exe: [Debugger] svchost.exe
IFEO\avgchk.exe: [Debugger] svchost.exe
IFEO\avgcmgr.exe: [Debugger] svchost.exe
IFEO\avgcsrvx.exe: [Debugger] svchost.exe
IFEO\avgctrl.exe: [Debugger] svchost.exe
IFEO\avgdumpx.exe: [Debugger] svchost.exe
IFEO\avgemc.exe: [Debugger] svchost.exe
IFEO\avgiproxy.exe: [Debugger] svchost.exe
IFEO\avgnsx.exe: [Debugger] svchost.exe
IFEO\avgnt.exe: [Debugger] svchost.exe
IFEO\avgrsx.exe: [Debugger] svchost.exe
IFEO\avgscanx.exe: [Debugger] svchost.exe
IFEO\avgserv.exe: [Debugger] svchost.exe
IFEO\avgserv9.exe: [Debugger] svchost.exe
IFEO\avgsrmax.exe: [Debugger] svchost.exe
IFEO\avgtray.exe: [Debugger] svchost.exe
IFEO\avguard.exe: [Debugger] svchost.exe
IFEO\avgui.exe: [Debugger] svchost.exe
IFEO\avgupd.exe: [Debugger] svchost.exe
IFEO\avgw.exe: [Debugger] svchost.exe
IFEO\avgwdsvc.exe: [Debugger] svchost.exe
IFEO\avkpop.exe: [Debugger] svchost.exe
IFEO\avkserv.exe: [Debugger] svchost.exe
IFEO\avkservice.exe: [Debugger] svchost.exe
IFEO\avkwctl9.exe: [Debugger] svchost.exe
IFEO\avltmain.exe: [Debugger] svchost.exe
IFEO\avmailc.exe: [Debugger] svchost.exe
IFEO\avmcdlg.exe: [Debugger] svchost.exe
IFEO\avnotify.exe: [Debugger] svchost.exe
IFEO\avnt.exe: [Debugger] svchost.exe
IFEO\avp32.exe: [Debugger] svchost.exe
IFEO\avpcc.exe: [Debugger] svchost.exe
IFEO\avpdos32.exe: [Debugger] svchost.exe
IFEO\avpm.exe: [Debugger] svchost.exe
IFEO\avptc32.exe: [Debugger] svchost.exe
IFEO\avpupd.exe: [Debugger] svchost.exe
IFEO\avsched32.exe: [Debugger] svchost.exe
IFEO\avshadow.exe: [Debugger] svchost.exe
IFEO\avsynmgr.exe: [Debugger] svchost.exe
IFEO\avupgsvc.exe: [Debugger] svchost.exe
IFEO\AVWEBGRD.EXE: [Debugger] svchost.exe
IFEO\avwin.exe: [Debugger] svchost.exe
IFEO\avwin95.exe: [Debugger] svchost.exe
IFEO\avwinnt.exe: [Debugger] svchost.exe
IFEO\avwsc.exe: [Debugger] svchost.exe
IFEO\avwupd.exe: [Debugger] svchost.exe
IFEO\avwupd32.exe: [Debugger] svchost.exe
IFEO\avwupsrv.exe: [Debugger] svchost.exe
IFEO\avxmonitor9x.exe: [Debugger] svchost.exe
IFEO\avxmonitornt.exe: [Debugger] svchost.exe
IFEO\avxquar.exe: [Debugger] svchost.exe
IFEO\b.exe: [Debugger] svchost.exe
IFEO\backweb.exe: [Debugger] svchost.exe
IFEO\bargains.exe: [Debugger] svchost.exe
IFEO\bdfvcl.exe: [Debugger] svchost.exe
IFEO\bdfvwiz.exe: [Debugger] svchost.exe
IFEO\BDInProcPatch.exe: [Debugger] svchost.exe
IFEO\bdmcon.exe: [Debugger] svchost.exe
IFEO\BDMsnScan.exe: [Debugger] svchost.exe
IFEO\BDSurvey.exe: [Debugger] svchost.exe
IFEO\bd_professional.exe: [Debugger] svchost.exe
IFEO\beagle.exe: [Debugger] svchost.exe
IFEO\belt.exe: [Debugger] svchost.exe
IFEO\bidef.exe: [Debugger] svchost.exe
IFEO\bidserver.exe: [Debugger] svchost.exe
IFEO\bipcp.exe: [Debugger] svchost.exe
IFEO\bipcpevalsetup.exe: [Debugger] svchost.exe
IFEO\bisp.exe: [Debugger] svchost.exe
IFEO\blackd.exe: [Debugger] svchost.exe
IFEO\blackice.exe: [Debugger] svchost.exe
IFEO\blink.exe: [Debugger] svchost.exe
IFEO\blss.exe: [Debugger] svchost.exe
IFEO\bootconf.exe: [Debugger] svchost.exe
IFEO\bootwarn.exe: [Debugger] svchost.exe
IFEO\borg2.exe: [Debugger] svchost.exe
IFEO\bpc.exe: [Debugger] svchost.exe
IFEO\brasil.exe: [Debugger] svchost.exe
IFEO\brastk.exe: [Debugger] svchost.exe
IFEO\brw.exe: [Debugger] svchost.exe
IFEO\bs120.exe: [Debugger] svchost.exe
IFEO\bspatch.exe: [Debugger] svchost.exe
IFEO\bundle.exe: [Debugger] svchost.exe
IFEO\bvt.exe: [Debugger] svchost.exe
IFEO\c.exe: [Debugger] svchost.exe
IFEO\cavscan.exe: [Debugger] svchost.exe
IFEO\ccapp.exe: [Debugger] svchost.exe
IFEO\ccevtmgr.exe: [Debugger] svchost.exe
IFEO\ccpxysvc.exe: [Debugger] svchost.exe
IFEO\ccSvcHst.exe: [Debugger] svchost.exe
IFEO\cdp.exe: [Debugger] svchost.exe
IFEO\cfd.exe: [Debugger] svchost.exe
IFEO\cfgwiz.exe: [Debugger] svchost.exe
IFEO\cfiadmin.exe: [Debugger] svchost.exe
IFEO\cfiaudit.exe: [Debugger] svchost.exe
IFEO\cfinet.exe: [Debugger] svchost.exe
IFEO\cfinet32.exe: [Debugger] svchost.exe
IFEO\cfp.exe: [Debugger] svchost.exe
IFEO\cfpconfg.exe: [Debugger] svchost.exe
IFEO\cfplogvw.exe: [Debugger] svchost.exe
IFEO\cfpupdat.exe: [Debugger] svchost.exe
IFEO\claw95.exe: [Debugger] svchost.exe
IFEO\claw95cf.exe: [Debugger] svchost.exe
IFEO\clean.exe: [Debugger] svchost.exe
IFEO\cleaner.exe: [Debugger] svchost.exe
IFEO\cleaner3.exe: [Debugger] svchost.exe
IFEO\cleanIELow.exe: [Debugger] svchost.exe
IFEO\cleanpc.exe: [Debugger] svchost.exe
IFEO\click.exe: [Debugger] svchost.exe
IFEO\cmd32.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\cmesys.exe: [Debugger] svchost.exe
IFEO\cmgrdian.exe: [Debugger] svchost.exe
IFEO\cmon016.exe: [Debugger] svchost.exe
IFEO\connectionmonitor.exe: [Debugger] svchost.exe
IFEO\control: [Debugger] svchost.exe
IFEO\cpd.exe: [Debugger] svchost.exe
IFEO\cpf9x206.exe: [Debugger] svchost.exe
IFEO\cpfnt206.exe: [Debugger] svchost.exe
IFEO\crashrep.exe: [Debugger] svchost.exe
IFEO\cssconfg.exe: [Debugger] svchost.exe
IFEO\cssupdat.exe: [Debugger] svchost.exe
IFEO\cssurf.exe: [Debugger] svchost.exe
IFEO\ctrl.exe: [Debugger] svchost.exe
IFEO\cv.exe: [Debugger] svchost.exe
IFEO\cwnb181.exe: [Debugger] svchost.exe
IFEO\cwntdwmo.exe: [Debugger] svchost.exe
IFEO\d.exe: [Debugger] svchost.exe
IFEO\datemanager.exe: [Debugger] svchost.exe
IFEO\dcomx.exe: [Debugger] svchost.exe
IFEO\defalert.exe: [Debugger] svchost.exe
IFEO\defscangui.exe: [Debugger] svchost.exe
IFEO\defwatch.exe: [Debugger] svchost.exe
IFEO\deloeminfs.exe: [Debugger] svchost.exe
IFEO\deputy.exe: [Debugger] svchost.exe
IFEO\divx.exe: [Debugger] svchost.exe
IFEO\dllcache.exe: [Debugger] svchost.exe
IFEO\dllreg.exe: [Debugger] svchost.exe
IFEO\doors.exe: [Debugger] svchost.exe
IFEO\dop.exe: [Debugger] svchost.exe
IFEO\dpf.exe: [Debugger] svchost.exe
IFEO\dpfsetup.exe: [Debugger] svchost.exe
IFEO\dpps2.exe: [Debugger] svchost.exe
IFEO\driverctrl.exe: [Debugger] svchost.exe
IFEO\drwatson.exe: [Debugger] svchost.exe
IFEO\drweb32.exe: [Debugger] svchost.exe
IFEO\drwebupw.exe: [Debugger] svchost.exe
IFEO\dssagent.exe: [Debugger] svchost.exe
IFEO\dvp95.exe: [Debugger] svchost.exe
IFEO\dvp95_0.exe: [Debugger] svchost.exe
IFEO\ecengine.exe: [Debugger] svchost.exe
IFEO\efpeadm.exe: [Debugger] svchost.exe
IFEO\emsw.exe: [Debugger] svchost.exe
IFEO\ent.exe: [Debugger] svchost.exe
IFEO\esafe.exe: [Debugger] svchost.exe
IFEO\escanhnt.exe: [Debugger] svchost.exe
IFEO\escanv95.exe: [Debugger] svchost.exe
IFEO\espwatch.exe: [Debugger] svchost.exe
IFEO\ethereal.exe: [Debugger] svchost.exe
IFEO\etrustcipe.exe: [Debugger] svchost.exe
IFEO\evpn.exe: [Debugger] svchost.exe
IFEO\exantivirus-cnet.exe: [Debugger] svchost.exe
IFEO\exe.avxw.exe: [Debugger] svchost.exe
IFEO\expert.exe: [Debugger] svchost.exe
IFEO\explore.exe: [Debugger] svchost.exe
IFEO\f-agnt95.exe: [Debugger] svchost.exe
IFEO\f-prot.exe: [Debugger] svchost.exe
IFEO\f-prot95.exe: [Debugger] svchost.exe
IFEO\f-stopw.exe: [Debugger] svchost.exe
IFEO\fact.exe: [Debugger] svchost.exe
IFEO\fameh32.exe: [Debugger] svchost.exe
IFEO\fast.exe: [Debugger] svchost.exe
IFEO\fch32.exe: [Debugger] svchost.exe
IFEO\fih32.exe: [Debugger] svchost.exe
IFEO\findviru.exe: [Debugger] svchost.exe
IFEO\firewall.exe: [Debugger] svchost.exe
IFEO\fixcfg.exe: [Debugger] svchost.exe
IFEO\fixfp.exe: [Debugger] svchost.exe
IFEO\fnrb32.exe: [Debugger] svchost.exe
IFEO\fp-win.exe: [Debugger] svchost.exe
IFEO\fp-win_trial.exe: [Debugger] svchost.exe
IFEO\fprot.exe: [Debugger] svchost.exe
IFEO\frmwrk32.exe: [Debugger] svchost.exe
IFEO\frw.exe: [Debugger] svchost.exe
IFEO\fsaa.exe: [Debugger] svchost.exe
IFEO\fsav.exe: [Debugger] svchost.exe
IFEO\fsav32.exe: [Debugger] svchost.exe
IFEO\fsav530stbyb.exe: [Debugger] svchost.exe
IFEO\fsav530wtbyb.exe: [Debugger] svchost.exe
IFEO\fsav95.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\fsm32.exe: [Debugger] svchost.exe
IFEO\fsma32.exe: [Debugger] svchost.exe
IFEO\fsmb32.exe: [Debugger] svchost.exe
IFEO\gator.exe: [Debugger] svchost.exe
IFEO\gav.exe: [Debugger] svchost.exe
IFEO\gbmenu.exe: [Debugger] svchost.exe
IFEO\gbn976rl.exe: [Debugger] svchost.exe
IFEO\gbpoll.exe: [Debugger] svchost.exe
IFEO\generics.exe: [Debugger] svchost.exe
IFEO\gmt.exe: [Debugger] svchost.exe
IFEO\guard.exe: [Debugger] svchost.exe
IFEO\guarddog.exe: [Debugger] svchost.exe
IFEO\guardgui.exe: [Debugger] svchost.exe
IFEO\guardxkickoff.exe: [Debugger] svchost.exe
IFEO\hacktracersetup.exe: [Debugger] svchost.exe
IFEO\hbinst.exe: [Debugger] svchost.exe
IFEO\hbsrv.exe: [Debugger] svchost.exe
IFEO\History.exe: [Debugger] svchost.exe
IFEO\homeav2010.exe: [Debugger] svchost.exe
IFEO\hotactio.exe: [Debugger] svchost.exe
IFEO\hotpatch.exe: [Debugger] svchost.exe
IFEO\htlog.exe: [Debugger] svchost.exe
IFEO\htpatch.exe: [Debugger] svchost.exe
IFEO\hwpe.exe: [Debugger] svchost.exe
IFEO\hxdl.exe: [Debugger] svchost.exe
IFEO\hxiul.exe: [Debugger] svchost.exe
IFEO\iamapp.exe: [Debugger] svchost.exe
IFEO\iamserv.exe: [Debugger] svchost.exe
IFEO\iamstats.exe: [Debugger] svchost.exe
IFEO\ibmasn.exe: [Debugger] svchost.exe
IFEO\ibmavsp.exe: [Debugger] svchost.exe
IFEO\icload95.exe: [Debugger] svchost.exe
IFEO\icloadnt.exe: [Debugger] svchost.exe
IFEO\icmon.exe: [Debugger] svchost.exe
IFEO\icsupp95.exe: [Debugger] svchost.exe
IFEO\icsuppnt.exe: [Debugger] svchost.exe
IFEO\Identity.exe: [Debugger] svchost.exe
IFEO\idle.exe: [Debugger] svchost.exe
IFEO\iedll.exe: [Debugger] svchost.exe
IFEO\iedriver.exe: [Debugger] svchost.exe
IFEO\IEShow.exe: [Debugger] svchost.exe
IFEO\iface.exe: [Debugger] svchost.exe
IFEO\ifw2000.exe: [Debugger] svchost.exe
IFEO\inetlnfo.exe: [Debugger] svchost.exe
IFEO\infus.exe: [Debugger] svchost.exe
IFEO\infwin.exe: [Debugger] svchost.exe
IFEO\init.exe: [Debugger] svchost.exe
IFEO\init32.exe : [Debugger] svchost.exe
IFEO\install[1].exe: [Debugger] svchost.exe
IFEO\install[2].exe: [Debugger] svchost.exe
IFEO\install[3].exe: [Debugger] svchost.exe
IFEO\install[4].exe: [Debugger] svchost.exe
IFEO\install[5].exe: [Debugger] svchost.exe
IFEO\intdel.exe: [Debugger] svchost.exe
IFEO\intren.exe: [Debugger] svchost.exe
IFEO\iomon98.exe: [Debugger] svchost.exe
IFEO\istsvc.exe: [Debugger] svchost.exe
IFEO\jammer.exe: [Debugger] svchost.exe
IFEO\jdbgmrg.exe: [Debugger] svchost.exe
IFEO\jedi.exe: [Debugger] svchost.exe
IFEO\JsRcGen.exe: [Debugger] svchost.exe
IFEO\kavlite40eng.exe: [Debugger] svchost.exe
IFEO\kavpers40eng.exe: [Debugger] svchost.exe
IFEO\kavpf.exe: [Debugger] svchost.exe
IFEO\kazza.exe: [Debugger] svchost.exe
IFEO\keenvalue.exe: [Debugger] svchost.exe
IFEO\kerio-pf-213-en-win.exe: [Debugger] svchost.exe
IFEO\kerio-wrl-421-en-win.exe: [Debugger] svchost.exe
IFEO\kerio-wrp-421-en-win.exe: [Debugger] svchost.exe
IFEO\killprocesssetup161.exe: [Debugger] svchost.exe
IFEO\ldnetmon.exe: [Debugger] svchost.exe
IFEO\ldpro.exe: [Debugger] svchost.exe
IFEO\ldpromenu.exe: [Debugger] svchost.exe
IFEO\ldscan.exe: [Debugger] svchost.exe
IFEO\licmgr.exe: [Debugger] svchost.exe
IFEO\lnetinfo.exe: [Debugger] svchost.exe
IFEO\loader.exe: [Debugger] svchost.exe
IFEO\localnet.exe: [Debugger] svchost.exe
IFEO\lockdown.exe: [Debugger] svchost.exe
IFEO\lockdown2000.exe: [Debugger] svchost.exe
IFEO\lookout.exe: [Debugger] svchost.exe
IFEO\lordpe.exe: [Debugger] svchost.exe
IFEO\lsetup.exe: [Debugger] svchost.exe
IFEO\luall.exe: [Debugger] svchost.exe
IFEO\luau.exe: [Debugger] svchost.exe
IFEO\lucomserver.exe: [Debugger] svchost.exe
IFEO\luinit.exe: [Debugger] svchost.exe
IFEO\luspt.exe: [Debugger] svchost.exe
IFEO\MalwareRemoval.exe: [Debugger] svchost.exe
IFEO\mapisvc32.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamgui.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\mcagent.exe: [Debugger] svchost.exe
IFEO\mcmnhdlr.exe: [Debugger] svchost.exe
IFEO\mcmpeng.exe: [Debugger] svchost.exe
IFEO\mcmscsvc.exe: [Debugger] svchost.exe
IFEO\mcnasvc.exe: [Debugger] svchost.exe
IFEO\mcproxy.exe: [Debugger] svchost.exe
IFEO\McSACore.exe: [Debugger] svchost.exe
IFEO\mcshell.exe: [Debugger] svchost.exe
IFEO\mcshield.exe: [Debugger] svchost.exe
IFEO\mcsysmon.exe: [Debugger] svchost.exe
IFEO\mctool.exe: [Debugger] svchost.exe
IFEO\mcupdate.exe: [Debugger] svchost.exe
IFEO\mcvsrte.exe: [Debugger] svchost.exe
IFEO\mcvsshld.exe: [Debugger] svchost.exe
IFEO\md.exe: [Debugger] svchost.exe
IFEO\mfin32.exe: [Debugger] svchost.exe
IFEO\mfw2en.exe: [Debugger] svchost.exe
IFEO\mfweng3.02d30.exe: [Debugger] svchost.exe
IFEO\mgavrtcl.exe: [Debugger] svchost.exe
IFEO\mgavrte.exe: [Debugger] svchost.exe
IFEO\mghtml.exe: [Debugger] svchost.exe
IFEO\mgui.exe: [Debugger] svchost.exe
IFEO\minilog.exe: [Debugger] svchost.exe
IFEO\mmod.exe: [Debugger] svchost.exe
IFEO\monitor.exe: [Debugger] svchost.exe
IFEO\moolive.exe: [Debugger] svchost.exe
IFEO\mostat.exe: [Debugger] svchost.exe
IFEO\mpfagent.exe: [Debugger] svchost.exe
IFEO\mpfservice.exe: [Debugger] svchost.exe
IFEO\MPFSrv.exe: [Debugger] svchost.exe
IFEO\mpftray.exe: [Debugger] svchost.exe
IFEO\mrflux.exe: [Debugger] svchost.exe
IFEO\mrt.exe: [Debugger] svchost.exe
IFEO\msa.exe: [Debugger] svchost.exe
IFEO\msapp.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\msbb.exe: [Debugger] svchost.exe
IFEO\msblast.exe: [Debugger] svchost.exe
IFEO\mscache.exe: [Debugger] svchost.exe
IFEO\msccn32.exe: [Debugger] svchost.exe
IFEO\mscman.exe: [Debugger] svchost.exe
IFEO\msconfig: [Debugger] svchost.exe
IFEO\msdm.exe: [Debugger] svchost.exe
IFEO\msdos.exe: [Debugger] svchost.exe
IFEO\msiexec16.exe: [Debugger] svchost.exe
IFEO\mslaugh.exe: [Debugger] svchost.exe
IFEO\msmgt.exe: [Debugger] svchost.exe
IFEO\msmsgri32.exe: [Debugger] svchost.exe
IFEO\msseces.exe: [Debugger] svchost.exe
IFEO\mssmmc32.exe: [Debugger] svchost.exe
IFEO\mssys.exe: [Debugger] svchost.exe
IFEO\msvxd.exe: [Debugger] svchost.exe
IFEO\mu0311ad.exe: [Debugger] svchost.exe
IFEO\mwatch.exe: [Debugger] svchost.exe
IFEO\n32scanw.exe: [Debugger] svchost.exe
IFEO\nav.exe: [Debugger] svchost.exe
IFEO\navap.navapsvc.exe: [Debugger] svchost.exe
IFEO\navapsvc.exe: [Debugger] svchost.exe
IFEO\navapw32.exe: [Debugger] svchost.exe
IFEO\navdx.exe: [Debugger] svchost.exe
IFEO\navlu32.exe: [Debugger] svchost.exe
IFEO\navnt.exe: [Debugger] svchost.exe
IFEO\navstub.exe: [Debugger] svchost.exe
IFEO\navw32.exe: [Debugger] svchost.exe
IFEO\navwnt.exe: [Debugger] svchost.exe
IFEO\nc2000.exe: [Debugger] svchost.exe
IFEO\ncinst4.exe: [Debugger] svchost.exe
IFEO\ndd32.exe: [Debugger] svchost.exe
IFEO\neomonitor.exe: [Debugger] svchost.exe
IFEO\neowatchlog.exe: [Debugger] svchost.exe
IFEO\netarmor.exe: [Debugger] svchost.exe
IFEO\netd32.exe: [Debugger] svchost.exe
IFEO\netinfo.exe: [Debugger] svchost.exe
IFEO\netmon.exe: [Debugger] svchost.exe
IFEO\netscanpro.exe: [Debugger] svchost.exe
IFEO\netspyhunter-1.2.exe: [Debugger] svchost.exe
IFEO\netutils.exe: [Debugger] svchost.exe
IFEO\nisserv.exe: [Debugger] svchost.exe
IFEO\nisum.exe: [Debugger] svchost.exe
IFEO\nmain.exe: [Debugger] svchost.exe
IFEO\nod32.exe: [Debugger] svchost.exe
IFEO\normist.exe: [Debugger] svchost.exe
IFEO\norton_internet_secu_3.0_407.exe: [Debugger] svchost.exe
IFEO\notstart.exe: [Debugger] svchost.exe
IFEO\npf40_tw_98_nt_me_2k.exe: [Debugger] svchost.exe
IFEO\npfmessenger.exe: [Debugger] svchost.exe
IFEO\nprotect.exe: [Debugger] svchost.exe
IFEO\npscheck.exe: [Debugger] svchost.exe
IFEO\npssvc.exe: [Debugger] svchost.exe
IFEO\nsched32.exe: [Debugger] svchost.exe
IFEO\nssys32.exe: [Debugger] svchost.exe
IFEO\nstask32.exe: [Debugger] svchost.exe
IFEO\nsupdate.exe: [Debugger] svchost.exe
IFEO\nt.exe: [Debugger] svchost.exe
IFEO\ntrtscan.exe: [Debugger] svchost.exe
IFEO\ntvdm.exe: [Debugger] svchost.exe
IFEO\ntxconfig.exe: [Debugger] svchost.exe
IFEO\nui.exe: [Debugger] svchost.exe
IFEO\nupgrade.exe: [Debugger] svchost.exe
IFEO\nvarch16.exe: [Debugger] svchost.exe
IFEO\nvc95.exe: [Debugger] svchost.exe
IFEO\nvsvc32.exe: [Debugger] svchost.exe
IFEO\nwinst4.exe: [Debugger] svchost.exe
IFEO\nwservice.exe: [Debugger] svchost.exe
IFEO\nwtool16.exe: [Debugger] svchost.exe
IFEO\OAcat.exe: [Debugger] svchost.exe
IFEO\OAhlp.exe: [Debugger] svchost.exe
IFEO\OAReg.exe: [Debugger] svchost.exe
IFEO\oasrv.exe: [Debugger] svchost.exe
IFEO\oaui.exe: [Debugger] svchost.exe
IFEO\oaview.exe: [Debugger] svchost.exe
IFEO\ODSW.exe: [Debugger] svchost.exe
IFEO\ollydbg.exe: [Debugger] svchost.exe
IFEO\onsrvr.exe: [Debugger] svchost.exe
IFEO\optimize.exe: [Debugger] svchost.exe
IFEO\ostronet.exe: [Debugger] svchost.exe
IFEO\otfix.exe: [Debugger] svchost.exe
IFEO\outpost.exe: [Debugger] svchost.exe
IFEO\outpostinstall.exe: [Debugger] svchost.exe
IFEO\outpostproinstall.exe: [Debugger] svchost.exe
IFEO\ozn695m5.exe: [Debugger] svchost.exe
IFEO\padmin.exe: [Debugger] svchost.exe
IFEO\panixk.exe: [Debugger] svchost.exe
IFEO\patch.exe: [Debugger] svchost.exe
IFEO\pav.exe: [Debugger] svchost.exe
IFEO\pavcl.exe: [Debugger] svchost.exe
IFEO\PavFnSvr.exe: [Debugger] svchost.exe
IFEO\pavproxy.exe: [Debugger] svchost.exe
IFEO\pavprsrv.exe: [Debugger] svchost.exe
IFEO\pavsched.exe: [Debugger] svchost.exe
IFEO\pavsrv51.exe: [Debugger] svchost.exe
IFEO\pavw.exe: [Debugger] svchost.exe
IFEO\pc.exe: [Debugger] svchost.exe
IFEO\pccwin98.exe: [Debugger] svchost.exe
IFEO\pcfwallicon.exe: [Debugger] svchost.exe
IFEO\pcip10117_0.exe: [Debugger] svchost.exe
IFEO\pcscan.exe: [Debugger] svchost.exe
IFEO\pctsAuxs.exe: [Debugger] svchost.exe
IFEO\pctsGui.exe: [Debugger] svchost.exe
IFEO\pctsSvc.exe: [Debugger] svchost.exe
IFEO\pctsTray.exe: [Debugger] svchost.exe
IFEO\PC_Antispyware2010.exe: [Debugger] svchost.exe
IFEO\pdfndr.exe: [Debugger] svchost.exe
IFEO\pdsetup.exe: [Debugger] svchost.exe
IFEO\PerAvir.exe: [Debugger] svchost.exe
IFEO\periscope.exe: [Debugger] svchost.exe
IFEO\persfw.exe: [Debugger] svchost.exe
IFEO\personalguard: [Debugger] svchost.exe
IFEO\personalguard.exe: [Debugger] svchost.exe
IFEO\perswf.exe: [Debugger] svchost.exe
IFEO\pf2.exe: [Debugger] svchost.exe
IFEO\pfwadmin.exe: [Debugger] svchost.exe
IFEO\pgmonitr.exe: [Debugger] svchost.exe
IFEO\pingscan.exe: [Debugger] svchost.exe
IFEO\platin.exe: [Debugger] svchost.exe
IFEO\pop3trap.exe: [Debugger] svchost.exe
IFEO\poproxy.exe: [Debugger] svchost.exe
IFEO\popscan.exe: [Debugger] svchost.exe
IFEO\portdetective.exe: [Debugger] svchost.exe
IFEO\portmonitor.exe: [Debugger] svchost.exe
IFEO\powerscan.exe: [Debugger] svchost.exe
IFEO\ppinupdt.exe: [Debugger] svchost.exe
IFEO\pptbc.exe: [Debugger] svchost.exe
IFEO\ppvstop.exe: [Debugger] svchost.exe
IFEO\prizesurfer.exe: [Debugger] svchost.exe
IFEO\prmt.exe: [Debugger] svchost.exe
IFEO\prmvr.exe: [Debugger] svchost.exe
IFEO\procdump.exe: [Debugger] svchost.exe
IFEO\processmonitor.exe: [Debugger] svchost.exe
IFEO\procexplorerv1.0.exe: [Debugger] svchost.exe
IFEO\programauditor.exe: [Debugger] svchost.exe
IFEO\proport.exe: [Debugger] svchost.exe
IFEO\protector.exe: [Debugger] svchost.exe
IFEO\protectx.exe: [Debugger] svchost.exe
IFEO\PSANCU.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSANToManager.exe: [Debugger] svchost.exe
IFEO\PsCtrls.exe: [Debugger] svchost.exe
IFEO\PsImSvc.exe: [Debugger] svchost.exe
IFEO\PskSvc.exe: [Debugger] svchost.exe
IFEO\pspf.exe: [Debugger] svchost.exe
IFEO\PSUNMain.exe: [Debugger] svchost.exe
IFEO\purge.exe: [Debugger] svchost.exe
IFEO\qconsole.exe: [Debugger] svchost.exe
IFEO\qh.exe: [Debugger] svchost.exe
IFEO\qserver.exe: [Debugger] svchost.exe
IFEO\Quick Heal.exe: [Debugger] svchost.exe
IFEO\QuickHealCleaner.exe: [Debugger] svchost.exe
IFEO\rapapp.exe: [Debugger] svchost.exe
IFEO\rav7.exe: [Debugger] svchost.exe
IFEO\rav7win.exe: [Debugger] svchost.exe
IFEO\rav8win32eng.exe: [Debugger] svchost.exe
IFEO\ray.exe: [Debugger] svchost.exe
IFEO\rb32.exe: [Debugger] svchost.exe
IFEO\rcsync.exe: [Debugger] svchost.exe
IFEO\realmon.exe: [Debugger] svchost.exe
IFEO\reged.exe: [Debugger] svchost.exe
IFEO\regedt32.exe: [Debugger] svchost.exe
IFEO\rescue.exe: [Debugger] svchost.exe
IFEO\rescue32.exe: [Debugger] svchost.exe
IFEO\rrguard.exe: [Debugger] svchost.exe
IFEO\rscdwld.exe: [Debugger] svchost.exe
IFEO\rshell.exe: [Debugger] svchost.exe
IFEO\rtvscan.exe: [Debugger] svchost.exe
IFEO\rtvscn95.exe: [Debugger] svchost.exe
IFEO\rulaunch.exe: [Debugger] svchost.exe
IFEO\rwg: [Debugger] svchost.exe
IFEO\rwg.exe: [Debugger] svchost.exe
IFEO\SafetyKeeper.exe: [Debugger] svchost.exe
IFEO\safeweb.exe: [Debugger] svchost.exe
IFEO\sahagent.exe: [Debugger] svchost.exe
IFEO\Save.exe: [Debugger] svchost.exe
IFEO\SaveArmor.exe: [Debugger] svchost.exe
IFEO\SaveDefense.exe: [Debugger] svchost.exe
IFEO\SaveKeep.exe: [Debugger] svchost.exe
IFEO\savenow.exe: [Debugger] svchost.exe
IFEO\sbserv.exe: [Debugger] svchost.exe
IFEO\sc.exe: [Debugger] svchost.exe
IFEO\scam32.exe: [Debugger] svchost.exe
IFEO\scan32.exe: [Debugger] svchost.exe
IFEO\scan95.exe: [Debugger] svchost.exe
IFEO\scanpm.exe: [Debugger] svchost.exe
IFEO\scrscan.exe: [Debugger] svchost.exe
IFEO\Secure Veteran.exe: [Debugger] svchost.exe
IFEO\secureveteran.exe: [Debugger] svchost.exe
IFEO\Security Center.exe: [Debugger] svchost.exe
IFEO\SecurityFighter.exe: [Debugger] svchost.exe
IFEO\securitysoldier.exe: [Debugger] svchost.exe
IFEO\serv95.exe: [Debugger] svchost.exe
IFEO\setloadorder.exe: [Debugger] svchost.exe
IFEO\setupvameeval.exe: [Debugger] svchost.exe
IFEO\setup_flowprotector_us.exe: [Debugger] svchost.exe
IFEO\sgssfw32.exe: [Debugger] svchost.exe
IFEO\sh.exe: [Debugger] svchost.exe
IFEO\shellspyinstall.exe: [Debugger] svchost.exe
IFEO\shield.exe: [Debugger] svchost.exe
IFEO\shn.exe: [Debugger] svchost.exe
IFEO\showbehind.exe: [Debugger] svchost.exe
IFEO\signcheck.exe: [Debugger] svchost.exe
IFEO\smart.exe: [Debugger] svchost.exe
IFEO\smartprotector.exe: [Debugger] svchost.exe
IFEO\smc.exe: [Debugger] svchost.exe
IFEO\smrtdefp.exe: [Debugger] svchost.exe
IFEO\sms.exe: [Debugger] svchost.exe
IFEO\smss32.exe: [Debugger] svchost.exe
IFEO\snetcfg.exe: [Debugger] svchost.exe
IFEO\soap.exe: [Debugger] svchost.exe
IFEO\sofi.exe: [Debugger] svchost.exe
IFEO\SoftSafeness.exe: [Debugger] svchost.exe
IFEO\sperm.exe: [Debugger] svchost.exe
IFEO\spf.exe: [Debugger] svchost.exe
IFEO\sphinx.exe: [Debugger] svchost.exe
IFEO\spoler.exe: [Debugger] svchost.exe
IFEO\spoolcv.exe: [Debugger] svchost.exe
IFEO\spoolsv32.exe: [Debugger] svchost.exe
IFEO\spywarexpguard.exe: [Debugger] svchost.exe
IFEO\spyxx.exe: [Debugger] svchost.exe
IFEO\srexe.exe: [Debugger] svchost.exe
IFEO\srng.exe: [Debugger] svchost.exe
IFEO\ss3edit.exe: [Debugger] svchost.exe
IFEO\ssgrate.exe: [Debugger] svchost.exe
IFEO\ssg_4104.exe: [Debugger] svchost.exe
IFEO\st2.exe: [Debugger] svchost.exe
IFEO\start.exe: [Debugger] svchost.exe
IFEO\stcloader.exe: [Debugger] svchost.exe
IFEO\supftrl.exe: [Debugger] svchost.exe
IFEO\support.exe: [Debugger] svchost.exe
IFEO\supporter5.exe: [Debugger] svchost.exe
IFEO\svc.exe: [Debugger] svchost.exe
IFEO\svchostc.exe: [Debugger] svchost.exe
IFEO\svchosts.exe: [Debugger] svchost.exe
IFEO\svshost.exe: [Debugger] svchost.exe
IFEO\sweep95.exe: [Debugger] svchost.exe
IFEO\sweepnet.sweepsrv.sys.swnetsup.exe: [Debugger] svchost.exe
IFEO\symlcsvc.exe: [Debugger] svchost.exe
IFEO\symproxysvc.exe: [Debugger] svchost.exe
IFEO\symtray.exe: [Debugger] svchost.exe
IFEO\system.exe: [Debugger] svchost.exe
IFEO\system32.exe: [Debugger] svchost.exe
IFEO\sysupd.exe: [Debugger] svchost.exe
IFEO\tapinstall.exe: [Debugger] svchost.exe
IFEO\taumon.exe: [Debugger] svchost.exe
IFEO\tbscan.exe: [Debugger] svchost.exe
IFEO\tc.exe: [Debugger] svchost.exe
IFEO\tca.exe: [Debugger] svchost.exe
IFEO\tcm.exe: [Debugger] svchost.exe
IFEO\tds-3.exe: [Debugger] svchost.exe
IFEO\tds2-98.exe: [Debugger] svchost.exe
IFEO\tds2-nt.exe: [Debugger] svchost.exe
IFEO\teekids.exe: [Debugger] svchost.exe
IFEO\tfak.exe: [Debugger] svchost.exe
IFEO\tfak5.exe: [Debugger] svchost.exe
IFEO\tgbob.exe: [Debugger] svchost.exe
IFEO\titanin.exe: [Debugger] svchost.exe
IFEO\titaninxp.exe: [Debugger] svchost.exe
IFEO\TPSrv.exe: [Debugger] svchost.exe
IFEO\trickler.exe: [Debugger] svchost.exe
IFEO\trjscan.exe: [Debugger] svchost.exe
IFEO\trjsetup.exe: [Debugger] svchost.exe
IFEO\trojantrap3.exe: [Debugger] svchost.exe
IFEO\TrustWarrior.exe: [Debugger] svchost.exe
IFEO\tsadbot.exe: [Debugger] svchost.exe
IFEO\tsc.exe: [Debugger] svchost.exe
IFEO\tvmd.exe: [Debugger] svchost.exe
IFEO\tvtmd.exe: [Debugger] svchost.exe
IFEO\undoboot.exe: [Debugger] svchost.exe
IFEO\updat.exe: [Debugger] svchost.exe
IFEO\upgrad.exe: [Debugger] svchost.exe
IFEO\utpost.exe: [Debugger] svchost.exe
IFEO\vbcmserv.exe: [Debugger] svchost.exe
IFEO\vbcons.exe: [Debugger] svchost.exe
IFEO\vbust.exe: [Debugger] svchost.exe
IFEO\vbwin9x.exe: [Debugger] svchost.exe
IFEO\vbwinntw.exe: [Debugger] svchost.exe
IFEO\vcsetup.exe: [Debugger] svchost.exe
IFEO\vet32.exe: [Debugger] svchost.exe
IFEO\vet95.exe: [Debugger] svchost.exe
IFEO\vettray.exe: [Debugger] svchost.exe
IFEO\vfsetup.exe: [Debugger] svchost.exe
IFEO\vir-help.exe: [Debugger] svchost.exe
IFEO\virusmdpersonalfirewall.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\VisthAux.exe: [Debugger] svchost.exe
IFEO\VisthLic.exe: [Debugger] svchost.exe
IFEO\VisthUpd.exe: [Debugger] svchost.exe
IFEO\vnlan300.exe: [Debugger] svchost.exe
IFEO\vnpc3000.exe: [Debugger] svchost.exe
IFEO\vpc32.exe: [Debugger] svchost.exe
IFEO\vpc42.exe: [Debugger] svchost.exe
IFEO\vpfw30s.exe: [Debugger] svchost.exe
IFEO\vptray.exe: [Debugger] svchost.exe
IFEO\vscan40.exe: [Debugger] svchost.exe
IFEO\vscenu6.02d30.exe: [Debugger] svchost.exe
IFEO\vsched.exe: [Debugger] svchost.exe
IFEO\vsecomr.exe: [Debugger] svchost.exe
IFEO\vshwin32.exe: [Debugger] svchost.exe
IFEO\vsisetup.exe: [Debugger] svchost.exe
IFEO\vsmain.exe: [Debugger] svchost.exe
IFEO\vsmon.exe: [Debugger] svchost.exe
IFEO\vsstat.exe: [Debugger] svchost.exe
IFEO\vswin9xe.exe: [Debugger] svchost.exe
IFEO\vswinntse.exe: [Debugger] svchost.exe
IFEO\vswinperse.exe: [Debugger] svchost.exe
IFEO\w32dsm89.exe: [Debugger] svchost.exe
IFEO\W3asbas.exe: [Debugger] svchost.exe
IFEO\w9x.exe: [Debugger] svchost.exe
IFEO\watchdog.exe: [Debugger] svchost.exe
IFEO\webdav.exe: [Debugger] svchost.exe
IFEO\WebProxy.exe: [Debugger] svchost.exe
IFEO\webscanx.exe: [Debugger] svchost.exe
IFEO\webtrap.exe: [Debugger] svchost.exe
IFEO\wfindv32.exe: [Debugger] svchost.exe
IFEO\whoswatchingme.exe: [Debugger] svchost.exe
IFEO\wimmun32.exe: [Debugger] svchost.exe
IFEO\win-bugsfix.exe: [Debugger] svchost.exe
IFEO\win32.exe: [Debugger] svchost.exe
IFEO\win32us.exe: [Debugger] svchost.exe
IFEO\winactive.exe: [Debugger] svchost.exe
IFEO\winav.exe: [Debugger] svchost.exe
IFEO\windll32.exe: [Debugger] svchost.exe
IFEO\window.exe: [Debugger] svchost.exe
IFEO\windows Police Pro.exe: [Debugger] svchost.exe
IFEO\windows.exe: [Debugger] svchost.exe
IFEO\wininetd.exe: [Debugger] svchost.exe
IFEO\wininitx.exe: [Debugger] svchost.exe
IFEO\winlogin.exe: [Debugger] svchost.exe
IFEO\winmain.exe: [Debugger] svchost.exe
IFEO\winppr32.exe: [Debugger] svchost.exe
IFEO\winrecon.exe: [Debugger] svchost.exe
IFEO\winservn.exe: [Debugger] svchost.exe
IFEO\winssk32.exe: [Debugger] svchost.exe
IFEO\winstart.exe: [Debugger] svchost.exe
IFEO\winstart001.exe: [Debugger] svchost.exe
IFEO\wintsk32.exe: [Debugger] svchost.exe
IFEO\winupdate.exe: [Debugger] svchost.exe
IFEO\wkufind.exe: [Debugger] svchost.exe
IFEO\wnad.exe: [Debugger] svchost.exe
IFEO\wnt.exe: [Debugger] svchost.exe
IFEO\wradmin.exe: [Debugger] svchost.exe
IFEO\wrctrl.exe: [Debugger] svchost.exe
IFEO\wsbgate.exe: [Debugger] svchost.exe
IFEO\wscfxas.exe: [Debugger] svchost.exe
IFEO\wscfxav.exe: [Debugger] svchost.exe
IFEO\wscfxfw.exe: [Debugger] svchost.exe
IFEO\wsctool.exe: [Debugger] svchost.exe
IFEO\wupdater.exe: [Debugger] svchost.exe
IFEO\wupdt.exe: [Debugger] svchost.exe
IFEO\wyvernworksfirewall.exe: [Debugger] svchost.exe
IFEO\xpdeluxe.exe: [Debugger] svchost.exe
IFEO\xpf202en.exe: [Debugger] svchost.exe
IFEO\xp_antispyware.exe: [Debugger] svchost.exe
IFEO\zapro.exe: [Debugger] svchost.exe
IFEO\zapsetup3001.exe: [Debugger] svchost.exe
IFEO\zatutor.exe: [Debugger] svchost.exe
IFEO\zonalm2601.exe: [Debugger] svchost.exe
IFEO\zonealarm.exe: [Debugger] svchost.exe
IFEO\_avp32.exe: [Debugger] svchost.exe
IFEO\_avpcc.exe: [Debugger] svchost.exe
IFEO\_avpm.exe: [Debugger] svchost.exe
IFEO\~1.exe: [Debugger] svchost.exe
IFEO\~2.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1259048421-558062887-723359144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6BE4D4808E0FCE01
HKU\S-1-5-21-1259048421-558062887-723359144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0&ocid=iehp
HKU\S-1-5-21-1259048421-558062887-723359144-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKLM-x32 - Produtools Maps Toolbar - {575bddf5-790a-4d01-a37d-2863dec1c085} - C:\Users\VBD\AppData\LocalLow\Produtools_Maps\prxtbPro2.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-1259048421-558062887-723359144-1000 - (No Name) - {7adecf8a-e794-45d2-80a3-6659421966ab} - C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93SrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Search Assistant BHO -> {146decde-432d-45e9-a880-ec502dbc2df3} -> C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93SrcAs.dll (Mindspark)
BHO-x32: Produtools Maps Toolbar -> {575bddf5-790a-4d01-a37d-2863dec1c085} -> C:\Users\VBD\AppData\LocalLow\Produtools_Maps\prxtbPro2.dll (ClientConnect Ltd.)
BHO-x32: Toolbar BHO -> {5d289117-1db4-4f0b-8dda-177e7882aad8} -> C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93bar.dll (Mindspark)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - SuddenlyMusic - {2d7f763a-6a99-4397-a009-195a1df153fb} - C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93bar.dll (Mindspark)
Toolbar: HKU\S-1-5-21-1259048421-558062887-723359144-1000 -> No Name - {575BDDF5-790A-4D01-A37D-2863DEC1C085} -  No File
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} http://zone.msn.com/bingame/zpagames/ZPA_Backgammon.cab64162.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5C8DEBD0-11E6-4ED8-BD53-5254BEFC9944}: [NameServer] 31.168.224.100,5.135.12.56
Tcpip\..\Interfaces\{D34067C8-2C09-4520-947C-CFE766E8E20D}: [NameServer] 31.168.224.100,5.135.12.56
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1259048421-558062887-723359144-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VBD\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1259048421-558062887-723359144-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VBD\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]<script type="text/javascript"> /* */ </script>] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-11]
FF HKLM-x32\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF HKU\S-1-5-21-1259048421-558062887-723359144-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=M22E306B4-B966-4AF0-AF01-DC669E7ECFCC&SearchSource=55&CUI=&UM=6&UP=SP5EA0CF7B-EAE1-4D74-9704-38ABA7F98474&SSPV=2184TB_sp_ch
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=M22E306B4-B966-4AF0-AF01-DC669E7ECFCC&SearchSource=55&CUI=&UM=6&UP=SP5EA0CF7B-EAE1-4D74-9704-38ABA7F98474&SSPV=2184TB_sp_ch"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR Profile: C:\Users\VBD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\VBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-08]
CHR Extension: (Adblock Plus) - C:\Users\VBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-02-06]
CHR Extension: (mmgagnmbebdebebbcleklifnobamjonh) - C:\Users\VBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgagnmbebdebebbcleklifnobamjonh [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\VBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR StartMenuInternet: Google Chrome - C:\Users\VBD\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SuddenlyMusic_93Service; C:\Program Files (x86)\SuddenlyMusic_93\bar\1.bin\93barsvc.exe [90696 2014-09-08] (Mindspark)
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X]
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bcm44amd64; C:\Windows\System32\DRIVERS\b44amd64.sys [87552 2009-06-10] (Broadcom Corporation)
S3 L6PODHD5; C:\Windows\System32\Drivers\L6PODHD564.sys [772096 2011-11-30] (Line 6)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R1 wpnfd_1_10_0_2; C:\Windows\System32\drivers\wpnfd_1_10_0_2.sys [58240 2014-11-04] (Word Proser)
S3 cpuz134; \??\C:\Users\VBD\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-21 14:26 - 2014-11-21 14:26 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-21 14:26 - 2014-11-21 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-21 14:26 - 2014-11-21 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-21 14:26 - 2014-11-21 14:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-21 14:26 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 14:26 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 14:26 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-21 14:21 - 2014-11-21 14:42 - 00000000 ____D () C:\Users\VBD\Desktop\Farbar
2014-11-21 13:40 - 2014-11-21 13:40 - 00321848 _____ (Malwarebytes Corporation) C:\Users\VBD\Desktop\mbam-clean-2.1.1.1001.exe
2014-11-21 12:26 - 2014-11-21 12:26 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\VBD\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-21 11:24 - 2014-11-21 11:37 - 00000000 ____D () C:\AdwCleaner
2014-11-21 11:22 - 2014-11-21 11:23 - 02140160 _____ () C:\Users\VBD\Downloads\AdwCleaner.exe
2014-11-20 20:23 - 2014-11-20 20:23 - 00002972 _____ () C:\Windows\System32\Tasks\{D0A9E31C-23A8-4863-92B2-7632146796A7}
2014-11-20 20:23 - 2014-11-20 20:23 - 00002972 _____ () C:\Windows\System32\Tasks\{C0B24E15-D3CC-45D8-8773-6FC6C0215E68}
2014-11-20 20:22 - 2014-11-20 20:22 - 00002972 _____ () C:\Windows\System32\Tasks\{087528ED-95D5-43B9-BA0F-8F050623B026}
2014-11-20 20:21 - 2014-11-20 20:21 - 00002972 _____ () C:\Windows\System32\Tasks\{EE35AC91-D11A-46CB-957F-2CCA80D993AB}
2014-11-20 18:40 - 2014-11-20 18:40 - 00057742 _____ () C:\ProgramData\SMRResults430.dat
2014-11-20 17:41 - 2014-11-20 17:43 - 00000000 ____D () C:\NPE
2014-11-20 17:38 - 2014-11-20 18:37 - 00000000 ____D () C:\Users\VBD\AppData\Local\NPE
2014-11-20 17:38 - 2014-11-20 17:38 - 00000000 ____D () C:\ProgramData\Norton
2014-11-20 17:35 - 2014-11-20 17:35 - 03060320 ____N (Symantec Corporation) C:\Users\VBD\Downloads\NPE.exe
2014-11-20 17:07 - 2014-11-21 14:42 - 00000000 ____D () C:\FRST
2014-11-20 17:04 - 2014-11-20 17:04 - 02117632 _____ (Farbar) C:\Users\VBD\Downloads\FRST64 (1).exe
2014-11-20 15:01 - 2014-11-20 15:01 - 00321848 _____ (Malwarebytes Corporation) C:\Users\VBD\Downloads\mbam-clean-2.1.1.1001.exe
2014-11-20 14:53 - 2014-11-20 14:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\VBD\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-11-18 18:42 - 2014-11-18 18:42 - 00002972 _____ () C:\Windows\System32\Tasks\{967CF043-928D-42AC-8279-8E68FA3B0BB7}
2014-11-18 18:42 - 2014-11-18 18:42 - 00002972 _____ () C:\Windows\System32\Tasks\{63D40404-FDFA-4049-BAFC-0E232AC9B42D}
2014-11-18 18:41 - 2014-11-18 18:41 - 00002972 _____ () C:\Windows\System32\Tasks\{4170EE0C-CD41-414F-9338-012EE4F1FCA7}
2014-11-18 18:36 - 2014-11-18 18:37 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\VBD\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-18 17:36 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 17:36 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 17:36 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 17:36 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 14:13 - 2014-11-16 14:13 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-16 14:13 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-16 14:11 - 2014-11-16 14:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-16 14:11 - 2014-11-16 14:13 - 00000000 ____D () C:\Program Files\iTunes
2014-11-16 14:11 - 2014-11-16 14:11 - 00000000 ____D () C:\Program Files\iPod
2014-11-14 21:07 - 2014-11-14 21:07 - 00002972 _____ () C:\Windows\System32\Tasks\{7B094079-CB31-4FC2-AEF0-1CCB79A2B91A}
2014-11-14 21:06 - 2014-11-14 21:06 - 00002972 _____ () C:\Windows\System32\Tasks\{BC9CED83-AF4B-46A1-8421-6D1BCAB2EAEC}
2014-11-14 21:06 - 2014-11-14 21:06 - 00002972 _____ () C:\Windows\System32\Tasks\{04A00D4B-13BD-48DE-9C9E-09C70E12F460}
2014-11-14 21:05 - 2014-11-14 21:05 - 00002972 _____ () C:\Windows\System32\Tasks\{DDEB36B7-D4E2-4B12-A573-1E2A9BF8073B}
2014-11-14 14:02 - 2014-11-21 11:42 - 00000000 ____D () C:\Users\VBD\Desktop\malware
2014-11-12 19:31 - 2014-11-12 19:31 - 00000000 __SHD () C:\Users\VBD\AppData\Local\EmieBrowserModeList
2014-11-12 16:22 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 16:22 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 16:22 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 16:22 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 16:22 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 16:22 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 16:22 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 16:22 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 16:22 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 16:21 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 16:21 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 16:21 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 16:21 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 16:21 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 16:21 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 16:21 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 16:21 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 16:21 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 16:21 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 16:21 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 16:21 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 16:21 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 16:21 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 16:21 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 16:21 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 16:21 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 16:21 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 16:21 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 16:21 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 16:21 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 16:21 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 16:21 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 16:21 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 16:21 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 16:21 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 16:21 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 16:21 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 16:21 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 16:21 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 16:21 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 16:21 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 16:21 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 16:21 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 16:21 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 16:21 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 16:21 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 16:21 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 16:21 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 16:21 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 16:21 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 16:21 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 16:21 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 16:21 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 16:21 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 16:21 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 16:21 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 16:21 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 16:21 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 16:21 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 16:21 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 16:21 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 16:21 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 16:21 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 16:21 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 16:21 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 16:18 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 16:18 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 16:18 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 16:18 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 16:17 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 16:17 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 16:17 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 16:17 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 16:17 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 16:17 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 16:17 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 16:17 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 16:17 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 16:17 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 16:17 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 16:17 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 16:16 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 16:16 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 16:16 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 16:16 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 16:16 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 16:03 - 2014-11-12 16:03 - 00116992 _____ () C:\Windows\system32\ScanResults.xml
2014-11-12 15:42 - 2014-11-18 15:36 - 00184800 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-11-12 15:41 - 2014-11-12 15:41 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-11-07 13:02 - 2014-11-07 13:02 - 01490864 _____ (HQ ProV07.11) C:\Users\VBD\AppData\Roaming\SHERLM.exe
2014-11-07 12:56 - 2014-11-07 12:57 - 00000000 ____D () C:\Program Files (x86)\14987d53-2766-463d-a00c-01e349eabeae
2014-11-07 12:47 - 2014-11-20 18:40 - 00000000 ____D () C:\Windows\SysWOW64\MemoryProcessShareware
2014-11-07 12:43 - 2014-11-12 17:39 - 00000000 ___HD () C:\Users\Public\Temp
2014-11-07 12:36 - 2014-11-07 12:36 - 00000000 _____ () C:\Users\VBD\AppD
2014-11-04 13:55 - 2014-11-04 13:55 - 00058240 _____ (Word Proser) C:\Windows\system32\Drivers\wpnfd_1_10_0_2.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-21 14:34 - 2012-01-27 20:13 - 01595733 _____ () C:\Windows\WindowsUpdate.log
2014-11-21 13:59 - 2012-11-29 00:45 - 00000314 _____ () C:\Windows\Tasks\PrintProjects Communicator.job
2014-11-21 13:52 - 2012-02-06 23:17 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1259048421-558062887-723359144-1000UA.job
2014-11-21 13:50 - 2012-09-04 17:12 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-21 13:47 - 2009-07-14 00:13 - 00795870 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 13:46 - 2012-05-16 21:37 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-21 13:45 - 2012-12-05 14:57 - 00000000 ___RD () C:\Users\VBD\SkyDrive
2014-11-21 13:43 - 2012-09-04 17:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-21 13:42 - 2010-11-20 22:47 - 00122298 _____ () C:\Windows\PFRO.log
2014-11-21 13:42 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-21 13:42 - 2009-07-13 23:51 - 00065422 _____ () C:\Windows\setupact.log
2014-11-21 13:42 - 2009-07-13 23:45 - 00019488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-21 13:42 - 2009-07-13 23:45 - 00019488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-21 12:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-11-21 11:52 - 2012-05-16 23:02 - 00000000 ____D () C:\Users\VBD\AppData\Local\Research In Motion
2014-11-21 11:52 - 2012-05-16 21:18 - 00000000 ____D () C:\Program Files (x86)\Research In Motion
2014-11-21 11:51 - 2012-05-16 21:46 - 00002013 _____ () C:\Users\VBD\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-11-21 11:41 - 2012-02-08 17:26 - 00000000 ____D () C:\Users\VBD\AppData\Roaming\Skype
2014-11-20 20:00 - 2012-02-06 23:18 - 00002352 _____ () C:\Users\VBD\Desktop\Google Chrome.lnk
2014-11-20 15:52 - 2012-02-06 23:17 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1259048421-558062887-723359144-1000Core.job
2014-11-20 15:51 - 2012-03-11 17:32 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-11-18 18:29 - 2012-02-06 23:16 - 00072896 _____ () C:\Users\VBD\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-18 18:23 - 2009-07-13 23:45 - 00305792 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-18 17:49 - 2012-05-17 03:43 - 00000000 ____D () C:\ProgramData\Roxio
2014-11-18 13:09 - 2012-11-29 03:07 - 00000000 ___RD () C:\Users\VBD\Documents\teresaandbella
2014-11-16 20:13 - 2012-12-05 19:51 - 00000000 ___RD () C:\Users\VBD\Documents\mikeatteresa
2014-11-16 20:00 - 2013-02-20 20:40 - 00000000 ____D () C:\Users\VBD\Desktop\Audible
2014-11-16 19:54 - 2012-12-05 14:54 - 00000000 ____D () C:\Users\VBD\AppData\Local\Windows Live
2014-11-16 14:13 - 2014-10-19 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-16 14:13 - 2013-05-18 01:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-16 14:11 - 2012-02-16 00:18 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-12 19:30 - 2014-10-10 09:40 - 00000000 ____D () C:\Users\VBD\Documents\Business-in-a-Box Files
2014-11-12 19:30 - 2014-10-10 09:38 - 00000000 ____D () C:\Program Files (x86)\Business-in-a-Box
2014-11-12 18:33 - 2012-02-22 16:56 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:47 - 2012-02-06 23:17 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1259048421-558062887-723359144-1000UA
2014-11-12 15:47 - 2012-02-06 23:17 - 00003474 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1259048421-558062887-723359144-1000Core
2014-11-12 15:43 - 2012-05-16 21:37 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 15:42 - 2012-05-16 21:37 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:42 - 2012-02-21 19:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-07 13:16 - 2012-02-22 19:46 - 00000000 ____D () C:\Users\VBD\AppData\Local\Adobe
2014-11-07 12:58 - 2012-02-16 00:18 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-11-07 12:36 - 2012-01-27 21:51 - 00000000 ____D () C:\Users\VBD
2014-11-07 11:45 - 2012-09-04 17:12 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-07 11:44 - 2012-09-04 17:12 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Files to move or delete:
====================
C:\ProgramData\SMRResults430.dat
 
 
Some content of TEMP:
====================
C:\Users\VBD\AppData\Local\Temp\9jgdpmql.dll
C:\Users\VBD\AppData\Local\Temp\BackupSetup.exe
C:\Users\VBD\AppData\Local\Temp\bowvxdpf.dll
C:\Users\VBD\AppData\Local\Temp\bx23r8jh.dll
C:\Users\VBD\AppData\Local\Temp\croqpdlc.dll
C:\Users\VBD\AppData\Local\Temp\fh2syyd1.dll
C:\Users\VBD\AppData\Local\Temp\fmijqen0.dll
C:\Users\VBD\AppData\Local\Temp\fquo8uqz.dll
C:\Users\VBD\AppData\Local\Temp\hg44xwav.dll
C:\Users\VBD\AppData\Local\Temp\hhzdjc53.dll
C:\Users\VBD\AppData\Local\Temp\installhelper.dll
C:\Users\VBD\AppData\Local\Temp\jms0wlbb.dll
C:\Users\VBD\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\VBD\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\VBD\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\VBD\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\VBD\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\VBD\AppData\Local\Temp\L6GPInst.dll
C:\Users\VBD\AppData\Local\Temp\libProcessAccess642429599843186001770.dll
C:\Users\VBD\AppData\Local\Temp\libProcessAccess64651672183194748906.dll
C:\Users\VBD\AppData\Local\Temp\lwverm-k.dll
C:\Users\VBD\AppData\Local\Temp\mpwvwj3k.dll
C:\Users\VBD\AppData\Local\Temp\mssinstaller.exe
C:\Users\VBD\AppData\Local\Temp\Quarantine.exe
C:\Users\VBD\AppData\Local\Temp\rbslarbf.dll
C:\Users\VBD\AppData\Local\Temp\ReimagePackage.exe
C:\Users\VBD\AppData\Local\Temp\SCC.dll
C:\Users\VBD\AppData\Local\Temp\SkypeSetup.exe
C:\Users\VBD\AppData\Local\Temp\SlimCleanerPlus.x64.exe
C:\Users\VBD\AppData\Local\Temp\sqlite3.dll
C:\Users\VBD\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\VBD\AppData\Local\Temp\SymCCIS.dll
C:\Users\VBD\AppData\Local\Temp\sz-kgne0.dll
C:\Users\VBD\AppData\Local\Temp\tbedrs.dll
C:\Users\VBD\AppData\Local\Temp\TB_4CB0.exe
C:\Users\VBD\AppData\Local\Temp\vcredist_x64.exe
C:\Users\VBD\AppData\Local\Temp\Vuze_Installer.exe
C:\Users\VBD\AppData\Local\Temp\winzipdusetup_WZDU16_20130711.exe
C:\Users\VBD\AppData\Local\Temp\xammrayt.dll
C:\Users\VBD\AppData\Local\Temp\yu4ja2ru.dll
C:\Users\VBD\AppData\Local\Temp\zvz3rini.dll
C:\Users\VBD\AppData\Local\Temp\_1ozfdpd.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-21 12:45
 
==================== End Of Log ============================

Attached Files



#3 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:42 AM

Posted 26 November 2014 - 11:48 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

Please uninstall some programs:

  • Windows 7w7.png: Click on the hidden2.png button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

                                                                Snap.Do
                                     SuddenlyMusic Internet Explorer Toolbar
                                    Video Download Converter version 1.0.0.0



Step 2

Please download combofix.pngCombofix (by sUBs) and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.

Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:42 AM

Posted 29 November 2014 - 09:18 AM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:42 AM

Posted 01 December 2014 - 07:40 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users