Jump to content

Build Theme!
  •  
  • Infected?

Welcome Guest to What the Tech - Register now for FREE

We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)

Create an Account Login to Account


Photo

oyodomo removal


  • This topic is locked This topic is locked
22 replies to this topic

#1 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 18 March 2013 - 03:33 AM

Morning I was directed to this website after going on a norton forum, and i hope somebody can help me. I have a laptop which is running windows 7. however when i'm on the internet a pop up window regularly appears directing me to surveys and the window has odoyomo in the adress box. I have looked in the programs box on my control panel icon but cannot find the oyodomo programe to delete it. can anybody help me fix this or do i need to take it in to a shop to get fixed? thanks Paul

#2 mowman

mowman

    SuperMember

  • Malware Team
  • 2,669 posts

Posted 19 March 2013 - 05:58 AM

Hello,
Welcome to WhatTheTech. My name is mowman, and I will be helping you fix your problems.

If you do not make a reply in 3 days, we will have to close your topic.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the Options button at the top bar of this topic and Track this topic. The topics you are tracking can be found by clicking on My Topics at the top of any page.

Please take note of some guidelines for this fix:

•Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
•If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
•Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
•Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
Only attach them if requested or if they do not fit into the post





Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
      If suspicious objects are found select skip
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)












  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under Custom Scan paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  • You may need two posts to fit them both in.


#3 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 19 March 2013 - 02:28 PM

thanks for your help- just going to try carry out your instructions now paul

#4 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 19 March 2013 - 02:37 PM

i have carried out the following- Please download TDSSKiller.zip•Extract it to your desktop •Double click TDSSKiller.exe •Press Start Scan ◦Only if Malicious objects are found then ensure Cure is selected If suspicious objects are found select skip ◦Then click Continue > Reboot now •Copy and paste the log in your next reply ◦A copy of the log will be saved automatically to the root of the drive (typically C:\) but no malicious or suspicious objects were found- this is the report from the program also there was no option to continue but i restrted the laptop. 20:32:41.0095 5212 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:32:41.0267 5212 ============================================================ 20:32:41.0267 5212 Current date / time: 2013/03/19 20:32:41.0267 20:32:41.0267 5212 SystemInfo: 20:32:41.0267 5212 20:32:41.0267 5212 OS Version: 6.1.7601 ServicePack: 1.0 20:32:41.0267 5212 Product type: Workstation 20:32:41.0267 5212 ComputerName: DAVE-THE-LAPTOP 20:32:41.0267 5212 UserName: Home 20:32:41.0267 5212 Windows directory: C:\Windows 20:32:41.0267 5212 System windows directory: C:\Windows 20:32:41.0267 5212 Processor architecture: Intel x86 20:32:41.0267 5212 Number of processors: 2 20:32:41.0267 5212 Page size: 0x1000 20:32:41.0267 5212 Boot type: Normal boot 20:32:41.0267 5212 ============================================================ 20:32:42.0328 5212 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:32:42.0328 5212 ============================================================ 20:32:42.0328 5212 \Device\Harddisk0\DR0: 20:32:42.0328 5212 MBR partitions: 20:32:42.0328 5212 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4BFF0 20:32:42.0328 5212 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0 20:32:42.0328 5212 ============================================================ 20:32:42.0374 5212 C: <-> \Device\Harddisk0\DR0\Partition2 20:32:42.0406 5212 E: <-> \Device\Harddisk0\DR0\Partition1 20:32:42.0406 5212 ============================================================ 20:32:42.0406 5212 Initialize success 20:32:42.0406 5212 ============================================================ 20:32:56.0258 6352 ============================================================ 20:32:56.0258 6352 Scan started 20:32:56.0258 6352 Mode: Manual; 20:32:56.0258 6352 ============================================================ 20:32:57.0584 6352 ================ Scan system memory ======================== 20:32:57.0584 6352 System memory - ok 20:32:57.0584 6352 ================ Scan services ============================= 20:32:58.0427 6352 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:32:58.0427 6352 1394ohci - ok 20:32:58.0489 6352 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:32:58.0489 6352 ACPI - ok 20:32:58.0520 6352 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:32:58.0520 6352 AcpiPmi - ok 20:32:58.0708 6352 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:32:58.0708 6352 AdobeFlashPlayerUpdateSvc - ok 20:32:58.0817 6352 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 20:32:58.0817 6352 adp94xx - ok 20:32:58.0942 6352 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 20:32:58.0957 6352 adpahci - ok 20:32:58.0973 6352 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 20:32:58.0973 6352 adpu320 - ok 20:32:59.0066 6352 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:32:59.0066 6352 AeLookupSvc - ok 20:32:59.0285 6352 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe 20:32:59.0285 6352 AESTFilters - ok 20:32:59.0347 6352 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 20:32:59.0347 6352 AFD - ok 20:32:59.0378 6352 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 20:32:59.0378 6352 agp440 - ok 20:32:59.0488 6352 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 20:32:59.0488 6352 aic78xx - ok 20:32:59.0566 6352 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 20:32:59.0566 6352 ALG - ok 20:32:59.0644 6352 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 20:32:59.0644 6352 aliide - ok 20:32:59.0722 6352 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 20:32:59.0722 6352 amdagp - ok 20:32:59.0753 6352 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 20:32:59.0753 6352 amdide - ok 20:32:59.0815 6352 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 20:32:59.0831 6352 AmdK8 - ok 20:32:59.0846 6352 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 20:32:59.0846 6352 AmdPPM - ok 20:32:59.0893 6352 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:32:59.0893 6352 amdsata - ok 20:32:59.0924 6352 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 20:32:59.0924 6352 amdsbs - ok 20:32:59.0987 6352 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:32:59.0987 6352 amdxata - ok 20:33:00.0049 6352 [ CCF9CC50DDA86023626DE4CDA96A5934 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys 20:33:00.0049 6352 ApfiltrService - ok 20:33:00.0080 6352 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 20:33:00.0080 6352 AppID - ok 20:33:00.0174 6352 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:33:00.0174 6352 AppIDSvc - ok 20:33:00.0252 6352 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll 20:33:00.0252 6352 Appinfo - ok 20:33:00.0564 6352 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 20:33:00.0580 6352 Apple Mobile Device - ok 20:33:00.0736 6352 [ 69370F2E2827FFBA910D0BFA9E62E484 ] appliand C:\Windows\system32\DRIVERS\appliand.sys 20:33:00.0736 6352 appliand - ok 20:33:00.0767 6352 [ 69370F2E2827FFBA910D0BFA9E62E484 ] appliandMP C:\Windows\system32\DRIVERS\appliand.sys 20:33:00.0782 6352 appliandMP - ok 20:33:00.0860 6352 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 20:33:00.0860 6352 arc - ok 20:33:00.0876 6352 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 20:33:00.0876 6352 arcsas - ok 20:33:00.0907 6352 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:33:00.0907 6352 AsyncMac - ok 20:33:00.0954 6352 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 20:33:00.0954 6352 atapi - ok 20:33:01.0079 6352 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:33:01.0079 6352 AudioEndpointBuilder - ok 20:33:01.0094 6352 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:33:01.0094 6352 Audiosrv - ok 20:33:01.0188 6352 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:33:01.0204 6352 AxInstSV - ok 20:33:01.0360 6352 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 20:33:01.0360 6352 b06bdrv - ok 20:33:01.0406 6352 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 20:33:01.0406 6352 b57nd60x - ok 20:33:01.0531 6352 [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys 20:33:01.0547 6352 BCM43XX - ok 20:33:01.0750 6352 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 20:33:01.0750 6352 BDESVC - ok 20:33:01.0843 6352 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 20:33:01.0843 6352 Beep - ok 20:33:01.0937 6352 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 20:33:01.0952 6352 BFE - ok 20:33:02.0545 6352 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20130301.001\BHDrvx86.sys 20:33:02.0561 6352 BHDrvx86 - ok 20:33:02.0686 6352 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 20:33:02.0686 6352 BITS - ok 20:33:02.0717 6352 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:33:02.0717 6352 blbdrive - ok 20:33:03.0122 6352 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 20:33:03.0122 6352 Bonjour Service - ok 20:33:03.0310 6352 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:33:03.0310 6352 bowser - ok 20:33:03.0434 6352 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:33:03.0434 6352 BrFiltLo - ok 20:33:03.0512 6352 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:33:03.0512 6352 BrFiltUp - ok 20:33:03.0559 6352 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 20:33:03.0559 6352 BridgeMP - ok 20:33:04.0620 6352 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 20:33:04.0620 6352 Browser - ok 20:33:05.0119 6352 [ 9FCD0930616714A752F48DDBA54F3109 ] Browser Manager C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe 20:33:05.0135 6352 Browser Manager - ok 20:33:05.0166 6352 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:33:05.0166 6352 Brserid - ok 20:33:05.0228 6352 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:33:05.0244 6352 BrSerWdm - ok 20:33:05.0260 6352 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:33:05.0260 6352 BrUsbMdm - ok 20:33:05.0275 6352 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:33:05.0275 6352 BrUsbSer - ok 20:33:05.0353 6352 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 20:33:05.0353 6352 BthEnum - ok 20:33:05.0384 6352 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:33:05.0384 6352 BTHMODEM - ok 20:33:05.0416 6352 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 20:33:05.0416 6352 BthPan - ok 20:33:05.0478 6352 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 20:33:05.0478 6352 BTHPORT - ok 20:33:05.0588 6352 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 20:33:05.0588 6352 bthserv - ok 20:33:05.0635 6352 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 20:33:05.0635 6352 BTHUSB - ok 20:33:06.0165 6352 [ 8A7BE4B3E6DD4687CF849B70EBDBCFF0 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe 20:33:06.0197 6352 CarboniteService - ok 20:33:06.0368 6352 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360 C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys 20:33:06.0368 6352 ccSet_N360 - ok 20:33:06.0415 6352 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:33:06.0415 6352 cdfs - ok 20:33:06.0462 6352 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:33:06.0462 6352 cdrom - ok 20:33:06.0555 6352 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 20:33:06.0571 6352 CertPropSvc - ok 20:33:06.0649 6352 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 20:33:06.0649 6352 circlass - ok 20:33:06.0743 6352 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 20:33:06.0743 6352 CLFS - ok 20:33:07.0023 6352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:33:07.0039 6352 clr_optimization_v2.0.50727_32 - ok 20:33:07.0242 6352 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:33:07.0257 6352 clr_optimization_v4.0.30319_32 - ok 20:33:07.0335 6352 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:33:07.0335 6352 CmBatt - ok 20:33:07.0398 6352 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:33:07.0398 6352 cmdide - ok 20:33:07.0460 6352 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 20:33:07.0460 6352 CNG - ok 20:33:07.0538 6352 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:33:07.0538 6352 Compbatt - ok 20:33:07.0616 6352 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:33:07.0616 6352 CompositeBus - ok 20:33:07.0632 6352 COMSysApp - ok 20:33:07.0741 6352 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 20:33:07.0741 6352 crcdisk - ok 20:33:07.0975 6352 [ 63A7739AC9C1E38589B3EDB1DAEB9DF5 ] CronService C:\Prey\platform\windows\cronsvc.exe 20:33:07.0991 6352 CronService - ok 20:33:08.0037 6352 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:33:08.0037 6352 CryptSvc - ok 20:33:08.0147 6352 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 20:33:08.0147 6352 DcomLaunch - ok 20:33:08.0287 6352 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 20:33:08.0287 6352 defragsvc - ok 20:33:08.0443 6352 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:33:08.0443 6352 DfsC - ok 20:33:08.0583 6352 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:33:08.0583 6352 Dhcp - ok 20:33:08.0693 6352 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 20:33:08.0693 6352 discache - ok 20:33:08.0739 6352 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 20:33:08.0739 6352 Disk - ok 20:33:08.0802 6352 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:33:08.0802 6352 Dnscache - ok 20:33:08.0911 6352 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe 20:33:08.0911 6352 DockLoginService - ok 20:33:08.0989 6352 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 20:33:08.0989 6352 dot3svc - ok 20:33:09.0114 6352 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 20:33:09.0114 6352 DPS - ok 20:33:09.0207 6352 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:33:09.0207 6352 drmkaud - ok 20:33:09.0332 6352 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:33:09.0332 6352 DXGKrnl - ok 20:33:09.0457 6352 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 20:33:09.0457 6352 EapHost - ok 20:33:10.0112 6352 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 20:33:10.0143 6352 ebdrv - ok 20:33:10.0377 6352 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 20:33:10.0377 6352 eeCtrl - ok 20:33:10.0424 6352 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 20:33:10.0424 6352 EFS - ok 20:33:10.0830 6352 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:33:10.0830 6352 ehRecvr - ok 20:33:10.0923 6352 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 20:33:10.0923 6352 ehSched - ok 20:33:11.0048 6352 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 20:33:11.0064 6352 elxstor - ok 20:33:11.0126 6352 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 20:33:11.0126 6352 EraserUtilRebootDrv - ok 20:33:11.0157 6352 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:33:11.0157 6352 ErrDev - ok 20:33:11.0251 6352 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 20:33:11.0251 6352 EventSystem - ok 20:33:11.0282 6352 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 20:33:11.0282 6352 exfat - ok 20:33:11.0329 6352 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:33:11.0329 6352 fastfat - ok 20:33:11.0454 6352 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 20:33:11.0469 6352 Fax - ok 20:33:11.0563 6352 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:33:11.0563 6352 fdc - ok 20:33:11.0688 6352 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 20:33:11.0688 6352 fdPHost - ok 20:33:11.0719 6352 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 20:33:11.0719 6352 FDResPub - ok 20:33:11.0750 6352 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:33:11.0750 6352 FileInfo - ok 20:33:11.0844 6352 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:33:11.0844 6352 Filetrace - ok 20:33:11.0891 6352 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:33:11.0891 6352 flpydisk - ok 20:33:11.0937 6352 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:33:11.0937 6352 FltMgr - ok 20:33:11.0984 6352 [ 85E5AD3A9D56FD6F92DB5FC9CA62E2E4 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys 20:33:11.0984 6352 FlyUsb - ok 20:33:12.0062 6352 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll 20:33:12.0062 6352 FontCache - ok 20:33:12.0234 6352 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:33:12.0234 6352 FontCache3.0.0.0 - ok 20:33:12.0281 6352 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:33:12.0281 6352 FsDepends - ok 20:33:12.0327 6352 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 20:33:12.0327 6352 fssfltr - ok 20:33:12.0499 6352 [ 9B1622EBEB31B3411B13382FFCB8737D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 20:33:12.0499 6352 fsssvc - ok 20:33:12.0561 6352 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:33:12.0561 6352 Fs_Rec - ok 20:33:12.0733 6352 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:33:12.0749 6352 fvevol - ok 20:33:12.0827 6352 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 20:33:12.0827 6352 gagp30kx - ok 20:33:12.0889 6352 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:33:12.0889 6352 GEARAspiWDM - ok 20:33:13.0045 6352 [ 5CC2B1D06AC1962AF5FBBCF88D781DD8 ] GoToAssist C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe 20:33:13.0045 6352 GoToAssist - ok 20:33:13.0170 6352 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 20:33:13.0170 6352 gpsvc - ok 20:33:13.0263 6352 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 20:33:13.0279 6352 gupdate - ok 20:33:13.0279 6352 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 20:33:13.0279 6352 gupdatem - ok 20:33:13.0310 6352 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 20:33:13.0326 6352 gusvc - ok 20:33:13.0404 6352 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:33:13.0404 6352 hcw85cir - ok 20:33:13.0451 6352 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 20:33:13.0451 6352 HDAudBus - ok 20:33:13.0482 6352 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 20:33:13.0482 6352 HidBatt - ok 20:33:13.0513 6352 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 20:33:13.0513 6352 HidBth - ok 20:33:13.0560 6352 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 20:33:13.0560 6352 HidIr - ok 20:33:13.0638 6352 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll 20:33:13.0638 6352 hidserv - ok 20:33:13.0794 6352 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:33:13.0794 6352 HidUsb - ok 20:33:13.0887 6352 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:33:13.0887 6352 hkmsvc - ok 20:33:14.0028 6352 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:33:14.0028 6352 HomeGroupListener - ok 20:33:14.0137 6352 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:33:14.0137 6352 HomeGroupProvider - ok 20:33:14.0199 6352 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:33:14.0199 6352 HpSAMD - ok 20:33:14.0371 6352 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:33:14.0371 6352 HTTP - ok 20:33:14.0449 6352 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:33:14.0449 6352 hwpolicy - ok 20:33:14.0511 6352 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 20:33:14.0511 6352 i8042prt - ok 20:33:14.0714 6352 [ 7B96206E4BDD2FE582F0DBC46F5F410E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 20:33:14.0714 6352 IAANTMON - ok 20:33:14.0855 6352 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:33:14.0855 6352 iaStor - ok 20:33:14.0917 6352 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:33:14.0917 6352 iaStorV - ok 20:33:15.0104 6352 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:33:15.0120 6352 idsvc - ok 20:33:15.0525 6352 [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20130313.003\IDSvix86.sys 20:33:15.0525 6352 IDSVix86 - ok 20:33:15.0869 6352 [ 45D1A22C0E932768729DD422E175A448 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 20:33:15.0915 6352 igfx - ok 20:33:15.0993 6352 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 20:33:15.0993 6352 iirsp - ok 20:33:16.0118 6352 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 20:33:16.0118 6352 IKEEXT - ok 20:33:16.0165 6352 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 20:33:16.0165 6352 intelide - ok 20:33:16.0290 6352 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:33:16.0290 6352 intelppm - ok 20:33:16.0430 6352 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:33:16.0430 6352 IPBusEnum - ok 20:33:16.0555 6352 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:33:16.0555 6352 IpFilterDriver - ok 20:33:16.0617 6352 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:33:16.0617 6352 iphlpsvc - ok 20:33:16.0664 6352 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:33:16.0664 6352 IPMIDRV - ok 20:33:16.0758 6352 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:33:16.0758 6352 IPNAT - ok 20:33:16.0851 6352 [ 02682AE021F0FB92F5768B49776B8B5B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 20:33:16.0851 6352 iPod Service - ok 20:33:16.0945 6352 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:33:16.0945 6352 IRENUM - ok 20:33:16.0961 6352 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:33:16.0961 6352 isapnp - ok 20:33:17.0023 6352 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:33:17.0023 6352 iScsiPrt - ok 20:33:17.0070 6352 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:33:17.0070 6352 kbdclass - ok 20:33:17.0117 6352 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:33:17.0117 6352 kbdhid - ok 20:33:17.0132 6352 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 20:33:17.0132 6352 KeyIso - ok 20:33:17.0163 6352 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:33:17.0163 6352 KSecDD - ok 20:33:17.0179 6352 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:33:17.0179 6352 KSecPkg - ok 20:33:17.0288 6352 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 20:33:17.0288 6352 KtmRm - ok 20:33:17.0397 6352 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll 20:33:17.0397 6352 LanmanServer - ok 20:33:17.0475 6352 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:33:17.0491 6352 LanmanWorkstation - ok 20:33:17.0709 6352 [ 3C879D04BB6466E2853C3155B635CC45 ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe 20:33:17.0741 6352 LeapFrog Connect Device Service - ok 20:33:17.0897 6352 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:33:17.0897 6352 lltdio - ok 20:33:17.0959 6352 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:33:17.0959 6352 lltdsvc - ok 20:33:17.0990 6352 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 20:33:17.0990 6352 lmhosts - ok 20:33:18.0021 6352 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 20:33:18.0021 6352 LSI_FC - ok 20:33:18.0053 6352 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 20:33:18.0053 6352 LSI_SAS - ok 20:33:18.0068 6352 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:33:18.0068 6352 LSI_SAS2 - ok 20:33:18.0099 6352 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:33:18.0099 6352 LSI_SCSI - ok 20:33:18.0131 6352 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 20:33:18.0131 6352 luafv - ok 20:33:18.0193 6352 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:33:18.0193 6352 Mcx2Svc - ok 20:33:18.0224 6352 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 20:33:18.0224 6352 megasas - ok 20:33:18.0287 6352 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 20:33:18.0287 6352 MegaSR - ok 20:33:18.0427 6352 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 20:33:18.0427 6352 Microsoft Office Groove Audit Service - ok 20:33:18.0489 6352 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 20:33:18.0505 6352 MMCSS - ok 20:33:18.0521 6352 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 20:33:18.0521 6352 Modem - ok 20:33:18.0614 6352 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:33:18.0614 6352 monitor - ok 20:33:18.0739 6352 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:33:18.0739 6352 mouclass - ok 20:33:18.0770 6352 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:33:18.0770 6352 mouhid - ok 20:33:18.0833 6352 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:33:18.0833 6352 mountmgr - ok 20:33:18.0895 6352 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 20:33:18.0895 6352 mpio - ok 20:33:18.0926 6352 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:33:18.0926 6352 mpsdrv - ok 20:33:19.0098 6352 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:33:19.0113 6352 MpsSvc - ok 20:33:19.0207 6352 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS 20:33:19.0207 6352 MREMP50 - ok 20:33:19.0207 6352 MREMPR5 - ok 20:33:19.0223 6352 MRENDIS5 - ok 20:33:19.0254 6352 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS 20:33:19.0254 6352 MRESP50 - ok 20:33:19.0332 6352 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:33:19.0332 6352 MRxDAV - ok 20:33:19.0394 6352 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:33:19.0394 6352 mrxsmb - ok 20:33:19.0425 6352 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:33:19.0425 6352 mrxsmb10 - ok 20:33:19.0457 6352 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:33:19.0457 6352 mrxsmb20 - ok 20:33:19.0503 6352 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 20:33:19.0503 6352 msahci - ok 20:33:19.0550 6352 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:33:19.0550 6352 msdsm - ok 20:33:19.0597 6352 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 20:33:19.0613 6352 MSDTC - ok 20:33:19.0706 6352 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:33:19.0706 6352 Msfs - ok 20:33:19.0737 6352 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:33:19.0737 6352 mshidkmdf - ok 20:33:19.0753 6352 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:33:19.0753 6352 msisadrv - ok 20:33:19.0893 6352 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:33:19.0893 6352 MSiSCSI - ok 20:33:19.0909 6352 msiserver - ok 20:33:19.0971 6352 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:33:19.0971 6352 MSKSSRV - ok 20:33:20.0018 6352 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:33:20.0018 6352 MSPCLOCK - ok 20:33:20.0049 6352 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:33:20.0049 6352 MSPQM - ok 20:33:20.0081 6352 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:33:20.0081 6352 MsRPC - ok 20:33:20.0143 6352 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:33:20.0143 6352 mssmbios - ok 20:33:20.0174 6352 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:33:20.0174 6352 MSTEE - ok 20:33:20.0190 6352 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 20:33:20.0190 6352 MTConfig - ok 20:33:20.0237 6352 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 20:33:20.0252 6352 Mup - ok 20:33:20.0346 6352 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccSvcHst.exe 20:33:20.0361 6352 N360 - ok 20:33:20.0533 6352 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 20:33:20.0549 6352 napagent - ok 20:33:21.0079 6352 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:33:21.0079 6352 NativeWifiP - ok 20:33:21.0360 6352 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130316.006\NAVENG.SYS 20:33:21.0360 6352 NAVENG - ok 20:33:21.0453 6352 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130316.006\NAVEX15.SYS 20:33:21.0469 6352 NAVEX15 - ok 20:33:21.0563 6352 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:33:21.0563 6352 NDIS - ok 20:33:21.0703 6352 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:33:21.0703 6352 NdisCap - ok 20:33:21.0781 6352 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:33:21.0781 6352 NdisTapi - ok 20:33:21.0859 6352 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:33:21.0859 6352 Ndisuio - ok 20:33:21.0890 6352 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:33:21.0906 6352 NdisWan - ok 20:33:21.0984 6352 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:33:21.0984 6352 NDProxy - ok 20:33:22.0062 6352 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:33:22.0062 6352 NetBIOS - ok 20:33:22.0140 6352 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:33:22.0140 6352 NetBT - ok 20:33:22.0155 6352 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 20:33:22.0155 6352 Netlogon - ok 20:33:22.0249 6352 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 20:33:22.0249 6352 Netman - ok 20:33:22.0280 6352 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 20:33:22.0296 6352 netprofm - ok 20:33:22.0374 6352 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:33:22.0374 6352 NetTcpPortSharing - ok 20:33:22.0467 6352 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 20:33:22.0483 6352 nfrd960 - ok 20:33:22.0514 6352 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 20:33:22.0514 6352 NlaSvc - ok 20:33:22.0545 6352 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:33:22.0545 6352 Npfs - ok 20:33:22.0623 6352 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 20:33:22.0623 6352 nsi - ok 20:33:22.0733 6352 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:33:22.0733 6352 nsiproxy - ok 20:33:22.0857 6352 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:33:22.0873 6352 Ntfs - ok 20:33:22.0967 6352 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 20:33:22.0967 6352 Null - ok 20:33:23.0029 6352 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:33:23.0029 6352 nvraid - ok 20:33:23.0091 6352 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:33:23.0091 6352 nvstor - ok 20:33:23.0123 6352 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:33:23.0123 6352 nv_agp - ok 20:33:23.0232 6352 [ 2CF21D5F8F1B74BB1922135AC2B12DDB ] OA009Ufd C:\Windows\system32\DRIVERS\OA009Ufd.sys 20:33:23.0232 6352 OA009Ufd - ok 20:33:23.0263 6352 [ 636C6EE8BB6EC473B8FE221EFF77E0CC ] OA009Vid C:\Windows\system32\DRIVERS\OA009Vid.sys 20:33:23.0263 6352 OA009Vid - ok 20:33:23.0388 6352 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:33:23.0388 6352 odserv - ok 20:33:23.0450 6352 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:33:23.0450 6352 ohci1394 - ok 20:33:23.0481 6352 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:33:23.0481 6352 ose - ok 20:33:23.0559 6352 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:33:23.0559 6352 p2pimsvc - ok 20:33:23.0653 6352 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 20:33:23.0653 6352 p2psvc - ok 20:33:23.0778 6352 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:33:23.0778 6352 Parport - ok 20:33:23.0825 6352 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:33:23.0825 6352 partmgr - ok 20:33:23.0856 6352 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 20:33:23.0856 6352 Parvdm - ok 20:33:23.0934 6352 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:33:23.0934 6352 PcaSvc - ok 20:33:23.0996 6352 [ ACFF877F5C17B9360919919F10DD6072 ] pcCMService C:\Program Files\Common Files\Motive\pcCMService.exe 20:33:24.0012 6352 pcCMService - ok 20:33:24.0043 6352 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 20:33:24.0043 6352 pci - ok 20:33:24.0074 6352 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 20:33:24.0074 6352 pciide - ok 20:33:24.0121 6352 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:33:24.0121 6352 pcmcia - ok 20:33:24.0137 6352 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 20:33:24.0137 6352 pcw - ok 20:33:24.0183 6352 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:33:24.0199 6352 PEAUTH - ok 20:33:24.0324 6352 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 20:33:24.0339 6352 pla - ok 20:33:24.0386 6352 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:33:24.0386 6352 PlugPlay - ok 20:33:24.0449 6352 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:33:24.0449 6352 PNRPAutoReg - ok 20:33:24.0495 6352 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:33:24.0511 6352 PNRPsvc - ok 20:33:24.0542 6352 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:33:24.0542 6352 PolicyAgent - ok 20:33:24.0636 6352 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 20:33:24.0636 6352 Power - ok 20:33:24.0792 6352 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:33:24.0792 6352 PptpMiniport - ok 20:33:24.0870 6352 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 20:33:24.0870 6352 Processor - ok 20:33:24.0917 6352 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 20:33:24.0932 6352 ProfSvc - ok 20:33:24.0948 6352 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:33:24.0963 6352 ProtectedStorage - ok 20:33:25.0041 6352 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:33:25.0041 6352 Psched - ok 20:33:25.0088 6352 [ 03E0FE281823BA64B3782F5B38950E73 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 20:33:25.0088 6352 PxHelp20 - ok 20:33:25.0151 6352 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 20:33:25.0151 6352 ql2300 - ok 20:33:25.0182 6352 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 20:33:25.0182 6352 ql40xx - ok 20:33:25.0260 6352 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 20:33:25.0260 6352 QWAVE - ok 20:33:25.0291 6352 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:33:25.0291 6352 QWAVEdrv - ok 20:33:25.0322 6352 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:33:25.0322 6352 RasAcd - ok 20:33:25.0416 6352 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:33:25.0416 6352 RasAgileVpn - ok 20:33:25.0494 6352 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 20:33:25.0494 6352 RasAuto - ok 20:33:25.0509 6352 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:33:25.0525 6352 Rasl2tp - ok 20:33:25.0743 6352 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 20:33:25.0743 6352 RasMan - ok 20:33:25.0790 6352 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:33:25.0790 6352 RasPppoe - ok 20:33:25.0821 6352 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:33:25.0821 6352 RasSstp - ok 20:33:25.0899 6352 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:33:25.0899 6352 rdbss - ok 20:33:25.0977 6352 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:33:25.0977 6352 rdpbus - ok 20:33:26.0040 6352 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:33:26.0040 6352 RDPCDD - ok 20:33:26.0180 6352 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:33:26.0180 6352 RDPENCDD - ok 20:33:26.0196 6352 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:33:26.0196 6352 RDPREFMP - ok 20:33:26.0274 6352 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:33:26.0274 6352 RDPWD - ok 20:33:26.0414 6352 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:33:26.0414 6352 rdyboost - ok 20:33:26.0492 6352 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 20:33:26.0492 6352 RemoteAccess - ok 20:33:26.0570 6352 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:33:26.0570 6352 RemoteRegistry - ok 20:33:26.0617 6352 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 20:33:26.0617 6352 RFCOMM - ok 20:33:26.0664 6352 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys 20:33:26.0664 6352 RimUsb - ok 20:33:26.0789 6352 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys 20:33:26.0789 6352 RimVSerPort - ok 20:33:26.0867 6352 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 20:33:26.0867 6352 ROOTMODEM - ok 20:33:26.0960 6352 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:33:26.0960 6352 RpcEptMapper - ok 20:33:27.0038 6352 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 20:33:27.0038 6352 RpcLocator - ok 20:33:27.0069 6352 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 20:33:27.0085 6352 RpcSs - ok 20:33:27.0132 6352 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:33:27.0132 6352 rspndr - ok 20:33:27.0225 6352 [ D97D8259293B7A82CB891F37F997DF3F ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 20:33:27.0225 6352 RTSTOR - ok 20:33:27.0257 6352 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 20:33:27.0257 6352 SamSs - ok 20:33:27.0319 6352 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:33:27.0319 6352 sbp2port - ok 20:33:27.0366 6352 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:33:27.0366 6352 SCardSvr - ok 20:33:27.0413 6352 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:33:27.0413 6352 scfilter - ok 20:33:27.0491 6352 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 20:33:27.0506 6352 Schedule - ok 20:33:27.0569 6352 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 20:33:27.0569 6352 SCPolicySvc - ok 20:33:27.0647 6352 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:33:27.0662 6352 SDRSVC - ok 20:33:27.0849 6352 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 20:33:27.0849 6352 SeaPort - ok 20:33:27.0943 6352 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:33:27.0943 6352 secdrv - ok 20:33:28.0021 6352 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 20:33:28.0021 6352 seclogon - ok 20:33:28.0068 6352 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 20:33:28.0068 6352 SENS - ok 20:33:28.0161 6352 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:33:28.0161 6352 SensrSvc - ok 20:33:28.0224 6352 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:33:28.0239 6352 Serenum - ok 20:33:28.0255 6352 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:33:28.0271 6352 Serial - ok 20:33:28.0302 6352 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 20:33:28.0302 6352 sermouse - ok 20:33:28.0411 6352 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 20:33:28.0411 6352 SessionEnv - ok 20:33:28.0458 6352 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:33:28.0458 6352 sffdisk - ok 20:33:28.0473 6352 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:33:28.0473 6352 sffp_mmc - ok 20:33:28.0505 6352 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:33:28.0505 6352 sffp_sd - ok 20:33:28.0583 6352 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 20:33:28.0583 6352 sfloppy - ok 20:33:28.0770 6352 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:33:28.0770 6352 SharedAccess - ok 20:33:28.0848 6352 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:33:28.0848 6352 ShellHWDetection - ok 20:33:28.0879 6352 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 20:33:28.0879 6352 sisagp - ok 20:33:28.0957 6352 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:33:28.0957 6352 SiSRaid2 - ok 20:33:28.0973 6352 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 20:33:28.0973 6352 SiSRaid4 - ok 20:33:29.0019 6352 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:33:29.0019 6352 Smb - ok 20:33:29.0129 6352 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:33:29.0129 6352 SNMPTRAP - ok 20:33:29.0222 6352 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 20:33:29.0222 6352 spldr - ok 20:33:29.0269 6352 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 20:33:29.0269 6352 Spooler - ok 20:33:29.0425 6352 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 20:33:29.0456 6352 sppsvc - ok 20:33:29.0534 6352 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:33:29.0534 6352 sppuinotify - ok 20:33:29.0612 6352 [ 777115C9CC675BD98127660712D2F784 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe 20:33:29.0612 6352 sprtsvc_DellSupportCenter - ok 20:33:29.0799 6352 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS 20:33:29.0799 6352 SRTSP - ok 20:33:29.0831 6352 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS 20:33:29.0831 6352 SRTSPX - ok 20:33:29.0877 6352 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:33:29.0877 6352 srv - ok 20:33:29.0909 6352 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:33:29.0909 6352 srv2 - ok 20:33:29.0924 6352 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:33:29.0940 6352 srvnet - ok 20:33:30.0002 6352 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:33:30.0018 6352 SSDPSRV - ok 20:33:30.0033 6352 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:33:30.0033 6352 SstpSvc - ok 20:33:30.0252 6352 [ DDEB942850278D67EDC108D57F774BF8 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe 20:33:30.0252 6352 STacSV - ok 20:33:30.0314 6352 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 20:33:30.0314 6352 stexstor - ok 20:33:30.0439 6352 [ C4BE9C3AF8AF6F2E4CDD22FCABF77A1B ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys 20:33:30.0439 6352 STHDA - ok 20:33:30.0533 6352 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 20:33:30.0548 6352 StiSvc - ok 20:33:30.0626 6352 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 20:33:30.0626 6352 stllssvr - ok 20:33:30.0735 6352 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 20:33:30.0735 6352 swenum - ok 20:33:30.0829 6352 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 20:33:30.0829 6352 swprv - ok 20:33:30.0907 6352 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\Windows\system32\drivers\N360\0604010.00E\SYMDS.SYS 20:33:30.0907 6352 SymDS - ok 20:33:30.0954 6352 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\Windows\system32\drivers\N360\0604010.00E\SYMEFA.SYS 20:33:30.0969 6352 SymEFA - ok 20:33:31.0001 6352 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS 20:33:31.0001 6352 SymEvent - ok 20:33:31.0016 6352 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS 20:33:31.0032 6352 SymIRON - ok 20:33:31.0047 6352 [ 3EE215D6FE821E3EDF0F7134D9AE905A ] SymNetS C:\Windows\System32\Drivers\N360\0604010.00E\SYMNETS.SYS 20:33:31.0063 6352 SymNetS - ok 20:33:31.0141 6352 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 20:33:31.0157 6352 SysMain - ok 20:33:31.0235 6352 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:33:31.0235 6352 TabletInputService - ok 20:33:31.0328 6352 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 20:33:31.0328 6352 TapiSrv - ok 20:33:31.0484 6352 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 20:33:31.0484 6352 TBS - ok 20:33:31.0547 6352 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:33:31.0562 6352 Tcpip - ok 20:33:31.0625 6352 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:33:31.0625 6352 TCPIP6 - ok 20:33:31.0656 6352 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:33:31.0656 6352 tcpipreg - ok 20:33:31.0765 6352 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:33:31.0765 6352 TDPIPE - ok 20:33:31.0796 6352 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:33:31.0796 6352 TDTCP - ok 20:33:31.0874 6352 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:33:31.0874 6352 tdx - ok 20:33:31.0905 6352 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 20:33:31.0905 6352 TermDD - ok 20:33:31.0983 6352 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 20:33:31.0983 6352 TermService - ok 20:33:32.0061 6352 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 20:33:32.0061 6352 Themes - ok 20:33:32.0139 6352 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 20:33:32.0155 6352 THREADORDER - ok 20:33:32.0202 6352 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 20:33:32.0202 6352 TrkWks - ok 20:33:32.0295 6352 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:33:32.0295 6352 TrustedInstaller - ok 20:33:32.0373 6352 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:33:32.0373 6352 tssecsrv - ok 20:33:32.0451 6352 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:33:32.0451 6352 TsUsbFlt - ok 20:33:32.0483 6352 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:33:32.0483 6352 tunnel - ok 20:33:32.0561 6352 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 20:33:32.0561 6352 uagp35 - ok 20:33:32.0623 6352 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:33:32.0623 6352 udfs - ok 20:33:32.0685 6352 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:33:32.0685 6352 UI0Detect - ok 20:33:32.0732 6352 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:33:32.0732 6352 uliagpkx - ok 20:33:32.0873 6352 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 20:33:32.0873 6352 umbus - ok 20:33:32.0966 6352 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:33:32.0966 6352 UmPass - ok 20:33:33.0044 6352 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 20:33:33.0044 6352 upnphost - ok 20:33:33.0091 6352 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 20:33:33.0091 6352 USBAAPL - ok 20:33:33.0122 6352 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:33:33.0122 6352 usbccgp - ok 20:33:33.0153 6352 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:33:33.0153 6352 usbcir - ok 20:33:33.0185 6352 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:33:33.0185 6352 usbehci - ok 20:33:33.0231 6352 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:33:33.0231 6352 usbhub - ok 20:33:33.0263 6352 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:33:33.0263 6352 usbohci - ok 20:33:33.0341 6352 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:33:33.0341 6352 usbprint - ok 20:33:33.0372 6352 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 20:33:33.0372 6352 usbscan - ok 20:33:33.0403 6352 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:33:33.0403 6352 USBSTOR - ok 20:33:33.0434 6352 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:33:33.0434 6352 usbuhci - ok 20:33:33.0512 6352 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 20:33:33.0512 6352 UxSms - ok 20:33:33.0528 6352 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 20:33:33.0528 6352 VaultSvc - ok 20:33:33.0543 6352 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:33:33.0543 6352 vdrvroot - ok 20:33:33.0606 6352 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 20:33:33.0621 6352 vds - ok 20:33:33.0731 6352 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:33:33.0731 6352 vga - ok 20:33:33.0762 6352 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 20:33:33.0762 6352 VgaSave - ok 20:33:33.0793 6352 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:33:33.0793 6352 vhdmp - ok 20:33:33.0824 6352 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 20:33:33.0824 6352 viaagp - ok 20:33:33.0855 6352 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 20:33:33.0855 6352 ViaC7 - ok 20:33:33.0871 6352 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 20:33:33.0871 6352 viaide - ok 20:33:33.0965 6352 [ 622FCF264119F7DF127BE353F796B319 ] VideoDownloadConverter_4zService C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe 20:33:33.0965 6352 VideoDownloadConverter_4zService - ok 20:33:33.0980 6352 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:33:33.0980 6352 volmgr - ok 20:33:34.0058 6352 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:33:34.0058 6352 volmgrx - ok 20:33:34.0089 6352 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:33:34.0089 6352 volsnap - ok 20:33:34.0121 6352 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 20:33:34.0136 6352 vsmraid - ok 20:33:34.0214 6352 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 20:33:34.0230 6352 VSS - ok 20:33:34.0277 6352 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 20:33:34.0277 6352 vwifibus - ok 20:33:34.0292 6352 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 20:33:34.0308 6352 vwififlt - ok 20:33:34.0386 6352 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 20:33:34.0386 6352 vwifimp - ok 20:33:34.0479 6352 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 20:33:34.0479 6352 W32Time - ok 20:33:34.0557 6352 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 20:33:34.0557 6352 WacomPen - ok 20:33:34.0604 6352 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files\Wajam\Updater\WajamUpdater.exe 20:33:34.0604 6352 WajamUpdater - ok 20:33:34.0713 6352 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:33:34.0713 6352 WANARP - ok 20:33:34.0729 6352 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:33:34.0729 6352 Wanarpv6 - ok 20:33:34.0823 6352 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:33:34.0838 6352 WatAdminSvc - ok 20:33:34.0901 6352 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 20:33:34.0916 6352 wbengine - ok 20:33:34.0979 6352 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:33:34.0979 6352 WbioSrvc - ok 20:33:35.0025 6352 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:33:35.0041 6352 wcncsvc - ok 20:33:35.0057 6352 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:33:35.0057 6352 WcsPlugInService - ok 20:33:35.0103 6352 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 20:33:35.0103 6352 Wd - ok 20:33:35.0150 6352 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:33:35.0150 6352 Wdf01000 - ok 20:33:35.0166 6352 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:33:35.0181 6352 WdiServiceHost - ok 20:33:35.0181 6352 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:33:35.0181 6352 WdiSystemHost - ok 20:33:35.0259 6352 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 20:33:35.0275 6352 WebClient - ok 20:33:35.0322 6352 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:33:35.0337 6352 Wecsvc - ok 20:33:35.0353 6352 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:33:35.0353 6352 wercplsupport - ok 20:33:35.0384 6352 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 20:33:35.0384 6352 WerSvc - ok 20:33:35.0478 6352 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:33:35.0478 6352 WfpLwf - ok 20:33:35.0493 6352 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:33:35.0493 6352 WIMMount - ok 20:33:35.0634 6352 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 20:33:35.0649 6352 WinDefend - ok 20:33:35.0665 6352 WinHttpAutoProxySvc - ok 20:33:35.0868 6352 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:33:35.0868 6352 Winmgmt - ok 20:33:35.0946 6352 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 20:33:35.0961 6352 WinRM - ok 20:33:36.0008 6352 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:33:36.0024 6352 WinUsb - ok 20:33:36.0102 6352 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:33:36.0117 6352 Wlansvc - ok 20:33:36.0242 6352 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:33:36.0258 6352 wlidsvc - ok 20:33:36.0320 6352 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:33:36.0320 6352 WmiAcpi - ok 20:33:36.0414 6352 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:33:36.0414 6352 wmiApSrv - ok 20:33:36.0773 6352 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 20:33:36.0788 6352 WMPNetworkSvc - ok 20:33:36.0851 6352 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:33:36.0851 6352 WPCSvc - ok 20:33:36.0866 6352 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:33:36.0882 6352 WPDBusEnum - ok 20:33:37.0085 6352 WPFFontCache_v0400 - ok 20:33:37.0147 6352 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:33:37.0147 6352 ws2ifsl - ok 20:33:37.0209 6352 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll 20:33:37.0225 6352 wscsvc - ok 20:33:37.0225 6352 WSearch - ok 20:33:37.0303 6352 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 20:33:37.0319 6352 wuauserv - ok 20:33:37.0350 6352 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:33:37.0350 6352 WudfPf - ok 20:33:37.0381 6352 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:33:37.0397 6352 WUDFRd - ok 20:33:37.0412 6352 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:33:37.0412 6352 wudfsvc - ok 20:33:37.0490 6352 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:33:37.0506 6352 WwanSvc - ok 20:33:37.0584 6352 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys 20:33:37.0584 6352 yukonw7 - ok 20:33:37.0787 6352 [ 556B5CFE8D21B256ADD7F87D7F4B4123 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files\CyberLink\PowerDVD DX\000.fcl 20:33:37.0802 6352 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok 20:33:37.0818 6352 ================ Scan global =============================== 20:33:37.0911 6352 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 20:33:37.0974 6352 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 20:33:38.0005 6352 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 20:33:38.0083 6352 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 20:33:38.0161 6352 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 20:33:38.0177 6352 [Global] - ok 20:33:38.0177 6352 ================ Scan MBR ================================== 20:33:38.0192 6352 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:33:38.0504 6352 \Device\Harddisk0\DR0 - ok 20:33:38.0504 6352 ================ Scan VBR ================================== 20:33:38.0520 6352 [ 48AD86319115E9551501852BFCD4718B ] \Device\Harddisk0\DR0\Partition1 20:33:38.0520 6352 \Device\Harddisk0\DR0\Partition1 - ok 20:33:38.0535 6352 [ 644B3E4126470EA979C367E7F5F245C6 ] \Device\Harddisk0\DR0\Partition2 20:33:38.0535 6352 \Device\Harddisk0\DR0\Partition2 - ok 20:33:38.0535 6352 ============================================================ 20:33:38.0535 6352 Scan finished 20:33:38.0535 6352 ============================================================ 20:33:38.0551 6160 Detected object count: 0 20:33:38.0551 6160 Actual detected object count: 0

#5 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 19 March 2013 - 03:11 PM

OTL logfile created on: 19/03/2013 20:49:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.96 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.79% Memory free
5.92 Gb Paging File | 4.48 Gb Available in Paging File | 75.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 33.01 Gb Free Space | 24.57% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 7.65 Gb Free Space | 52.24% Space Free | Partition Type: NTFS

Computer Name: DAVE-THE-LAPTOP | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe (COMPANYVERS_NAME)
PRC - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
PRC - C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
PRC - C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
PRC - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\ProgramData\Wincert\win32prop.dll ()
MOD - C:\ProgramData\Wincert\win32cert.dll ()
MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
MOD - c:\ProgramData\Browser Manager\23787~1.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll ()
MOD - C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll ()


========== Services (SafeList) ==========

SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VideoDownloadConverter_4zService) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe (COMPANYVERS_NAME)
SRV - (pcCMService) -- C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (N360) -- C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ccSvcHst.exe (Symantec Corporation)
SRV - (WajamUpdater) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe (Wajam)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (CronService) -- C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130319.005\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130319.005\NAVENG.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20130301.001\BHDrvx86.sys (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20130316.001\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\N360\0604010.00E\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\N360\0604010.00E\srtspx.sys (Symantec Corporation)
DRV - (ccSet_N360) -- C:\Windows\System32\drivers\N360\0604010.00E\ccsetx86.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\System32\drivers\N360\0604010.00E\symefa.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SymNetS) -- C:\Windows\System32\drivers\N360\0604010.00E\symnets.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\System32\drivers\N360\0604010.00E\symds.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\System32\drivers\N360\0604010.00E\ironx86.sys (Symantec Corporation)
DRV - (FlyUsb) -- C:\Windows\System32\drivers\FlyUsb.sys (LeapFrog)
DRV - (appliandMP) -- C:\Windows\System32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (appliand) -- C:\Windows\System32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}) -- C:\Program Files\CyberLink\PowerDVD DX\000.fcl (CyberLink Corp.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (OA009Vid) -- C:\Windows\System32\drivers\OA009Vid.sys (Creative Technology Ltd.)
DRV - (OA009Ufd) -- C:\Windows\System32\drivers\OA009Ufd.sys (Creative Technology Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2415}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2415}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKLM\..\SearchScopes\{B37CE4E6-BB9E-49BD-AE33-B892496E9763}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...amp;FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000225fca2617
IE - HKCU\..\SearchScopes\{52727A5A-C7A7-4C34-9D2C-D255701901FF}: "URL" = http://www.google.co...q...erms}&meta=
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2415}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://uk.ask.com/we...&...d&qsrc=2869
IE - HKCU\..\SearchScopes\{B37CE4E6-BB9E-49BD-AE33-B892496E9763}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\IPSFFPlgn\ [2012/05/18 13:58:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\coFFPlgn\ [2013/03/19 20:42:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.4\FF [2012/06/14 19:38:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/10/12 12:09:06 | 000,000,000 | ---D | M]

[2012/08/18 15:24:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O2 - BHO: (Qwiklinx) - {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Users\Home\AppData\Roaming\Qwiklinx\Qwiklinx.dll (Qwiklinx, Inc.)
O2 - BHO: (Search-Results Toolbar) - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\Program Files\Searchqu Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll File not found
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\Program Files\Searchqu Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 File not found
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [SpeetItUpFree] "C:\Program Files\SpeedItup Free\speeditupfree.exe" File not found
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME)
O4 - HKCU..\Run: [FDPRO-516] C:\Program Files\Fighters\FighterLauncher.exe FDPRO File not found
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photob...?20120321062121 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} http://www.bebo.com/...ader.5.8.05.cab (Bebo Uploader Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16589F7B-1EB2-4692-8D9D-030C6C88F1FE}: DhcpNameServer = 192.168.1.254 192.168.1.254
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (俠⃐㫪ၩ�〫鴰䌯尺) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f5a10407-7f10-11e1-a068-00256442cbd3}\Shell - "" = AutoRun
O33 - MountPoints2\{f5a10407-7f10-11e1-a068-00256442cbd3}\Shell\AutoRun\command - "" = F:\KODAK_Camera_Setup_App.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/19 20:46:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/03/19 20:30:25 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\tdsskiller
[2013/03/17 17:23:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/17 17:18:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/17 17:17:59 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/03/12 21:48:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/12 21:48:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/12 21:48:05 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/12 21:48:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/12 21:48:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/12 21:48:04 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/12 21:48:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/12 21:48:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/27 20:51:06 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/02/27 20:50:55 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/02/27 20:50:50 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 20:50:50 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 20:50:49 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 20:50:48 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/02/27 20:50:48 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 20:50:48 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 20:50:48 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 20:50:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 20:50:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 20:50:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 20:50:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 20:50:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 20:50:47 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/02/27 20:50:47 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/02/27 20:50:47 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/02/27 20:50:47 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/02/27 20:50:47 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/02/27 20:50:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/02/27 20:50:46 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/02/27 20:50:46 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/02/27 20:50:46 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/02/27 20:50:46 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 20:50:45 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/02/26 18:11:45 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\back up feb2013
[2013/02/24 19:07:07 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\aimee bday
[2013/02/24 17:38:55 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\vlc
[2013/02/24 17:33:13 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\iLivid
[2013/02/20 19:43:44 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\facebook aimee bday
[2013/02/20 17:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/02/20 17:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/02/20 17:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/18 20:14:15 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/18 20:13:47 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/18 20:13:45 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/18 20:13:41 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/18 20:13:34 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/19 20:49:53 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 20:49:53 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 20:49:04 | 000,628,874 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/19 20:49:04 | 000,111,026 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/19 20:46:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2013/03/19 20:43:07 | 000,000,029 | ---- | M] () -- C:\Windows\System32\TempWmicBatchFile.bat
[2013/03/19 20:42:56 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/19 20:41:44 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/03/19 20:41:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/19 20:40:50 | 2386,317,312 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/19 20:29:46 | 002,218,636 | ---- | M] () -- C:\Users\Home\Desktop\tdsskiller.zip
[2013/03/17 17:20:20 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/17 16:59:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/16 20:05:49 | 000,000,000 | ---- | M] () -- C:\END
[2013/03/14 16:59:49 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/14 16:59:49 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/11 20:17:32 | 000,219,115 | ---- | M] () -- C:\Users\Home\Desktop\gnr_fcca4081634.jpg
[2013/03/11 20:17:07 | 000,055,687 | ---- | M] () -- C:\Users\Home\Desktop\Bupa-Great-North-Run480x102.jpg
[2013/03/11 20:14:14 | 000,036,100 | ---- | M] () -- C:\Users\Home\Desktop\Prostate_Cancer_UK__482.jpg
[2013/02/24 17:37:08 | 000,001,044 | ---- | M] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/02/24 17:37:08 | 000,001,042 | ---- | M] () -- C:\Users\Home\Desktop\iLivid.lnk
[2013/02/20 17:57:36 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/20 17:11:19 | 000,001,300 | ---- | M] () -- C:\Users\Public\Desktop\BT Desktop Help.lnk
[2013/02/19 21:04:55 | 000,418,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/19 20:29:37 | 002,218,636 | ---- | C] () -- C:\Users\Home\Desktop\tdsskiller.zip
[2013/03/11 20:17:54 | 000,219,115 | ---- | C] () -- C:\Users\Home\Desktop\gnr_fcca4081634.jpg
[2013/03/11 20:17:18 | 000,055,687 | ---- | C] () -- C:\Users\Home\Desktop\Bupa-Great-North-Run480x102.jpg
[2013/03/11 20:14:30 | 000,036,100 | ---- | C] () -- C:\Users\Home\Desktop\Prostate_Cancer_UK__482.jpg
[2013/02/26 20:16:33 | 001,602,344 | ---- | C] () -- C:\Users\Home\Desktop\33 Movie - the Magnificent 7 (Marlbo.m4r
[2013/02/26 20:15:20 | 001,024,795 | ---- | C] () -- C:\Users\Home\Desktop\4-07 Insomnia 1.m4r
[2013/02/26 20:14:16 | 000,941,989 | ---- | C] () -- C:\Users\Home\Desktop\The Verve - Bitter Sweet Symphony.m4r
[2013/02/24 17:37:08 | 000,001,050 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013/02/24 17:37:08 | 000,001,044 | ---- | C] () -- C:\Users\Home\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/02/24 17:37:08 | 000,001,042 | ---- | C] () -- C:\Users\Home\Desktop\iLivid.lnk
[2013/02/20 17:57:36 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/18 15:39:16 | 000,031,465 | ---- | C] () -- C:\Users\Home\AppData\Local\funmoods.crx
[2011/05/23 08:29:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/05/19 16:35:21 | 000,001,940 | ---- | C] () -- C:\Users\Home\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/08 20:49:02 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011/05/08 20:40:04 | 000,000,419 | ---- | C] () -- C:\Users\Home\AppData\Local\Win7_Upgrade.bat
[2011/05/08 20:10:26 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2011/05/08 20:10:25 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2011/05/08 20:10:24 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2011/05/08 20:10:00 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2011/05/08 18:11:18 | 000,001,548 | ---- | C] () -- C:\Users\Home\AppData\Local\Win7_tmp1.htm
[2011/05/08 16:53:12 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/08/13 13:47:11 | 000,763,904 | -HS- | C] () -- C:\Users\Home\ehthumbs_vista.db
[2009/08/09 14:40:44 | 000,000,354 | ---- | C] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/14 04:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 04:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 01:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/08/18 15:23:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Babylon
[2012/08/10 21:50:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Dropbox
[2012/08/20 15:27:36 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Fighters
[2011/09/19 15:23:58 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2012/08/18 16:21:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\HandBrake
[2012/06/14 19:39:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Qwiklinx
[2011/05/08 16:39:14 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Red Kawa
[2013/01/05 18:22:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Replay Media Catcher 4
[2012/04/19 09:49:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Research In Motion
[2011/05/08 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SMART Technologies
[2011/05/08 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SMART Technologies Inc
[2011/05/08 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012/05/09 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Tific

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2011/02/26 05:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 01:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 05:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 05:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 12:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 05:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 05:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 05:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 06:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 12:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 01:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 06:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 05:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 12:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 01:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >
[2009/07/14 04:53:46 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 04:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011/12/16 17:37:48 | 000,000,878 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/16 17:37:50 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/05 09:03:08 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/06/14 19:48:54 | 000,000,408 | ---- | C] () -- C:\Windows\Tasks\PC Optimizer Pro startups.job

< End of report >

#6 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 19 March 2013 - 03:12 PM

OTL Extras logfile created on: 19/03/2013 20:49:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.96 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.79% Memory free
5.92 Gb Paging File | 4.48 Gb Available in Paging File | 75.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 33.01 Gb Free Space | 24.57% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 7.65 Gb Free Space | 52.24% Space Free | Partition Type: NTFS

Computer Name: DAVE-THE-LAPTOP | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C75B1CF-76D6-40A8-8D47-C6C0D4F85C4A}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{1BBB7D72-A5D0-48B6-8080-B94BF23A1CCA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{42DDA699-B0C4-4BCB-881D-3ACD78AAF0A6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{47914AF0-9A2F-45B4-BC5E-EBF2A057F07C}" = lport=139 | protocol=6 | dir=in | app=system |
"{49D556A7-3491-4298-8DB1-86B369366521}" = rport=138 | protocol=17 | dir=out | app=system |
"{507FF0F7-0D1F-416A-A4DD-3DDA76CE55BE}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{6202B0AD-0B00-4EB3-88B6-7F736DA46EEC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{62B86B17-C42A-4DAB-9AEF-7310FD0F4C2A}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{6985D795-AEDE-4741-8562-213DF4F68A89}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8332B37A-3E3B-4184-B122-69E66D555FDD}" = lport=137 | protocol=17 | dir=in | app=system |
"{85DCE608-D11F-4FA1-A3EF-50AB5D0F085C}" = rport=139 | protocol=6 | dir=out | app=system |
"{8FEBBAD5-C5C7-4D18-8683-48FA200C1407}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{91C05B2A-51C6-402A-85F3-22C365EB82D9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9DF6A701-B7CD-4757-A2A5-B7AE30812EBB}" = rport=445 | protocol=6 | dir=out | app=system |
"{AC5CE2F5-E65F-4ADC-B7E6-874B44B4A828}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD6F321F-B73F-48EA-A2C9-F9D214160417}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D35C220B-AB8A-4DA1-8945-6FE49FC7EC8E}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC5BAD28-FB90-4A9C-9E3F-A0754237D9D7}" = lport=445 | protocol=6 | dir=in | app=system |
"{DCCE87BB-505B-4EEB-BB7F-D648DF1800D4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F91FC6DC-2B95-4F1A-A1D3-6120630DF774}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FCD0D9-43EE-49BF-A880-F007370F11C1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{089900B5-1B32-4D86-9567-118FCF886565}" = protocol=17 | dir=in | app=c:\users\home\appdata\roaming\dropbox\bin\dropbox.exe |
"{0D09FCAB-4939-4EE1-A20E-31FA722B35D4}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{0F50B04B-2A8A-467B-89BB-955013BDAB67}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{134B9651-0A5A-40DE-8F12-C5CE2E628539}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{195294DD-CFCD-41EE-8B39-CF36459F063D}" = protocol=6 | dir=in | app=c:\users\home\appdata\roaming\dropbox\bin\dropbox.exe |
"{247F948C-C3E8-4F1F-88A5-3F4FA1259A7E}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{38F22564-F6A7-4BC5-8C65-5FC191502881}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{3A9F39C4-AC4F-4EC3-9FA9-8BDD0BA42C8B}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{3C1125A5-C5BE-4EDA-946E-CDD8192DE156}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\srtool~1\dtuser.exe |
"{4635A578-9A55-4F79-B2DD-7B9DE5BD28EA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4E89A935-9AA1-4321-BF8D-7AD6DDF2E02E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EAFB5BB-7E6B-4DFA-BADD-B3DFACE08FB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{62AE737A-5F5C-4396-87FC-E0908E5781A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65265254-2962-441F-846E-AACE3428AAB6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6FAC4D4D-2AC6-4273-8225-185291A3F7E2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{72E0A1C0-97A9-4B69-A5B0-8C712854711A}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{7A231977-04DC-4A8B-BCBE-61EC8726F4CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{812723BE-2398-48F5-BA45-29FF17CAFE1C}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{9E5B0D79-CDAC-4272-9D6C-BBCC874696C2}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{A4DB3C69-1DEA-4E30-B39A-266D7ACCD896}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{A58C6876-E311-447B-A030-68D1AF2843D5}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\srtool~1\dtuser.exe |
"{A8270117-A350-4C80-9896-B1C0F1639822}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{AACD56D7-6570-492A-96A2-177611204A69}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{AFC455BA-91B0-49B2-B1E0-BAA7788BBFAE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B8DD2B00-886B-4F8E-B14D-E65D5BC1F418}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{BA09DBB1-B764-48A7-BC14-0776C10BB3C9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BFD60C5D-23D7-49E0-A84B-9DEA9B7518AE}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{C1A0538D-8250-4DF1-AC6C-2F4BC49FB89A}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{C5349B03-049E-4F50-A0D2-74978FB44161}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{CF487149-8D0E-497B-9621-A8EE5078BEE6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1F42DEC-1BC2-461F-9F97-3093300C6077}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D625BF54-D0F8-4B51-8339-42D526C15B3C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D7419090-7316-479D-A252-E99DA23EDD7C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7B7E586-D5E2-4EC0-8BCE-8886952A886C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D7D948CC-806D-4169-BA24-93892B67E6B2}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{E005A00D-6DC6-4F41-BE33-1B6B47837A8D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{F5F46F7A-C8AA-4D6F-8932-9D30CBACDF8D}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{FB4DAF42-6848-4BC0-AA1D-1CEB86BA34A6}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C1B233-D218-484B-8078-9375482C5608}" = LeapFrog Tag Plugin
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2437DF07-D3CB-4D85-8397-ED8AE9ED26D5}" = LeapFrog Tag Junior Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2E497885-E60B-420A-832D-0148B392E058}_is1" = Qwiklinx
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{47C6C88F-FA95-49C8-B57D-5C5F093738E1}" = iTunes
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6816248D-510A-45F8-AC79-24FF2C3A5D7F}" = LG Android Platform Drivers
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AviSynth" = AviSynth 2.5
"BearShare MediaBar" = MediaBar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"BT Desktop Help" = BT Desktop Help
"BTHomeHub" = BTHomeHub
"Carbonite Backup" = Carbonite
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"ENTERPRISER" = Microsoft Office Enterprise 2007
"GoToAssist" = GoToAssist Corporate
"HDMI" = Intel® Graphics Media Accelerator Driver
"iLivid" = iLivid
"koyotesofttoolbarnew" = Search-Results Toolbar
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360 Premier Edition
"Nike+ Connect" = Nike+ Connect
"PriceGong" = PriceGong 2.6.4
"Replay Media Catcher 4" = Replay Media Catcher 4 (4.4.5)
"TagJuniorPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"TVWiz" = Intel® TV Wizard
"UPCShell" = LeapFrog Connect
"VideoDownloadConverter_4zbar Uninstall" = VideoDownloadConverter Toolbar
"Wajam" = Wajam
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Video Converter" = Video Converter

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16/03/2013 15:48:41 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Common
Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe". Dependent Assembly
Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 16/03/2013 15:49:33 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog
connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17/03/2013 08:26:21 | Computer Name = Dave-the-laptop | Source = WinMgmt | ID = 10
Description =

Error - 17/03/2013 10:32:10 | Computer Name = Dave-the-laptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16470,
time stamp: 0x510c8801 Faulting module name: msxml3.dll, version: 8.110.7601.17857,
time stamp: 0x4fcee2f0 Exception code: 0xc0000005 Fault offset: 0x0000735b Faulting
process id: 0x2724 Faulting application start time: 0x01ce231449445348 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\System32\msxml3.dll
Report
Id: 7369b562-8f0f-11e2-8d59-00256442cbd3

Error - 17/03/2013 11:19:55 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 17/03/2013 11:19:59 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Research
In Motion\BlackBerry Desktop\MailServerMAPIProxy64.exe". Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17/03/2013 11:20:07 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Common
Files\Research In Motion\AppLoader\MailServerMAPIProxy64.exe". Dependent Assembly
Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17/03/2013 11:21:15 | Computer Name = Dave-the-laptop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog
connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 19/03/2013 16:24:16 | Computer Name = Dave-the-laptop | Source = WinMgmt | ID = 10
Description =

Error - 19/03/2013 16:42:58 | Computer Name = Dave-the-laptop | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 29/01/2011 12:05:58 | Computer Name = Dave-the-laptop | Source = WLAN-Tray | ID = 0
Description = 16:05:58, Sat, Jan 29, 11 Error - Unable to decode string, error 87


Error - 30/01/2011 10:55:11 | Computer Name = Dave-the-laptop | Source = WLAN-Tray | ID = 0
Description = 14:55:11, Sun, Jan 30, 11 Error - Unable to decode string, error 87


[ Media Center Events ]
Error - 29/03/2010 17:22:52 | Computer Name = Dave-the-laptop | Source = Mcx2Dvcs | ID = 401
Description =

Error - 13/08/2010 09:46:35 | Computer Name = Dave-the-laptop | Source = McrMgr | ID = 107
Description =

Error - 13/08/2010 09:46:50 | Computer Name = Dave-the-laptop | Source = McrMgr | ID = 107
Description =

Error - 13/08/2010 09:50:51 | Computer Name = Dave-the-laptop | Source = McrMgr | ID = 107
Description =

[ System Events ]
Error - 15/03/2013 16:06:15 | Computer Name = Dave-the-laptop | Source = DCOM | ID = 10010
Description =

Error - 16/03/2013 02:42:10 | Computer Name = Dave-the-laptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:11:50 PM on ?3/?15/?2013 was unexpected.

Error - 16/03/2013 18:02:29 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 16/03/2013 18:02:51 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 16/03/2013 18:02:54 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 17/03/2013 11:26:14 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 17/03/2013 11:26:18 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 17/03/2013 11:26:19 | Computer Name = Dave-the-laptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 17/03/2013 13:18:56 | Computer Name = Dave-the-laptop | Source = Service Control Manager | ID = 7031
Description = The Browser Manager service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 19/03/2013 16:24:49 | Computer Name = Dave-the-laptop | Source = DCOM | ID = 10010
Description =


< End of report >

#7 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 19 March 2013 - 03:13 PM

hope i have done everything correctly so far look forward to your reply paul

#8 mowman

mowman

    SuperMember

  • Malware Team
  • 2,669 posts

Posted 19 March 2013 - 04:58 PM

Please download AdwCleaner from here and save it to your desktop.
  • Right click on AdwCleaner.exe and click "Run as Administrator" to run the tool.
  • Click on Delete.
A logfile will automatically open after the scan has finished.

Please post the content of that logfile in your reply.

You can find the logfile at C:\AdwCleaner[Rn].txt as well - (n is the scan number.)









Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2



**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.
NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error

#9 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 20 March 2013 - 01:12 PM

# AdwCleaner v2.115 - Logfile created 03/20/2013 at 19:04:29 # Updated 17/03/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : Home - DAVE-THE-LAPTOP # Boot Mode : Normal # Running from : C:\Users\Home\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** Stopped & Deleted : Browser Manager Stopped & Deleted : VideoDownloadConverter_4zService Stopped & Deleted : WajamUpdater ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Searchqu Toolbar Deleted on reboot : C:\ProgramData\Browser Manager File Deleted : C:\END File Deleted : C:\user.js File Deleted : C:\Users\Home\AppData\Local\funmoods.crx File Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage File Deleted : C:\Users\Home\AppData\Local\Temp\Searchqu.ini File Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk File Deleted : C:\Users\Home\Desktop\iLivid.lnk Folder Deleted : C:\Program Files\DealPly Folder Deleted : C:\Program Files\PriceGong Folder Deleted : C:\Program Files\Qwiklinx Folder Deleted : C:\Program Files\VideoDownloadConverter_4z Folder Deleted : C:\Program Files\Wajam Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Folder Deleted : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Folder Deleted : C:\Users\Home\AppData\Local\Ilivid Folder Deleted : C:\Users\Home\AppData\Local\PackageAware Folder Deleted : C:\Users\Home\AppData\Local\Temp\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} Folder Deleted : C:\Users\Home\AppData\Local\Wajam Folder Deleted : C:\Users\Home\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Home\AppData\LocalLow\koyotesofttoolbarnew Folder Deleted : C:\Users\Home\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Home\AppData\Roaming\Babylon Folder Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager Folder Deleted : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Folder Deleted : C:\Users\Home\AppData\Roaming\Qwiklinx Folder Deleted : C:\Windows\system32\Browser Manager ***** [Registry] ***** Key Deleted : HKCU\Software\8558bdbb668b841 Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\BrowserMngr Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Qwiklinx Key Deleted : HKCU\Software\Wajam Key Deleted : HKLM\SOFTWARE\8558bdbb668b841 Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\BrowserMngr Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} Key Deleted : HKLM\SOFTWARE\Classes\f Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8} Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1 Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1 Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E497885-E60B-420A-832D-0148B392E058}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Key Deleted : HKLM\Software\SearchquSRTB Key Deleted : HKLM\Software\Tarma Installer Key Deleted : HKLM\Software\Wajam Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Key Deleted : HKU\S-1-5-21-1225344437-1281260598-898404793-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Registry is clean. ************************* AdwCleaner[S1].txt - [21823 octets] - [20/03/2013 19:04:29] ########## EOF - C:\AdwCleaner[S1].txt - [21884 octets] ##########

#10 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 20 March 2013 - 01:59 PM

ComboFix 13-03-20.02 - Home 20/03/2013 19:31:42.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3034.1839 [GMT 0:00] Running from: c:\users\Home\Desktop\ComboFix.exe AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\mcc1FD0.tmp c:\users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\mcc6622.tmp c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\addon.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\amazon_ie.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabUninstaller.exe c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DT.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\ebay_ie.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\facebook_ie.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\search_here_ie.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\twitter_ie.ico c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\wikipedia_ie.ico c:\users\Home\Favorites\ehthumbs_vista.db . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_DefaultTabUpdate -------\Service_DefaultTabUpdate . . ((((((((((((((((((((((((( Files Created from 2013-02-20 to 2013-03-20 ))))))))))))))))))))))))))))))) . . 2013-03-20 19:18 . 2013-03-20 19:18 -------- d-----w- c:\program files\Fighters 2013-03-20 19:17 . 2013-03-20 19:18 -------- d-----w- c:\program files\7-zip 2013-03-20 19:17 . 2013-03-20 19:18 -------- d-----w- c:\program files\Free Offers from Freeze.com 2013-03-20 19:17 . 2013-03-20 19:40 -------- d-----w- c:\users\Home\AppData\Roaming\DefaultTab 2013-03-20 19:17 . 2013-03-20 19:27 -------- d-----w- c:\program files\PC Optimizer Pro 2013-03-20 19:17 . 2013-03-20 19:48 -------- d-----w- c:\users\Home\AppData\Roaming\Yontoo 2013-03-20 19:17 . 2013-03-20 19:17 -------- d-----w- c:\program files\Yontoo 2013-03-20 19:17 . 2013-03-20 19:17 -------- d-----w- c:\programdata\Tarma Installer 2013-03-20 19:16 . 2013-03-20 19:16 -------- d-----w- c:\programdata\APN 2013-03-20 19:04 . 2013-03-20 19:05 147 ----a-w- c:\windows\DeleteOnReboot.bat 2013-02-27 20:51 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll 2013-02-24 17:38 . 2013-02-25 17:53 -------- d-----w- c:\users\Home\AppData\Roaming\vlc 2013-02-24 17:33 . 2013-03-20 19:04 -------- d-----w- c:\users\Home\AppData\Local\iLivid 2013-02-20 17:56 . 2013-02-20 17:57 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-02-20 17:56 . 2013-02-20 17:57 -------- d-----w- c:\program files\iTunes 2013-02-18 21:55 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-18 20:13 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-18 20:13 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-18 20:13 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-18 20:13 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-20 19:47 . 2011-02-28 20:59 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat 2013-03-14 16:59 . 2012-04-05 09:03 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-14 16:59 . 2011-12-16 17:37 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-12 04:48 . 2013-03-12 19:22 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-12 19:22 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-02 03:30 . 2013-03-12 21:48 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-02-02 03:26 . 2013-03-12 21:48 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-01-13 19:53 . 2013-02-27 20:50 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-01-13 19:43 . 2013-02-27 20:50 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll 2013-01-13 19:02 . 2013-02-27 20:50 417792 ----a-w- c:\windows\system32\WMPhoto.dll 2013-01-13 18:34 . 2013-02-27 20:50 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-01-13 17:26 . 2013-02-27 20:50 1158144 ----a-w- c:\windows\system32\XpsPrint.dll 2013-01-04 04:50 . 2013-02-18 20:13 169984 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 03:00 . 2013-02-18 20:14 2347008 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2012-08-29 13:51 1014344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2012-08-29 13:51 1014344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2012-08-29 13:51 1014344 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384] "Yontoo Desktop"="c:\users\Home\AppData\Roaming\Yontoo\YontooDesktop.exe" [2013-03-13 42784] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-31 483428] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-24 140520] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-07-13 150552] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-03-10 233472] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-07-13 141848] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640] "Nike+ Connect"="c:\program files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2012-11-27 70656] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448] "btbb_McciTrayApp"="c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe" [2012-11-23 2011824] "Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2012-08-29 1061960] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-18 152392] "CommonToolkitTray"="c:\program files\Fighters\Tray\FightersTray.exe" [2013-01-28 1425440] . c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2012-07-04 17:24 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\BROWSE~1\23787~1.43\{16CDF~1\browsemngr.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x] R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0604010.00E\SYMDS.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0604010.00E\SYMEFA.SYS [x] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20130301.001\BHDrvx86.sys [x] S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0604010.00E\ccSetx86.sys [x] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20130319.002\IDSvix86.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0604010.00E\Ironx86.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0604010.00E\SYMNETS.SYS [x] S2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2011/05/08 21:21];c:\program files\CyberLink\PowerDVD DX\000.fcl [x] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe [x] S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [x] S2 N360;Norton 360;c:\program files\Norton 360 Premier Edition\Engine\6.4.1.14\ccSvcHst.exe [x] S2 pcCMService;pcCMService;c:\program files\Common Files\Motive\pcCMService.exe [x] S2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\Yontoo\Y2Desktop.Updater.exe [x] S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [x] S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - SYMFW *Deregistered* - SYMNDISV . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . . Contents of the 'Scheduled Tasks' folder . 2013-03-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 16:59] . 2013-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-16 17:37] . 2013-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-16 17:37] . 2013-03-20 c:\windows\Tasks\PC Optimizer Pro Scan.job - c:\program files\PC Optimizer Pro\StartApps.exe [2013-03-05 06:58] . 2013-03-20 c:\windows\Tasks\PC Optimizer Pro startups.job - c:\program files\PC Optimizer Pro\StartApps.exe [2013-03-05 06:58] . 2013-03-20 c:\windows\Tasks\PC Optimizer Pro Updates.job - c:\program files\PC Optimizer Pro\StartApps.exe [2013-03-05 06:58] . 2013-03-20 c:\windows\Tasks\SLOW-PCfighter-Home-Notification.job - c:\program files\Fighters\SLOW-PCfighter\Sync.exe [2013-02-11 14:16] . 2013-03-20 c:\windows\Tasks\SLOW-PCfighter-Home-Startup.job - c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2013-02-11 14:16] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 192.168.1.254 DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120321062121 . - - - - ORPHANS REMOVED - - - - . BHO-{74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe HKCU-Run-FDPRO-516 - c:\program files\Fighters\FighterLauncher.exe HKLM-Run-Dell Webcam Central - c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe HKLM-Run-SpeetItUpFree - c:\program files\SpeedItup Free\speeditupfree.exe AddRemove-DefaultTab - c:\users\Home\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe AddRemove-Video Converter - c:\program files\VideoConverter\Uninstall\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\6.4.1.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\6.4.1.14\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD DX\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(5864) c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\system32\taskhost.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Carbonite\Carbonite Backup\carboniteservice.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\System32\rundll32.exe c:\windows\system32\conhost.exe c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\windows\system32\DllHost.exe c:\windows\system32\sppsvc.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Completion time: 2013-03-20 19:55:36 - machine was rebooted ComboFix-quarantined-files.txt 2013-03-20 19:55 . Pre-Run: 35,255,078,912 bytes free Post-Run: 34,906,423,296 bytes free . - - End Of File - - 88C1A9CBA063D4A28D9DD3405F7A93B5

#11 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 20 March 2013 - 02:00 PM

thanks for all your help- how is it looking now? paul

#12 mowman

mowman

    SuperMember

  • Malware Team
  • 2,669 posts

Posted 20 March 2013 - 07:14 PM

Looking better but still some crud on there.



Download and run Junkware Removal Tool

Posted Image Please download Junkware Removal Tool to your desktop.
  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
  • the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next message.









Next

ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.



  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is not checked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Back button.
  • Push Finish
http://www.eset.com/onlinescan/





Also tell me how the computer is running now.

#13 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 21 March 2013 - 02:58 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.7.2 (03.15.2013:1) OS: Windows 7 Home Premium x86 Ran by Home on 21/03/2013 at 20:46:56.43 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\commontoolkittray Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_current_user\software\default tab Successfully deleted: [Registry Key] hkey_local_machine\software\default tab Successfully deleted: [Registry Key] hkey_current_user\software\defaulttab Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\defaulttab Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\yontooieclient.dll Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api Successfully deleted: [Registry Key] hkey_local_machine\software\classes\yontooieclient.api.1 Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{2eecd738-5844-4a99-b4b6-146bf802613b} Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69} Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\fighters" Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\defaulttab" Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\fighters" Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\red kawa" Failed to delete: [Folder] "C:\Users\Home\AppData\Roaming\yontoo" Successfully deleted: [Folder] "C:\Users\Home\appdata\local\ilivid" Successfully deleted: [Folder] "C:\Program Files\fighters" Successfully deleted: [Folder] "C:\Program Files\free offers from freeze.com" Successfully deleted: [Folder] "C:\Program Files\searchqu toolbar" Failed to delete: [Folder] "C:\Program Files\yontoo" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21/03/2013 at 20:51:46.00 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#14 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 22 March 2013 - 12:30 AM

the eset scan is finished- did it overnight there were no threats found and no report to copy and paste paul

#15 pea69

pea69

    New Member

  • Authentic Member
  • Pip
  • 15 posts

Posted 22 March 2013 - 12:31 AM

computer is running fine- there hasnt been an odoyomo popup appear for a few days since i started folowing your instructions paul



Similar Topics: oyodomo removal     x


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users