jackdafrost

My apologies. I'm currently unable to access my PC. I was hospitalized Monday for cellulitus and am still (n the hospital.

I've uninstalled Google Chroms using Revo Uninstaller (Advanced Mode). The only thing it asked me was if I wanted to delete the browsing data. I checked the box to do so. Rebooted PC. Then downloaded and reinstalled Chrome. So far no redirects but I will keep watch. I have noticed that this redirect is random. I might go a day or so with no issues and all of a sudden when I click on a search result it redirects.

Thanks. Firefox does not appear to have redirects anymore. I searched Google a lot on IE and no redirects. However, Google Chrome still has that same redirect.

I think a better set of directions after opening notepad would be: File > Open, nagivate to where saved frst64 on flash drive, right click on frst64.exe, and click open. The way you described it opens an executable in notepad. That is, loads notepad with a bunch of unreadable text. Below is the FRST64 log. Scan result of Farbar Recovery Scan Tool Version: 16-07-2012 02 Ran by SYSTEM at 20-07-2012 01:19:50 Running from G:\ Windows Vista Home Premium Service Pack 1 (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [15853088 2008-10-12] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [82464 2008-10-12] (NVIDIA Corporation) HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [9569096 2012-03-11] (COMODO) HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation) HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4273976 2012-07-03] (AVAST Software) HKU\Default\...\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation) HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x] HKU\Default User\...\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1555968 2009-04-10] (Microsoft Corporation) HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x] HKU\Nick\...\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\Nick\...\Run: [cdloader] "C:\Users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK [50592 2012-02-01] (magicJack L.P.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 AppInit_DLLs: C:\Windows\System32\guard64.dll ==================== Services (Whitelisted) ====== 2 ABBYY.Licensing.FineReader.Corporate.10.0; "C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe" -service [814344 2009-12-18] (ABBYY) 2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-07-03] (AVAST Software) 2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [2815496 2012-03-11] (COMODO) 2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [70280 2012-05-03] (CHENGDU YIWO Tech Development Co., Ltd) 2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [24712 2012-05-03] (CHENGDU YIWO Tech Development Co., Ltd) 3 hpqcxs08; C:\Windows\System32\svchost.exe -k hpdevmgmt [27648 2008-01-20] (Microsoft Corporation) 3 hpqcxs08; C:\Windows\SysWow64\svchost.exe -k hpdevmgmt [21504 2008-01-20] (Microsoft Corporation) 2 hpqddsvc; C:\Windows\System32\svchost.exe -k hpdevmgmt [27648 2008-01-20] (Microsoft Corporation) 2 hpqddsvc; C:\Windows\SysWow64\svchost.exe -k hpdevmgmt [21504 2008-01-20] (Microsoft Corporation) 2 MsDepSvc; "C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe" -runService:MsDepSvc [67400 2011-04-01] (Microsoft Corporation) 2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation) 2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [58345832 2011-09-22] (Microsoft Corporation) 3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation) 2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) 4 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [431464 2011-09-22] (Microsoft Corporation) 3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [306400 2011-08-05] (Microsoft Corporation) 3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [8277728 2011-08-05] (Microsoft Corporation) 3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [467680 2011-08-05] (Microsoft Corporation) 3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" [x] ========================== Drivers (Whitelisted) ============= 3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2011-09-20] (Google Inc) 2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-07-03] (AVAST Software) 2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71064 2012-07-03] (AVAST Software) 1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [44272 2012-07-03] (AVAST Software) 1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [958400 2012-07-03] (AVAST Software) 1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [355856 2012-07-03] (AVAST Software) 1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [577824 2012-03-11] (COMODO) 1 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [42224 2012-03-11] (COMODO) 3 epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () 0 EUBAKUP; C:\Windows\System32\Drivers\EUBAKUP.sys [58504 2012-05-03] (CHENGDU YIWO Tech Development Co., Ltd) 0 EUBKMON; C:\Windows\System32\Drivers\EUBKMON.sys [48776 2012-05-03] () 1 EUDSKACS; C:\Windows\System32\Drivers\EUDSKACS.sys [19592 2012-05-03] (CHENGDU YIWO Tech Development Co., Ltd) 1 EUFDDISK; C:\Windows\System32\Drivers\EUFDDISK.sys [189576 2012-05-03] (CHENGDU YIWO Tech Development Co., Ltd) 3 EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () 1 inspect; C:\Windows\System32\Drivers\inspect.sys [93200 2012-03-11] (COMODO) 3 massfilter; C:\Windows\System32\Drivers\massfilter.sys [11776 2011-09-09] (MBB Incorporated) 3 massfilter_hs; C:\Windows\System32\Drivers\massfilter_hs.sys [18456 2011-09-20] (HandSet Incorporated) 2 NPF; C:\Windows\System32\Drivers\NPF.sys [35344 2010-06-25] (CACE Technologies, Inc.) 4 nvrd64; C:\Windows\System32\Drivers\nvrd64.sys [166944 2008-07-21] (NVIDIA Corporation) 3 Ps2; C:\Windows\System32\Drivers\Ps2.sys [21504 2006-09-07] () 3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) 3 zghsdiag; C:\Windows\System32\Drivers\zghsdiag.sys [129304 2011-09-20] (ZTE Incorporated) 1 Beep; [x] 3 catchme; \??\C:\ComboFix\catchme.sys [x] 3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x] 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\ENG64.SYS [x] 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\EX64.SYS [x] 3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x] 3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x] 3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [x] 1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x] 1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [x] 1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2012-07-20 01:19 - 2012-07-20 01:19 - 00000000 ____D C:\FRST 2012-07-19 22:01 - 2012-07-19 22:01 - 01437107 ____A (Farbar) C:\Users\Nick\Downloads\FRST64.exe 2012-07-18 22:44 - 2012-07-18 22:44 - 00000000 ____D C:\Program Files (x86)\ESET 2012-07-18 22:43 - 2012-07-18 22:43 - 02322184 ____A (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe 2012-07-18 19:59 - 2012-07-18 19:59 - 00000894 ____A C:\Users\Nick\Downloads\contacts.vcf 2012-07-18 18:11 - 2012-07-18 18:12 - 00001018 ____A C:\Windows\setupact.log 2012-07-18 18:11 - 2012-07-18 18:11 - 00000000 ____A C:\Windows\setuperr.log 2012-07-18 07:19 - 2012-07-18 07:22 - 00002494 ____A C:\Users\Nick\My Documents\carl.txt 2012-07-18 07:19 - 2012-07-18 07:22 - 00002494 ____A C:\Users\Nick\Documents\carl.txt 2012-07-17 03:26 - 2012-07-17 08:20 - 00001496 ____A C:\Users\Nick\My Documents\h.txt 2012-07-17 03:26 - 2012-07-17 08:20 - 00001496 ____A C:\Users\Nick\Documents\h.txt 2012-07-15 04:05 - 2012-07-15 04:05 - 00000000 ____D C:\_OTL 2012-07-14 13:31 - 2012-07-14 13:31 - 00076212 ____A C:\Users\Nick\Downloads\Extras.Txt 2012-07-14 13:29 - 2012-07-14 13:29 - 00116824 ____A C:\Users\Nick\Downloads\OTL.Txt 2012-07-14 13:18 - 2012-07-14 13:18 - 00596480 ____A (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe 2012-07-14 07:09 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-14 07:09 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-14 07:09 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-14 07:09 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-14 07:09 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-14 07:09 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-14 07:09 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-14 07:09 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-14 07:09 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-14 07:09 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-14 07:09 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-14 07:09 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-14 07:09 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-14 07:09 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-14 07:09 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-07-14 07:09 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-07-14 07:09 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-07-14 07:09 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-07-14 07:09 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-07-14 07:09 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-07-14 07:09 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-07-14 07:09 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-07-14 07:09 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-07-14 07:09 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-07-14 07:09 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-07-14 07:09 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-07-14 07:09 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-07-14 07:09 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-07-14 07:08 - 2012-06-13 05:58 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-14 07:00 - 2012-07-14 07:00 - 00001430 ____A C:\Windows\PFRO.log 2012-07-14 04:29 - 2012-07-14 04:29 - 00000000 ____D C:\Program Files (x86)\Oracle 2012-07-14 04:29 - 2012-07-14 04:28 - 00227824 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-07-14 04:28 - 2012-07-14 04:28 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-07-14 04:28 - 2012-07-14 04:28 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-07-14 04:27 - 2012-07-14 04:27 - 00000000 ____D C:\Users\All Users\McAfee 2012-07-14 04:27 - 2012-07-14 04:27 - 00000000 ____D C:\Users\All Users\Application Data\McAfee 2012-07-14 04:24 - 2012-07-14 04:24 - 00893936 ____A (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2012-07-13 10:56 - 2012-07-13 10:56 - 00021426 ____A C:\ComboFix.txt 2012-07-13 04:27 - 2012-07-13 10:37 - 00000000 ____D C:\Users\Nick\Downloads\Combofix 2012-07-13 03:34 - 2012-07-13 04:29 - 357432509 ____A C:\Users\Nick\Downloads\video(1).mkv 2012-07-12 04:29 - 2012-07-12 04:30 - 04731392 ____A (AVAST Software) C:\Users\Nick\Downloads\aswMBR(1).exe 2012-07-12 04:27 - 2012-07-12 04:27 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Nick\Downloads\tdsskiller(1).exe 2012-07-11 03:14 - 2012-07-11 03:14 - 00029438 ____A C:\Users\Nick\Downloads\sitemap.xml 2012-07-11 03:09 - 2012-07-11 03:09 - 00267674 ____A C:\Users\Nick\Downloads\com_xmap-1.2.14.zip 2012-07-11 02:42 - 2012-06-08 09:59 - 12899840 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-07-11 02:42 - 2012-06-08 09:47 - 11586048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-07-11 02:42 - 2012-06-05 08:47 - 01401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-07-11 02:42 - 2012-06-05 08:47 - 01248768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-07-11 02:42 - 2012-06-05 08:22 - 01869824 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-07-11 02:42 - 2012-06-05 08:22 - 01797120 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-07-11 02:42 - 2012-06-04 07:29 - 00516480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-07-11 02:42 - 2012-06-01 16:22 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-11 02:42 - 2012-06-01 16:22 - 00254464 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-11 02:42 - 2012-06-01 16:05 - 00077312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-07-11 02:42 - 2012-06-01 16:04 - 00278528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-07-11 02:42 - 2012-06-01 16:03 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-07-11 01:46 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe 2012-07-11 01:46 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe 2012-07-11 01:46 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe 2012-07-11 01:46 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe 2012-07-11 01:46 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe 2012-07-11 01:46 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe 2012-07-11 01:46 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe 2012-07-11 01:46 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe 2012-07-11 01:42 - 2012-07-13 10:56 - 00000000 ____D C:\Qoobox 2012-07-11 01:41 - 2012-07-11 02:06 - 00000000 ____D C:\Windows\erdnt 2012-07-10 23:35 - 2012-07-11 00:06 - 378465600 ____A C:\Users\Nick\Downloads\fr11pe.exe 2012-07-10 05:16 - 2012-07-10 05:16 - 00607260 ____R (Swearware) C:\Users\Nick\Downloads\dds(1).scr 2012-07-10 05:08 - 2012-07-10 05:08 - 00881475 ____A C:\Users\Nick\Downloads\SecurityCheck.exe 2012-07-10 05:07 - 2012-07-10 05:07 - 00050477 ____A C:\Users\Nick\Downloads\Defogger.exe 2012-07-10 05:07 - 2012-07-10 05:07 - 00000470 ____A C:\Users\Nick\defogger_disable.log 2012-07-10 05:07 - 2012-07-10 05:07 - 00000000 ____A C:\Users\Nick\defogger_reenable 2012-07-09 19:06 - 2012-07-09 19:50 - 00000000 ____A C:\Windows\SysWOW64\config.nt 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\Local Settings\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001787 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2012-07-09 19:06 - 2012-07-09 19:06 - 00001787 ____A C:\Users\All Users\Desktop\avast! Free Antivirus.lnk 2012-07-09 19:06 - 2012-07-03 08:21 - 00958400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2012-07-09 19:06 - 2012-07-03 08:21 - 00355856 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2012-07-09 19:06 - 2012-07-03 08:21 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe 2012-07-09 19:06 - 2012-07-03 08:21 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe 2012-07-09 19:06 - 2012-07-03 08:21 - 00071064 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys 2012-07-09 19:06 - 2012-07-03 08:21 - 00044272 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys 2012-07-09 19:06 - 2012-07-03 08:21 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr 2012-07-09 19:06 - 2012-07-03 08:21 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys 2012-07-09 19:05 - 2012-07-09 19:05 - 00000000 ____D C:\Users\All Users\AVAST Software 2012-07-09 19:05 - 2012-07-09 19:05 - 00000000 ____D C:\Users\All Users\Application Data\AVAST Software 2012-07-09 19:05 - 2012-07-09 19:05 - 00000000 ____D C:\Program Files\AVAST Software 2012-07-09 18:56 - 2012-07-09 19:04 - 89340632 ____A C:\Users\Nick\Downloads\avast_free_antivirus_setup.exe 2012-07-09 18:53 - 2012-07-09 18:53 - 00000000 ____D C:\Users\Nick\Downloads\RootkitRevealer 2012-07-09 18:52 - 2012-07-09 18:52 - 00231390 ____A C:\Users\Nick\Downloads\RootkitRevealer.zip 2012-07-09 18:50 - 2012-07-09 18:50 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Nick\Downloads\tdsskiller.exe 2012-07-09 18:13 - 2012-07-09 18:13 - 00607260 ____R (Swearware) C:\Users\Nick\Downloads\dds.scr 2012-07-09 17:57 - 2006-09-18 13:37 - 00000761 ____A C:\Windows\System32\Drivers\etc\hosts.20120709-205709.backup 2012-07-09 17:18 - 2012-07-09 17:18 - 00000000 ____D C:\Users\All Users\GFI Software 2012-07-09 17:18 - 2012-07-09 17:18 - 00000000 ____D C:\Users\All Users\Application Data\GFI Software 2012-07-09 14:23 - 2012-07-09 15:25 - 716484608 ____A C:\Users\Nick\Downloads\xubuntu-12.04-alternate-amd64.iso 2012-07-09 11:18 - 2012-07-09 11:19 - 04731392 ____A (AVAST Software) C:\Users\Nick\Downloads\aswMBR.exe 2012-07-09 11:14 - 2012-07-09 11:14 - 00001205 ____A C:\Users\Nick\Downloads\FixNCR.reg 2012-07-08 21:59 - 2012-07-08 22:00 - 06236280 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer(1).exe 2012-07-08 21:49 - 2012-07-08 21:49 - 00000012 ____A C:\Users\Nick\Downloads\FSSC.dat 2012-07-08 21:43 - 2012-07-08 21:43 - 06236280 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer.exe 2012-07-08 21:27 - 2012-07-09 16:02 - 00000000 ____D C:\sh4ldr 2012-07-08 21:27 - 2012-07-08 21:27 - 00000000 ____D C:\Program Files\Enigma Software Group 2012-07-08 21:26 - 2012-07-09 16:02 - 00000000 ____D C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-07-08 21:21 - 2012-07-14 06:49 - 00000293 ____A C:\Users\Nick\My Documents\bhspam.txt 2012-07-08 21:21 - 2012-07-14 06:49 - 00000293 ____A C:\Users\Nick\Documents\bhspam.txt 2012-07-08 16:30 - 2012-07-14 07:06 - 00000000 ____D C:\Users\Nick\Downloads\backups 2012-07-08 15:50 - 2012-07-09 18:06 - 00009353 ____A C:\Users\Nick\Downloads\hijackthis.log 2012-07-08 15:38 - 2012-07-08 15:38 - 00388608 ____A (Trend Micro Inc.) C:\Users\Nick\Downloads\HijackThis.exe 2012-07-08 06:43 - 2012-07-08 07:43 - 358405242 ____A C:\Users\Nick\Downloads\video.mkv 2012-07-08 04:01 - 2012-07-08 04:01 - 00670875 ____A C:\Users\Nick\Downloads\com_jcomments_v2.3.0.zip 2012-07-08 02:41 - 2012-07-08 02:41 - 00014239 ____A C:\Users\Nick\Downloads\mod_simplereset_v2.0.2.zip 2012-07-07 01:49 - 2012-07-07 01:49 - 00000000 ____D C:\Users\Nick\Downloads\mono-social-icons 2012-07-07 01:47 - 2012-07-07 01:48 - 20867007 ____A C:\Users\Nick\Downloads\mono-social-icons.zip 2012-07-06 16:33 - 2012-07-06 16:33 - 00039511 ____A C:\Users\Nick\Downloads\com_test-1.0.0.zip 2012-07-06 16:08 - 2012-07-06 16:08 - 02463779 ____A (HTMLKit.com ) C:\Users\Nick\Downloads\HKSetup.exe 2012-07-06 16:08 - 2012-07-06 16:08 - 00001067 ____A C:\Users\Public\Desktop\HTML-Kit.lnk 2012-07-06 16:08 - 2012-07-06 16:08 - 00001067 ____A C:\Users\All Users\Desktop\HTML-Kit.lnk 2012-07-06 16:08 - 2012-07-06 16:08 - 00000000 ____D C:\Program Files (x86)\Chami 2012-07-06 15:03 - 2009-11-06 05:15 - 00232448 ____A C:\libtidy.dll 2012-07-06 14:55 - 2009-11-06 05:15 - 00232448 ____A C:\Users\Nick\Downloads\libtidy.dll 2012-07-06 14:54 - 2012-07-06 14:54 - 00079219 ____A C:\Users\Nick\Downloads\libtidy.7z 2012-07-06 13:23 - 2012-07-06 13:23 - 00000018 ____A C:\Users\Nick\My Documents\hotard.txt 2012-07-06 13:23 - 2012-07-06 13:23 - 00000018 ____A C:\Users\Nick\Documents\hotard.txt 2012-07-05 19:50 - 2012-07-05 19:50 - 00612528 ____A C:\Users\Nick\Downloads\com_acesef_j25_basic.zip 2012-07-05 19:42 - 2012-07-05 19:42 - 00622771 ____A C:\Users\Nick\Downloads\com_acesef_j15_basic.zip 2012-07-05 18:44 - 2012-07-05 18:44 - 00002996 ____A C:\Users\Nick\Downloads\ext_acesef_jdownloads-free.zip 2012-07-05 11:38 - 2012-07-05 11:38 - 00938135 ____A C:\Users\Nick\Downloads\com_joomsef4-4.2.8.zip 2012-07-05 08:53 - 2012-07-05 08:53 - 01814569 ____A C:\Users\Nick\Downloads\com_jdownloads_1.9.0_stable_927.zip 2012-07-05 07:55 - 2012-07-05 07:55 - 00801967 ____A C:\Users\Nick\Downloads\com_phocadownload_v2.1.6.zip 2012-07-05 07:13 - 2012-07-05 07:13 - 00000000 ____D C:\Users\Nick\Downloads\Chronoforms_V4_RC3.4.1_J1.6 2012-07-05 05:54 - 2012-07-05 05:54 - 00598982 ____A C:\Users\Nick\Downloads\Chronoforms_V4_RC3.4.1_J1.6.zip 2012-07-05 05:11 - 2012-07-05 05:11 - 00177888 ____A C:\Users\Nick\Downloads\bizblue(1).zip 2012-07-05 05:11 - 2012-07-05 05:11 - 00000000 ____D C:\Users\Nick\Downloads\bizblue(1) 2012-07-04 23:45 - 2012-07-04 23:45 - 00498180 ____A C:\Users\Nick\Downloads\com_admintools-2.2.9-core.zip 2012-07-04 23:43 - 2012-07-04 23:43 - 00024453 ____A C:\Users\Nick\Downloads\admintools-en-GB-j15.zip 2012-07-04 23:38 - 2012-07-04 23:40 - 00000000 ____D C:\Users\Nick\Downloads\Joomla_1.5.0_to_1.5.26-Stable-Patch_Package 2012-07-04 23:38 - 2012-07-04 23:38 - 04266487 ____A C:\Users\Nick\Downloads\Joomla_1.5.0_to_1.5.26-Stable-Patch_Package.zip 2012-07-04 16:34 - 2012-07-04 16:34 - 00000000 ____D C:\Users\Nick\.idlerc 2012-07-04 16:31 - 2012-07-06 15:03 - 00000000 ____D C:\Python27 2012-07-04 16:20 - 2012-07-04 16:21 - 15867904 ____A C:\Users\Nick\Downloads\python-2.7.3.msi 2012-07-04 14:02 - 2012-07-04 14:02 - 00001547 ____A C:\Users\Nick\My Documents\jamie_sms.txt 2012-07-04 14:02 - 2012-07-04 14:02 - 00001547 ____A C:\Users\Nick\Documents\jamie_sms.txt 2012-07-04 13:23 - 2012-07-04 13:24 - 00000000 ____D C:\Users\Nick\Application Data\Wondershare 2012-07-04 13:23 - 2012-07-04 13:24 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Wondershare 2012-07-04 13:23 - 2012-07-04 13:23 - 00000000 ____D C:\Users\Nick\Local Settings\Wondershare 2012-07-04 13:23 - 2012-07-04 13:23 - 00000000 ____D C:\Users\Nick\Local Settings\Application Data\Wondershare 2012-07-04 13:23 - 2012-07-04 13:23 - 00000000 ____D C:\Users\Nick\AppData\Local\Wondershare 2012-07-04 13:23 - 2012-07-04 13:23 - 00000000 ____D C:\Program Files (x86)\Wondershare 2012-07-04 13:21 - 2012-07-04 13:22 - 19704432 ____A (Wondershare ) C:\Users\Nick\Downloads\mobilego_full818.exe 2012-07-04 13:21 - 2012-07-04 13:21 - 00000000 ____A C:\Users\Nick\Downloads\veryandroid-sms-backup.zip.crdownload 2012-07-02 04:47 - 2012-07-02 04:47 - 00000000 ____D C:\Users\Nick\Downloads\cakephp-cakephp-2.2.0-RC2-0-g3908f06 2012-07-02 04:46 - 2012-07-02 04:46 - 01853160 ____A C:\Users\Nick\Downloads\cakephp-cakephp-2.2.0-RC2-0-g3908f06.zip 2012-07-02 04:42 - 2012-07-02 04:42 - 00349477 ____A C:\Users\Nick\Downloads\cake_1.1.20.7692.zip 2012-07-02 04:41 - 2012-07-02 04:41 - 00000000 ____D C:\Users\Nick\Downloads\p4a-3.8.4 2012-07-02 04:40 - 2012-07-02 04:41 - 08147131 ____A C:\Users\Nick\Downloads\p4a-3.8.4.zip 2012-07-01 05:21 - 2012-07-01 05:22 - 00000000 ____D C:\Users\Nick\Downloads\plg_recaptcha 2012-07-01 05:19 - 2012-07-01 05:19 - 00006191 ____A C:\Users\Nick\Downloads\plg_recaptcha.8.tar.gz 2012-06-30 04:52 - 2012-06-30 04:54 - 00000550 ____A C:\Users\Nick\My Documents\recaptchamail.html 2012-06-30 04:52 - 2012-06-30 04:54 - 00000550 ____A C:\Users\Nick\Documents\recaptchamail.html 2012-06-26 14:13 - 2012-06-26 14:13 - 00000000 ____D C:\Users\Nick\Downloads\oxygen_gif 2012-06-26 14:09 - 2012-06-26 14:09 - 00000000 ____D C:\Users\Nick\Downloads\oxygen 2012-06-26 14:08 - 2012-06-26 14:08 - 00000000 ____D C:\Users\Nick\Downloads\pumpkin 2012-06-26 14:07 - 2012-06-26 14:07 - 00000000 ____D C:\Users\Nick\Downloads\starrating 2012-06-26 13:14 - 2012-06-26 13:14 - 00099188 ____A C:\Users\Nick\Downloads\pkg_itpmeta_v2.2-J1.6.zip 2012-06-26 13:14 - 2012-06-26 13:14 - 00000000 ____D C:\Users\Nick\Downloads\pkg_itpmeta_v2.2-J1.6 2012-06-26 13:09 - 2012-06-26 13:09 - 00004484 ____A C:\Users\Nick\Downloads\jostag_plugin_for_2.5.zip 2012-06-26 13:03 - 2012-06-26 13:03 - 00917701 ____A C:\Users\Nick\Downloads\com_joomsef4-4.2.7.zip 2012-06-26 11:20 - 2012-06-26 11:20 - 00199695 ____A C:\Users\Nick\Downloads\ForumPostAssistant-FPA-fpa-en-v1.2.0Beta-34-g902eed8.zip 2012-06-26 11:20 - 2012-06-26 11:20 - 00000000 ____D C:\Users\Nick\Downloads\ForumPostAssistant-FPA-fpa-en-v1.2.0Beta-34-g902eed8 2012-06-25 21:57 - 2012-06-25 21:57 - 00029761 ____A C:\Users\Nick\Downloads\plugin_jw_ts-v2.5_j1.5-2.5.zip 2012-06-25 21:20 - 2012-06-25 21:20 - 00509458 ____A C:\Users\Nick\Downloads\com_swmenufree7.2_J2.5.zip 2012-06-25 21:15 - 2012-07-05 02:45 - 00000000 ____D C:\Users\Nick\Downloads\bizblue 2012-06-25 21:06 - 2012-06-25 21:06 - 00106072 ____A C:\Users\Nick\Downloads\mtupgrade.zip 2012-06-25 21:01 - 2012-06-25 21:01 - 00365535 ____A C:\Users\Nick\Downloads\com_jupgrade-2.5.1.zip 2012-06-25 20:52 - 2012-06-25 20:52 - 00000000 ____D C:\Users\Nick\Downloads\bizglobal 2012-06-25 19:17 - 2012-07-09 15:11 - 00000000 ____D C:\Program Files (x86)\NetMake 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\Local Settings\dd_vcredistUI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI7D2A.txt 2012-06-25 19:09 - 2012-06-25 19:17 - 127714061 ____A C:\Users\Nick\Downloads\scriptcase_install_en_us_v6.0.022.exe 2012-06-25 15:27 - 2012-06-25 15:27 - 00000000 ____D C:\Users\Nick\My Documents\PHPMaker 2012-06-25 15:27 - 2012-06-25 15:27 - 00000000 ____D C:\Users\Nick\Documents\PHPMaker 2012-06-25 15:21 - 2012-06-25 15:21 - 00000000 ____D C:\Users\Nick\My Documents\CodeChargeStudio5 2012-06-25 15:21 - 2012-06-25 15:21 - 00000000 ____D C:\Users\Nick\Documents\CodeChargeStudio5 2012-06-25 15:20 - 2012-06-25 15:27 - 00000000 ____D C:\Users\Nick\Local Settings\CCS5 2012-06-25 15:20 - 2012-06-25 15:27 - 00000000 ____D C:\Users\Nick\Local Settings\Application Data\CCS5 2012-06-25 15:20 - 2012-06-25 15:27 - 00000000 ____D C:\Users\Nick\AppData\Local\CCS5 2012-06-25 15:11 - 2012-06-25 15:12 - 00000198 ____A C:\Windows\ODBC.INI 2012-06-25 15:10 - 2012-06-25 15:10 - 03908968 ____A (Thraex Software) C:\Users\Nick\Downloads\aiw.exe 2012-06-25 15:08 - 2012-06-25 15:08 - 00466944 ____A (WeOnlyDo! COM) C:\Windows\SysWOW64\wodSFTP.ocx 2012-06-25 15:00 - 2012-06-25 15:04 - 89166769 ____A C:\Users\Nick\Downloads\CCS_5.0.0.16254.exe 2012-06-25 14:33 - 2012-06-25 14:33 - 00000000 ____D C:\Program Files (x86)\Windows Script Control 2012-06-25 14:28 - 2012-06-25 14:29 - 25983805 ____A (e.World Technology Limited) C:\Users\Nick\Downloads\phpmkr.exe 2012-06-24 05:55 - 2012-06-24 05:55 - 00000000 ____D C:\Users\Nick\My Documents\Classified11php 2012-06-24 05:55 - 2012-06-24 05:55 - 00000000 ____D C:\Users\Nick\Documents\Classified11php 2012-06-24 05:53 - 2012-06-24 05:53 - 00000919 ____A C:\Users\Nick\Desktop\ASPRunner Professional 7.1.lnk 2012-06-24 05:53 - 2012-06-24 05:53 - 00000000 ____D C:\Program Files (x86)\ASPRunnerPro7.1 2012-06-24 05:51 - 2012-06-24 05:52 - 30256712 ____A (Xlinesoft.com ) C:\Users\Nick\Downloads\asprunnerpro-setup.exe 2012-06-24 03:50 - 2012-06-24 03:50 - 00020911 ____A C:\Users\Nick\Downloads\phpsim_beta1.tar.gz 2012-06-24 03:50 - 2012-06-24 03:50 - 00000000 ____D C:\Users\Nick\Downloads\phpsim_beta1 2012-06-24 03:43 - 2012-06-24 03:43 - 00000000 ____D C:\Users\Nick\Downloads\php-setup-wizard 2012-06-24 03:42 - 2012-06-24 03:42 - 00077829 ____A C:\Users\Nick\Downloads\php-setup-wizard.zip 2012-06-23 15:56 - 2012-06-23 15:56 - 00000000 ____D C:\Users\Nick\Local Settings\Macromedia 2012-06-23 15:56 - 2012-06-23 15:56 - 00000000 ____D C:\Users\Nick\Local Settings\Application Data\Macromedia 2012-06-23 15:56 - 2012-06-23 15:56 - 00000000 ____D C:\Users\Nick\AppData\Local\Macromedia 2012-06-23 15:25 - 2012-06-23 15:25 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell 2012-06-23 15:25 - 2012-06-23 15:25 - 00000000 ____D C:\Windows\System32\WindowsPowerShell 2012-06-23 00:37 - 2009-10-09 13:56 - 01181696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00246272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2012-06-23 00:37 - 2009-10-09 13:56 - 00241152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00214016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00040448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winrs.exe 2012-06-23 00:37 - 2009-10-09 13:56 - 00020480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winrshost.exe 2012-06-23 00:37 - 2009-10-09 13:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe 2012-06-23 00:37 - 2009-10-09 13:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winrssrv.dll 2012-06-23 00:37 - 2009-10-09 13:56 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winrsmgr.dll 2012-06-23 00:37 - 2009-10-09 13:55 - 00252416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2012-06-23 00:37 - 2009-10-09 13:55 - 00081408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll 2012-06-23 00:37 - 2009-10-09 13:55 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wecutil.exe 2012-06-23 00:37 - 2009-10-09 13:55 - 00056320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wecapi.dll 2012-06-23 00:37 - 2009-10-09 13:55 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll 2012-06-23 00:37 - 2009-10-09 13:36 - 02050048 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll 2012-06-23 00:37 - 2009-10-09 13:36 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\pwrshplugin.dll 2012-06-23 00:37 - 2009-10-09 13:35 - 00310272 ____A (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll 2012-06-23 00:37 - 2009-10-09 13:35 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\winrs.exe 2012-06-23 00:37 - 2009-10-09 13:35 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\winrshost.exe 2012-06-23 00:37 - 2009-10-09 13:35 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\wsmprovhost.exe 2012-06-23 00:37 - 2009-10-09 13:35 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wsmplpxy.dll 2012-06-23 00:37 - 2009-10-09 13:35 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\winrsmgr.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\winrscmd.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00352768 ____A (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00348672 ____A (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe 2012-06-23 00:37 - 2009-10-09 13:34 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\wecsvc.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00113152 ____A (Microsoft Corporation) C:\Windows\System32\wevtfwd.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00113152 ____A (Microsoft Corporation) C:\Windows\System32\wecutil.exe 2012-06-23 00:37 - 2009-10-09 13:34 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\wecapi.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\WsmRes.dll 2012-06-23 00:37 - 2009-10-09 13:34 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\winrssrv.dll 2012-06-23 00:37 - 2009-07-31 22:27 - 00201184 ____A C:\Windows\SysWOW64\winrm.vbs 2012-06-23 00:37 - 2009-07-31 22:27 - 00201184 ____A C:\Windows\System32\winrm.vbs 2012-06-23 00:37 - 2009-07-16 09:30 - 00004675 ____A C:\Windows\SysWOW64\wsmanconfig_schema.xml 2012-06-23 00:37 - 2009-07-16 09:30 - 00004675 ____A C:\Windows\System32\wsmanconfig_schema.xml 2012-06-23 00:37 - 2009-07-16 09:30 - 00002426 ____A C:\Windows\SysWOW64\WsmTxt.xsl 2012-06-23 00:37 - 2009-07-16 09:30 - 00002426 ____A C:\Windows\System32\WsmTxt.xsl 2012-06-23 00:33 - 2012-06-23 00:35 - 00000000 ____D C:\Program Files\Zune 2012-06-23 00:31 - 2009-09-10 07:27 - 00372736 ____A (Microsoft Corporation) C:\Windows\System32\unregmp2.exe 2012-06-23 00:31 - 2009-09-10 06:58 - 00310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe 2012-06-23 00:31 - 2009-07-27 07:09 - 01701888 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2012-06-23 00:31 - 2009-07-27 07:00 - 01547776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2012-06-23 00:30 - 2011-04-12 08:15 - 01210880 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2012-06-23 00:30 - 2011-04-12 08:11 - 00859648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2012-06-23 00:30 - 2011-02-22 06:47 - 00479744 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2012-06-23 00:30 - 2011-02-22 06:13 - 00288768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2012-06-23 00:30 - 2011-02-22 05:53 - 01149440 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2012-06-23 00:29 - 2011-06-15 08:16 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll 2012-06-23 00:29 - 2011-06-15 08:12 - 00182784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll 2012-06-23 00:29 - 2010-01-25 04:10 - 00539136 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll 2012-06-23 00:29 - 2010-01-25 04:10 - 00538624 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll 2012-06-23 00:29 - 2010-01-25 04:10 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll 2012-06-23 00:29 - 2010-01-25 04:10 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll 2012-06-23 00:29 - 2010-01-25 04:08 - 00460288 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll 2012-06-23 00:29 - 2010-01-25 04:00 - 00471552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2012-06-23 00:29 - 2010-01-25 04:00 - 00471552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2012-06-23 00:29 - 2010-01-25 04:00 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2012-06-23 00:29 - 2010-01-25 04:00 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2012-06-23 00:29 - 2010-01-25 03:58 - 00332288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2012-06-23 00:29 - 2010-01-25 00:29 - 00600576 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe 2012-06-23 00:29 - 2010-01-25 00:29 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe 2012-06-23 00:29 - 2010-01-25 00:29 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe 2012-06-23 00:29 - 2010-01-25 00:29 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe 2012-06-23 00:29 - 2010-01-25 00:21 - 00526336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2012-06-23 00:29 - 2010-01-25 00:21 - 00518144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2012-06-23 00:29 - 2010-01-25 00:21 - 00347136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2012-06-23 00:29 - 2010-01-25 00:21 - 00346624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2012-06-23 00:29 - 2009-10-23 09:30 - 00880640 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl 2012-06-23 00:29 - 2009-10-23 09:10 - 00714240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl 2012-06-23 00:28 - 2012-04-23 08:25 - 01267200 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-06-23 00:28 - 2012-04-23 08:25 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-06-23 00:28 - 2012-04-23 08:25 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-06-23 00:28 - 2012-04-23 08:00 - 00984064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2012-06-23 00:28 - 2012-04-23 08:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2012-06-23 00:28 - 2012-04-23 08:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2012-06-23 00:28 - 2011-03-03 07:59 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Apphlpdm.dll 2012-06-23 00:28 - 2011-03-03 07:40 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Apphlpdm.dll 2012-06-23 00:28 - 2011-03-03 06:00 - 04240384 ____A (Microsoft) C:\Windows\System32\GameUXLegacyGDFs.dll 2012-06-23 00:28 - 2011-03-03 05:35 - 04240384 ____A (Microsoft) C:\Windows\SysWOW64\GameUXLegacyGDFs.dll 2012-06-23 00:28 - 2010-08-26 09:42 - 01927680 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll 2012-06-23 00:28 - 2010-08-26 08:34 - 01696256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2012-06-23 00:24 - 2011-03-12 14:52 - 01653760 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2012-06-23 00:24 - 2011-03-12 13:55 - 00876032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2012-06-23 00:15 - 2012-06-23 00:15 - 00104672 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\VWD11AzurePack_RC.3f.3f.3fnew.exe 2012-06-22 23:53 - 2012-06-22 23:53 - 00000000 ____D C:\Users\Nick\Local Settings\Application Data\{3485212A-AB11-4E82-8BD9-8EA490C38DAB} 2012-06-22 23:53 - 2012-06-22 23:53 - 00000000 ____D C:\Users\Nick\Local Settings\{3485212A-AB11-4E82-8BD9-8EA490C38DAB} 2012-06-22 23:53 - 2012-06-22 23:53 - 00000000 ____D C:\Users\Nick\AppData\Local\{3485212A-AB11-4E82-8BD9-8EA490C38DAB} 2012-06-22 22:41 - 2012-06-22 22:41 - 02344960 ____A C:\Users\Nick\Downloads\kdewin-installer-gui-latest.exe 2012-06-20 19:37 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-20 19:37 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-20 19:37 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-20 19:37 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-20 19:36 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-20 19:36 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2012-06-20 19:36 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-20 19:36 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2012-06-20 19:36 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-20 19:36 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2012-06-20 19:36 - 2012-06-02 12:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-20 19:36 - 2012-06-02 12:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2012-06-20 19:36 - 2012-06-02 12:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-20 19:36 - 2012-06-02 12:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2012-06-20 06:02 - 2012-06-20 06:19 - 00001467 ____A C:\Users\Nick\My Documents\nubuilder errors.txt 2012-06-20 06:02 - 2012-06-20 06:19 - 00001467 ____A C:\Users\Nick\Documents\nubuilder errors.txt 2012-06-20 05:54 - 2012-06-20 05:54 - 04472121 ____A (CamStudio Open Source Dev Team ) C:\Users\Nick\Downloads\CamStudio_Setup_v2.6b_r294_(build_24Oct2010).exe 2012-06-20 05:54 - 2012-06-20 05:54 - 00000816 ____A C:\Users\Public\Desktop\CamStudio-Recorder.lnk 2012-06-20 05:54 - 2012-06-20 05:54 - 00000816 ____A C:\Users\All Users\Desktop\CamStudio-Recorder.lnk 2012-06-20 05:54 - 2012-06-20 05:54 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.6b 2012-06-20 05:54 - 2010-10-23 21:56 - 00049664 ____A (CamStudio Group) C:\Windows\System32\CamCodec.dll 2012-06-20 04:44 - 2012-06-20 04:44 - 00000000 ____D C:\Users\Nick\Downloads\nubuilder-12.06.05 2012-06-20 04:42 - 2012-06-20 04:43 - 22792488 ____A C:\Users\Nick\Downloads\nubuilder-12.06.05.zip ============ 3 Months Modified Files ======================== 2012-07-19 22:13 - 2011-04-15 00:06 - 01425264 ____A C:\Windows\WindowsUpdate.log 2012-07-19 22:13 - 2011-04-15 00:06 - 00000012 ____A C:\Windows\bthservsdp.dat 2012-07-19 22:13 - 2006-11-02 07:42 - 00032628 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2012-07-19 22:13 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-07-19 22:13 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2012-07-19 22:13 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2012-07-19 22:09 - 2006-11-02 04:46 - 00878198 ____A C:\Windows\System32\PerfStringBackup.INI 2012-07-19 22:01 - 2012-07-19 22:01 - 01437107 ____A (Farbar) C:\Users\Nick\Downloads\FRST64.exe 2012-07-18 22:43 - 2012-07-18 22:43 - 02322184 ____A (ESET) C:\Users\Nick\Downloads\esetsmartinstaller_enu.exe 2012-07-18 20:11 - 2011-04-14 22:47 - 00083456 ____A C:\Users\Nick\Local Settings\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-18 20:11 - 2011-04-14 22:47 - 00083456 ____A C:\Users\Nick\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-18 20:11 - 2011-04-14 22:47 - 00083456 ____A C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-18 19:59 - 2012-07-18 19:59 - 00000894 ____A C:\Users\Nick\Downloads\contacts.vcf 2012-07-18 18:12 - 2012-07-18 18:11 - 00001018 ____A C:\Windows\setupact.log 2012-07-18 18:11 - 2012-07-18 18:11 - 00000000 ____A C:\Windows\setuperr.log 2012-07-18 07:22 - 2012-07-18 07:19 - 00002494 ____A C:\Users\Nick\My Documents\carl.txt 2012-07-18 07:22 - 2012-07-18 07:19 - 00002494 ____A C:\Users\Nick\Documents\carl.txt 2012-07-17 08:20 - 2012-07-17 03:26 - 00001496 ____A C:\Users\Nick\My Documents\h.txt 2012-07-17 08:20 - 2012-07-17 03:26 - 00001496 ____A C:\Users\Nick\Documents\h.txt 2012-07-15 14:53 - 2011-05-06 05:10 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-07-14 21:53 - 2011-05-06 05:10 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-07-14 13:31 - 2012-07-14 13:31 - 00076212 ____A C:\Users\Nick\Downloads\Extras.Txt 2012-07-14 13:29 - 2012-07-14 13:29 - 00116824 ____A C:\Users\Nick\Downloads\OTL.Txt 2012-07-14 13:18 - 2012-07-14 13:18 - 00596480 ____A (OldTimer Tools) C:\Users\Nick\Downloads\OTL.exe 2012-07-14 07:24 - 2011-12-24 17:20 - 00000896 ____A C:\Users\Nick\Desktop\magicJack.lnk 2012-07-14 07:21 - 2006-11-02 07:21 - 01168832 ____A C:\Windows\System32\FNTCACHE.DAT 2012-07-14 07:11 - 2006-11-02 04:35 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe 2012-07-14 07:04 - 2012-04-05 03:53 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-07-14 07:04 - 2011-05-13 21:15 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-07-14 07:00 - 2012-07-14 07:00 - 00001430 ____A C:\Windows\PFRO.log 2012-07-14 06:49 - 2012-07-08 21:21 - 00000293 ____A C:\Users\Nick\My Documents\bhspam.txt 2012-07-14 06:49 - 2012-07-08 21:21 - 00000293 ____A C:\Users\Nick\Documents\bhspam.txt 2012-07-14 04:33 - 2011-12-28 15:20 - 00000950 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-07-14 04:33 - 2011-12-28 15:20 - 00000950 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2012-07-14 04:28 - 2012-07-14 04:29 - 00227824 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-07-14 04:28 - 2012-07-14 04:28 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-07-14 04:28 - 2012-07-14 04:28 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-07-14 04:28 - 2012-03-03 16:12 - 00772592 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2012-07-14 04:28 - 2011-04-15 00:11 - 00687600 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2012-07-14 04:24 - 2012-07-14 04:24 - 00893936 ____A (Oracle Corporation) C:\Users\Nick\Downloads\jxpiinstall.exe 2012-07-13 10:56 - 2012-07-13 10:56 - 00021426 ____A C:\ComboFix.txt 2012-07-13 10:52 - 2006-11-02 04:34 - 00000215 ____A C:\Windows\system.ini 2012-07-13 04:29 - 2012-07-13 03:34 - 357432509 ____A C:\Users\Nick\Downloads\video(1).mkv 2012-07-12 04:30 - 2012-07-12 04:29 - 04731392 ____A (AVAST Software) C:\Users\Nick\Downloads\aswMBR(1).exe 2012-07-12 04:27 - 2012-07-12 04:27 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Nick\Downloads\tdsskiller(1).exe 2012-07-11 03:14 - 2012-07-11 03:14 - 00029438 ____A C:\Users\Nick\Downloads\sitemap.xml 2012-07-11 03:09 - 2012-07-11 03:09 - 00267674 ____A C:\Users\Nick\Downloads\com_xmap-1.2.14.zip 2012-07-11 00:06 - 2012-07-10 23:35 - 378465600 ____A C:\Users\Nick\Downloads\fr11pe.exe 2012-07-10 23:54 - 2011-07-09 13:07 - 00000059 ____A C:\Windows\wpd99.drv 2012-07-10 05:16 - 2012-07-10 05:16 - 00607260 ____R (Swearware) C:\Users\Nick\Downloads\dds(1).scr 2012-07-10 05:08 - 2012-07-10 05:08 - 00881475 ____A C:\Users\Nick\Downloads\SecurityCheck.exe 2012-07-10 05:07 - 2012-07-10 05:07 - 00050477 ____A C:\Users\Nick\Downloads\Defogger.exe 2012-07-10 05:07 - 2012-07-10 05:07 - 00000470 ____A C:\Users\Nick\defogger_disable.log 2012-07-10 05:07 - 2012-07-10 05:07 - 00000000 ____A C:\Users\Nick\defogger_reenable 2012-07-09 19:50 - 2012-07-09 19:06 - 00000000 ____A C:\Windows\SysWOW64\config.nt 2012-07-09 19:10 - 2011-04-19 20:43 - 00007728 ____A C:\Users\Nick\Local Settings\d3d9caps.dat 2012-07-09 19:10 - 2011-04-19 20:43 - 00007728 ____A C:\Users\Nick\Local Settings\Application Data\d3d9caps.dat 2012-07-09 19:10 - 2011-04-19 20:43 - 00007728 ____A C:\Users\Nick\AppData\Local\d3d9caps.dat 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\Local Settings\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00011664 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001824 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI3A29.txt 2012-07-09 19:06 - 2012-07-09 19:06 - 00001787 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2012-07-09 19:06 - 2012-07-09 19:06 - 00001787 ____A C:\Users\All Users\Desktop\avast! Free Antivirus.lnk 2012-07-09 19:04 - 2012-07-09 18:56 - 89340632 ____A C:\Users\Nick\Downloads\avast_free_antivirus_setup.exe 2012-07-09 18:52 - 2012-07-09 18:52 - 00231390 ____A C:\Users\Nick\Downloads\RootkitRevealer.zip 2012-07-09 18:50 - 2012-07-09 18:50 - 02135640 ____A (Kaspersky Lab ZAO) C:\Users\Nick\Downloads\tdsskiller.exe 2012-07-09 18:13 - 2012-07-09 18:13 - 00607260 ____R (Swearware) C:\Users\Nick\Downloads\dds.scr 2012-07-09 18:06 - 2012-07-08 15:50 - 00009353 ____A C:\Users\Nick\Downloads\hijackthis.log 2012-07-09 17:57 - 2006-11-02 04:34 - 00442985 ___RA C:\Windows\System32\Drivers\etc\hosts.20120709-210124.backup 2012-07-09 16:49 - 2011-04-14 21:24 - 00394768 ____A C:\Users\Nick\Local Settings\GDIPFONTCACHEV1.DAT 2012-07-09 16:49 - 2011-04-14 21:24 - 00394768 ____A C:\Users\Nick\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2012-07-09 16:49 - 2011-04-14 21:24 - 00394768 ____A C:\Users\Nick\AppData\Local\GDIPFONTCACHEV1.DAT 2012-07-09 15:25 - 2012-07-09 14:23 - 716484608 ____A C:\Users\Nick\Downloads\xubuntu-12.04-alternate-amd64.iso 2012-07-09 13:59 - 2008-12-11 14:38 - 00000682 ____A C:\updatedatfix.log 2012-07-09 11:19 - 2012-07-09 11:18 - 04731392 ____A (AVAST Software) C:\Users\Nick\Downloads\aswMBR.exe 2012-07-09 11:14 - 2012-07-09 11:14 - 00001205 ____A C:\Users\Nick\Downloads\FixNCR.reg 2012-07-08 22:00 - 2012-07-08 21:59 - 06236280 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer(1).exe 2012-07-08 21:49 - 2012-07-08 21:49 - 00000012 ____A C:\Users\Nick\Downloads\FSSC.dat 2012-07-08 21:43 - 2012-07-08 21:43 - 06236280 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer.exe 2012-07-08 20:52 - 2011-04-15 00:59 - 00001460 ____A C:\Users\Nick\Local Settings\d3d9caps64.dat 2012-07-08 20:52 - 2011-04-15 00:59 - 00001460 ____A C:\Users\Nick\Local Settings\Application Data\d3d9caps64.dat 2012-07-08 20:52 - 2011-04-15 00:59 - 00001460 ____A C:\Users\Nick\AppData\Local\d3d9caps64.dat 2012-07-08 20:36 - 2011-05-26 04:34 - 00001129 ____A C:\Users\Nick\Desktop\Spybot - Search & Destroy.lnk 2012-07-08 15:38 - 2012-07-08 15:38 - 00388608 ____A (Trend Micro Inc.) C:\Users\Nick\Downloads\HijackThis.exe 2012-07-08 07:43 - 2012-07-08 06:43 - 358405242 ____A C:\Users\Nick\Downloads\video.mkv 2012-07-08 04:01 - 2012-07-08 04:01 - 00670875 ____A C:\Users\Nick\Downloads\com_jcomments_v2.3.0.zip 2012-07-08 02:41 - 2012-07-08 02:41 - 00014239 ____A C:\Users\Nick\Downloads\mod_simplereset_v2.0.2.zip 2012-07-07 01:48 - 2012-07-07 01:47 - 20867007 ____A C:\Users\Nick\Downloads\mono-social-icons.zip 2012-07-06 16:33 - 2012-07-06 16:33 - 00039511 ____A C:\Users\Nick\Downloads\com_test-1.0.0.zip 2012-07-06 16:08 - 2012-07-06 16:08 - 02463779 ____A (HTMLKit.com ) C:\Users\Nick\Downloads\HKSetup.exe 2012-07-06 16:08 - 2012-07-06 16:08 - 00001067 ____A C:\Users\Public\Desktop\HTML-Kit.lnk 2012-07-06 16:08 - 2012-07-06 16:08 - 00001067 ____A C:\Users\All Users\Desktop\HTML-Kit.lnk 2012-07-06 14:54 - 2012-07-06 14:54 - 00079219 ____A C:\Users\Nick\Downloads\libtidy.7z 2012-07-06 13:23 - 2012-07-06 13:23 - 00000018 ____A C:\Users\Nick\My Documents\hotard.txt 2012-07-06 13:23 - 2012-07-06 13:23 - 00000018 ____A C:\Users\Nick\Documents\hotard.txt 2012-07-05 19:50 - 2012-07-05 19:50 - 00612528 ____A C:\Users\Nick\Downloads\com_acesef_j25_basic.zip 2012-07-05 19:42 - 2012-07-05 19:42 - 00622771 ____A C:\Users\Nick\Downloads\com_acesef_j15_basic.zip 2012-07-05 18:44 - 2012-07-05 18:44 - 00002996 ____A C:\Users\Nick\Downloads\ext_acesef_jdownloads-free.zip 2012-07-05 11:38 - 2012-07-05 11:38 - 00938135 ____A C:\Users\Nick\Downloads\com_joomsef4-4.2.8.zip 2012-07-05 08:53 - 2012-07-05 08:53 - 01814569 ____A C:\Users\Nick\Downloads\com_jdownloads_1.9.0_stable_927.zip 2012-07-05 07:55 - 2012-07-05 07:55 - 00801967 ____A C:\Users\Nick\Downloads\com_phocadownload_v2.1.6.zip 2012-07-05 05:54 - 2012-07-05 05:54 - 00598982 ____A C:\Users\Nick\Downloads\Chronoforms_V4_RC3.4.1_J1.6.zip 2012-07-05 05:11 - 2012-07-05 05:11 - 00177888 ____A C:\Users\Nick\Downloads\bizblue(1).zip 2012-07-04 23:45 - 2012-07-04 23:45 - 00498180 ____A C:\Users\Nick\Downloads\com_admintools-2.2.9-core.zip 2012-07-04 23:43 - 2012-07-04 23:43 - 00024453 ____A C:\Users\Nick\Downloads\admintools-en-GB-j15.zip 2012-07-04 23:38 - 2012-07-04 23:38 - 04266487 ____A C:\Users\Nick\Downloads\Joomla_1.5.0_to_1.5.26-Stable-Patch_Package.zip 2012-07-04 16:21 - 2012-07-04 16:20 - 15867904 ____A C:\Users\Nick\Downloads\python-2.7.3.msi 2012-07-04 14:02 - 2012-07-04 14:02 - 00001547 ____A C:\Users\Nick\My Documents\jamie_sms.txt 2012-07-04 14:02 - 2012-07-04 14:02 - 00001547 ____A C:\Users\Nick\Documents\jamie_sms.txt 2012-07-04 13:22 - 2012-07-04 13:21 - 19704432 ____A (Wondershare ) C:\Users\Nick\Downloads\mobilego_full818.exe 2012-07-04 13:21 - 2012-07-04 13:21 - 00000000 ____A C:\Users\Nick\Downloads\veryandroid-sms-backup.zip.crdownload 2012-07-04 12:32 - 2011-04-15 01:00 - 00000456 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job 2012-07-03 10:46 - 2011-05-20 08:35 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-07-03 08:21 - 2012-07-09 19:06 - 00958400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2012-07-03 08:21 - 2012-07-09 19:06 - 00355856 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2012-07-03 08:21 - 2012-07-09 19:06 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe 2012-07-03 08:21 - 2012-07-09 19:06 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe 2012-07-03 08:21 - 2012-07-09 19:06 - 00071064 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys 2012-07-03 08:21 - 2012-07-09 19:06 - 00044272 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys 2012-07-03 08:21 - 2012-07-09 19:06 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr 2012-07-03 08:21 - 2012-07-09 19:06 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys 2012-07-02 04:46 - 2012-07-02 04:46 - 01853160 ____A C:\Users\Nick\Downloads\cakephp-cakephp-2.2.0-RC2-0-g3908f06.zip 2012-07-02 04:42 - 2012-07-02 04:42 - 00349477 ____A C:\Users\Nick\Downloads\cake_1.1.20.7692.zip 2012-07-02 04:41 - 2012-07-02 04:40 - 08147131 ____A C:\Users\Nick\Downloads\p4a-3.8.4.zip 2012-07-01 05:19 - 2012-07-01 05:19 - 00006191 ____A C:\Users\Nick\Downloads\plg_recaptcha.8.tar.gz 2012-06-30 04:54 - 2012-06-30 04:52 - 00000550 ____A C:\Users\Nick\My Documents\recaptchamail.html 2012-06-30 04:54 - 2012-06-30 04:52 - 00000550 ____A C:\Users\Nick\Documents\recaptchamail.html 2012-06-26 13:14 - 2012-06-26 13:14 - 00099188 ____A C:\Users\Nick\Downloads\pkg_itpmeta_v2.2-J1.6.zip 2012-06-26 13:09 - 2012-06-26 13:09 - 00004484 ____A C:\Users\Nick\Downloads\jostag_plugin_for_2.5.zip 2012-06-26 13:03 - 2012-06-26 13:03 - 00917701 ____A C:\Users\Nick\Downloads\com_joomsef4-4.2.7.zip 2012-06-26 11:20 - 2012-06-26 11:20 - 00199695 ____A C:\Users\Nick\Downloads\ForumPostAssistant-FPA-fpa-en-v1.2.0Beta-34-g902eed8.zip 2012-06-25 21:57 - 2012-06-25 21:57 - 00029761 ____A C:\Users\Nick\Downloads\plugin_jw_ts-v2.5_j1.5-2.5.zip 2012-06-25 21:20 - 2012-06-25 21:20 - 00509458 ____A C:\Users\Nick\Downloads\com_swmenufree7.2_J2.5.zip 2012-06-25 21:06 - 2012-06-25 21:06 - 00106072 ____A C:\Users\Nick\Downloads\mtupgrade.zip 2012-06-25 21:01 - 2012-06-25 21:01 - 00365535 ____A C:\Users\Nick\Downloads\com_jupgrade-2.5.1.zip 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00411614 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\Local Settings\dd_vcredistUI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:17 - 00012260 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI7D2A.txt 2012-06-25 19:17 - 2012-06-25 19:09 - 127714061 ____A C:\Users\Nick\Downloads\scriptcase_install_en_us_v6.0.022.exe 2012-06-25 15:12 - 2012-06-25 15:11 - 00000198 ____A C:\Windows\ODBC.INI 2012-06-25 15:10 - 2012-06-25 15:10 - 03908968 ____A (Thraex Software) C:\Users\Nick\Downloads\aiw.exe 2012-06-25 15:08 - 2012-06-25 15:08 - 00466944 ____A (WeOnlyDo! COM) C:\Windows\SysWOW64\wodSFTP.ocx 2012-06-25 15:04 - 2012-06-25 15:00 - 89166769 ____A C:\Users\Nick\Downloads\CCS_5.0.0.16254.exe 2012-06-25 14:29 - 2012-06-25 14:28 - 25983805 ____A (e.World Technology Limited) C:\Users\Nick\Downloads\phpmkr.exe 2012-06-24 05:53 - 2012-06-24 05:53 - 00000919 ____A C:\Users\Nick\Desktop\ASPRunner Professional 7.1.lnk 2012-06-24 05:52 - 2012-06-24 05:51 - 30256712 ____A (Xlinesoft.com ) C:\Users\Nick\Downloads\asprunnerpro-setup.exe 2012-06-24 03:50 - 2012-06-24 03:50 - 00020911 ____A C:\Users\Nick\Downloads\phpsim_beta1.tar.gz 2012-06-24 03:42 - 2012-06-24 03:42 - 00077829 ____A C:\Users\Nick\Downloads\php-setup-wizard.zip 2012-06-23 00:15 - 2012-06-23 00:15 - 00104672 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\VWD11AzurePack_RC.3f.3f.3fnew.exe 2012-06-22 22:41 - 2012-06-22 22:41 - 02344960 ____A C:\Users\Nick\Downloads\kdewin-installer-gui-latest.exe 2012-06-20 06:19 - 2012-06-20 06:02 - 00001467 ____A C:\Users\Nick\My Documents\nubuilder errors.txt 2012-06-20 06:19 - 2012-06-20 06:02 - 00001467 ____A C:\Users\Nick\Documents\nubuilder errors.txt 2012-06-20 05:54 - 2012-06-20 05:54 - 04472121 ____A (CamStudio Open Source Dev Team ) C:\Users\Nick\Downloads\CamStudio_Setup_v2.6b_r294_(build_24Oct2010).exe 2012-06-20 05:54 - 2012-06-20 05:54 - 00000816 ____A C:\Users\Public\Desktop\CamStudio-Recorder.lnk 2012-06-20 05:54 - 2012-06-20 05:54 - 00000816 ____A C:\Users\All Users\Desktop\CamStudio-Recorder.lnk 2012-06-20 04:43 - 2012-06-20 04:42 - 22792488 ____A C:\Users\Nick\Downloads\nubuilder-12.06.05.zip 2012-06-18 07:00 - 2012-06-18 06:59 - 33772488 ____A (Xlinesoft.com ) C:\Users\Nick\Downloads\phprunner-setup.exe 2012-06-18 06:20 - 2012-06-18 06:20 - 00000579 ____A C:\Users\Nick\Downloads\xatD73B.tmp.tar.gz 2012-06-18 06:12 - 2012-06-18 06:12 - 00000560 ____A C:\Users\Nick\Desktop\XAMPP.lnk 2012-06-18 05:34 - 2012-06-18 05:34 - 01377058 ____A C:\Users\Nick\Downloads\PSTools.zip 2012-06-18 05:23 - 2011-09-02 01:02 - 00002413 ____A C:\Users\Public\Desktop\Skype.lnk 2012-06-18 05:23 - 2011-09-02 01:02 - 00002413 ____A C:\Users\All Users\Desktop\Skype.lnk 2012-06-18 04:49 - 2012-06-18 04:37 - 156604674 ____A C:\Users\Nick\Downloads\xampp-win32-1.7.7-VC9.zip 2012-06-18 04:26 - 2012-06-18 04:25 - 00585492 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI2F6F.txt 2012-06-18 04:26 - 2012-06-18 04:25 - 00585492 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI2F6F.txt 2012-06-18 04:26 - 2012-06-18 04:25 - 00585492 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI2F6F.txt 2012-06-18 04:26 - 2012-06-18 04:25 - 00014302 ____A C:\Users\Nick\Local Settings\dd_vcredistUI2F6F.txt 2012-06-18 04:26 - 2012-06-18 04:25 - 00014302 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI2F6F.txt 2012-06-18 04:26 - 2012-06-18 04:25 - 00014302 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI2F6F.txt 2012-06-18 04:25 - 2012-06-18 04:25 - 04216840 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\vcredist_x86.exe 2012-06-18 04:14 - 2012-06-18 04:09 - 84881998 ____A C:\Users\Nick\Downloads\xampp-win32-1.7.7-VC9-installer.exe 2012-06-18 03:46 - 2012-06-18 03:45 - 04602459 ____A C:\Users\Nick\Downloads\xataface-1.3.2.zip 2012-06-16 04:49 - 2012-06-16 04:49 - 00000062 ____A C:\Users\Nick\My Documents\jgauto2.txt 2012-06-16 04:49 - 2012-06-16 04:49 - 00000062 ____A C:\Users\Nick\Documents\jgauto2.txt 2012-06-14 13:01 - 2012-06-14 13:01 - 00000859 ____A C:\Users\Nick\Downloads\enabledisabledesktopicons.zip 2012-06-14 12:55 - 2012-06-14 12:55 - 00001405 ____A C:\Users\Nick\Downloads\enabledisabledesktopicons.vbs 2012-06-14 03:58 - 2012-06-14 03:57 - 04692341 ____A C:\Users\Nick\Downloads\Xinha-0.96.1.zip 2012-06-13 05:58 - 2012-07-14 07:08 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-06-12 13:50 - 2012-06-12 13:49 - 12725464 ____A C:\Users\Nick\Downloads\GameMaker-Installer-8.1.exe 2012-06-12 08:57 - 2012-03-06 10:10 - 00011816 ____A C:\Users\Nick\My Documents\jgauto.odt 2012-06-12 08:57 - 2012-03-06 10:10 - 00011816 ____A C:\Users\Nick\Documents\jgauto.odt 2012-06-11 03:03 - 2012-06-11 03:00 - 27568485 ____A C:\Users\Nick\Downloads\Sens3s_The_Art_of_Understanding_2011_11_16_0752.zip 2012-06-11 02:33 - 2012-06-11 02:34 - 00021762 ____A C:\Users\Nick\Downloads\comparelist.mfa 2012-06-11 02:30 - 2012-06-11 02:30 - 00327687 ____A C:\Users\Nick\Downloads\cigarettesmoke.mfa 2012-06-11 01:18 - 2012-06-11 01:18 - 00748246 ____A ( ) C:\Users\Nick\Downloads\reshack_setup.exe 2012-06-11 01:16 - 2012-06-11 01:15 - 00000239 ____A C:\Windows\w32demo8.ini 2012-06-10 23:15 - 2012-06-10 23:14 - 00472436 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI1E4B.txt 2012-06-10 23:15 - 2012-06-10 23:14 - 00472436 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI1E4B.txt 2012-06-10 23:15 - 2012-06-10 23:14 - 00472436 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI1E4B.txt 2012-06-10 23:15 - 2012-06-10 23:14 - 00012986 ____A C:\Users\Nick\Local Settings\dd_vcredistUI1E4B.txt 2012-06-10 23:15 - 2012-06-10 23:14 - 00012986 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI1E4B.txt 2012-06-10 23:15 - 2012-06-10 23:14 - 00012986 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI1E4B.txt 2012-06-10 23:02 - 2012-06-10 22:48 - 151801119 ____A C:\Users\Nick\Downloads\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe 2012-06-10 18:35 - 2012-06-10 18:35 - 00365755 ____A C:\Users\Nick\Downloads\Application.zip 2012-06-09 22:42 - 2012-06-09 22:42 - 01069703 ____A C:\Users\Nick\Downloads\cryptopp561.zip 2012-06-09 18:21 - 2012-06-09 18:21 - 00006684 ____A C:\Users\Nick\Downloads\Sparkles.zip 2012-06-09 16:45 - 2012-06-09 16:44 - 07266635 ____A C:\Users\Nick\Downloads\sqlitebrowser_200_b1_win.zip 2012-06-09 11:48 - 2012-06-09 11:48 - 00010019 ____A C:\Users\Nick\My Documents\test.ini 2012-06-09 11:48 - 2012-06-09 11:48 - 00010019 ____A C:\Users\Nick\Documents\test.ini 2012-06-08 20:44 - 2012-06-08 20:43 - 00001535 ___AH C:\Windows\EPMBatch.ept 2012-06-08 20:07 - 2012-06-08 19:58 - 99250776 ____A (CHENGDU YIWO Tech Development Co., Ltd ) C:\Users\Nick\Downloads\tb_free.exe 2012-06-08 19:54 - 2012-06-08 19:52 - 12086624 ____A (EaseUS ) C:\Users\Nick\Downloads\epm.exe 2012-06-08 19:44 - 2012-06-08 19:44 - 00007984 ____A C:\MbrFix.htm 2012-06-08 19:43 - 2012-06-08 19:43 - 00042285 ____A C:\Users\Nick\Downloads\mbrfix.zip 2012-06-08 19:10 - 2012-06-08 19:09 - 05507952 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\SSCERuntime-ENU.exe 2012-06-08 19:05 - 2012-06-08 19:05 - 00461004 ____A C:\Users\Nick\Local Settings\dd_vcredistMSI43A8.txt 2012-06-08 19:05 - 2012-06-08 19:05 - 00461004 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistMSI43A8.txt 2012-06-08 19:05 - 2012-06-08 19:05 - 00461004 ____A C:\Users\Nick\AppData\Local\dd_vcredistMSI43A8.txt 2012-06-08 19:05 - 2012-06-08 19:05 - 00011642 ____A C:\Users\Nick\Local Settings\dd_vcredistUI43A8.txt 2012-06-08 19:05 - 2012-06-08 19:05 - 00011642 ____A C:\Users\Nick\Local Settings\Application Data\dd_vcredistUI43A8.txt 2012-06-08 19:05 - 2012-06-08 19:05 - 00011642 ____A C:\Users\Nick\AppData\Local\dd_vcredistUI43A8.txt 2012-06-08 10:55 - 2012-06-08 10:18 - 225724842 ____A C:\Users\Nick\Downloads\HDI-MSDN-ITPro-winvideo-Introduction_to_Visual_Cpp_2008_Express_Edition.zip 2012-06-08 09:59 - 2012-07-11 02:42 - 12899840 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-08 09:47 - 2012-07-11 02:42 - 11586048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-08 06:53 - 2012-06-08 06:53 - 00888280 ____A C:\Users\Nick\Downloads\TICPP-2nd-ed-Vol-one.zip 2012-06-08 06:53 - 2012-06-08 06:52 - 01015742 ____A C:\Users\Nick\Downloads\TICPP-2nd-ed-Vol-two.zip 2012-06-08 06:44 - 2012-06-03 04:25 - 01479504 ____A C:\Users\Nick\Local Settings\dd_install_vc_xcor_100.txt 2012-06-08 06:44 - 2012-06-03 04:25 - 01479504 ____A C:\Users\Nick\Local Settings\Application Data\dd_install_vc_xcor_100.txt 2012-06-08 06:44 - 2012-06-03 04:25 - 01479504 ____A C:\Users\Nick\AppData\Local\dd_install_vc_xcor_100.txt 2012-06-08 06:41 - 2012-06-08 06:41 - 00000985 ____A C:\Users\Nick\Desktop\Microsoft Visual C++ 2010 Express.lnk 2012-06-08 06:32 - 2012-06-08 06:32 - 01848036 ____A C:\Users\Nick\Local Settings\dd_netfx_dtp02CF.txt 2012-06-08 06:32 - 2012-06-08 06:32 - 01848036 ____A C:\Users\Nick\Local Settings\Application Data\dd_netfx_dtp02CF.txt 2012-06-08 06:32 - 2012-06-08 06:32 - 01848036 ____A C:\Users\Nick\AppData\Local\dd_netfx_dtp02CF.txt 2012-06-08 06:32 - 2012-06-03 04:25 - 00226266 ____A C:\Users\Nick\Local Settings\dd_depcheck_VC_EXP_100.txt 2012-06-08 06:32 - 2012-06-03 04:25 - 00226266 ____A C:\Users\Nick\Local Settings\Application Data\dd_depcheck_VC_EXP_100.txt 2012-06-08 06:32 - 2012-06-03 04:25 - 00226266 ____A C:\Users\Nick\AppData\Local\dd_depcheck_VC_EXP_100.txt 2012-06-08 06:31 - 2012-06-08 06:30 - 01159768 ____A C:\Users\Nick\Local Settings\dd_vsexpbsln64_10001EE.txt 2012-06-08 06:31 - 2012-06-08 06:30 - 01159768 ____A C:\Users\Nick\Local Settings\Application Data\dd_vsexpbsln64_10001EE.txt 2012-06-08 06:31 - 2012-06-08 06:30 - 01159768 ____A C:\Users\Nick\AppData\Local\dd_vsexpbsln64_10001EE.txt 2012-06-08 06:30 - 2012-06-03 04:25 - 00000840 ____A C:\Users\Nick\Local Settings\dd_error_vc_xcor_100.txt 2012-06-08 06:30 - 2012-06-03 04:25 - 00000840 ____A C:\Users\Nick\Local Settings\Application Data\dd_error_vc_xcor_100.txt 2012-06-08 06:30 - 2012-06-03 04:25 - 00000840 ____A C:\Users\Nick\AppData\Local\dd_error_vc_xcor_100.txt 2012-06-08 06:23 - 2011-04-15 01:49 - 00875718 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-06-08 06:18 - 2012-06-08 06:18 - 05350616 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\Windows8-ReleasePreview-UpgradeAssistant.exe 2012-06-08 06:15 - 2012-06-08 06:14 - 00445634 ____A C:\Users\Nick\Local Settings\dd_VC_Red_MSI75AC.txt 2012-06-08 06:15 - 2012-06-08 06:14 - 00445634 ____A C:\Users\Nick\Local Settings\Application Data\dd_VC_Red_MSI75AC.txt 2012-06-08 06:15 - 2012-06-08 06:14 - 00445634 ____A C:\Users\Nick\AppData\Local\dd_VC_Red_MSI75AC.txt 2012-06-08 06:14 - 2012-06-08 06:14 - 00322010 ____A C:\Users\Nick\Local Settings\dd_dw20shared_x86_msi7591.txt 2012-06-08 06:14 - 2012-06-08 06:14 - 00322010 ____A C:\Users\Nick\Local Settings\Application Data\dd_dw20shared_x86_msi7591.txt 2012-06-08 06:14 - 2012-06-08 06:14 - 00322010 ____A C:\Users\Nick\AppData\Local\dd_dw20shared_x86_msi7591.txt 2012-06-08 03:02 - 2012-06-08 03:02 - 03418313 ____A C:\Users\Nick\Downloads\phplist-2.10.18.zip 2012-06-08 01:40 - 2012-06-08 01:40 - 00000879 ____A C:\Users\Nick\Desktop\Patch Maker.lnk 2012-06-07 22:01 - 2011-08-31 13:26 - 00000979 ____A C:\Users\Nick\Desktop\HelpNDoc 3.lnk 2012-06-07 21:31 - 2012-06-07 21:31 - 00955848 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2012-06-07 21:31 - 2012-06-07 21:31 - 00268744 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2012-06-07 21:31 - 2012-02-25 05:50 - 00189384 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2012-06-07 21:31 - 2012-02-25 05:50 - 00188872 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2012-06-07 21:31 - 2011-11-17 12:18 - 00839112 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2012-06-07 15:43 - 2012-06-07 15:33 - 175831837 ____A C:\Users\Nick\Downloads\MoSyncWindows-3.0.2.exe 2012-06-05 12:14 - 2011-05-02 19:23 - 00000772 ____A C:\Users\Public\Desktop\CCleaner.lnk 2012-06-05 12:14 - 2011-05-02 19:23 - 00000772 ____A C:\Users\All Users\Desktop\CCleaner.lnk 2012-06-05 12:03 - 2012-06-05 11:47 - 00003284 ____A C:\Users\Nick\My Documents\response.txt 2012-06-05 12:03 - 2012-06-05 11:47 - 00003284 ____A C:\Users\Nick\Documents\response.txt 2012-06-05 08:47 - 2012-07-11 02:42 - 01401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-05 08:47 - 2012-07-11 02:42 - 01248768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-05 08:22 - 2012-07-11 02:42 - 01869824 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-05 08:22 - 2012-07-11 02:42 - 01797120 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-04 13:59 - 2012-06-05 12:47 - 00001048 ____A C:\Users\Nick\Desktop\Dispatcher.lnk 2012-06-04 13:59 - 2012-06-04 13:58 - 02307111 ____A C:\Users\Nick\Downloads\Dispatcher_Setup.exe 2012-06-04 13:33 - 2012-05-29 21:26 - 00869574 ____A C:\Users\Nick\Local Settings\dd_install_vcs_xcor_100.txt 2012-06-04 13:33 - 2012-05-29 21:26 - 00869574 ____A C:\Users\Nick\Local Settings\Application Data\dd_install_vcs_xcor_100.txt 2012-06-04 13:33 - 2012-05-29 21:26 - 00869574 ____A C:\Users\Nick\AppData\Local\dd_install_vcs_xcor_100.txt 2012-06-04 13:31 - 2012-05-29 21:26 - 00250953 ____A C:\Users\Nick\Local Settings\dd_depcheck_VCS_EXP_100.txt 2012-06-04 13:31 - 2012-05-29 21:26 - 00250953 ____A C:\Users\Nick\Local Settings\Application Data\dd_depcheck_VCS_EXP_100.txt 2012-06-04 13:31 - 2012-05-29 21:26 - 00250953 ____A C:\Users\Nick\AppData\Local\dd_depcheck_VCS_EXP_100.txt 2012-06-04 08:00 - 2011-04-19 20:39 - 00023076 ____A C:\Windows\System32\lvcoinst.log 2012-06-04 07:29 - 2012-07-11 02:42 - 00516480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-06-03 14:30 - 2012-06-03 14:30 - 00729732 ____A C:\Users\Nick\Local Settings\dd_HelpSetup_MSI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:30 - 00729732 ____A C:\Users\Nick\Local Settings\Application Data\dd_HelpSetup_MSI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:30 - 00729732 ____A C:\Users\Nick\AppData\Local\dd_HelpSetup_MSI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:30 - 00012382 ____A C:\Users\Nick\Local Settings\dd_HelpSetup_UI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:30 - 00012382 ____A C:\Users\Nick\Local Settings\Application Data\dd_HelpSetup_UI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:30 - 00012382 ____A C:\Users\Nick\AppData\Local\dd_HelpSetup_UI6A11.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 01078960 ____A C:\Users\Nick\Local Settings\dd_vstor40_x64MSI697E.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 01078960 ____A C:\Users\Nick\Local Settings\Application Data\dd_vstor40_x64MSI697E.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 01078960 ____A C:\Users\Nick\AppData\Local\dd_vstor40_x64MSI697E.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 00012382 ____A C:\Users\Nick\Local Settings\dd_vstor40_x64UI697E.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 00012382 ____A C:\Users\Nick\Local Settings\Application Data\dd_vstor40_x64UI697E.txt 2012-06-03 14:30 - 2012-06-03 14:29 - 00012382 ____A C:\Users\Nick\AppData\Local\dd_vstor40_x64UI697E.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00322034 ____A C:\Users\Nick\Local Settings\dd_SqlPubWiz_14_msi1AB3.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00322034 ____A C:\Users\Nick\Local Settings\Application Data\dd_SqlPubWiz_14_msi1AB3.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00322034 ____A C:\Users\Nick\AppData\Local\dd_SqlPubWiz_14_msi1AB3.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00126706 ____A C:\Users\Nick\Local Settings\dd_AspNetMVC2.msi1AA3.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00126706 ____A C:\Users\Nick\Local Settings\Application Data\dd_AspNetMVC2.msi1AA3.txt 2012-06-03 04:24 - 2012-06-03 04:24 - 00126706 ____A C:\Users\Nick\AppData\Local\dd_AspNetMVC2.msi1AA3.txt 2012-06-03 04:24 - 2012-06-03 04:23 - 00441022 ____A C:\Users\Nick\Local Settings\dd_VWD2010ToolsMVC2.msi1983.txt 2012-06-03 04:24 - 2012-06-03 04:23 - 00441022 ____A C:\Users\Nick\Local Settings\Application Data\dd_VWD2010ToolsMVC2.msi1983.txt 2012-06-03 04:24 - 2012-06-03 04:23 - 00441022 ____A C:\Users\Nick\AppData\Local\dd_VWD2010ToolsMVC2.msi1983.txt 2012-06-03 04:24 - 2012-06-03 04:05 - 00489040 ____A C:\Users\Nick\Local Settings\dd_install_vns_xcor_100.txt 2012-06-03 04:24 - 2012-06-03 04:05 - 00489040 ____A C:\Users\Nick\Local Settings\Application Data\dd_install_vns_xcor_100.txt 2012-06-03 04:24 - 2012-06-03 04:05 - 00489040 ____A C:\Users\Nick\AppData\Local\dd_install_vns_xcor_100.txt 2012-06-03 04:23 - 2012-06-03 04:23 - 00449298 ____A C:\Users\Nick\Local Settings\dd_WebDeploy_x64_en-US.msi1966.txt 2012-06-03 04:23 - 2012-06-03 04:23 - 00449298 ____A C:\Users\Nick\Local Settings\Application Data\dd_WebDeploy_x64_en-US.msi1966.txt 2012-06-03 04:23 - 2012-06-03 04:23 - 00449298 ____A C:\Users\Nick\AppData\Local\dd_WebDeploy_x64_en-US.msi1966.txt 2012-06-03 04:17 - 2012-06-03 04:17 - 00318168 ____A C:\Users\Nick\Local Settings\dd_vc_runtime_x86_msi1503.txt 2012-06-03 04:17 - 2012-06-03 04:17 - 00318168 ____A C:\Users\Nick\Local Settings\Application Data\dd_vc_runtime_x86_msi1503.txt 2012-06-03 04:17 - 2012-06-03 04:17 - 00318168 ____A C:\Users\Nick\AppData\Local\dd_vc_runtime_x86_msi1503.txt 2012-06-03 04:17 - 2012-06-03 04:05 - 00166712 ____A C:\Users\Nick\Local Settings\dd_depcheck_VNS_EXP_100.txt 2012-06-03 04:17 - 2012-06-03 04:05 - 00166712 ____A C:\Users\Nick\Local Settings\Application Data\dd_depcheck_VNS_EXP_100.txt 2012-06-03 04:17 - 2012-06-03 04:05 - 00166712 ____A C:\Users\Nick\AppData\Local\dd_depcheck_VNS_EXP_100.txt 2012-06-03 04:05 - 2012-06-03 04:05 - 00000002 ____A C:\Users\Nick\Local Settings\dd_error_vns_xcor_100.txt 2012-06-03 04:05 - 2012-06-03 04:05 - 00000002 ____A C:\Users\Nick\Local Settings\Application Data\dd_error_vns_xcor_100.txt 2012-06-03 04:05 - 2012-06-03 04:05 - 00000002 ____A C:\Users\Nick\AppData\Local\dd_error_vns_xcor_100.txt 2012-06-03 03:57 - 2012-06-03 03:57 - 00100192 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\vwd.exe 2012-06-03 03:57 - 2012-06-03 03:56 - 03324232 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\vc_web.exe 2012-06-02 14:19 - 2012-06-20 19:37 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 14:19 - 2012-06-20 19:37 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 14:19 - 2012-06-20 19:37 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 14:19 - 2012-06-20 19:36 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 14:19 - 2012-06-20 19:36 - 00577048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2012-06-02 14:19 - 2012-06-20 19:36 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 14:19 - 2012-06-20 19:36 - 00035864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2012-06-02 14:15 - 2012-06-20 19:37 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-06-02 14:15 - 2012-06-20 19:36 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-06-02 14:12 - 2012-06-20 19:36 - 00088576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2012-06-02 12:19 - 2012-06-20 19:36 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-06-02 12:19 - 2012-06-20 19:36 - 00171904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2012-06-02 12:15 - 2012-06-20 19:36 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-06-02 12:12 - 2012-06-20 19:36 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2012-06-02 04:49 - 2012-07-14 07:09 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-02 04:17 - 2012-07-14 07:09 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-02 04:12 - 2012-07-14 07:09 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-02 04:05 - 2012-07-14 07:09 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-02 04:05 - 2012-07-14 07:09 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-02 04:04 - 2012-07-14 07:09 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-02 04:04 - 2012-07-14 07:09 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-02 04:03 - 2012-07-14 07:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-02 04:01 - 2012-07-14 07:09 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-02 04:00 - 2012-07-14 07:09 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-02 03:59 - 2012-07-14 07:09 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-02 03:57 - 2012-07-14 07:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-02 03:57 - 2012-07-14 07:09 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-02 03:54 - 2012-07-14 07:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-02 01:07 - 2012-07-14 07:09 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-02 00:43 - 2012-07-14 07:09 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-02 00:33 - 2012-07-14 07:09 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-02 00:26 - 2012-07-14 07:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-02 00:25 - 2012-07-14 07:09 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-02 00:25 - 2012-07-14 07:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-02 00:23 - 2012-07-14 07:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-02 00:21 - 2012-07-14 07:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-02 00:20 - 2012-07-14 07:09 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-02 00:19 - 2012-07-14 07:09 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-02 00:19 - 2012-07-14 07:09 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-02 00:17 - 2012-07-14 07:09 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-02 00:16 - 2012-07-14 07:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-02 00:14 - 2012-07-14 07:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-01 16:22 - 2012-07-11 02:42 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-01 16:22 - 2012-07-11 02:42 - 00254464 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-01 16:05 - 2012-07-11 02:42 - 00077312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-01 16:04 - 2012-07-11 02:42 - 00278528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-01 16:03 - 2012-07-11 02:42 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-05-31 13:59 - 2012-05-31 13:35 - 227833386 ____A C:\Users\Nick\Downloads\12WorkingwithStrings_2MB_ch9.wmv 2012-05-31 13:55 - 2012-05-31 13:35 - 150498016 ____A C:\Users\Nick\Downloads\11whileIterationsandReadingDatafromaTextFile_2MB_ch9.wmv 2012-05-31 13:53 - 2012-05-31 13:36 - 131239337 ____A C:\Users\Nick\Downloads\13WorkingwithDateTime_2MB_ch9.wmv 2012-05-30 11:45 - 2012-05-30 11:45 - 00944981 ____A C:\Users\Nick\Downloads\C9CS_Code.zip 2012-05-29 21:52 - 2012-05-29 21:51 - 00968156 ____A C:\Users\Nick\Local Settings\dd_ADONETEntityFrameworkTools_enu_MSI3540.txt 2012-05-29 21:52 - 2012-05-29 21:51 - 00968156 ____A C:\Users\Nick\Local Settings\Application Data\dd_ADONETEntityFrameworkTools_enu_MSI3540.txt 2012-05-29 21:52 - 2012-05-29 21:51 - 00968156 ____A C:\Users\Nick\AppData\Local\dd_ADONETEntityFrameworkTools_enu_MSI3540.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 01649668 ____A C:\Users\Nick\Local Settings\dd_SharedManagementObjects_MSI2EC5.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 01649668 ____A C:\Users\Nick\Local Settings\Application Data\dd_SharedManagementObjects_MSI2EC5.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 01649668 ____A C:\Users\Nick\AppData\Local\dd_SharedManagementObjects_MSI2EC5.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 00513970 ____A C:\Users\Nick\Local Settings\dd_SQLSysClrTypes_msi2EAB.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 00513970 ____A C:\Users\Nick\Local Settings\Application Data\dd_SQLSysClrTypes_msi2EAB.txt 2012-05-29 21:43 - 2012-05-29 21:43 - 00513970 ____A C:\Users\Nick\AppData\Local\dd_SQLSysClrTypes_msi2EAB.txt 2012-05-29 21:43 - 2012-05-29 21:42 - 00213172 ____A C:\Users\Nick\Local Settings\dd_SQLCEToolsForVS2007_MSI2EA4.txt 2012-05-29 21:43 - 2012-05-29 21:42 - 00213172 ____A C:\Users\Nick\Local Settings\Application Data\dd_SQLCEToolsForVS2007_MSI2EA4.txt 2012-05-29 21:43 - 2012-05-29 21:42 - 00213172 ____A C:\Users\Nick\AppData\Local\dd_SQLCEToolsForVS2007_MSI2EA4.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00701478 ____A C:\Users\Nick\Local Settings\dd_SSCERuntime_MSI2E63.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00701478 ____A C:\Users\Nick\Local Settings\Application Data\dd_SSCERuntime_MSI2E63.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00701478 ____A C:\Users\Nick\AppData\Local\dd_SSCERuntime_MSI2E63.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00664442 ____A C:\Users\Nick\Local Settings\dd_SSCERuntime_64_MSI2E8A.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00664442 ____A C:\Users\Nick\Local Settings\Application Data\dd_SSCERuntime_64_MSI2E8A.txt 2012-05-29 21:42 - 2012-05-29 21:42 - 00664442 ____A C:\Users\Nick\AppData\Local\dd_SSCERuntime_64_MSI2E8A.txt 2012-05-29 21:28 - 2012-05-29 21:26 - 00000390 ____A C:\Users\Nick\Local Settings\dd_error_vcs_xcor_100.txt 2012-05-29 21:28 - 2012-05-29 21:26 - 00000390 ____A C:\Users\Nick\Local Settings\Application Data\dd_error_vcs_xcor_100.txt 2012-05-29 21:28 - 2012-05-29 21:26 - 00000390 ____A C:\Users\Nick\AppData\Local\dd_error_vcs_xcor_100.txt 2012-05-29 21:25 - 2012-05-29 21:25 - 03252048 ____A (Microsoft Corporation) C:\Users\Nick\Downloads\vcs_web.exe 2012-05-29 21:14 - 2011-04-14 22:22 - 00001101 ____A C:\Users\Nick\Desktop\Revo Uninstaller.lnk 2012-05-25 23:36 - 2012-05-12 14:56 - 00002027 ____A C:\Users\Public\Desktop\Chrome.lnk 2012-05-25 23:36 - 2012-05-12 14:56 - 00002027 ____A C:\Users\All Users\Desktop\Chrome.lnk 2012-05-23 06:10 - 2012-05-23 06:10 - 00031908 ____A C:\Users\Nick\Downloads\super_mario_bros._(usajapan).zip 2012-05-23 05:07 - 2012-05-23 05:07 - 00382217 ____A C:\Users\Nick\Downloads\virtuanes097e.zip 2012-05-23 04:57 - 2012-05-23 04:57 - 00439463 ____A C:\Users\Nick\Downloads\jnes_1_1.exe 2012-05-23 04:54 - 2012-05-23 04:54 - 00073217 ____A C:\Users\Nick\Downloads\Top Gun.zip 2012-05-23 04:45 - 2012-05-23 04:45 - 00090421 ____A C:\Users\Nick\Downloads\Contra.zip 2012-05-17 14:36 - 2012-06-08 19:55 - 02468520 ____A C:\Windows\SysWOW64\BootMan.exe 2012-05-17 13:24 - 2012-05-17 13:24 - 00080752 ____A C:\Users\Nick\Downloads\detective.ttf 2012-05-15 11:23 - 2012-05-15 11:23 - 00000866 ____A C:\Users\Nick\Desktop\Social App Creator 2.lnk 2012-05-15 08:13 - 2012-06-08 19:55 - 03316736 ____A C:\Windows\System32\BootMan.exe 2012-05-12 14:58 - 2012-05-12 14:58 - 00002117 ____A C:\Users\Public\Desktop\Google Earth.lnk 2012-05-12 14:58 - 2012-05-12 14:58 - 00002117 ____A C:\Users\All Users\Desktop\Google Earth.lnk 2012-05-12 10:30 - 2012-05-12 10:30 - 00000013 ____A C:\Users\Nick\My Documents\teche.txt 2012-05-12 10:30 - 2012-05-12 10:30 - 00000013 ____A C:\Users\Nick\Documents\teche.txt 2012-05-12 04:31 - 2012-05-12 04:31 - 00000041 ____A C:\Users\Nick\My Documents\bmtno.txt 2012-05-12 04:31 - 2012-05-12 04:31 - 00000041 ____A C:\Users\Nick\Documents\bmtno.txt 2012-05-10 08:34 - 2012-05-10 08:34 - 00012848 ____A C:\Users\Nick\My Documents\losfa-experian payment.ods 2012-05-10 08:34 - 2012-05-10 08:34 - 00012848 ____A C:\Users\Nick\Documents\losfa-experian payment.ods 2012-05-08 07:48 - 2012-05-08 07:48 - 00000035 ____A C:\Users\Nick\My Documents\geico info.txt 2012-05-08 07:48 - 2012-05-08 07:48 - 00000035 ____A C:\Users\Nick\Documents\geico info.txt 2012-05-08 03:17 - 2012-05-08 03:17 - 00000021 ____A C:\Users\Nick\My Documents\geico quote.txt 2012-05-08 03:17 - 2012-05-08 03:17 - 00000021 ____A C:\Users\Nick\Documents\geico quote.txt 2012-05-03 14:52 - 2012-06-08 20:10 - 00189576 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys 2012-05-03 14:52 - 2012-06-08 20:10 - 00048776 ____A C:\Windows\System32\Drivers\EUBKMON.sys 2012-05-03 14:52 - 2012-06-08 20:09 - 00025224 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\fbnative.exe 2012-05-03 14:51 - 2012-06-08 20:10 - 00058504 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys 2012-05-03 14:51 - 2012-06-08 20:10 - 00019592 ____A (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys 2012-05-02 13:36 - 2012-05-02 13:36 - 00000014 ____A C:\Users\Nick\My Documents\geico.txt 2012-05-02 13:36 - 2012-05-02 13:36 - 00000014 ____A C:\Users\Nick\Documents\geico.txt 2012-05-02 13:36 - 2012-05-02 13:04 - 00000158 ____A C:\Users\Nick\My Documents\quote.txt 2012-05-02 13:36 - 2012-05-02 13:04 - 00000158 ____A C:\Users\Nick\Documents\quote.txt 2012-05-02 11:35 - 2011-04-15 01:49 - 00001945 ____A C:\Windows\epplauncher.mif 2012-05-01 06:29 - 2012-06-12 18:16 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-04-25 05:03 - 2012-04-25 04:59 - 53256026 ____A C:\Users\Nick\My Documents\The Amelia Belle.mp4 2012-04-25 05:03 - 2012-04-25 04:59 - 53256026 ____A C:\Users\Nick\Documents\The Amelia Belle.mp4 2012-04-23 08:25 - 2012-06-23 00:28 - 01267200 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-04-23 08:25 - 2012-06-23 00:28 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-04-23 08:25 - 2012-06-23 00:28 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-04-23 08:00 - 2012-06-23 00:28 - 00984064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2012-04-23 08:00 - 2012-06-23 00:28 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2012-04-23 08:00 - 2012-06-23 00:28 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ========================= Memory info ====================== Percentage of memory in use: 12% Total physical RAM: 7037.45 MB Available physical RAM: 6126.93 MB Total Pagefile: 6590.94 MB Available Pagefile: 6109.37 MB Total Virtual: 8192 MB Available Virtual: 8191.91 MB ======================= Partitions ========================= 1 Drive c: (HP) (Fixed) (Total:436.56 GB) (Free:241.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)] 2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.12 GB) (Free:1.77 GB) NTFS ==>[system with boot components (obtained from reading drive)] 3 Drive e: (Backup) (Fixed) (Total:146.48 GB) (Free:22.7 GB) NTFS 5 Drive g: () (Removable) (Total:1.86 GB) (Free:1.09 GB) FAT32 8 Drive j: () (Removable) (Total:1.84 GB) (Free:1.6 GB) FAT 11 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 596 GB 4096 KB Disk 1 Online 1944 MB 0 B Disk 2 No Media 0 B 0 B Disk 3 No Media 0 B 0 B Disk 4 Online 1886 MB 0 B Disk 5 No Media 0 B 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 437 GB 32 KB Partition 2 Primary 146 GB 437 GB Partition 3 Primary 13 GB 583 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C HP NTFS Partition 437 GB Healthy ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E Backup NTFS Partition 146 GB Healthy ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 D FACTORY_IMA NTFS Partition 13 GB Healthy ================================================================================== Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 1908 MB 65 KB ================================================================================== Disk: 1 Partition 1 Type : 0B Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 G FAT32 Removable 1908 MB Healthy ================================================================================== Partitions of Disk 4: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 1884 MB 68 KB ================================================================================== Disk: 4 Partition 1 Type : 06 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 8 J FAT Removable 1884 MB Healthy ================================================================================== ========================================================== Last Boot: 2012-07-19 20:09 ======================= End Of Log ==========================

Still same problems. All three browsers.

========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-2402766653-243950496-3254906195-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully. File Protocol\Handler\ms-itss - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. File Protocol\Handler\skype4com - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully. File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. ADS C:\ProgramData\Temp:F87C192A deleted successfully. ADS C:\ProgramData\Temp:157E1AD3 deleted successfully. ADS C:\ProgramData\Temp:A5B56640 deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ not found. Registry key HKEY_USERS\S-1-5-21-2402766653-243950496-3254906195-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4C79FEC-33AC-498B-9535-EC195C9BD400}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Nick ->Java cache emptied: 0 bytes User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 56466 bytes User: Default User ->Flash cache emptied: 0 bytes User: Nick ->Flash cache emptied: 57003 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07152012_070529 Google search results are still being redirected randomly.

OTL logfile created on: 7/14/2012 4:20:14 PM - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Nick\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 6.87 Gb Total Physical Memory | 4.68 Gb Available Physical Memory | 68.09% Memory free 13.83 Gb Paging File | 11.41 Gb Available in Paging File | 82.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 436.56 Gb Total Space | 240.41 Gb Free Space | 55.07% Space Free | Partition Type: NTFS Drive D: | 13.12 Gb Total Space | 1.77 Gb Free Space | 13.50% Space Free | Partition Type: NTFS Drive E: | 146.48 Gb Total Space | 22.68 Gb Free Space | 15.49% Space Free | Partition Type: NTFS Drive L: | 1.84 Gb Total Space | 1.60 Gb Free Space | 86.91% Space Free | Partition Type: FAT Computer Name: LOOMPALAND | User Name: Nick | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Nick\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe (CHENGDU YIWO Tech Development Co., Ltd) PRC - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd) PRC - C:\Users\Nick\AppData\Roaming\mjusbsp\magicJack.exe (magicJack L.P.) PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avutil-51.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avformat-54.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll () MOD - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libEGL.dll () MOD - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.3\libGLESv2.dll () MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation) SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation) SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation) SRV:64bit: - (MsDepSvc) -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (hpqddsvc) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (hpqcxs08) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Guard Agent) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe (CHENGDU YIWO Tech Development Co., Ltd) SRV - (EaseUS Agent) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ABBYY.Licensing.FineReader.Corporate.10.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (AswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (EUFDDISK) -- C:\Windows\SysNative\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd) DRV:64bit: - (EUBKMON) -- C:\Windows\SysNative\drivers\EUBKMON.sys () DRV:64bit: - (EUDSKACS) -- C:\Windows\SysNative\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd) DRV:64bit: - (EUBAKUP) -- C:\Windows\SysNative\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (LVUVC64) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.) DRV:64bit: - (RsFx0105) -- C:\Windows\SysNative\DRIVERS\RsFx0105.sys (Microsoft Corporation) DRV:64bit: - (zghsdiag) -- C:\Windows\SysNative\DRIVERS\zghsdiag.sys (ZTE Incorporated) DRV:64bit: - (massfilter_hs) -- C:\Windows\SysNative\drivers\massfilter_hs.sys (HandSet Incorporated) DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated) DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys () DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys () DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\DRIVERS\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\DRIVERS\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\DRIVERS\ssadmdm.sys (MCCI Corporation) DRV:64bit: - (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM) -- C:\Windows\SysNative\DRIVERS\ssadserd.sys (MCCI Corporation) DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\DRIVERS\ssadbus.sys (MCCI Corporation) DRV:64bit: - (androidusb) -- C:\Windows\SysNative\Drivers\ssadadb.sys (Google Inc) DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\DRIVERS\ssadmdfl.sys (MCCI Corporation) DRV:64bit: - (vmm) -- C:\Windows\SysNative\Drivers\vmm.sys (Microsoft Corporation) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (VCSVADHWSer) Avnex Virtual Audio Device (WDM) -- C:\Windows\SysNative\DRIVERS\vcsvad.sys (Avnex) DRV:64bit: - (PCD5SRVC{8AAF211B-043E02A9-05040000}) -- C:\Program Files\PC-Doctor for Windows\pcd5srvc_x64.pkms (PC-Doctor, Inc.) DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D4995696-6C2F-4251-8AC0-D503C23712BF} IE:64bit: - HKLM\..\SearchScopes\{D4995696-6C2F-4251-8AC0-D503C23712BF}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt IE - HKLM\..\SearchScopes,DefaultScope = {D4995696-6C2F-4251-8AC0-D503C23712BF} IE - HKLM\..\SearchScopes\{D4995696-6C2F-4251-8AC0-D503C23712BF}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF IE - HKLM\..\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\..\SearchScopes,DefaultScope = {D4995696-6C2F-4251-8AC0-D503C23712BF} IE - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\..\SearchScopes\{D4995696-6C2F-4251-8AC0-D503C23712BF}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\..\SearchScopes\{E4C79FEC-33AC-498B-9535-EC195C9BD400}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@xstandard.com/XStandard: C:\Program Files (x86)\XStandard\Bin\NPXStandard.dll (Belus Technology Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nick\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nick\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/09 22:06:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/17 08:17:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/30 00:19:00 | 000,000,000 | ---D | M] [2011/04/15 01:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Extensions [2012/07/08 10:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\9kqhg7vi.default\extensions [2012/06/23 02:04:47 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\9kqhg7vi.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012/03/17 21:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/12/11 18:11:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012/06/17 08:17:58 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/06/07 19:29:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/06/07 19:29:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MI1933~1\Office14\NPSPWRAP.DLL CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U3 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: XStandard (Enabled) = C:\Program Files (x86)\XStandard\Bin\NPXStandard.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Draw Something = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpfpcdinndbjpbjmdpcgemeejpohbkl\1.0_0\ CHR - Extension: Google Search = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: avast! WebRep = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\ CHR - Extension: Skype Click to Call = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\ CHR - Extension: ICE Quick Stream = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp\5.3_0\ CHR - Extension: Unannoying Facebook = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphkbajimngabpbfbhkikplpdaohoe\1.4_0\ CHR - Extension: Gmail = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/07/11 05:05:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-2402766653-243950496-3254906195-1000..\Run: [cdloader] C:\Users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.) O4 - HKU\S-1-5-21-2402766653-243950496-3254906195-1000..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2402766653-243950496-3254906195-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8:64bit: - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll () O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.4.0) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.4.0) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} Reg Error: Value error. (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.5.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1ADD8C62-A43D-49E7-93B0-4F3BA4D078ED}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/09/12 21:03:04 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/07/14 10:09:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/07/14 10:09:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/07/14 10:09:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/07/14 10:09:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/07/14 10:09:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/07/14 10:09:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/07/14 10:09:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/07/14 10:09:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/07/14 10:09:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/07/14 10:09:11 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/07/14 10:09:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/07/14 10:09:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/07/14 10:09:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/07/14 07:29:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle [2012/07/14 07:29:09 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/14 07:28:41 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/14 07:28:41 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/14 07:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012/07/14 07:18:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/07/14 07:15:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/07/13 13:56:10 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/07/13 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\temp [2012/07/11 05:42:12 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/11 04:46:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/07/11 04:46:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/07/11 04:46:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/07/11 04:42:21 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/07/11 04:41:38 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/07/09 22:06:25 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/07/09 22:06:25 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/07/09 22:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012/07/09 22:06:23 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/07/09 22:06:23 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/07/09 22:06:23 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/07/09 22:06:23 | 000,044,272 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012/07/09 22:06:14 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/07/09 22:06:14 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012/07/09 22:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012/07/09 22:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012/07/09 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\Google Redirect Logs [2012/07/09 20:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software [2012/07/09 00:27:39 | 000,000,000 | ---D | C] -- C:\sh4ldr [2012/07/09 00:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012/07/09 00:26:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012/07/06 19:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTML-Kit [2012/07/06 19:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chami [2012/07/04 19:34:23 | 000,000,000 | ---D | C] -- C:\Users\Nick\.idlerc [2012/07/04 19:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 [2012/07/04 19:31:52 | 000,000,000 | ---D | C] -- C:\Python27 [2012/07/04 16:23:45 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\Wondershare [2012/07/04 16:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wondershare [2012/07/04 16:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [2012/07/04 16:23:36 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Wondershare [2012/07/04 16:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare [2012/06/25 22:17:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetMake [2012/06/25 18:27:54 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\PHPMaker [2012/06/25 18:21:07 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\CodeChargeStudio5 [2012/06/25 18:20:27 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\CCS5 [2012/06/25 18:08:18 | 000,466,944 | ---- | C] (WeOnlyDo! COM) -- C:\Windows\SysWow64\wodSFTP.ocx [2012/06/25 17:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Script Control [2012/06/25 17:32:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\e.World [2012/06/24 08:55:37 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\PHPRunnerTemplates [2012/06/24 08:55:11 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\Classified11php [2012/06/24 08:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASPRunner Professional 7.1 [2012/06/24 08:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASPRunnerPro7.1 [2012/06/23 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\Macromedia [2012/06/23 18:25:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell [2012/06/23 18:25:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell [2012/06/23 03:37:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll [2012/06/23 03:37:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll [2012/06/23 03:37:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll [2012/06/23 03:37:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll [2012/06/23 03:37:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll [2012/06/23 03:37:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll [2012/06/23 03:37:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll [2012/06/23 03:37:35 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll [2012/06/23 03:37:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe [2012/06/23 03:37:34 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe [2012/06/23 03:37:34 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe [2012/06/23 03:37:22 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll [2012/06/23 03:37:22 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe [2012/06/23 03:37:22 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll [2012/06/23 03:37:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll [2012/06/23 03:37:22 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe [2012/06/23 03:37:22 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll [2012/06/23 03:37:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll [2012/06/23 03:37:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll [2012/06/23 03:37:21 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe [2012/06/23 03:37:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe [2012/06/23 03:37:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe [2012/06/23 03:37:08 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll [2012/06/23 03:37:08 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll [2012/06/23 03:37:08 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll [2012/06/23 03:37:07 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll [2012/06/23 03:37:07 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll [2012/06/23 03:37:07 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe [2012/06/23 03:37:07 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll [2012/06/23 03:37:07 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe [2012/06/23 03:37:07 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll [2012/06/23 03:37:07 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll [2012/06/23 03:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune [2012/06/23 03:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Zune [2012/06/23 03:31:45 | 001,547,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2012/06/23 03:31:44 | 001,701,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2012/06/23 03:31:02 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe [2012/06/23 03:31:02 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe [2012/06/23 03:30:34 | 001,210,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012/06/23 03:30:25 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012/06/23 03:30:25 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012/06/23 03:29:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2012/06/23 03:29:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2012/06/23 03:29:55 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2012/06/23 03:29:52 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2012/06/23 03:29:47 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2012/06/23 03:29:47 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2012/06/23 03:29:47 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2012/06/23 03:29:46 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2012/06/23 03:29:45 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2012/06/23 03:29:45 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2012/06/23 03:29:45 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2012/06/23 03:29:44 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2012/06/23 03:29:44 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2012/06/23 03:29:44 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2012/06/23 03:29:43 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2012/06/23 03:29:43 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2012/06/23 03:29:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2012/06/23 03:29:39 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/06/23 03:29:38 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/06/23 03:29:37 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012/06/23 03:28:22 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2012/06/23 03:28:21 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2012/06/23 03:28:17 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll [2012/06/23 03:28:17 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll [2012/06/23 03:28:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll [2012/06/23 03:28:16 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2012/06/23 03:28:12 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/06/23 03:28:12 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/06/23 03:24:06 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012/06/23 03:24:06 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012/06/23 03:16:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2012/06/23 02:53:09 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{3485212A-AB11-4E82-8BD9-8EA490C38DAB} [2012/06/20 22:37:17 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/06/20 22:37:17 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/06/20 22:37:17 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/20 22:36:43 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2012/06/20 22:36:43 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/20 22:36:42 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/20 22:36:42 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2012/06/20 22:36:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/20 22:36:42 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2012/06/20 22:36:32 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/06/20 22:36:32 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2012/06/20 22:36:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/06/20 22:36:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2012/06/20 08:54:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio [2012/06/20 08:54:51 | 000,049,664 | ---- | C] (CamStudio Group) -- C:\Windows\SysNative\CamCodec.dll [2012/06/20 08:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CamStudio 2.6b [2012/06/18 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\PHPRunnerProjects [2012/06/18 17:07:37 | 000,000,000 | ---D | C] -- C:\Users\Nick\Documents\PHPRunnerLayouts [2012/06/18 10:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHPRunner6.1 [2012/06/18 10:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PHPRunner6.1 [2012/06/18 07:49:43 | 000,000,000 | ---D | C] -- C:\xampp [2012/06/18 07:00:39 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\nuBuilder [4 C:\Users\Nick\Documents\*.tmp files -> C:\Users\Nick\Documents\*.tmp -> ] [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/07/14 16:21:44 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/07/14 16:21:44 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/07/14 15:53:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/07/14 10:24:49 | 000,000,896 | ---- | M] () -- C:\Users\Nick\Desktop\magicJack.lnk [2012/07/14 10:24:17 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/07/14 10:21:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/07/14 10:21:15 | 001,168,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/14 10:16:10 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012/07/14 10:04:42 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/07/14 10:04:42 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/07/14 07:39:08 | 000,081,408 | ---- | M] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/07/14 07:33:29 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/14 07:28:30 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2012/07/14 07:28:30 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012/07/14 07:28:30 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/07/14 07:28:30 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/07/14 07:28:30 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/07/11 05:05:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/07/11 02:54:01 | 000,000,059 | ---- | M] () -- C:\Windows\wpd99.drv [2012/07/10 08:07:42 | 000,000,000 | ---- | M] () -- C:\Users\Nick\defogger_reenable [2012/07/09 22:50:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/07/09 22:10:07 | 000,007,728 | ---- | M] () -- C:\Users\Nick\AppData\Local\d3d9caps.dat [2012/07/09 22:06:25 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/07/09 20:57:09 | 000,442,985 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120709-210124.backup [2012/07/08 23:52:17 | 000,001,460 | ---- | M] () -- C:\Users\Nick\AppData\Local\d3d9caps64.dat [2012/07/08 23:36:31 | 000,001,129 | ---- | M] () -- C:\Users\Nick\Desktop\Spybot - Search & Destroy.lnk [2012/07/06 19:08:59 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\HTML-Kit.lnk [2012/07/04 17:04:36 | 000,878,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/07/04 17:04:36 | 000,728,552 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/07/04 17:04:36 | 000,152,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/07/04 15:32:55 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/07/03 11:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/07/03 11:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/07/03 11:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/07/03 11:21:52 | 000,044,272 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012/07/03 11:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/07/03 11:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012/07/03 11:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/07/03 11:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012/06/30 07:54:43 | 000,000,550 | ---- | M] () -- C:\Users\Nick\Documents\recaptchamail.html [2012/06/25 18:12:05 | 000,000,198 | ---- | M] () -- C:\Windows\ODBC.INI [2012/06/25 18:08:18 | 000,466,944 | ---- | M] (WeOnlyDo! COM) -- C:\Windows\SysWow64\wodSFTP.ocx [2012/06/24 08:53:56 | 000,000,919 | ---- | M] () -- C:\Users\Nick\Desktop\ASPRunner Professional 7.1.lnk [2012/06/20 08:54:54 | 000,000,816 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk [2012/06/18 09:12:39 | 000,000,560 | ---- | M] () -- C:\Users\Nick\Desktop\XAMPP.lnk [2012/06/18 08:23:23 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [4 C:\Users\Nick\Documents\*.tmp files -> C:\Users\Nick\Documents\*.tmp -> ] [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/07/11 04:46:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/07/11 04:46:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/07/11 04:46:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/07/11 04:46:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/07/11 04:46:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/07/10 08:07:42 | 000,000,000 | ---- | C] () -- C:\Users\Nick\defogger_reenable [2012/07/09 22:06:25 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012/07/09 22:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012/07/06 19:08:59 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\HTML-Kit.lnk [2012/07/06 18:03:57 | 000,232,448 | ---- | C] () -- C:\libtidy.dll [2012/06/30 07:52:04 | 000,000,550 | ---- | C] () -- C:\Users\Nick\Documents\recaptchamail.html [2012/06/25 18:11:44 | 000,000,198 | ---- | C] () -- C:\Windows\ODBC.INI [2012/06/24 08:53:56 | 000,000,919 | ---- | C] () -- C:\Users\Nick\Desktop\ASPRunner Professional 7.1.lnk [2012/06/23 03:37:11 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs [2012/06/23 03:37:11 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs [2012/06/23 03:37:11 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml [2012/06/23 03:37:11 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml [2012/06/23 03:37:11 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl [2012/06/23 03:37:11 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl [2012/06/23 03:17:05 | 000,001,968 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk [2012/06/20 08:54:54 | 000,000,816 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk [2012/06/18 09:12:39 | 000,000,560 | ---- | C] () -- C:\Users\Nick\Desktop\XAMPP.lnk [2012/06/11 04:15:23 | 000,000,239 | ---- | C] () -- C:\Windows\w32demo8.ini [2012/06/08 22:55:43 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2012/06/08 22:55:43 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2012/06/08 22:55:42 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2012/06/08 22:55:42 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2012/06/08 22:55:42 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2012/04/18 11:22:51 | 000,000,847 | ---- | C] () -- C:\Users\Nick\AppData\Local\recently-used.xbel [2012/02/12 16:53:26 | 000,001,806 | ---- | C] () -- C:\Windows\TSearch.INI [2012/01/18 01:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012/01/18 01:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012/01/18 01:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2012/01/09 20:50:22 | 000,000,139 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2012/01/05 02:34:32 | 000,000,032 | ---- | C] () -- C:\ProgramData\grph.dat [2011/10/03 23:16:37 | 000,148,214 | ---- | C] () -- C:\Windows\hpoins19.dat.temp [2011/10/03 23:16:37 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2011/10/01 22:07:03 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2011/08/19 20:44:05 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2011/07/09 16:11:35 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini [2011/07/09 16:07:24 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll [2011/07/09 16:07:24 | 000,000,059 | ---- | C] () -- C:\Windows\wpd99.drv [2011/06/09 07:34:49 | 000,000,921 | ---- | C] () -- C:\Users\Nick\.lmmsrc.xml [2011/05/31 22:51:39 | 000,000,061 | ---- | C] () -- C:\Windows\SysWow64\SYSVCPDRV.SYS [2011/05/19 08:11:44 | 000,224,488 | ---- | C] () -- C:\Windows\XSitePro2 Resource Pack 1 Uninstaller.exe [2011/05/19 07:53:23 | 002,066,218 | ---- | C] () -- C:\Windows\XSitePro2.5 Resource Pack Uninstaller.exe [2011/05/19 07:42:28 | 001,072,575 | ---- | C] () -- C:\Windows\XSitePro2 Uninstaller.exe [2011/05/17 03:22:04 | 000,148,926 | ---- | C] () -- C:\Windows\hpoins19.dat [2011/05/17 03:21:36 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011/05/11 17:00:42 | 000,000,018 | ---- | C] () -- C:\Windows\ScrCap.ini [2011/04/19 23:43:01 | 000,007,728 | ---- | C] () -- C:\Users\Nick\AppData\Local\d3d9caps.dat [2011/04/19 18:49:10 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2011/04/19 18:48:23 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2011/04/19 18:47:41 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2011/04/16 21:27:13 | 000,011,776 | ---- | C] () -- C:\Users\Nick\AppData\Roaming\Settings.cfg [2011/04/16 21:22:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/04/16 15:41:24 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/04/15 04:49:49 | 000,875,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/15 03:59:47 | 000,001,460 | ---- | C] () -- C:\Users\Nick\AppData\Local\d3d9caps64.dat [2011/04/15 03:06:53 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011/04/15 02:52:06 | 000,000,130 | ---- | C] () -- C:\Users\Nick\AppData\Roaming\wklnhst.dat [2011/04/15 01:47:59 | 000,081,408 | ---- | C] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:F87C192A @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:157E1AD3 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:A5B56640 < End of report >

I just done a few searches and discovered the browser hijacker still exists. I have started saving the URLs in a text file and contacting the companies they are affiliated with in the hopes of getting their affiliate accounts shut down as they are advertising their affiliate links via criminal acts. Therefore, I'm still infected.

syddee - You can get it here: http://www.malwarebytes.org/products/malwarebytes_free Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.14.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Nick :: LOOMPALAND [administrator] 7/14/2012 7:35:14 AM mbam-log-2012-07-14 (07-35-14).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 216371 Time elapsed: 3 minute(s), 16 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:40:44 AM, on 7/14/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Nick\AppData\Roaming\mjusbsp\magicJack.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nick\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [cdloader] "C:\Users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -update plugin O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} (Java Plug-in 1.6.0_25) - O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.7.0_01) - O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9403 bytes So far it seems as if there's no more browser redirects, even though I have no clue how it was deleted as the AV scans didn't find anything.

Why did you want me to rescan with Combofix? aswMBR was the one that didn't ask for updates. In any case, I did as the previous post specified. Below are the scan results: ComboFix 12-07-13.03 - Nick 07/13/2012 13:39:36.3.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7037.3688 [GMT -5:00] Running from: c:\users\Nick\Downloads\Combofix\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-06-13 to 2012-07-13 ))))))))))))))))))))))))))))))) . . 2012-07-13 18:52 . 2012-07-13 18:52 -------- d-----w- c:\users\Nick\AppData\Local\temp 2012-07-13 18:52 . 2012-07-13 18:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-10 03:06 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-10 03:06 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-10 03:06 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-10 03:06 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-10 03:06 . 2012-07-03 16:21 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-10 03:06 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-07-10 03:06 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr 2012-07-10 03:06 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-07-10 03:05 . 2012-07-10 03:05 -------- d-----w- c:\programdata\AVAST Software 2012-07-10 03:05 . 2012-07-10 03:05 -------- d-----w- c:\program files\AVAST Software 2012-07-10 01:18 . 2012-07-10 01:18 -------- d-----w- c:\programdata\GFI Software 2012-07-09 05:27 . 2012-07-10 00:02 -------- d-----w- C:\sh4ldr 2012-07-09 05:27 . 2012-07-09 05:27 -------- d-----w- c:\program files\Enigma Software Group 2012-07-09 05:26 . 2012-07-10 00:02 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-07-09 05:26 . 2012-07-09 05:26 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-07-07 00:08 . 2012-07-07 00:08 -------- d-----w- c:\program files (x86)\Chami 2012-07-06 23:03 . 2009-11-06 13:15 232448 ----a-w- C:\libtidy.dll 2012-07-05 00:34 . 2012-07-05 00:34 -------- d-----w- c:\users\Nick\.idlerc 2012-07-05 00:31 . 2012-07-06 23:03 -------- d-----w- C:\Python27 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\users\Nick\AppData\Local\Wondershare 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\program files (x86)\Common Files\Wondershare 2012-07-04 21:23 . 2012-07-04 21:24 -------- d-----w- c:\users\Nick\AppData\Roaming\Wondershare 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\program files (x86)\Wondershare 2012-07-03 21:13 . 2012-02-10 22:19 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{890F334B-D606-498B-B60C-6E607927B377}\gapaengine.dll 2012-06-26 03:17 . 2012-07-09 23:11 -------- d-----w- c:\program files (x86)\NetMake 2012-06-25 23:20 . 2012-06-25 23:27 -------- d-----w- c:\users\Nick\AppData\Local\CCS5 2012-06-25 23:08 . 2012-06-25 23:08 466944 ----a-w- c:\windows\SysWow64\wodSFTP.ocx 2012-06-25 22:33 . 2012-06-25 22:33 -------- d-----w- c:\program files (x86)\Windows Script Control 2012-06-25 22:32 . 2012-06-25 22:33 -------- d-----w- c:\program files (x86)\Common Files\e.World 2012-06-24 13:53 . 2012-06-24 13:53 -------- d-----w- c:\program files (x86)\ASPRunnerPro7.1 2012-06-23 23:56 . 2012-06-23 23:56 -------- d-----w- c:\users\Nick\AppData\Local\Macromedia 2012-06-23 08:35 . 2012-06-23 08:35 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR 2012-06-23 08:31 . 2009-07-27 15:00 1547776 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2012-06-23 08:31 . 2009-07-27 15:09 1701888 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-06-23 08:31 . 2009-09-10 15:27 1486848 ----a-w- c:\program files\Windows Media Player\setup_wm.exe 2012-06-23 08:31 . 2009-09-10 14:58 1418752 ----a-w- c:\program files (x86)\Windows Media Player\setup_wm.exe 2012-06-23 08:31 . 2009-09-10 15:27 372736 ----a-w- c:\windows\system32\unregmp2.exe 2012-06-23 08:31 . 2009-09-10 14:58 310784 ----a-w- c:\windows\SysWow64\unregmp2.exe 2012-06-23 08:30 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll 2012-06-23 08:30 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-06-23 08:30 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2012-06-23 08:28 . 2010-08-26 17:42 1927680 ----a-w- c:\windows\system32\gameux.dll 2012-06-23 08:28 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\SysWow64\gameux.dll 2012-06-23 08:28 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2012-06-23 08:28 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2012-06-23 08:28 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2012-06-23 08:28 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-06-23 08:28 . 2012-04-23 16:25 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-23 08:28 . 2012-04-23 16:25 1267200 ----a-w- c:\windows\system32\crypt32.dll 2012-06-23 08:28 . 2012-04-23 16:00 984064 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-23 08:28 . 2012-04-23 16:25 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-23 08:28 . 2012-04-23 16:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-23 08:28 . 2012-04-23 16:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-23 08:24 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2012-06-23 08:24 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2012-06-23 08:16 . 2012-06-23 08:16 -------- d-----w- c:\program files\Microsoft 2012-06-21 03:37 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 03:37 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 03:37 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 03:37 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 03:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 03:36 . 2012-06-02 22:12 88576 ----a-w- c:\windows\SysWow64\wudriver.dll 2012-06-21 03:36 . 2012-06-02 22:19 35864 ----a-w- c:\windows\SysWow64\wups.dll 2012-06-21 03:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 03:36 . 2012-06-02 22:19 577048 ----a-w- c:\windows\SysWow64\wuapi.dll 2012-06-21 03:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 03:36 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 03:36 . 2012-06-02 20:19 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll 2012-06-21 03:36 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-21 03:36 . 2012-06-02 20:12 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2012-06-20 13:54 . 2012-06-20 13:54 -------- d-----w- c:\program files (x86)\CamStudio 2.6b 2012-06-20 13:54 . 2010-10-24 05:56 49664 ----a-w- c:\windows\system32\CamCodec.dll 2012-06-18 15:04 . 2012-06-18 15:12 -------- d-----w- c:\program files (x86)\PHPRunner6.1 2012-06-18 12:49 . 2012-06-26 03:51 -------- d-----w- C:\xampp 2012-06-14 19:27 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll 2012-06-14 19:27 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll 2012-06-14 19:27 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll 2012-06-14 19:27 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-23 23:34 . 2012-04-05 11:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 23:34 . 2011-05-14 05:15 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-08 14:41 . 2012-06-03 12:37 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll 2012-06-08 05:31 . 2012-06-08 05:31 955848 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-08 05:31 . 2011-11-17 20:18 839112 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-04 20:49 . 2012-06-03 12:22 565056 ----a-w- c:\programdata\Microsoft\VWDExpress\10.0\1033\ResourceCache.dll 2012-06-04 12:22 . 2011-04-22 12:56 100512 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll 2012-06-04 12:20 . 2012-05-30 05:42 190656 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll 2012-05-17 22:36 . 2012-06-09 03:55 2468520 ----a-w- c:\windows\SysWow64\BootMan.exe 2012-05-15 20:15 . 2012-06-13 02:13 2767360 ----a-w- c:\windows\system32\win32k.sys 2012-05-15 16:13 . 2012-06-09 03:55 3316736 ----a-w- c:\windows\system32\BootMan.exe 2012-05-03 22:52 . 2012-06-09 04:09 25224 ----a-w- c:\windows\system32\fbnative.exe 2012-05-03 22:52 . 2012-06-09 04:10 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys 2012-05-03 22:52 . 2012-06-09 04:10 48776 ----a-w- c:\windows\system32\drivers\EUBKMON.sys 2012-05-03 22:51 . 2012-06-09 04:10 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys 2012-05-03 22:51 . 2012-06-09 04:10 58504 ----a-w- c:\windows\system32\drivers\eubakup.sys 2012-05-01 14:29 . 2012-06-13 02:16 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-11_10.05.17 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-21 03:20 . 2012-07-11 08:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2012-07-13 17:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-01-21 03:20 . 2012-07-13 17:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-01-21 03:20 . 2012-07-11 08:54 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-01-21 03:20 . 2012-07-13 17:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-01-21 03:20 . 2012-07-11 08:54 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-07-09 05:05 . 2012-07-11 05:53 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2012-07-09 05:05 . 2012-07-13 07:53 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2006-11-02 12:33 . 2012-07-11 10:33 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat - 2006-11-02 12:33 . 2012-07-10 00:24 11010048 c:\windows\system32\SMI\Store\Machine\schema.dat + 2012-07-13 12:29 . 2012-07-13 18:37 10850304 c:\windows\erdnt\Hiv-backup\schema.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "cdloader"="c:\users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 62743802 *Deregistered* - 62743802 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-06 13:10] . 2012-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-06 13:10] . 2012-07-04 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 16:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-12 15853088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-12 82464] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\guard64.dll . ------- Supplementary Scan ------- . uStart Page = about:blank mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mLocal Page = c:\windows\SysWOW64\blank.htm IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.254 DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\9kqhg7vi.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MsDepSvc] "ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{8AAF211B-043E02A9-05040000}] "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2012-07-13 13:56:06 ComboFix-quarantined-files.txt 2012-07-13 18:56 ComboFix2.txt 2012-07-13 12:51 ComboFix3.txt 2012-07-11 10:09 . Pre-Run: 258,419,138,560 bytes free Post-Run: 258,370,392,064 bytes free . - - End Of File - - C81A3D2893A5189561BFFE167494B08C

Both scans turned up clean. aswMBR did not ask me to update anything. Below are the logs. 07:27:56.0869 3424 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 07:27:57.0434 3424 ============================================================ 07:27:57.0434 3424 Current date / time: 2012/07/12 07:27:57.0434 07:27:57.0434 3424 SystemInfo: 07:27:57.0434 3424 07:27:57.0435 3424 OS Version: 6.0.6002 ServicePack: 2.0 07:27:57.0435 3424 Product type: Workstation 07:27:57.0435 3424 ComputerName: LOOMPALAND 07:27:57.0435 3424 UserName: Nick 07:27:57.0435 3424 Windows directory: C:\Windows 07:27:57.0435 3424 System windows directory: C:\Windows 07:27:57.0435 3424 Running under WOW64 07:27:57.0435 3424 Processor architecture: Intel x64 07:27:57.0435 3424 Number of processors: 4 07:27:57.0436 3424 Page size: 0x1000 07:27:57.0436 3424 Boot type: Normal boot 07:27:57.0436 3424 ============================================================ 07:27:58.0081 3424 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 07:27:58.0106 3424 Drive \Device\Harddisk3\DR3 - Size: 0x75E00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 07:27:58.0115 3424 ============================================================ 07:27:58.0115 3424 \Device\Harddisk0\DR0: 07:27:58.0115 3424 MBR partitions: 07:27:58.0115 3424 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3691DA1E 07:27:58.0115 3424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x36920800, BlocksNum 0x124F7800 07:27:58.0116 3424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48E18550, BlocksNum 0x1A3E971 07:27:58.0116 3424 \Device\Harddisk3\DR3: 07:27:58.0118 3424 MBR partitions: 07:27:58.0118 3424 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039 07:27:58.0118 3424 ============================================================ 07:27:58.0138 3424 C: <-> \Device\Harddisk0\DR0\Partition0 07:27:58.0189 3424 E: <-> \Device\Harddisk0\DR0\Partition1 07:27:58.0235 3424 D: <-> \Device\Harddisk0\DR0\Partition2 07:27:58.0235 3424 ============================================================ 07:27:58.0235 3424 Initialize success 07:27:58.0235 3424 ============================================================ 07:28:02.0423 1824 ============================================================ 07:28:02.0424 1824 Scan started 07:28:02.0424 1824 Mode: Manual; 07:28:02.0424 1824 ============================================================ 07:28:03.0214 1824 ABBYY.Licensing.FineReader.Corporate.10.0 (d5934c8b21c2bbbdd259b691defe33ba) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe 07:28:03.0227 1824 ABBYY.Licensing.FineReader.Corporate.10.0 - ok 07:28:03.0361 1824 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys 07:28:03.0369 1824 ACPI - ok 07:28:03.0441 1824 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys 07:28:03.0472 1824 adp94xx - ok 07:28:03.0553 1824 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys 07:28:03.0607 1824 adpahci - ok 07:28:03.0650 1824 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys 07:28:03.0663 1824 adpu160m - ok 07:28:03.0711 1824 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys 07:28:03.0729 1824 adpu320 - ok 07:28:03.0764 1824 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll 07:28:03.0766 1824 AeLookupSvc - ok 07:28:03.0839 1824 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys 07:28:03.0850 1824 AFD - ok 07:28:03.0884 1824 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys 07:28:03.0886 1824 agp440 - ok 07:28:03.0901 1824 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys 07:28:03.0906 1824 aic78xx - ok 07:28:03.0935 1824 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe 07:28:03.0940 1824 ALG - ok 07:28:03.0954 1824 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys 07:28:03.0956 1824 aliide - ok 07:28:03.0971 1824 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys 07:28:03.0973 1824 amdide - ok 07:28:04.0001 1824 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys 07:28:04.0004 1824 AmdK8 - ok 07:28:04.0059 1824 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 07:28:04.0062 1824 androidusb - ok 07:28:04.0090 1824 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll 07:28:04.0093 1824 Appinfo - ok 07:28:04.0122 1824 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys 07:28:04.0135 1824 arc - ok 07:28:04.0161 1824 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys 07:28:04.0164 1824 arcsas - ok 07:28:04.0311 1824 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 07:28:04.0313 1824 aspnet_state - ok 07:28:04.0329 1824 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 07:28:04.0331 1824 aswFsBlk - ok 07:28:04.0358 1824 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 07:28:04.0364 1824 aswMonFlt - ok 07:28:04.0388 1824 AswRdr (8047968ed077344c10b3bb81643f4c79) C:\Windows\system32\drivers\AswRdr.sys 07:28:04.0390 1824 AswRdr - ok 07:28:04.0466 1824 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 07:28:04.0513 1824 aswSnx - ok 07:28:04.0555 1824 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 07:28:04.0567 1824 aswSP - ok 07:28:04.0597 1824 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys 07:28:04.0599 1824 AsyncMac - ok 07:28:04.0647 1824 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys 07:28:04.0649 1824 atapi - ok 07:28:04.0721 1824 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 07:28:04.0738 1824 AudioEndpointBuilder - ok 07:28:04.0750 1824 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll 07:28:04.0757 1824 AudioSrv - ok 07:28:04.0803 1824 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 07:28:04.0805 1824 avast! Antivirus - ok 07:28:04.0829 1824 Beep - ok 07:28:04.0909 1824 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll 07:28:04.0926 1824 BFE - ok 07:28:05.0028 1824 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll 07:28:05.0070 1824 BITS - ok 07:28:05.0111 1824 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys 07:28:05.0114 1824 blbdrive - ok 07:28:05.0169 1824 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys 07:28:05.0174 1824 bowser - ok 07:28:05.0206 1824 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys 07:28:05.0208 1824 BrFiltLo - ok 07:28:05.0221 1824 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys 07:28:05.0222 1824 BrFiltUp - ok 07:28:05.0264 1824 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll 07:28:05.0276 1824 Browser - ok 07:28:05.0304 1824 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys 07:28:05.0309 1824 Brserid - ok 07:28:05.0334 1824 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys 07:28:05.0337 1824 BrSerWdm - ok 07:28:05.0353 1824 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys 07:28:05.0355 1824 BrUsbMdm - ok 07:28:05.0368 1824 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys 07:28:05.0370 1824 BrUsbSer - ok 07:28:05.0438 1824 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys 07:28:05.0440 1824 BthEnum - ok 07:28:05.0478 1824 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys 07:28:05.0480 1824 BTHMODEM - ok 07:28:05.0524 1824 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys 07:28:05.0536 1824 BthPan - ok 07:28:05.0605 1824 BTHPORT (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys 07:28:05.0629 1824 BTHPORT - ok 07:28:05.0708 1824 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll 07:28:05.0711 1824 BthServ - ok 07:28:05.0753 1824 BTHUSB (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys 07:28:05.0756 1824 BTHUSB - ok 07:28:05.0844 1824 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys 07:28:05.0858 1824 BTWAMPFL - ok 07:28:05.0913 1824 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys 07:28:05.0925 1824 btwaudio - ok 07:28:05.0943 1824 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\drivers\btwavdt.sys 07:28:05.0947 1824 btwavdt - ok 07:28:06.0109 1824 btwdins (1ad3a2baf31c4327dcbb2b0eca4a23bb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 07:28:06.0148 1824 btwdins - ok 07:28:06.0171 1824 btwl2cap (346b4051b3d7ff70e8f027869b8eca6e) C:\Windows\system32\DRIVERS\btwl2cap.sys 07:28:06.0174 1824 btwl2cap - ok 07:28:06.0226 1824 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys 07:28:06.0228 1824 btwrchid - ok 07:28:06.0240 1824 catchme - ok 07:28:06.0279 1824 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys 07:28:06.0283 1824 cdfs - ok 07:28:06.0340 1824 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys 07:28:06.0353 1824 cdrom - ok 07:28:06.0412 1824 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 07:28:06.0415 1824 CertPropSvc - ok 07:28:06.0443 1824 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys 07:28:06.0445 1824 circlass - ok 07:28:06.0517 1824 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys 07:28:06.0529 1824 CLFS - ok 07:28:06.0592 1824 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 07:28:06.0595 1824 clr_optimization_v2.0.50727_32 - ok 07:28:06.0653 1824 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 07:28:06.0656 1824 clr_optimization_v2.0.50727_64 - ok 07:28:06.0759 1824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 07:28:06.0771 1824 clr_optimization_v4.0.30319_32 - ok 07:28:06.0797 1824 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 07:28:06.0808 1824 clr_optimization_v4.0.30319_64 - ok 07:28:07.0134 1824 cmdAgent (cee48ccc4d561ddb19c72f9fb55d28d5) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 07:28:07.0165 1824 cmdAgent - ok 07:28:07.0335 1824 cmdGuard (98e9ac5f001ab92fd05de5db04621fea) C:\Windows\system32\DRIVERS\cmdguard.sys 07:28:07.0365 1824 cmdGuard - ok 07:28:07.0382 1824 cmdHlp (ba0e1a71d4a05f5dcdbce2070b934b5a) C:\Windows\system32\DRIVERS\cmdhlp.sys 07:28:07.0383 1824 cmdHlp - ok 07:28:07.0409 1824 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys 07:28:07.0410 1824 cmdide - ok 07:28:07.0425 1824 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys 07:28:07.0426 1824 Compbatt - ok 07:28:07.0435 1824 COMSysApp - ok 07:28:07.0461 1824 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys 07:28:07.0462 1824 crcdisk - ok 07:28:07.0546 1824 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll 07:28:07.0598 1824 CryptSvc - ok 07:28:07.0738 1824 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 07:28:07.0786 1824 DcomLaunch - ok 07:28:07.0850 1824 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys 07:28:07.0855 1824 DfsC - ok 07:28:08.0210 1824 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe 07:28:08.0286 1824 DFSR - ok 07:28:08.0430 1824 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll 07:28:08.0440 1824 Dhcp - ok 07:28:08.0510 1824 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys 07:28:08.0514 1824 disk - ok 07:28:08.0573 1824 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll 07:28:08.0586 1824 Dnscache - ok 07:28:08.0641 1824 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll 07:28:08.0651 1824 dot3svc - ok 07:28:08.0714 1824 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys 07:28:08.0724 1824 Dot4 - ok 07:28:08.0787 1824 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys 07:28:08.0790 1824 Dot4Print - ok 07:28:08.0810 1824 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys 07:28:08.0813 1824 dot4usb - ok 07:28:08.0855 1824 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll 07:28:08.0866 1824 DPS - ok 07:28:08.0903 1824 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys 07:28:08.0905 1824 drmkaud - ok 07:28:09.0009 1824 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys 07:28:09.0042 1824 DXGKrnl - ok 07:28:09.0074 1824 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys 07:28:09.0085 1824 E1G60 - ok 07:28:09.0107 1824 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll 07:28:09.0113 1824 EapHost - ok 07:28:09.0225 1824 EaseUS Agent (1428af5504e8d8b353f5136bdecc20cc) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 07:28:09.0228 1824 EaseUS Agent - ok 07:28:09.0282 1824 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys 07:28:09.0293 1824 Ecache - ok 07:28:09.0380 1824 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe 07:28:09.0389 1824 ehRecvr - ok 07:28:09.0418 1824 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe 07:28:09.0430 1824 ehSched - ok 07:28:09.0474 1824 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll 07:28:09.0476 1824 ehstart - ok 07:28:09.0523 1824 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys 07:28:09.0547 1824 elxstor - ok 07:28:09.0626 1824 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll 07:28:09.0645 1824 EMDMgmt - ok 07:28:09.0699 1824 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys 07:28:09.0702 1824 epmntdrv - ok 07:28:09.0721 1824 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys 07:28:09.0723 1824 ErrDev - ok 07:28:09.0780 1824 EUBAKUP (268999a7b9ae8f1ab0bf833c264ff2d7) C:\Windows\system32\drivers\eubakup.sys 07:28:09.0783 1824 EUBAKUP - ok 07:28:09.0793 1824 EUBKMON (bbb7392ddc92d653afbf2f93354db9f2) C:\Windows\system32\drivers\EUBKMON.sys 07:28:09.0795 1824 EUBKMON - ok 07:28:09.0817 1824 EUDSKACS (f5ca6da167b70478c5ac745be27ab33e) C:\Windows\system32\drivers\eudskacs.sys 07:28:09.0819 1824 EUDSKACS - ok 07:28:09.0842 1824 EUFDDISK (8cd7997a5a9098f110b14feae80fc348) C:\Windows\system32\drivers\EuFdDisk.sys 07:28:09.0851 1824 EUFDDISK - ok 07:28:09.0900 1824 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys 07:28:09.0902 1824 EuGdiDrv - ok 07:28:09.0973 1824 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll 07:28:09.0986 1824 EventSystem - ok 07:28:10.0030 1824 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys 07:28:10.0040 1824 exfat - ok 07:28:10.0086 1824 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys 07:28:10.0097 1824 fastfat - ok 07:28:10.0122 1824 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys 07:28:10.0123 1824 fdc - ok 07:28:10.0151 1824 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll 07:28:10.0155 1824 fdPHost - ok 07:28:10.0170 1824 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll 07:28:10.0174 1824 FDResPub - ok 07:28:10.0191 1824 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys 07:28:10.0197 1824 FileInfo - ok 07:28:10.0215 1824 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys 07:28:10.0218 1824 Filetrace - ok 07:28:10.0235 1824 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 07:28:10.0238 1824 flpydisk - ok 07:28:10.0306 1824 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys 07:28:10.0314 1824 FltMgr - ok 07:28:10.0450 1824 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll 07:28:10.0507 1824 FontCache - ok 07:28:10.0580 1824 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 07:28:10.0583 1824 FontCache3.0.0.0 - ok 07:28:10.0641 1824 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys 07:28:10.0643 1824 fssfltr - ok 07:28:10.0878 1824 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 07:28:10.0929 1824 fsssvc - ok 07:28:11.0047 1824 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys 07:28:11.0050 1824 Fs_Rec - ok 07:28:11.0077 1824 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys 07:28:11.0079 1824 gagp30kx - ok 07:28:11.0163 1824 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll 07:28:11.0177 1824 gpsvc - ok 07:28:11.0300 1824 Guard Agent (922d79bfe60e6277daa15dfd2a751f4d) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe 07:28:11.0302 1824 Guard Agent - ok 07:28:11.0405 1824 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 07:28:11.0407 1824 gupdate - ok 07:28:11.0426 1824 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 07:28:11.0428 1824 gupdatem - ok 07:28:11.0527 1824 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys 07:28:11.0566 1824 HDAudBus - ok 07:28:11.0595 1824 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys 07:28:11.0597 1824 HidBth - ok 07:28:11.0625 1824 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys 07:28:11.0627 1824 HidIr - ok 07:28:11.0669 1824 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll 07:28:11.0672 1824 hidserv - ok 07:28:11.0707 1824 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys 07:28:11.0710 1824 HidUsb - ok 07:28:11.0737 1824 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll 07:28:11.0742 1824 hkmsvc - ok 07:28:11.0776 1824 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys 07:28:11.0777 1824 HpCISSs - ok 07:28:11.0868 1824 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys 07:28:11.0887 1824 HTTP - ok 07:28:11.0907 1824 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys 07:28:11.0909 1824 i2omp - ok 07:28:11.0943 1824 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys 07:28:11.0949 1824 i8042prt - ok 07:28:11.0976 1824 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys 07:28:11.0982 1824 iaStorV - ok 07:28:12.0101 1824 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 07:28:12.0136 1824 idsvc - ok 07:28:12.0156 1824 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys 07:28:12.0159 1824 iirsp - ok 07:28:12.0228 1824 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll 07:28:12.0248 1824 IKEEXT - ok 07:28:12.0300 1824 inspect (1d942e294a72a2a9ec527b327ae4f4bd) C:\Windows\system32\DRIVERS\inspect.sys 07:28:12.0305 1824 inspect - ok 07:28:12.0522 1824 IntcAzAudAddService (1edab7f9b9de4424beccdef950ce2ff0) C:\Windows\system32\drivers\RTKVHD64.sys 07:28:12.0569 1824 IntcAzAudAddService - ok 07:28:12.0660 1824 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys 07:28:12.0662 1824 intelide - ok 07:28:12.0695 1824 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys 07:28:12.0696 1824 intelppm - ok 07:28:12.0729 1824 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll 07:28:12.0743 1824 IPBusEnum - ok 07:28:12.0802 1824 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys 07:28:12.0809 1824 IpFilterDriver - ok 07:28:12.0883 1824 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll 07:28:12.0919 1824 iphlpsvc - ok 07:28:12.0923 1824 IpInIp - ok 07:28:12.0972 1824 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys 07:28:12.0975 1824 IPMIDRV - ok 07:28:13.0028 1824 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys 07:28:13.0041 1824 IPNAT - ok 07:28:13.0049 1824 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys 07:28:13.0051 1824 IRENUM - ok 07:28:13.0109 1824 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys 07:28:13.0112 1824 isapnp - ok 07:28:13.0167 1824 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys 07:28:13.0175 1824 iScsiPrt - ok 07:28:13.0232 1824 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys 07:28:13.0235 1824 iteatapi - ok 07:28:13.0264 1824 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys 07:28:13.0267 1824 iteraid - ok 07:28:13.0308 1824 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys 07:28:13.0311 1824 kbdclass - ok 07:28:13.0360 1824 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys 07:28:13.0362 1824 kbdhid - ok 07:28:13.0419 1824 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 07:28:13.0424 1824 KeyIso - ok 07:28:13.0616 1824 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys 07:28:13.0658 1824 KSecDD - ok 07:28:13.0709 1824 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys 07:28:13.0712 1824 ksthunk - ok 07:28:13.0801 1824 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll 07:28:13.0859 1824 KtmRm - ok 07:28:13.0952 1824 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll 07:28:13.0963 1824 LanmanServer - ok 07:28:14.0038 1824 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll 07:28:14.0057 1824 LanmanWorkstation - ok 07:28:14.0133 1824 LightScribeService (e75adcfafdef3f4c3af3332928d59926) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 07:28:14.0136 1824 LightScribeService - ok 07:28:14.0148 1824 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys 07:28:14.0152 1824 lltdio - ok 07:28:14.0190 1824 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll 07:28:14.0230 1824 lltdsvc - ok 07:28:14.0246 1824 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll 07:28:14.0251 1824 lmhosts - ok 07:28:14.0286 1824 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys 07:28:14.0298 1824 LSI_FC - ok 07:28:14.0319 1824 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys 07:28:14.0332 1824 LSI_SAS - ok 07:28:14.0352 1824 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys 07:28:14.0364 1824 LSI_SCSI - ok 07:28:14.0396 1824 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys 07:28:14.0408 1824 luafv - ok 07:28:14.0469 1824 LVRS64 (0c85b2b6fb74b36a251792d45e0ef860) C:\Windows\system32\DRIVERS\lvrs64.sys 07:28:14.0482 1824 LVRS64 - ok 07:28:14.0827 1824 LVUVC64 (ff3a488924b0032b1a9ca6948c1fa9e8) C:\Windows\system32\DRIVERS\lvuvc64.sys 07:28:14.0933 1824 LVUVC64 - ok 07:28:15.0099 1824 massfilter (36efc8c32829a27baf0e63bfdbd5ee90) C:\Windows\system32\drivers\massfilter.sys 07:28:15.0101 1824 massfilter - ok 07:28:15.0124 1824 massfilter_hs (9b4b4838a6c8dc97416581c13cb6482c) C:\Windows\system32\drivers\massfilter_hs.sys 07:28:15.0126 1824 massfilter_hs - ok 07:28:15.0165 1824 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll 07:28:15.0179 1824 Mcx2Svc - ok 07:28:15.0219 1824 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys 07:28:15.0222 1824 megasas - ok 07:28:15.0279 1824 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys 07:28:15.0297 1824 MegaSR - ok 07:28:15.0319 1824 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 07:28:15.0327 1824 MMCSS - ok 07:28:15.0347 1824 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys 07:28:15.0350 1824 Modem - ok 07:28:15.0416 1824 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys 07:28:15.0419 1824 monitor - ok 07:28:15.0439 1824 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys 07:28:15.0442 1824 mouclass - ok 07:28:15.0453 1824 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys 07:28:15.0455 1824 mouhid - ok 07:28:15.0474 1824 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys 07:28:15.0480 1824 MountMgr - ok 07:28:15.0610 1824 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 07:28:15.0623 1824 MozillaMaintenance - ok 07:28:15.0681 1824 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 07:28:15.0732 1824 MpFilter - ok 07:28:15.0764 1824 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys 07:28:15.0776 1824 mpio - ok 07:28:15.0795 1824 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys 07:28:15.0801 1824 mpsdrv - ok 07:28:15.0887 1824 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll 07:28:15.0908 1824 MpsSvc - ok 07:28:15.0935 1824 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys 07:28:15.0938 1824 Mraid35x - ok 07:28:16.0122 1824 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys 07:28:16.0127 1824 MRxDAV - ok 07:28:16.0176 1824 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys 07:28:16.0188 1824 mrxsmb - ok 07:28:16.0233 1824 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys 07:28:16.0246 1824 mrxsmb10 - ok 07:28:16.0262 1824 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys 07:28:16.0267 1824 mrxsmb20 - ok 07:28:16.0289 1824 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys 07:28:16.0291 1824 msahci - ok 07:28:16.0427 1824 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe 07:28:16.0429 1824 MsDepSvc - ok 07:28:16.0453 1824 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys 07:28:16.0457 1824 msdsm - ok 07:28:16.0482 1824 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe 07:28:16.0495 1824 MSDTC - ok 07:28:16.0520 1824 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys 07:28:16.0522 1824 Msfs - ok 07:28:16.0544 1824 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys 07:28:16.0547 1824 msisadrv - ok 07:28:16.0591 1824 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll 07:28:16.0599 1824 MSiSCSI - ok 07:28:16.0605 1824 msiserver - ok 07:28:16.0650 1824 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys 07:28:16.0653 1824 MSKSSRV - ok 07:28:16.0744 1824 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 07:28:16.0746 1824 MsMpSvc - ok 07:28:16.0763 1824 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys 07:28:16.0766 1824 MSPCLOCK - ok 07:28:16.0773 1824 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys 07:28:16.0776 1824 MSPQM - ok 07:28:16.0898 1824 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys 07:28:16.0907 1824 MsRPC - ok 07:28:16.0949 1824 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys 07:28:16.0953 1824 mssmbios - ok 07:28:17.0056 1824 MSSQL$SQLEXPRESS - ok 07:28:17.0150 1824 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 07:28:17.0153 1824 MSSQLServerADHelper100 - ok 07:28:17.0181 1824 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys 07:28:17.0184 1824 MSTEE - ok 07:28:17.0195 1824 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys 07:28:17.0198 1824 Mup - ok 07:28:17.0279 1824 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll 07:28:17.0295 1824 napagent - ok 07:28:17.0344 1824 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys 07:28:17.0362 1824 NativeWifiP - ok 07:28:17.0432 1824 NAVENG - ok 07:28:17.0438 1824 NAVEX15 - ok 07:28:17.0538 1824 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys 07:28:17.0569 1824 NDIS - ok 07:28:17.0628 1824 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys 07:28:17.0631 1824 NdisTapi - ok 07:28:17.0656 1824 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys 07:28:17.0659 1824 Ndisuio - ok 07:28:17.0717 1824 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys 07:28:17.0769 1824 NdisWan - ok 07:28:17.0820 1824 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys 07:28:17.0824 1824 NDProxy - ok 07:28:17.0913 1824 Net Driver HPZ12 (59267d2f0328599aa3b5408c2e06126f) C:\Windows\system32\HPZinw12.dll 07:28:17.0919 1824 Net Driver HPZ12 - ok 07:28:17.0933 1824 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys 07:28:17.0936 1824 NetBIOS - ok 07:28:18.0020 1824 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys 07:28:18.0068 1824 netbt - ok 07:28:18.0128 1824 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 07:28:18.0132 1824 Netlogon - ok 07:28:18.0250 1824 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll 07:28:18.0272 1824 Netman - ok 07:28:18.0405 1824 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 07:28:18.0416 1824 NetMsmqActivator - ok 07:28:18.0425 1824 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 07:28:18.0429 1824 NetPipeActivator - ok 07:28:18.0678 1824 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll 07:28:18.0728 1824 netprofm - ok 07:28:18.0737 1824 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 07:28:18.0741 1824 NetTcpActivator - ok 07:28:18.0749 1824 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 07:28:18.0753 1824 NetTcpPortSharing - ok 07:28:18.0857 1824 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys 07:28:18.0866 1824 nfrd960 - ok 07:28:18.0914 1824 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 07:28:18.0927 1824 NisDrv - ok 07:28:19.0150 1824 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 07:28:19.0171 1824 NisSrv - ok 07:28:19.0213 1824 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll 07:28:19.0230 1824 NlaSvc - ok 07:28:19.0288 1824 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys 07:28:19.0290 1824 NPF - ok 07:28:19.0381 1824 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys 07:28:19.0397 1824 Npfs - ok 07:28:19.0418 1824 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll 07:28:19.0425 1824 nsi - ok 07:28:19.0456 1824 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys 07:28:19.0459 1824 nsiproxy - ok 07:28:19.0730 1824 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys 07:28:19.0817 1824 Ntfs - ok 07:28:20.0160 1824 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys 07:28:20.0162 1824 Null - ok 07:28:20.0406 1824 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys 07:28:20.0452 1824 NVENETFD - ok 07:28:22.0808 1824 nvlddmkm (e57f802ba29010c557b549392f7e3ca1) C:\Windows\system32\DRIVERS\nvlddmkm.sys 07:28:22.0993 1824 nvlddmkm - ok 07:28:23.0269 1824 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys 07:28:23.0281 1824 nvraid - ok 07:28:23.0354 1824 nvrd64 (011db85affd2368348181c552e025d98) C:\Windows\system32\drivers\nvrd64.sys 07:28:23.0360 1824 nvrd64 - ok 07:28:23.0388 1824 nvsmu (16d36074b84da72d160233c8d132dc89) C:\Windows\system32\drivers\nvsmu.sys 07:28:23.0391 1824 nvsmu - ok 07:28:23.0439 1824 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys 07:28:23.0443 1824 nvstor - ok 07:28:23.0459 1824 nvstor64 (fa6d13aa972967eb46862d0f0372a65a) C:\Windows\system32\drivers\nvstor64.sys 07:28:23.0462 1824 nvstor64 - ok 07:28:23.0522 1824 nvsvc (cc015d29c3be698d14bd9b5e23e33c0d) C:\Windows\system32\nvvsvc.exe 07:28:23.0532 1824 nvsvc - ok 07:28:23.0566 1824 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys 07:28:23.0577 1824 nv_agp - ok 07:28:23.0584 1824 NwlnkFlt - ok 07:28:23.0595 1824 NwlnkFwd - ok 07:28:23.0666 1824 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys 07:28:23.0672 1824 ohci1394 - ok 07:28:24.0067 1824 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 07:28:24.0094 1824 p2pimsvc - ok 07:28:24.0112 1824 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 07:28:24.0129 1824 p2psvc - ok 07:28:24.0164 1824 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys 07:28:24.0177 1824 Parport - ok 07:28:24.0233 1824 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys 07:28:24.0239 1824 partmgr - ok 07:28:24.0273 1824 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll 07:28:24.0281 1824 PcaSvc - ok 07:28:24.0389 1824 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms 07:28:24.0394 1824 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok 07:28:24.0616 1824 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys 07:28:24.0621 1824 pci - ok 07:28:24.0677 1824 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys 07:28:24.0680 1824 pciide - ok 07:28:24.0792 1824 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys 07:28:24.0800 1824 pcmcia - ok 07:28:24.0853 1824 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys 07:28:24.0877 1824 PEAUTH - ok 07:28:24.0944 1824 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe 07:28:24.0952 1824 PerfHost - ok 07:28:25.0171 1824 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll 07:28:25.0239 1824 pla - ok 07:28:25.0311 1824 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll 07:28:25.0334 1824 PlugPlay - ok 07:28:25.0403 1824 Pml Driver HPZ12 (5261a2fd55183ac6993145ab6662cddf) C:\Windows\system32\HPZipm12.dll 07:28:25.0416 1824 Pml Driver HPZ12 - ok 07:28:25.0657 1824 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 07:28:25.0674 1824 PNRPAutoReg - ok 07:28:25.0691 1824 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll 07:28:25.0709 1824 PNRPsvc - ok 07:28:25.0842 1824 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll 07:28:25.0859 1824 PolicyAgent - ok 07:28:25.0949 1824 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys 07:28:25.0960 1824 PptpMiniport - ok 07:28:25.0983 1824 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys 07:28:25.0986 1824 Processor - ok 07:28:26.0041 1824 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll 07:28:26.0059 1824 ProfSvc - ok 07:28:26.0111 1824 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 07:28:26.0115 1824 ProtectedStorage - ok 07:28:26.0159 1824 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys 07:28:26.0162 1824 Ps2 - ok 07:28:26.0233 1824 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys 07:28:26.0237 1824 PSched - ok 07:28:26.0336 1824 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys 07:28:26.0382 1824 ql2300 - ok 07:28:26.0411 1824 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys 07:28:26.0423 1824 ql40xx - ok 07:28:26.0479 1824 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll 07:28:26.0494 1824 QWAVE - ok 07:28:26.0510 1824 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys 07:28:26.0513 1824 QWAVEdrv - ok 07:28:26.0531 1824 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys 07:28:26.0534 1824 RasAcd - ok 07:28:26.0555 1824 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll 07:28:26.0568 1824 RasAuto - ok 07:28:26.0697 1824 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys 07:28:26.0702 1824 Rasl2tp - ok 07:28:26.0756 1824 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll 07:28:26.0778 1824 RasMan - ok 07:28:26.0882 1824 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys 07:28:26.0892 1824 RasPppoe - ok 07:28:26.0971 1824 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys 07:28:26.0975 1824 RasSstp - ok 07:28:27.0082 1824 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys 07:28:27.0140 1824 rdbss - ok 07:28:27.0216 1824 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys 07:28:27.0219 1824 RDPCDD - ok 07:28:27.0314 1824 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys 07:28:27.0345 1824 rdpdr - ok 07:28:27.0354 1824 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys 07:28:27.0356 1824 RDPENCDD - ok 07:28:27.0401 1824 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys 07:28:27.0419 1824 RDPWD - ok 07:28:27.0455 1824 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll 07:28:27.0476 1824 RemoteAccess - ok 07:28:27.0589 1824 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll 07:28:27.0616 1824 RemoteRegistry - ok 07:28:27.0716 1824 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys 07:28:27.0750 1824 RFCOMM - ok 07:28:28.0053 1824 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe 07:28:28.0059 1824 rpcapd - ok 07:28:28.0093 1824 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe 07:28:28.0098 1824 RpcLocator - ok 07:28:28.0292 1824 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll 07:28:28.0309 1824 RpcSs - ok 07:28:28.0376 1824 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys 07:28:28.0439 1824 RsFx0105 - ok 07:28:28.0608 1824 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys 07:28:28.0621 1824 rspndr - ok 07:28:28.0685 1824 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe 07:28:28.0690 1824 SamSs - ok 07:28:28.0731 1824 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys 07:28:28.0735 1824 sbp2port - ok 07:28:28.0758 1824 SBRE - ok 07:28:29.0344 1824 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 07:28:29.0361 1824 SBSDWSCService - ok 07:28:29.0533 1824 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll 07:28:29.0544 1824 SCardSvr - ok 07:28:29.0648 1824 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll 07:28:29.0666 1824 Schedule - ok 07:28:29.0711 1824 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll 07:28:29.0713 1824 SCPolicySvc - ok 07:28:29.0781 1824 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\Windows\system32\drivers\ScreamingBAudio64.sys 07:28:29.0801 1824 ScreamBAudioSvc - ok 07:28:29.0841 1824 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll 07:28:29.0861 1824 SDRSVC - ok 07:28:29.0895 1824 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 07:28:29.0898 1824 secdrv - ok 07:28:29.0911 1824 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll 07:28:29.0927 1824 seclogon - ok 07:28:29.0943 1824 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll 07:28:29.0958 1824 SENS - ok 07:28:29.0980 1824 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys 07:28:29.0982 1824 Serenum - ok 07:28:30.0013 1824 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys 07:28:30.0026 1824 Serial - ok 07:28:30.0052 1824 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys 07:28:30.0055 1824 sermouse - ok 07:28:30.0094 1824 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll 07:28:30.0108 1824 SessionEnv - ok 07:28:30.0124 1824 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys 07:28:30.0127 1824 sffdisk - ok 07:28:30.0140 1824 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys 07:28:30.0143 1824 sffp_mmc - ok 07:28:30.0156 1824 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys 07:28:30.0159 1824 sffp_sd - ok 07:28:30.0178 1824 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys 07:28:30.0181 1824 sfloppy - ok 07:28:30.0221 1824 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll 07:28:30.0234 1824 SharedAccess - ok 07:28:30.0342 1824 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll 07:28:30.0357 1824 ShellHWDetection - ok 07:28:30.0397 1824 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys 07:28:30.0401 1824 SiSRaid2 - ok 07:28:30.0466 1824 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys 07:28:30.0471 1824 SiSRaid4 - ok 07:28:30.0705 1824 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe 07:28:30.0710 1824 SkypeUpdate - ok 07:28:31.0150 1824 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe 07:28:31.0213 1824 slsvc - ok 07:28:31.0344 1824 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll 07:28:31.0358 1824 SLUINotify - ok 07:28:31.0434 1824 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys 07:28:31.0446 1824 Smb - ok 07:28:31.0485 1824 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe 07:28:31.0502 1824 SNMPTRAP - ok 07:28:31.0561 1824 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys 07:28:31.0564 1824 spldr - ok 07:28:31.0635 1824 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe 07:28:31.0659 1824 Spooler - ok 07:28:31.0805 1824 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 07:28:31.0831 1824 SQLAgent$SQLEXPRESS - ok 07:28:31.0897 1824 SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 07:28:31.0916 1824 SQLWriter - ok 07:28:31.0924 1824 SRTSP - ok 07:28:31.0935 1824 SRTSPX - ok 07:28:32.0034 1824 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys 07:28:32.0085 1824 srv - ok 07:28:32.0160 1824 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys 07:28:32.0212 1824 srv2 - ok 07:28:32.0277 1824 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys 07:28:32.0284 1824 srvnet - ok 07:28:32.0385 1824 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys 07:28:32.0404 1824 ssadbus - ok 07:28:32.0459 1824 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys 07:28:32.0461 1824 ssadmdfl - ok 07:28:32.0484 1824 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys 07:28:32.0495 1824 ssadmdm - ok 07:28:32.0540 1824 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys 07:28:32.0551 1824 ssadserd - ok 07:28:32.0609 1824 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll 07:28:32.0626 1824 SSDPSRV - ok 07:28:32.0665 1824 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll 07:28:32.0701 1824 SstpSvc - ok 07:28:32.0799 1824 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll 07:28:32.0828 1824 stisvc - ok 07:28:32.0858 1824 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys 07:28:32.0861 1824 swenum - ok 07:28:32.0929 1824 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll 07:28:32.0953 1824 swprv - ok 07:28:32.0984 1824 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys 07:28:32.0987 1824 Symc8xx - ok 07:28:33.0015 1824 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys 07:28:33.0018 1824 Sym_hi - ok 07:28:33.0038 1824 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys 07:28:33.0041 1824 Sym_u3 - ok 07:28:33.0145 1824 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll 07:28:33.0186 1824 SysMain - ok 07:28:33.0206 1824 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll 07:28:33.0220 1824 TabletInputService - ok 07:28:33.0290 1824 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll 07:28:33.0312 1824 TapiSrv - ok 07:28:33.0338 1824 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll 07:28:33.0347 1824 TBS - ok 07:28:33.0522 1824 Tcpip (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys 07:28:33.0619 1824 Tcpip - ok 07:28:33.0807 1824 Tcpip6 (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys 07:28:33.0828 1824 Tcpip6 - ok 07:28:33.0934 1824 tcpipreg (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys 07:28:33.0938 1824 tcpipreg - ok 07:28:33.0965 1824 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys 07:28:33.0968 1824 TDPIPE - ok 07:28:33.0991 1824 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys 07:28:33.0994 1824 TDTCP - ok 07:28:34.0047 1824 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys 07:28:34.0060 1824 tdx - ok 07:28:34.0112 1824 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys 07:28:34.0118 1824 TermDD - ok 07:28:34.0204 1824 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll 07:28:34.0225 1824 TermService - ok 07:28:34.0310 1824 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll 07:28:34.0322 1824 Themes - ok 07:28:34.0352 1824 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll 07:28:34.0358 1824 THREADORDER - ok 07:28:34.0421 1824 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll 07:28:34.0475 1824 TrkWks - ok 07:28:34.0534 1824 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe 07:28:34.0536 1824 TrustedInstaller - ok 07:28:34.0559 1824 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys 07:28:34.0562 1824 tssecsrv - ok 07:28:34.0577 1824 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys 07:28:34.0580 1824 tunmp - ok 07:28:34.0645 1824 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys 07:28:34.0648 1824 tunnel - ok 07:28:34.0675 1824 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys 07:28:34.0680 1824 uagp35 - ok 07:28:34.0758 1824 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys 07:28:34.0772 1824 udfs - ok 07:28:34.0801 1824 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe 07:28:34.0816 1824 UI0Detect - ok 07:28:34.0848 1824 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys 07:28:34.0854 1824 uliagpkx - ok 07:28:34.0899 1824 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys 07:28:34.0914 1824 uliahci - ok 07:28:34.0944 1824 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys 07:28:34.0955 1824 UlSata - ok 07:28:34.0990 1824 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys 07:28:35.0000 1824 ulsata2 - ok 07:28:35.0022 1824 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys 07:28:35.0025 1824 umbus - ok 07:28:35.0170 1824 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 07:28:35.0177 1824 UMVPFSrv - ok 07:28:35.0209 1824 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll 07:28:35.0230 1824 upnphost - ok 07:28:35.0277 1824 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys 07:28:35.0282 1824 usbaudio - ok 07:28:35.0317 1824 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys 07:28:35.0322 1824 usbccgp - ok 07:28:35.0341 1824 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys 07:28:35.0343 1824 usbcir - ok 07:28:35.0358 1824 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys 07:28:35.0360 1824 usbehci - ok 07:28:35.0420 1824 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys 07:28:35.0428 1824 usbhub - ok 07:28:35.0463 1824 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys 07:28:35.0465 1824 usbohci - ok 07:28:35.0478 1824 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys 07:28:35.0480 1824 usbprint - ok 07:28:35.0502 1824 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys 07:28:35.0504 1824 usbscan - ok 07:28:35.0546 1824 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS 07:28:35.0551 1824 USBSTOR - ok 07:28:35.0569 1824 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys 07:28:35.0572 1824 usbuhci - ok 07:28:35.0609 1824 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys 07:28:35.0619 1824 usbvideo - ok 07:28:35.0667 1824 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll 07:28:35.0683 1824 UxSms - ok 07:28:35.0738 1824 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\Windows\system32\DRIVERS\vcsvad.sys 07:28:35.0741 1824 VCSVADHWSer - ok 07:28:35.0813 1824 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe 07:28:35.0839 1824 vds - ok 07:28:35.0860 1824 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys 07:28:35.0863 1824 vga - ok 07:28:35.0880 1824 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys 07:28:35.0883 1824 VgaSave - ok 07:28:35.0904 1824 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys 07:28:35.0907 1824 viaide - ok 07:28:35.0973 1824 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys 07:28:35.0987 1824 vmm - ok 07:28:36.0008 1824 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys 07:28:36.0014 1824 volmgr - ok 07:28:36.0096 1824 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys 07:28:36.0115 1824 volmgrx - ok 07:28:36.0170 1824 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys 07:28:36.0186 1824 volsnap - ok 07:28:36.0217 1824 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys 07:28:36.0227 1824 vsmraid - ok 07:28:36.0376 1824 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe 07:28:36.0404 1824 VSS - ok 07:28:36.0551 1824 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll 07:28:36.0572 1824 W32Time - ok 07:28:36.0600 1824 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys 07:28:36.0603 1824 WacomPen - ok 07:28:36.0670 1824 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 07:28:36.0683 1824 Wanarp - ok 07:28:36.0690 1824 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys 07:28:36.0693 1824 Wanarpv6 - ok 07:28:36.0747 1824 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll 07:28:36.0776 1824 wcncsvc - ok 07:28:36.0812 1824 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll 07:28:36.0828 1824 WcsPlugInService - ok 07:28:36.0852 1824 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys 07:28:36.0854 1824 Wd - ok 07:28:36.0949 1824 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys 07:28:36.0983 1824 Wdf01000 - ok 07:28:37.0001 1824 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 07:28:37.0015 1824 WdiServiceHost - ok 07:28:37.0023 1824 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll 07:28:37.0032 1824 WdiSystemHost - ok 07:28:37.0057 1824 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll 07:28:37.0073 1824 WebClient - ok 07:28:37.0139 1824 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll 07:28:37.0155 1824 Wecsvc - ok 07:28:37.0175 1824 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll 07:28:37.0189 1824 wercplsupport - ok 07:28:37.0207 1824 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll 07:28:37.0227 1824 WerSvc - ok 07:28:37.0262 1824 WinDefend - ok 07:28:37.0282 1824 WinHttpAutoProxySvc - ok 07:28:37.0370 1824 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll 07:28:37.0386 1824 Winmgmt - ok 07:28:37.0560 1824 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll 07:28:37.0624 1824 WinRM - ok 07:28:37.0793 1824 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll 07:28:37.0820 1824 Wlansvc - ok 07:28:37.0898 1824 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 07:28:37.0901 1824 wlcrasvc - ok 07:28:38.0092 1824 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 07:28:38.0124 1824 wlidsvc - ok 07:28:38.0189 1824 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys 07:28:38.0191 1824 WmiAcpi - ok 07:28:38.0268 1824 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe 07:28:38.0277 1824 wmiApSrv - ok 07:28:38.0312 1824 WMPNetworkSvc - ok 07:28:38.0415 1824 WMZuneComm (83b6ca03c846fcd47f9883d77d1eb27b) C:\Program Files\Zune\WMZuneComm.exe 07:28:38.0466 1824 WMZuneComm - ok 07:28:38.0504 1824 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll 07:28:38.0522 1824 WPCSvc - ok 07:28:38.0578 1824 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll 07:28:38.0599 1824 WPDBusEnum - ok 07:28:38.0643 1824 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys 07:28:38.0650 1824 WpdUsb - ok 07:28:38.0864 1824 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 07:28:38.0883 1824 WPFFontCache_v0400 - ok 07:28:38.0907 1824 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys 07:28:38.0910 1824 ws2ifsl - ok 07:28:38.0961 1824 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll 07:28:38.0972 1824 wscsvc - ok 07:28:38.0979 1824 WSearch - ok 07:28:39.0195 1824 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 07:28:39.0256 1824 wuauserv - ok 07:28:39.0351 1824 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys 07:28:39.0363 1824 WUDFRd - ok 07:28:39.0418 1824 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll 07:28:39.0432 1824 wudfsvc - ok 07:28:39.0487 1824 zghsdiag (b03076bbf4e70490760adcc0045dc4ff) C:\Windows\system32\DRIVERS\zghsdiag.sys 07:28:39.0498 1824 zghsdiag - ok 07:28:40.0106 1824 ZuneNetworkSvc (67b787c34fb2888d01b130ae007042d8) C:\Program Files\Zune\ZuneNss.exe 07:28:40.0243 1824 ZuneNetworkSvc - ok 07:28:40.0318 1824 ZuneWlanCfgSvc (4d89fc1c20cf655739efac5da81a67bc) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 07:28:40.0323 1824 ZuneWlanCfgSvc - ok 07:28:40.0347 1824 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 07:28:40.0942 1824 \Device\Harddisk0\DR0 - ok 07:28:40.0952 1824 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3 07:28:40.0963 1824 \Device\Harddisk3\DR3 - ok 07:28:40.0968 1824 Boot (0x1200) (2ced98520bcfddfa6278d285d1b746a3) \Device\Harddisk0\DR0\Partition0 07:28:40.0971 1824 \Device\Harddisk0\DR0\Partition0 - ok 07:28:40.0991 1824 Boot (0x1200) (0df1ecab815e46fb4d74663479a58722) \Device\Harddisk0\DR0\Partition1 07:28:40.0994 1824 \Device\Harddisk0\DR0\Partition1 - ok 07:28:41.0024 1824 Boot (0x1200) (8dc1d6cde6e602afbe3b4a7a7d32f6d9) \Device\Harddisk0\DR0\Partition2 07:28:41.0027 1824 \Device\Harddisk0\DR0\Partition2 - ok 07:28:41.0036 1824 Boot (0x1200) (00f7632e7be0ca24199ba121b788fe81) \Device\Harddisk3\DR3\Partition0 07:28:41.0040 1824 \Device\Harddisk3\DR3\Partition0 - ok 07:28:41.0041 1824 ============================================================ 07:28:41.0041 1824 Scan finished 07:28:41.0041 1824 ============================================================ 07:28:41.0053 4848 Detected object count: 0 07:28:41.0053 4848 Actual detected object count: 0 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-12 07:50:26 ----------------------------- 07:50:26.604 OS Version: Windows x64 6.0.6002 Service Pack 2 07:50:26.605 Number of processors: 4 586 0x203 07:50:26.606 ComputerName: LOOMPALAND UserName: Nick 07:50:28.193 Initialze error C000010E - driver not loaded 07:50:28.362 AVAST engine defs: 12071200 07:50:46.627 Service scanning 07:51:05.818 Modules scanning 07:51:05.826 Disk 0 trace - called modules: 07:51:05.831 07:51:07.025 AVAST engine scan C:\Windows 07:51:10.400 AVAST engine scan C:\Windows\system32 07:53:33.404 AVAST engine scan C:\Windows\system32\drivers 07:53:45.754 AVAST engine scan C:\Users\Nick 08:10:44.230 AVAST engine scan C:\ProgramData 08:11:39.347 Scan finished successfully 16:05:21.810 The log file has been saved successfully to "C:\Users\Nick\Documents\Google Redirect Logs\aswMBR.txt"

I want to add that the browser redirecting issue still exists on Google search results.

The first download link downloaded but when I tried to run it I got some error about it being a corrupt file. The second download link worked, but had to rename it. When I downloaded the second file Firefox named the download as ComboFix(1). Combofix gave an error saying that it cannot be renamed to Combofix(1). So I just deleted the first download and had to redownload Combofix as it had deleted that second download. Below is the log file it produced after running the scan. ComboFix 12-07-11.02 - Nick 07/11/2012 4:49.1.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7037.4134 [GMT -5:00] Running from: c:\users\Nick\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\users\Nick\AppData\Roaming\chrtmp c:\windows\SysWow64\mfc40.dll.tmp . . ((((((((((((((((((((((((( Files Created from 2012-06-11 to 2012-07-11 ))))))))))))))))))))))))))))))) . . 2012-07-11 10:02 . 2012-07-11 10:02 -------- d-----w- c:\users\Nick\AppData\Local\temp 2012-07-11 10:02 . 2012-07-11 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-10 03:06 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-07-10 03:06 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-07-10 03:06 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-07-10 03:06 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-07-10 03:06 . 2012-07-03 16:21 44272 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-07-10 03:06 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-07-10 03:06 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr 2012-07-10 03:06 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-07-10 03:05 . 2012-07-10 03:05 -------- d-----w- c:\programdata\AVAST Software 2012-07-10 03:05 . 2012-07-10 03:05 -------- d-----w- c:\program files\AVAST Software 2012-07-10 01:21 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C6F8E11F-9184-4C76-B599-4C600844AC8D}\mpengine.dll 2012-07-10 01:18 . 2012-07-10 01:18 -------- d-----w- c:\programdata\GFI Software 2012-07-09 05:27 . 2012-07-10 00:02 -------- d-----w- C:\sh4ldr 2012-07-09 05:27 . 2012-07-09 05:27 -------- d-----w- c:\program files\Enigma Software Group 2012-07-09 05:26 . 2012-07-10 00:02 -------- d-----w- c:\windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-07-09 05:26 . 2012-07-09 05:26 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-07-08 23:07 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-07 00:08 . 2012-07-07 00:08 -------- d-----w- c:\program files (x86)\Chami 2012-07-06 23:03 . 2009-11-06 13:15 232448 ----a-w- C:\libtidy.dll 2012-07-05 00:34 . 2012-07-05 00:34 -------- d-----w- c:\users\Nick\.idlerc 2012-07-05 00:31 . 2012-07-06 23:03 -------- d-----w- C:\Python27 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\users\Nick\AppData\Local\Wondershare 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\program files (x86)\Common Files\Wondershare 2012-07-04 21:23 . 2012-07-04 21:24 -------- d-----w- c:\users\Nick\AppData\Roaming\Wondershare 2012-07-04 21:23 . 2012-07-04 21:23 -------- d-----w- c:\program files (x86)\Wondershare 2012-07-03 21:13 . 2012-02-10 22:19 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{890F334B-D606-498B-B60C-6E607927B377}\gapaengine.dll 2012-06-26 03:17 . 2012-07-09 23:11 -------- d-----w- c:\program files (x86)\NetMake 2012-06-25 23:20 . 2012-06-25 23:27 -------- d-----w- c:\users\Nick\AppData\Local\CCS5 2012-06-25 23:08 . 2012-06-25 23:08 466944 ----a-w- c:\windows\SysWow64\wodSFTP.ocx 2012-06-25 22:33 . 2012-06-25 22:33 -------- d-----w- c:\program files (x86)\Windows Script Control 2012-06-25 22:32 . 2012-06-25 22:33 -------- d-----w- c:\program files (x86)\Common Files\e.World 2012-06-24 13:53 . 2012-06-24 13:53 -------- d-----w- c:\program files (x86)\ASPRunnerPro7.1 2012-06-23 23:56 . 2012-06-23 23:56 -------- d-----w- c:\users\Nick\AppData\Local\Macromedia 2012-06-23 08:35 . 2012-06-23 08:35 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR 2012-06-23 08:31 . 2009-07-27 15:00 1547776 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2012-06-23 08:31 . 2009-07-27 15:09 1701888 ----a-w- c:\windows\system32\WMVDECOD.DLL 2012-06-23 08:31 . 2009-09-10 15:27 1486848 ----a-w- c:\program files\Windows Media Player\setup_wm.exe 2012-06-23 08:31 . 2009-09-10 14:58 1418752 ----a-w- c:\program files (x86)\Windows Media Player\setup_wm.exe 2012-06-23 08:31 . 2009-09-10 15:27 372736 ----a-w- c:\windows\system32\unregmp2.exe 2012-06-23 08:31 . 2009-09-10 14:58 310784 ----a-w- c:\windows\SysWow64\unregmp2.exe 2012-06-23 08:30 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll 2012-06-23 08:30 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-06-23 08:30 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2012-06-23 08:28 . 2010-08-26 17:42 1927680 ----a-w- c:\windows\system32\gameux.dll 2012-06-23 08:28 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\SysWow64\gameux.dll 2012-06-23 08:28 . 2011-03-03 15:59 32256 ----a-w- c:\windows\system32\Apphlpdm.dll 2012-06-23 08:28 . 2011-03-03 15:40 28672 ----a-w- c:\windows\SysWow64\Apphlpdm.dll 2012-06-23 08:28 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\SysWow64\GameUXLegacyGDFs.dll 2012-06-23 08:28 . 2011-03-03 14:00 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-06-23 08:28 . 2012-04-23 16:25 132096 ----a-w- c:\windows\system32\cryptnet.dll 2012-06-23 08:28 . 2012-04-23 16:25 1267200 ----a-w- c:\windows\system32\crypt32.dll 2012-06-23 08:28 . 2012-04-23 16:00 984064 ----a-w- c:\windows\SysWow64\crypt32.dll 2012-06-23 08:28 . 2012-04-23 16:25 174592 ----a-w- c:\windows\system32\cryptsvc.dll 2012-06-23 08:28 . 2012-04-23 16:00 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-06-23 08:28 . 2012-04-23 16:00 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-06-23 08:24 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll 2012-06-23 08:24 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2012-06-23 08:16 . 2012-06-23 08:16 -------- d-----w- c:\program files\Microsoft 2012-06-21 03:37 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-21 03:37 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-21 03:37 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-21 03:37 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-21 03:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-21 03:36 . 2012-06-02 22:12 88576 ----a-w- c:\windows\SysWow64\wudriver.dll 2012-06-21 03:36 . 2012-06-02 22:19 35864 ----a-w- c:\windows\SysWow64\wups.dll 2012-06-21 03:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-21 03:36 . 2012-06-02 22:19 577048 ----a-w- c:\windows\SysWow64\wuapi.dll 2012-06-21 03:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-21 03:36 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-21 03:36 . 2012-06-02 20:19 171904 ----a-w- c:\windows\SysWow64\wuwebv.dll 2012-06-21 03:36 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-21 03:36 . 2012-06-02 20:12 33792 ----a-w- c:\windows\SysWow64\wuapp.exe 2012-06-20 13:54 . 2012-06-20 13:54 -------- d-----w- c:\program files (x86)\CamStudio 2.6b 2012-06-20 13:54 . 2010-10-24 05:56 49664 ----a-w- c:\windows\system32\CamCodec.dll 2012-06-18 15:04 . 2012-06-18 15:12 -------- d-----w- c:\program files (x86)\PHPRunner6.1 2012-06-18 12:49 . 2012-06-26 03:51 -------- d-----w- C:\xampp 2012-06-14 19:27 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll 2012-06-14 19:27 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll 2012-06-14 19:27 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll 2012-06-14 19:27 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2012-06-13 02:16 . 2012-05-01 14:29 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-06-13 02:13 . 2012-05-15 20:15 2767360 ----a-w- c:\windows\system32\win32k.sys 2012-06-12 21:51 . 2012-07-09 20:02 -------- d-----w- c:\users\Nick\AppData\Local\GameMaker8.1 2012-06-11 20:58 . 2012-06-11 20:58 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-23 23:34 . 2012-04-05 11:53 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-23 23:34 . 2011-05-14 05:15 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-08 14:41 . 2012-06-03 12:37 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll 2012-06-08 05:31 . 2012-06-08 05:31 955848 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-08 05:31 . 2011-11-17 20:18 839112 ----a-w- c:\windows\system32\deployJava1.dll 2012-06-04 20:49 . 2012-06-03 12:22 565056 ----a-w- c:\programdata\Microsoft\VWDExpress\10.0\1033\ResourceCache.dll 2012-06-04 12:22 . 2011-04-22 12:56 100512 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll 2012-06-04 12:20 . 2012-05-30 05:42 190656 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll 2012-05-17 22:36 . 2012-06-09 03:55 2468520 ----a-w- c:\windows\SysWow64\BootMan.exe 2012-05-15 16:13 . 2012-06-09 03:55 3316736 ----a-w- c:\windows\system32\BootMan.exe 2012-05-03 22:52 . 2012-06-09 04:09 25224 ----a-w- c:\windows\system32\fbnative.exe 2012-05-03 22:52 . 2012-06-09 04:10 189576 ----a-w- c:\windows\system32\drivers\EuFdDisk.sys 2012-05-03 22:52 . 2012-06-09 04:10 48776 ----a-w- c:\windows\system32\drivers\EUBKMON.sys 2012-05-03 22:51 . 2012-06-09 04:10 19592 ----a-w- c:\windows\system32\drivers\eudskacs.sys 2012-05-03 22:51 . 2012-06-09 04:10 58504 ----a-w- c:\windows\system32\drivers\eubakup.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "cdloader"="c:\users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . S2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . Contents of the 'Scheduled Tasks' folder . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-06 13:10] . 2012-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-06 13:10] . 2012-07-04 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 16:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-12 15853088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-12 82464] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-11 9569096] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\guard64.dll . ------- Supplementary Scan ------- . uStart Page = about:blank mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mLocal Page = c:\windows\SysWOW64\blank.htm IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 192.168.1.254 DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\9kqhg7vi.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MsDepSvc] "ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{8AAF211B-043E02A9-05040000}] "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2012-07-11 05:09:18 ComboFix-quarantined-files.txt 2012-07-11 10:09 . Pre-Run: 282,691,293,184 bytes free Post-Run: 282,767,462,400 bytes free . - - End Of File - - 7901D38A6753064CD3287D57D6DD2DEA

For the DeFogger it didn't ask me to reboot. Below are the logs. Results of screen317's Security Check version 0.99.42 Windows Vista Service Pack 2 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! avast! Antivirus Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.61.0.1400 Java 6 Update 31 Java 6 Update 7 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.3.300.262 Mozilla Firefox (13.0.1) Google Chrome 19.0.1084.56 Google Chrome 20.0.1132.47 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Comodo Firewall cmdagent.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log`````````````````````` . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Nick at 8:17:33 on 2012-07-10 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.7037.4141 [GMT -5:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\System32\vds.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nick\Downloads\SecurityCheck.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt mWinlogon: Userinit=userinit.exe, BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm IE: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{1ADD8C62-A43D-49E7-93B0-4F3BA4D078ED} : DhcpNameServer = 192.168.1.254 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: FDMIECookiesBHO Class: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\9kqhg7vi.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Program Files (x86)\XStandard\Bin\NPXStandard.dll FF - plugin: C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll . ============= SERVICES / DRIVERS =============== . R0 EUBAKUP;EUBAKUP;C:\Windows\system32\drivers\eubakup.sys --> C:\Windows\system32\drivers\eubakup.sys [?] R0 EUBKMON;EUBKMON;C:\Windows\system32\drivers\EUBKMON.sys --> C:\Windows\system32\drivers\EUBKMON.sys [?] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?] R1 EUDSKACS;EUDSKACS;\??\C:\Windows\system32\drivers\eudskacs.sys --> C:\Windows\system32\drivers\eudskacs.sys [?] R1 EUFDDISK;EUFDDISK;\??\C:\Windows\system32\drivers\EuFdDisk.sys --> C:\Windows\system32\drivers\EuFdDisk.sys [?] R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-9 44808] R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-6-8 70280] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-6-8 24712] R2 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-4-1 67400] R2 NPF;NetGroup Packet Filter Driver;C:\Windows\system32\drivers\npf.sys --> C:\Windows\system32\drivers\npf.sys [?] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-26 1153368] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-4-1 450848] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?] R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-6 136176] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?] S3 BTWAMPFL;btwampfl;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2012-6-8 14216] S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2012-6-8 8456] S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-6 136176] S3 massfilter;Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys --> C:\Windows\system32\drivers\massfilter.sys [?] S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-6 113120] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-9-9 25888] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?] S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\system32\DRIVERS\vcsvad.sys --> C:\Windows\system32\DRIVERS\vcsvad.sys [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S3 zghsdiag;ZTE General Handset Diagnostic Port;C:\Windows\system32\DRIVERS\zghsdiag.sys --> C:\Windows\system32\DRIVERS\zghsdiag.sys [?] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-4-19 89920] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976] S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-07-10 03:06:23 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-10 03:06:23 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-10 03:06:14 41224 ----a-w- C:\Windows\avastSS.scr 2012-07-10 03:05:57 -------- d-----w- C:\ProgramData\AVAST Software 2012-07-10 03:05:57 -------- d-----w- C:\Program Files\AVAST Software 2012-07-10 01:47:52 -------- d-----w- C:\Users\Nick\AppData\Local\temp 2012-07-10 01:21:15 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C6F8E11F-9184-4C76-B599-4C600844AC8D}\mpengine.dll 2012-07-10 01:18:50 -------- d-----w- C:\ProgramData\GFI Software 2012-07-09 05:27:39 -------- d-----w- C:\sh4ldr 2012-07-09 05:27:39 -------- d-----w- C:\Program Files\Enigma Software Group 2012-07-09 05:26:09 -------- d-----w- C:\Windows\18F97AF04F884494AFE25A5702E142CC.TMP 2012-07-09 05:26:06 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2012-07-08 23:07:11 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-07-07 00:08:55 -------- d-----w- C:\Program Files (x86)\Chami 2012-07-06 23:03:57 232448 ----a-w- C:\libtidy.dll 2012-07-05 00:34:23 -------- d-----w- C:\Users\Nick\.idlerc 2012-07-05 00:31:52 -------- d-----w- C:\Python27 2012-07-04 21:23:45 -------- d-----w- C:\Users\Nick\AppData\Local\Wondershare 2012-07-04 21:23:44 -------- d-----w- C:\Program Files (x86)\Common Files\Wondershare 2012-07-04 21:23:36 -------- d-----w- C:\Users\Nick\AppData\Roaming\Wondershare 2012-07-04 21:23:31 -------- d-----w- C:\Program Files (x86)\Wondershare 2012-07-03 21:13:06 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{890F334B-D606-498B-B60C-6E607927B377}\gapaengine.dll 2012-06-26 03:17:42 -------- d-----w- C:\Program Files (x86)\NetMake 2012-06-25 23:20:27 -------- d-----w- C:\Users\Nick\AppData\Local\CCS5 2012-06-25 23:08:18 466944 ----a-w- C:\Windows\SysWow64\wodSFTP.ocx 2012-06-25 22:33:00 -------- d-----w- C:\Program Files (x86)\Windows Script Control 2012-06-25 22:32:55 -------- d-----w- C:\Program Files (x86)\Common Files\e.World 2012-06-24 13:53:18 -------- d-----w- C:\Program Files (x86)\ASPRunnerPro7.1 2012-06-23 23:56:37 -------- d-----w- C:\Users\Nick\AppData\Local\Macromedia 2012-06-23 08:35:59 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR 2012-06-23 08:31:45 1547776 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2012-06-23 08:31:44 1701888 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2012-06-23 08:31:04 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe 2012-06-23 08:31:03 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe 2012-06-23 08:31:02 372736 ----a-w- C:\Windows\System32\unregmp2.exe 2012-06-23 08:31:02 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe 2012-06-23 08:30:26 1149440 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-23 08:30:25 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2012-06-23 08:30:25 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2012-06-23 08:28:22 1927680 ----a-w- C:\Windows\System32\gameux.dll 2012-06-23 08:28:21 1696256 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-06-23 08:28:17 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll 2012-06-23 08:28:17 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll 2012-06-23 08:28:17 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll 2012-06-23 08:28:16 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll 2012-06-23 08:28:12 984064 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-06-23 08:28:12 132096 ----a-w- C:\Windows\System32\cryptnet.dll 2012-06-23 08:28:12 1267200 ----a-w- C:\Windows\System32\crypt32.dll 2012-06-23 08:28:11 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-06-23 08:28:11 174592 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-06-23 08:28:11 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-06-23 08:24:06 876032 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-23 08:24:06 1653760 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-23 08:16:53 -------- d-----w- C:\Program Files\Microsoft 2012-06-23 07:53:09 -------- d-----w- C:\Users\Nick\AppData\Local\{3485212A-AB11-4E82-8BD9-8EA490C38DAB} 2012-06-21 03:37:17 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 03:36:43 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll 2012-06-21 03:36:42 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 03:36:32 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 03:36:32 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe 2012-06-21 03:36:32 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 03:36:32 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2012-06-20 13:54:51 49664 ----a-w- C:\Windows\System32\CamCodec.dll 2012-06-20 13:54:51 -------- d-----w- C:\Program Files (x86)\CamStudio 2.6b 2012-06-18 15:04:00 -------- d-----w- C:\Program Files (x86)\PHPRunner6.1 2012-06-18 12:49:43 -------- d-----w- C:\xampp 2012-06-14 19:27:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll 2012-06-14 19:27:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll 2012-06-14 19:27:59 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll 2012-06-14 19:27:58 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll 2012-06-13 02:16:40 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-06-13 02:13:18 2767360 ----a-w- C:\Windows\System32\win32k.sys 2012-06-12 21:51:40 -------- d-----w- C:\Users\Nick\AppData\Local\GameMaker8.1 2012-06-11 09:19:18 -------- d-----w- C:\Program Files (x86)\Resource Hacker . ==================== Find3M ==================== . 2012-06-23 23:34:49 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-23 23:34:48 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-08 05:31:07 955848 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-06-08 05:31:07 839112 ----a-w- C:\Windows\System32\deployJava1.dll 2012-05-29 00:57:58 60 ----a-w- C:\Windows\wpd99.drv 2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-05-17 22:36:54 2468520 ----a-w- C:\Windows\SysWow64\BootMan.exe 2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-05-15 16:13:34 3316736 ----a-w- C:\Windows\System32\BootMan.exe 2012-05-03 22:52:08 25224 ----a-w- C:\Windows\System32\fbnative.exe 2012-05-03 22:52:02 189576 ----a-w- C:\Windows\System32\drivers\EuFdDisk.sys 2012-05-03 22:52:00 48776 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys 2012-05-03 22:51:54 19592 ----a-w- C:\Windows\System32\drivers\eudskacs.sys 2012-05-03 22:51:52 58504 ----a-w- C:\Windows\System32\drivers\eubakup.sys . ============= FINISH: 8:18:59.59 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/15/2011 3:07:34 AM System Uptime: 7/10/2012 5:12:20 AM (3 hours ago) . Motherboard: ECS | | Nettle3 Processor: AMD Phenom 9150e Quad-Core Processor | Socket AM2 | 1800/201mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 437 GiB total, 280.56 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1.772 GiB free. E: is FIXED (NTFS) - 146 GiB total, 22.638 GiB free. F: is CDROM () I: is Removable J: is Removable K: is CDROM (CDFS) L: is Removable M: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . 5600 5600_Help 5600Trb ABC2Win Beta AceFTP 3 Freeware ActiveCheck component for HP Active Support Library Adobe AIR Adobe Community Help Adobe Download Assistant Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Widget Browser AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan All Video Fixer 8.9 Amazon MP3 Downloader 1.0.12 Android SDK Tools Artisteer 2 Artisteer 3 ASPRunner Professional 7.1 Atmosphere Deluxe v6.0 Audacity 1.2.6 avast! Free Antivirus AviSynth 2.5 Base64 Encoder / Decoder BufferChm Cain & Abel v4.9.40 Cain & Abel v4.9.43 CameraHelperMsi CamStudio OSS Desktop Recorder Chart Object & Ini++ v1.5 Cheat Engine 6.1 Clippings.NET 0.14 Copy CustomerResearchQFolder CyberLink DVD Suite Deluxe D3DX10 Destinations DeviceManagementQFolder Dispatcher DocProc DocProcQFolder DVD Flick 1.3.0.7 DVDFab 8.0.8.5 (19/03/2011) DVDStyler v2.0.1 EaseUS Partition Master 9.1.1 Home Edition EaseUS Todo Backup Free 4.5 Enhanced Multimedia Keyboard Solution erLT eSupportQFolder ExtensionView Fax FileZilla Client 3.5.3 FormatFactory 2.60 Forms To Go 4.5.4 Forms To Go Lite 4.5.4 Foxit Reader Free Download Manager 3.0 Gnaural ver. 1.0.20110606 Google Chrome Google Earth Google Talk Plugin Google Update Helper HelpNDoc 3.5.1.288 Personal Edition Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2565057) Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973) Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139) Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973) Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2635973) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721) Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233) HP Picasso Media Center Add-In HP Recovery Manager RSS HPAsset component for HP Active Support Library HPProductAssistant HTML-Kit 292 HTML Help Workshop ImgBurn Inno Script Studio version 1.0.0.24 Inno Setup version 5.4.3 ISO Workshop 1.1 Java Auto Updater Java 6 Update 31 Java 6 Update 7 Junk Mail filter update K-Lite Codec Pack 7.1.0 (Standard) KEL CHM Creator KompoZer 0.8b3 LabelPrint LAME v3.98.3 for Audacity LG Android Driver LightScribe System Software 1.14.25.1 LightScribe Template Labeler LMMS 0.4.11 Logitech Webcam Software Lucky Days 2.1 Lucky Days 2.2 LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin magicJack Malwarebytes Anti-Malware version 1.61.0.1400 MarketResearch Marmalade 6.0 Mesh Runtime Messenger Companion MFC RunTime files Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 4 SDK Microsoft Silverlight Tools for Visual Studio 2010 Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Visual C++ Compilers 2010 Standard - enu - x86 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 Express - ENU Microsoft Visual Studio 2010 Express for Windows Phone - ENU Microsoft Visual Web Developer 2010 Express - ENU Microsoft Works Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MMF2 Developer Android Exporter MMF2 Developer SWF File Exporter Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Fusion Developer 2 muvee Reveal Neuro-Programmer 2.5.4 Neuro-Programmer 3.0.9 Neuro-Programmer Professional 2.4.2 Notepad++ OpenOffice.org 3.4 Orphalese Tarot Patch Maker Pdf995 PdfEdit995 PHPRunner 6.1 PicPick Power2Go PowerDirector Python 2.5.2 Python 2.7.3 Realtek High Definition Audio Driver Resource Hacker Version 3.6.0 Revo Uninstaller 1.94 Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Segoe UI Shipping Assistant 3.8 Signature995 Simple Text Encryptor Skype Click to Call Skype™ 5.9 Social App Creator 2.2 Social App Creator 2.2.0.5 Social App Creator version 1.23 SolutionCenter Sothink Movie DVD Maker Spybot - Search & Destroy Status Toolbox TrayApp UnloadSupport Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Veoh Web Player Video DVD Maker v3.32.0.80 Video Edit Master VLC media player 1.1.9 WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Phone 7 Add-in for Visual Studio 2010 - ENU WinPcap 4.1.2 Wireshark 1.6.0 Wondershare MobileGo for Android ( Version 2.0.0 ) WPF Toolkit February 2010 (Version 3.5.50211.1) X-Lite 4 XStandard Yahoo! Messenger YouTube Downloader 3.4 . ==== Event Viewer Messages From Past Week ======== . 7/9/2012 8:38:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard EUBKMON EUDSKACS EUFDDISK i8042prt MpFilter SBRE spldr SRTSP SRTSPX vmm Wanarpv6 7/9/2012 8:09:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt SRTSP SRTSPX 7/9/2012 8:05:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard EUBKMON EUDSKACS EUFDDISK i8042prt MpFilter spldr SRTSP SRTSPX vmm Wanarpv6 7/9/2012 8:03:38 PM, Error: EventLog [6008] - The previous system shutdown at 8:01:06 PM on 7/9/2012 was unexpected. 7/9/2012 7:55:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect. 7/9/2012 5:45:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 7/9/2012 5:45:37 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/9/2012 5:45:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/9/2012 12:48:54 AM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 002197CA414A. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 7/9/2012 10:30:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP cmdGuard EUBKMON EUDSKACS EUFDDISK i8042prt MpFilter SBRE spldr SRTSP SRTSPX vmm Wanarpv6 7/9/2012 10:30:51 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 7/9/2012 10:30:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 7/9/2012 10:30:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 7/9/2012 10:30:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 7/9/2012 10:30:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 7/9/2012 10:30:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 7/9/2012 10:29:19 PM, Error: EventLog [6008] - The previous system shutdown at 10:26:57 PM on 7/9/2012 was unexpected. 7/9/2012 10:18:25 PM, Error: EventLog [6008] - The previous system shutdown at 10:16:25 PM on 7/9/2012 was unexpected. 7/9/2012 10:14:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Deployment Agent Service service to connect. 7/9/2012 10:14:09 PM, Error: Service Control Manager [7000] - The Web Deployment Agent Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/9/2012 10:06:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 7/9/2012 1:58:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030} 7/9/2012 1:09:16 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s). 7/9/2012 1:09:16 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:27:43 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. 7/8/2012 11:27:04 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 7/8/2012 11:26:45 PM, Error: Service Control Manager [7034] - The EaseUS Agent Service service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:26:29 PM, Error: Service Control Manager [7034] - The Guard Agent Service service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:26:20 PM, Error: Service Control Manager [7034] - The IDriveE Service service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:26:16 PM, Error: Service Control Manager [7034] - The ApacheScriptcase6 service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:25:43 PM, Error: Service Control Manager [7034] - The SBSD Security Center Service service terminated unexpectedly. It has done this 1 time(s). 7/8/2012 11:25:35 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 7/10/2012 7:51:43 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt SBRE SRTSP SRTSPX 7/10/2012 7:51:40 AM, Error: Service Control Manager [7023] - The HP CUE DeviceDiscovery Service service terminated with the following error: The system cannot find the file specified. . ==== End Of File ===========================

I've checked my DNS and all is good. When I do a Google search oftentimes when I click on a search result it's redirected to Amazon.com, infomash, etc. I've installed and run the latest versions of Malwarebytes, Spybot Search & Destroy, Lavasoft Adaware, and MS Security Essentials. All come up clean. I've recently uninstalled the Adaware as it bogged down my system on startup. Below is the Hijack This log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:06:23 PM, on 7/9/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Safe mode with network support Running processes: C:\Users\Nick\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cndt R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" O4 - HKLM\..\Run: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" O4 - HKLM\..\Run: [Wondershare Helper Compact] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [cdloader] "C:\Users\Nick\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [30319.01] rundll32.exe "C:\Users\Nick\AppData\Local\ABBYY\30319.01\twsqoly.dll",CreateInstance (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} (Java Plug-in 1.6.0_25) - O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: Guard Agent Service (Guard Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9352 bytes