|
|
| Computer Technical Help Post your questions about computer hardware and software and configuring same here. |
07-13-2012, 12:44 PM
|
#1
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Any help is appreciated.
Kasperky TDSS Log
Quote:
09:59:15.0803 4184 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
09:59:16.0541 4184 ================================================== ==========
09:59:16.0541 4184 Current date / time: 2012/07/13 09:59:16.0541
09:59:16.0541 4184 SystemInfo:
09:59:16.0541 4184
09:59:16.0541 4184 OS Version: 6.0.6002 ServicePack: 2.0
09:59:16.0541 4184 Product type: Workstation
09:59:16.0541 4184 ComputerName: OWNER-PC
09:59:16.0542 4184 UserName: Owner
09:59:16.0542 4184 Windows directory: C:\Windows
09:59:16.0542 4184 System windows directory: C:\Windows
09:59:16.0542 4184 Running under WOW64
09:59:16.0542 4184 Processor architecture: Intel x64
09:59:16.0542 4184 Number of processors: 2
09:59:16.0542 4184 Page size: 0x1000
09:59:16.0542 4184 Boot type: Normal boot
09:59:16.0542 4184 ================================================== ==========
09:59:17.0127 4184 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:59:17.0136 4184 ================================================== ==========
09:59:17.0136 4184 \Device\Harddisk0\DR0:
09:59:17.0136 4184 MBR partitions:
09:59:17.0136 4184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:59:17.0136 4184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
09:59:17.0137 4184 ================================================== ==========
09:59:17.0177 4184 C: <-> \Device\Harddisk0\DR0\Partition1
09:59:17.0219 4184 E: <-> \Device\Harddisk0\DR0\Partition0
09:59:17.0219 4184 ================================================== ==========
09:59:17.0219 4184 Initialize success
09:59:17.0219 4184 ================================================== ==========
10:00:06.0381 3540 ================================================== ==========
10:00:06.0381 3540 Scan started
10:00:06.0381 3540 Mode: Manual;
10:00:06.0381 3540 ================================================== ==========
10:00:06.0792 3540 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
10:00:06.0795 3540 ACPI - ok
10:00:06.0874 3540 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:00:06.0875 3540 AdobeARMservice - ok
10:00:07.0014 3540 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
10:00:07.0017 3540 AdobeFlashPlayerUpdateSvc - ok
10:00:07.0106 3540 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
10:00:07.0110 3540 adp94xx - ok
10:00:07.0169 3540 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
10:00:07.0171 3540 adpahci - ok
10:00:07.0196 3540 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
10:00:07.0197 3540 adpu160m - ok
10:00:07.0226 3540 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
10:00:07.0228 3540 adpu320 - ok
10:00:07.0292 3540 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
10:00:07.0293 3540 AeLookupSvc - ok
10:00:07.0385 3540 AESTFilters (9cac9e19d71e4af99920fcc3eca0e3f1) C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_cce24a4c\AESTSr64.exe
10:00:07.0386 3540 AESTFilters - ok
10:00:07.0444 3540 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
10:00:07.0447 3540 AFD - ok
10:00:07.0477 3540 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
10:00:07.0478 3540 agp440 - ok
10:00:07.0519 3540 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
10:00:07.0520 3540 aic78xx - ok
10:00:07.0537 3540 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
10:00:07.0538 3540 ALG - ok
10:00:07.0553 3540 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
10:00:07.0554 3540 aliide - ok
10:00:07.0573 3540 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
10:00:07.0573 3540 amdide - ok
10:00:07.0590 3540 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
10:00:07.0591 3540 AmdK8 - ok
10:00:07.0620 3540 ApfiltrService (8c85c812569df851e7a2159147323dfa) C:\Windows\system32\DRIVERS\Apfiltr.sys
10:00:07.0622 3540 ApfiltrService - ok
10:00:07.0677 3540 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
10:00:07.0678 3540 Appinfo - ok
10:00:07.0797 3540 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:00:07.0799 3540 Apple Mobile Device - ok
10:00:07.0847 3540 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
10:00:07.0848 3540 arc - ok
10:00:07.0882 3540 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
10:00:07.0883 3540 arcsas - ok
10:00:07.0913 3540 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
10:00:07.0913 3540 AsyncMac - ok
10:00:07.0945 3540 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
10:00:07.0946 3540 atapi - ok
10:00:08.0014 3540 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:00:08.0019 3540 AudioEndpointBuilder - ok
10:00:08.0027 3540 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:00:08.0031 3540 AudioSrv - ok
10:00:08.0136 3540 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:00:08.0138 3540 BBSvc - ok
10:00:08.0204 3540 bcm (9725c48e5ec9ab239a7e999f1ee7ee0d) C:\Windows\system32\DRIVERS\drxvi314_64.sys
10:00:08.0208 3540 bcm - ok
10:00:08.0246 3540 BCM42RLY (70a746dca80368a4155ba9014dc103d9) C:\Windows\system32\drivers\BCM42RLY.sys
10:00:08.0247 3540 BCM42RLY - ok
10:00:08.0445 3540 BCM43XX (b76505d76984d935214e118753bdb2cb) C:\Windows\system32\DRIVERS\bcmwl664.sys
10:00:08.0458 3540 BCM43XX - ok
10:00:08.0500 3540 bcmbusctr (34e604e2b7cfed79ac31c4894c5989a6) C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
10:00:08.0501 3540 bcmbusctr - ok
10:00:08.0600 3540 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
10:00:08.0605 3540 BFE - ok
10:00:08.0855 3540 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\2 0120711.002\BHDrvx64.sys
10:00:08.0866 3540 BHDrvx64 - ok
10:00:09.0085 3540 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
10:00:09.0097 3540 BITS - ok
10:00:09.0148 3540 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
10:00:09.0150 3540 blbdrive - ok
10:00:09.0253 3540 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:00:09.0258 3540 Bonjour Service - ok
10:00:09.0289 3540 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
10:00:09.0290 3540 bowser - ok
10:00:09.0318 3540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
10:00:09.0318 3540 BrFiltLo - ok
10:00:09.0327 3540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
10:00:09.0328 3540 BrFiltUp - ok
10:00:09.0369 3540 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
10:00:09.0370 3540 Browser - ok
10:00:09.0386 3540 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
10:00:09.0387 3540 Brserid - ok
10:00:09.0405 3540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
10:00:09.0406 3540 BrSerWdm - ok
10:00:09.0414 3540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
10:00:09.0415 3540 BrUsbMdm - ok
10:00:09.0425 3540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
10:00:09.0426 3540 BrUsbSer - ok
10:00:09.0455 3540 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
10:00:09.0456 3540 BTHMODEM - ok
10:00:09.0653 3540 CACLEARWIRE (4fb313e24e8d8f107da89053e14fb8ae) C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe
10:00:09.0654 3540 CACLEARWIRE - ok
10:00:09.0689 3540 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
10:00:09.0690 3540 cdfs - ok
10:00:09.0733 3540 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
10:00:09.0734 3540 cdrom - ok
10:00:09.0767 3540 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:00:09.0768 3540 CertPropSvc - ok
10:00:09.0792 3540 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
10:00:09.0793 3540 circlass - ok
10:00:09.0920 3540 clearwireDeviceDiagnosticsService (c4ed9e7a82270ca1adb522a69ce50523) C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe
10:00:09.0923 3540 clearwireDeviceDiagnosticsService - ok
10:00:10.0001 3540 CLEARWIRERcAppSvc (7e4ce75deaec4a295b226110fd8d82f8) C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe
10:00:10.0002 3540 CLEARWIRERcAppSvc - ok
10:00:10.0069 3540 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
10:00:10.0073 3540 CLFS - ok
10:00:10.0141 3540 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
10:00:10.0142 3540 clr_optimization_v2.0.50727_32 - ok
10:00:10.0198 3540 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
10:00:10.0199 3540 clr_optimization_v2.0.50727_64 - ok
10:00:10.0280 3540 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
10:00:10.0283 3540 clr_optimization_v4.0.30319_32 - ok
10:00:10.0343 3540 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
10:00:10.0345 3540 clr_optimization_v4.0.30319_64 - ok
10:00:10.0413 3540 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
10:00:10.0414 3540 CmBatt - ok
10:00:10.0451 3540 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
10:00:10.0452 3540 cmdide - ok
10:00:10.0471 3540 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
10:00:10.0472 3540 Compbatt - ok
10:00:10.0478 3540 COMSysApp - ok
10:00:10.0487 3540 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
10:00:10.0488 3540 crcdisk - ok
10:00:10.0546 3540 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
10:00:10.0549 3540 CryptSvc - ok
10:00:10.0669 3540 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:00:10.0678 3540 DcomLaunch - ok
10:00:10.0715 3540 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
10:00:10.0716 3540 DfsC - ok
10:00:11.0069 3540 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
10:00:11.0101 3540 DFSR - ok
10:00:11.0262 3540 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
10:00:11.0265 3540 Dhcp - ok
10:00:11.0305 3540 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
10:00:11.0306 3540 disk - ok
10:00:11.0365 3540 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
10:00:11.0366 3540 Dnscache - ok
10:00:11.0499 3540 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe
10:00:11.0500 3540 DockLoginService - ok
10:00:11.0541 3540 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
10:00:11.0543 3540 dot3svc - ok
10:00:11.0617 3540 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
10:00:11.0618 3540 DPS - ok
10:00:11.0652 3540 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
10:00:11.0653 3540 drmkaud - ok
10:00:11.0748 3540 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
10:00:11.0755 3540 DXGKrnl - ok
10:00:11.0825 3540 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
10:00:11.0827 3540 e1express - ok
10:00:11.0855 3540 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
10:00:11.0857 3540 E1G60 - ok
10:00:11.0899 3540 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
10:00:11.0900 3540 EapHost - ok
10:00:11.0954 3540 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
10:00:11.0956 3540 Ecache - ok
10:00:12.0064 3540 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:00:12.0069 3540 eeCtrl - ok
10:00:12.0161 3540 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
10:00:12.0164 3540 ehRecvr - ok
10:00:12.0184 3540 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
10:00:12.0186 3540 ehSched - ok
10:00:12.0215 3540 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
10:00:12.0216 3540 ehstart - ok
10:00:12.0293 3540 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
10:00:12.0297 3540 elxstor - ok
10:00:12.0370 3540 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
10:00:12.0374 3540 EMDMgmt - ok
10:00:12.0461 3540 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:00:12.0463 3540 EraserUtilRebootDrv - ok
10:00:12.0480 3540 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
10:00:12.0481 3540 ErrDev - ok
10:00:12.0557 3540 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
10:00:12.0561 3540 EventSystem - ok
10:00:12.0615 3540 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
10:00:12.0617 3540 exfat - ok
10:00:12.0664 3540 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
10:00:12.0667 3540 fastfat - ok
10:00:12.0686 3540 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
10:00:12.0688 3540 fdc - ok
10:00:12.0733 3540 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
10:00:12.0734 3540 fdPHost - ok
10:00:12.0755 3540 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
10:00:12.0757 3540 FDResPub - ok
10:00:12.0776 3540 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
10:00:12.0778 3540 FileInfo - ok
10:00:12.0798 3540 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
10:00:12.0799 3540 Filetrace - ok
10:00:12.0816 3540 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:00:12.0817 3540 flpydisk - ok
10:00:12.0867 3540 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
10:00:12.0870 3540 FltMgr - ok
10:00:13.0050 3540 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
10:00:13.0062 3540 FontCache - ok
10:00:13.0132 3540 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
10:00:13.0134 3540 FontCache3.0.0.0 - ok
10:00:13.0179 3540 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
10:00:13.0180 3540 Fs_Rec - ok
10:00:13.0210 3540 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
10:00:13.0211 3540 gagp30kx - ok
10:00:13.0246 3540 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\Drivers\GEARAspiWDM.sys
10:00:13.0247 3540 GEARAspiWDM - ok
10:00:13.0365 3540 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
10:00:13.0366 3540 getPlusHelper - ok
10:00:13.0458 3540 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
10:00:13.0463 3540 gpsvc - ok
10:00:13.0575 3540 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:00:13.0582 3540 HDAudBus - ok
10:00:13.0616 3540 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
10:00:13.0617 3540 HidBth - ok
10:00:13.0635 3540 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
10:00:13.0636 3540 HidIr - ok
10:00:13.0665 3540 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
10:00:13.0666 3540 hidserv - ok
10:00:13.0689 3540 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
10:00:13.0690 3540 HidUsb - ok
10:00:13.0731 3540 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
10:00:13.0733 3540 hkmsvc - ok
10:00:13.0757 3540 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
10:00:13.0758 3540 HpCISSs - ok
10:00:13.0828 3540 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
10:00:13.0833 3540 HTTP - ok
10:00:13.0866 3540 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
10:00:13.0867 3540 i2omp - ok
10:00:13.0905 3540 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
10:00:13.0906 3540 i8042prt - ok
10:00:14.0006 3540 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:00:14.0009 3540 IAANTMON - ok
10:00:14.0059 3540 iaStor (07fb761600eff44af02c35b8b57e5863) C:\Windows\system32\drivers\iastor.sys
10:00:14.0062 3540 iaStor - ok
10:00:14.0098 3540 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
10:00:14.0100 3540 iaStorV - ok
10:00:14.0240 3540 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:00:14.0248 3540 idsvc - ok
10:00:14.0409 3540 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20 120712.001\IDSvia64.sys
10:00:14.0414 3540 IDSVia64 - ok
10:00:15.0336 3540 igfx (d4a887f145e96fa9f08c1d1d67ea6546) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:00:15.0385 3540 igfx - ok
10:00:15.0507 3540 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
10:00:15.0508 3540 iirsp - ok
10:00:15.0581 3540 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
10:00:15.0585 3540 IKEEXT - ok
10:00:15.0598 3540 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
10:00:15.0599 3540 intelide - ok
10:00:15.0611 3540 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
10:00:15.0612 3540 intelppm - ok
10:00:15.0649 3540 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
10:00:15.0651 3540 IPBusEnum - ok
10:00:15.0678 3540 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:00:15.0679 3540 IpFilterDriver - ok
10:00:15.0721 3540 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
10:00:15.0723 3540 iphlpsvc - ok
10:00:15.0730 3540 IpInIp - ok
10:00:15.0743 3540 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
10:00:15.0745 3540 IPMIDRV - ok
10:00:15.0768 3540 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
10:00:15.0770 3540 IPNAT - ok
10:00:15.0899 3540 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:00:15.0906 3540 iPod Service - ok
10:00:15.0927 3540 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
10:00:15.0928 3540 IRENUM - ok
10:00:15.0958 3540 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
10:00:15.0959 3540 isapnp - ok
10:00:16.0008 3540 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
10:00:16.0010 3540 iScsiPrt - ok
10:00:16.0025 3540 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
10:00:16.0026 3540 iteatapi - ok
10:00:16.0064 3540 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
10:00:16.0065 3540 iteraid - ok
10:00:16.0082 3540 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
10:00:16.0084 3540 kbdclass - ok
10:00:16.0098 3540 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:00:16.0100 3540 kbdhid - ok
10:00:16.0135 3540 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:00:16.0137 3540 KeyIso - ok
10:00:16.0224 3540 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
10:00:16.0230 3540 KSecDD - ok
10:00:16.0268 3540 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
10:00:16.0269 3540 ksthunk - ok
10:00:16.0354 3540 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
10:00:16.0359 3540 KtmRm - ok
10:00:16.0399 3540 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
10:00:16.0403 3540 LanmanServer - ok
10:00:16.0488 3540 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
10:00:16.0493 3540 LanmanWorkstation - ok
10:00:16.0535 3540 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
10:00:16.0537 3540 lltdio - ok
10:00:16.0595 3540 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
10:00:16.0599 3540 lltdsvc - ok
10:00:16.0625 3540 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
10:00:16.0627 3540 lmhosts - ok
10:00:16.0682 3540 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
10:00:16.0683 3540 LSI_FC - ok
10:00:16.0716 3540 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
10:00:16.0718 3540 LSI_SAS - ok
10:00:16.0742 3540 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
10:00:16.0744 3540 LSI_SCSI - ok
10:00:16.0768 3540 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
10:00:16.0770 3540 luafv - ok
10:00:16.0798 3540 lxcf_device - ok
10:00:16.0897 3540 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
10:00:16.0900 3540 McComponentHostService - ok
10:00:16.0933 3540 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
10:00:16.0935 3540 Mcx2Svc - ok
10:00:16.0963 3540 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
10:00:16.0964 3540 megasas - ok
10:00:17.0018 3540 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
10:00:17.0023 3540 MegaSR - ok
10:00:17.0050 3540 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:00:17.0052 3540 MMCSS - ok
10:00:17.0078 3540 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
10:00:17.0079 3540 Modem - ok
10:00:17.0095 3540 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
10:00:17.0096 3540 monitor - ok
10:00:17.0115 3540 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
10:00:17.0116 3540 mouclass - ok
10:00:17.0126 3540 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
10:00:17.0126 3540 mouhid - ok
10:00:17.0150 3540 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
10:00:17.0151 3540 MountMgr - ok
10:00:17.0227 3540 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:00:17.0228 3540 MozillaMaintenance - ok
10:00:17.0262 3540 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
10:00:17.0264 3540 mpio - ok
10:00:17.0297 3540 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
10:00:17.0298 3540 mpsdrv - ok
10:00:17.0368 3540 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
10:00:17.0373 3540 MpsSvc - ok
10:00:17.0386 3540 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
10:00:17.0387 3540 Mraid35x - ok
10:00:17.0434 3540 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
10:00:17.0436 3540 MRxDAV - ok
10:00:17.0470 3540 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:00:17.0471 3540 mrxsmb - ok
10:00:17.0512 3540 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:00:17.0514 3540 mrxsmb10 - ok
10:00:17.0532 3540 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:00:17.0533 3540 mrxsmb20 - ok
10:00:17.0541 3540 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
10:00:17.0542 3540 msahci - ok
10:00:17.0567 3540 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
10:00:17.0568 3540 msdsm - ok
10:00:17.0600 3540 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
10:00:17.0602 3540 MSDTC - ok
10:00:17.0635 3540 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
10:00:17.0635 3540 Msfs - ok
10:00:17.0662 3540 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
10:00:17.0663 3540 msisadrv - ok
10:00:17.0702 3540 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
10:00:17.0704 3540 MSiSCSI - ok
10:00:17.0710 3540 msiserver - ok
10:00:17.0741 3540 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
10:00:17.0741 3540 MSKSSRV - ok
10:00:17.0753 3540 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
10:00:17.0754 3540 MSPCLOCK - ok
10:00:17.0766 3540 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
10:00:17.0767 3540 MSPQM - ok
10:00:17.0825 3540 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
10:00:17.0827 3540 MsRPC - ok
10:00:17.0845 3540 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
10:00:17.0846 3540 mssmbios - ok
10:00:17.0866 3540 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
10:00:17.0867 3540 MSTEE - ok
10:00:17.0875 3540 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
10:00:17.0876 3540 Mup - ok
10:00:17.0957 3540 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
10:00:17.0959 3540 N360 - ok
10:00:18.0014 3540 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
10:00:18.0019 3540 napagent - ok
10:00:18.0085 3540 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
10:00:18.0087 3540 NativeWifiP - ok
10:00:18.0207 3540 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\ 20120712.034\ENG64.SYS
10:00:18.0209 3540 NAVENG - ok
10:00:18.0415 3540 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\ 20120712.034\EX64.SYS
10:00:18.0434 3540 NAVEX15 - ok
10:00:18.0625 3540 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
10:00:18.0632 3540 NDIS - ok
10:00:18.0681 3540 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
10:00:18.0682 3540 NdisTapi - ok
10:00:18.0694 3540 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
10:00:18.0695 3540 Ndisuio - ok
10:00:18.0737 3540 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
10:00:18.0739 3540 NdisWan - ok
10:00:18.0770 3540 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
10:00:18.0771 3540 NDProxy - ok
10:00:18.0785 3540 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
10:00:18.0786 3540 NetBIOS - ok
10:00:18.0836 3540 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
10:00:18.0839 3540 netbt - ok
10:00:18.0892 3540 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:00:18.0894 3540 Netlogon - ok
10:00:18.0955 3540 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
10:00:18.0960 3540 Netman - ok
10:00:19.0024 3540 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
10:00:19.0028 3540 netprofm - ok
10:00:19.0131 3540 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:00:19.0132 3540 NetTcpPortSharing - ok
10:00:19.0165 3540 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
10:00:19.0166 3540 nfrd960 - ok
10:00:19.0194 3540 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
10:00:19.0198 3540 NlaSvc - ok
10:00:19.0288 3540 nosGetPlusHelper (f44addbf29905cb19f52fc9fe6a0efa1) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
10:00:19.0289 3540 nosGetPlusHelper - ok
10:00:19.0323 3540 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
10:00:19.0324 3540 Npfs - ok
10:00:19.0337 3540 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
10:00:19.0339 3540 nsi - ok
10:00:19.0350 3540 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
10:00:19.0351 3540 nsiproxy - ok
10:00:19.0480 3540 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
10:00:19.0490 3540 Ntfs - ok
10:00:19.0595 3540 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
10:00:19.0596 3540 Null - ok
10:00:19.0618 3540 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
10:00:19.0620 3540 nvraid - ok
10:00:19.0631 3540 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
10:00:19.0632 3540 nvstor - ok
10:00:19.0656 3540 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
10:00:19.0658 3540 nv_agp - ok
10:00:19.0661 3540 NwlnkFlt - ok
10:00:19.0667 3540 NwlnkFwd - ok
10:00:19.0721 3540 OA009Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA009Ufd.sys
10:00:19.0722 3540 OA009Ufd - ok
10:00:19.0750 3540 OA009Vid (d460884eb05b90d06b35a1dbc31928df) C:\Windows\system32\DRIVERS\OA009Vid.sys
10:00:19.0753 3540 OA009Vid - ok
10:00:19.0790 3540 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
10:00:19.0791 3540 ohci1394 - ok
10:00:19.0887 3540 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:00:19.0895 3540 p2pimsvc - ok
10:00:19.0906 3540 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:00:19.0913 3540 p2psvc - ok
10:00:19.0939 3540 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
10:00:19.0940 3540 Parport - ok
10:00:19.0978 3540 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
10:00:19.0979 3540 partmgr - ok
10:00:20.0026 3540 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
10:00:20.0029 3540 PcaSvc - ok
10:00:20.0078 3540 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
10:00:20.0080 3540 pci - ok
10:00:20.0097 3540 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
10:00:20.0098 3540 pciide - ok
10:00:20.0138 3540 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
10:00:20.0141 3540 pcmcia - ok
10:00:20.0199 3540 PCTINDIS5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\Windows\system32\PCTINDIS5X64.SYS
10:00:20.0202 3540 PCTINDIS5X64 - ok
10:00:20.0306 3540 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
10:00:20.0313 3540 PEAUTH - ok
10:00:20.0432 3540 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
10:00:20.0434 3540 PerfHost - ok
10:00:20.0621 3540 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
10:00:20.0636 3540 pla - ok
10:00:20.0698 3540 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
10:00:20.0703 3540 PlugPlay - ok
10:00:20.0827 3540 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:00:20.0837 3540 PNRPAutoReg - ok
10:00:20.0850 3540 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:00:20.0860 3540 PNRPsvc - ok
10:00:20.0924 3540 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
10:00:20.0930 3540 PolicyAgent - ok
10:00:21.0000 3540 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
10:00:21.0002 3540 PptpMiniport - ok
10:00:21.0041 3540 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
10:00:21.0043 3540 Processor - ok
10:00:21.0090 3540 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
10:00:21.0093 3540 ProfSvc - ok
10:00:21.0114 3540 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:00:21.0117 3540 ProtectedStorage - ok
10:00:21.0155 3540 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
10:00:21.0156 3540 PSched - ok
10:00:21.0208 3540 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
10:00:21.0209 3540 PxHlpa64 - ok
10:00:21.0326 3540 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
10:00:21.0334 3540 ql2300 - ok
10:00:21.0366 3540 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
10:00:21.0367 3540 ql40xx - ok
10:00:21.0420 3540 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
10:00:21.0423 3540 QWAVE - ok
10:00:21.0456 3540 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
10:00:21.0457 3540 QWAVEdrv - ok
10:00:21.0649 3540 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
10:00:21.0666 3540 R300 - ok
10:00:21.0789 3540 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
10:00:21.0789 3540 RasAcd - ok
10:00:21.0835 3540 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
10:00:21.0838 3540 RasAuto - ok
10:00:21.0890 3540 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:00:21.0892 3540 Rasl2tp - ok
10:00:21.0927 3540 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
10:00:21.0931 3540 RasMan - ok
10:00:21.0951 3540 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
10:00:21.0952 3540 RasPppoe - ok
10:00:21.0981 3540 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
10:00:21.0982 3540 RasSstp - ok
10:00:22.0034 3540 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
10:00:22.0037 3540 rdbss - ok
10:00:22.0068 3540 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:00:22.0069 3540 RDPCDD - ok
10:00:22.0113 3540 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
10:00:22.0116 3540 rdpdr - ok
10:00:22.0122 3540 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
10:00:22.0123 3540 RDPENCDD - ok
10:00:22.0165 3540 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
10:00:22.0166 3540 RDPWD - ok
10:00:22.0209 3540 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
10:00:22.0211 3540 RemoteAccess - ok
10:00:22.0265 3540 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
10:00:22.0267 3540 RemoteRegistry - ok
10:00:22.0318 3540 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
10:00:22.0319 3540 RpcLocator - ok
10:00:22.0405 3540 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:00:22.0413 3540 RpcSs - ok
10:00:22.0456 3540 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
10:00:22.0457 3540 rspndr - ok
10:00:22.0486 3540 RTSTOR (ba9306c027a92a7ed685f7c6e2d2b00b) C:\Windows\system32\drivers\RTSTOR64.SYS
10:00:22.0486 3540 RTSTOR - ok
10:00:22.0516 3540 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
10:00:22.0518 3540 SamSs - ok
10:00:22.0537 3540 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
10:00:22.0538 3540 sbp2port - ok
10:00:22.0585 3540 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
10:00:22.0588 3540 SCardSvr - ok
10:00:22.0682 3540 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
10:00:22.0690 3540 Schedule - ok
10:00:22.0719 3540 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:00:22.0720 3540 SCPolicySvc - ok
10:00:22.0768 3540 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
10:00:22.0771 3540 SDRSVC - ok
10:00:22.0883 3540 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:00:22.0885 3540 SeaPort - ok
10:00:22.0962 3540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:00:22.0963 3540 secdrv - ok
10:00:22.0981 3540 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
10:00:22.0984 3540 seclogon - ok
10:00:23.0001 3540 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
10:00:23.0004 3540 SENS - ok
10:00:23.0017 3540 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
10:00:23.0018 3540 Serenum - ok
10:00:23.0034 3540 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
10:00:23.0036 3540 Serial - ok
10:00:23.0055 3540 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
10:00:23.0056 3540 sermouse - ok
10:00:23.0090 3540 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
10:00:23.0093 3540 SessionEnv - ok
10:00:23.0111 3540 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
10:00:23.0112 3540 sffdisk - ok
10:00:23.0135 3540 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
10:00:23.0136 3540 sffp_mmc - ok
10:00:23.0144 3540 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
10:00:23.0145 3540 sffp_sd - ok
10:00:23.0162 3540 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
10:00:23.0163 3540 sfloppy - ok
10:00:23.0235 3540 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
10:00:23.0239 3540 SharedAccess - ok
10:00:23.0299 3540 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
10:00:23.0304 3540 ShellHWDetection - ok
10:00:23.0324 3540 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
10:00:23.0325 3540 SiSRaid2 - ok
10:00:23.0344 3540 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
10:00:23.0345 3540 SiSRaid4 - ok
10:00:23.0556 3540 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
10:00:23.0573 3540 slsvc - ok
10:00:23.0703 3540 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
10:00:23.0705 3540 SLUINotify - ok
10:00:23.0753 3540 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
10:00:23.0754 3540 Smb - ok
10:00:23.0887 3540 SMSI Device Launch Service (c6274392d8ca6f637382764a12ac5673) C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
10:00:23.0888 3540 SMSI Device Launch Service - ok
10:00:23.0935 3540 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
10:00:23.0937 3540 SNMPTRAP - ok
10:00:23.0978 3540 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
10:00:23.0979 3540 spldr - ok
10:00:24.0038 3540 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
10:00:24.0043 3540 Spooler - ok
10:00:24.0180 3540 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502020.003\SR TSP64.SYS
10:00:24.0187 3540 SRTSP - ok
10:00:24.0204 3540 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502020.003\SR TSPX64.SYS
10:00:24.0205 3540 SRTSPX - ok
10:00:24.0288 3540 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
10:00:24.0292 3540 srv - ok
10:00:24.0337 3540 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
10:00:24.0339 3540 srv2 - ok
10:00:24.0367 3540 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
10:00:24.0368 3540 srvnet - ok
10:00:24.0413 3540 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
10:00:24.0417 3540 SSDPSRV - ok
10:00:24.0461 3540 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
10:00:24.0465 3540 SstpSvc - ok
10:00:24.0587 3540 STacSV (2080477f89f82fbd12436bf9770e29a1) C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_cce24a4c\STacSV64.exe
10:00:24.0590 3540 STacSV - ok
10:00:24.0661 3540 STHDA (3281204b2e6049100d0ff04270c2aea5) C:\Windows\system32\DRIVERS\stwrt64.sys
10:00:24.0666 3540 STHDA - ok
10:00:24.0753 3540 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
10:00:24.0762 3540 stisvc - ok
10:00:24.0832 3540 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
10:00:24.0834 3540 stllssvr - ok
10:00:24.0874 3540 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
10:00:24.0875 3540 swenum - ok
10:00:24.0957 3540 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
10:00:24.0964 3540 swprv - ok
10:00:24.0987 3540 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
10:00:24.0988 3540 Symc8xx - ok
10:00:25.0066 3540 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502020.003\SY MDS64.SYS
10:00:25.0070 3540 SymDS - ok
10:00:25.0184 3540 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502020.003\SY MEFA64.SYS
10:00:25.0193 3540 SymEFA - ok
10:00:25.0232 3540 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:00:25.0235 3540 SymEvent - ok
10:00:25.0282 3540 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502020.003\Ir onx64.SYS
10:00:25.0284 3540 SymIRON - ok
10:00:25.0320 3540 SYMTDIv (61d06be74fa23ebb7d816e4468edd19e) C:\Windows\System32\Drivers\N360x64\0502020.003\SY MTDIV.SYS
10:00:25.0326 3540 SYMTDIv - ok
10:00:25.0367 3540 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
10:00:25.0368 3540 Sym_hi - ok
10:00:25.0376 3540 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
10:00:25.0377 3540 Sym_u3 - ok
10:00:25.0470 3540 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
10:00:25.0477 3540 SysMain - ok
10:00:25.0519 3540 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
10:00:25.0521 3540 TabletInputService - ok
10:00:25.0573 3540 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
10:00:25.0577 3540 TapiSrv - ok
10:00:25.0599 3540 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
10:00:25.0602 3540 TBS - ok
10:00:25.0729 3540 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
10:00:25.0739 3540 Tcpip - ok
10:00:25.0758 3540 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
10:00:25.0769 3540 Tcpip6 - ok
10:00:25.0809 3540 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
10:00:25.0810 3540 tcpipreg - ok
10:00:25.0837 3540 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
10:00:25.0838 3540 TDPIPE - ok
10:00:25.0856 3540 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
10:00:25.0857 3540 TDTCP - ok
10:00:25.0891 3540 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
10:00:25.0892 3540 tdx - ok
10:00:25.0925 3540 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
10:00:25.0926 3540 TermDD - ok
10:00:25.0980 3540 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
10:00:25.0986 3540 TermService - ok
10:00:26.0031 3540 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
10:00:26.0036 3540 Themes - ok
10:00:26.0076 3540 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:00:26.0079 3540 THREADORDER - ok
10:00:26.0128 3540 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
10:00:26.0132 3540 TrkWks - ok
10:00:26.0176 3540 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
10:00:26.0177 3540 TrustedInstaller - ok
10:00:26.0223 3540 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:00:26.0224 3540 tssecsrv - ok
10:00:26.0249 3540 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
10:00:26.0251 3540 tunmp - ok
10:00:26.0281 3540 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
10:00:26.0283 3540 tunnel - ok
10:00:26.0315 3540 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
10:00:26.0317 3540 uagp35 - ok
10:00:26.0373 3540 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
10:00:26.0376 3540 udfs - ok
10:00:26.0430 3540 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
10:00:26.0433 3540 UI0Detect - ok
10:00:26.0460 3540 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
10:00:26.0462 3540 uliagpkx - ok
10:00:26.0514 3540 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
10:00:26.0517 3540 uliahci - ok
10:00:26.0548 3540 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
10:00:26.0550 3540 UlSata - ok
10:00:26.0586 3540 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
10:00:26.0588 3540 ulsata2 - ok
10:00:26.0604 3540 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
10:00:26.0605 3540 umbus - ok
10:00:26.0648 3540 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
10:00:26.0654 3540 upnphost - ok
10:00:26.0696 3540 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:00:26.0698 3540 USBAAPL64 - ok
10:00:26.0751 3540 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
10:00:26.0753 3540 usbccgp - ok
10:00:26.0785 3540 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
10:00:26.0786 3540 usbcir - ok
10:00:26.0829 3540 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
10:00:26.0831 3540 usbehci - ok
10:00:26.0864 3540 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
10:00:26.0867 3540 usbhub - ok
10:00:26.0884 3540 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
10:00:26.0886 3540 usbohci - ok
10:00:26.0909 3540 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
10:00:26.0910 3540 usbprint - ok
10:00:26.0931 3540 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:00:26.0933 3540 USBSTOR - ok
10:00:26.0954 3540 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
10:00:26.0955 3540 usbuhci - ok
10:00:26.0995 3540 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
10:00:26.0998 3540 UxSms - ok
10:00:27.0074 3540 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
10:00:27.0082 3540 vds - ok
10:00:27.0107 3540 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
10:00:27.0108 3540 vga - ok
10:00:27.0137 3540 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
10:00:27.0138 3540 VgaSave - ok
10:00:27.0150 3540 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
10:00:27.0151 3540 viaide - ok
10:00:27.0171 3540 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
10:00:27.0173 3540 volmgr - ok
10:00:27.0230 3540 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
10:00:27.0233 3540 volmgrx - ok
10:00:27.0272 3540 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
10:00:27.0274 3540 volsnap - ok
10:00:27.0321 3540 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
10:00:27.0322 3540 vsmraid - ok
10:00:27.0459 3540 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
10:00:27.0469 3540 VSS - ok
10:00:27.0515 3540 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
10:00:27.0519 3540 W32Time - ok
10:00:27.0574 3540 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
10:00:27.0575 3540 WacomPen - ok
10:00:27.0609 3540 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:00:27.0610 3540 Wanarp - ok
10:00:27.0613 3540 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:00:27.0615 3540 Wanarpv6 - ok
10:00:27.0672 3540 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
10:00:27.0678 3540 wcncsvc - ok
10:00:27.0709 3540 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
10:00:27.0712 3540 WcsPlugInService - ok
10:00:27.0733 3540 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
10:00:27.0734 3540 Wd - ok
10:00:27.0816 3540 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
10:00:27.0823 3540 Wdf01000 - ok
10:00:27.0847 3540 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:00:27.0850 3540 WdiServiceHost - ok
10:00:27.0854 3540 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:00:27.0857 3540 WdiSystemHost - ok
10:00:27.0885 3540 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
10:00:27.0889 3540 WebClient - ok
10:00:27.0929 3540 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
10:00:27.0934 3540 Wecsvc - ok
10:00:27.0959 3540 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
10:00:27.0963 3540 wercplsupport - ok
10:00:27.0993 3540 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
10:00:27.0998 3540 WerSvc - ok
10:00:28.0032 3540 WinDefend - ok
10:00:28.0044 3540 WinHttpAutoProxySvc - ok
10:00:28.0141 3540 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
10:00:28.0143 3540 Winmgmt - ok
10:00:28.0367 3540 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
10:00:28.0389 3540 WinRM - ok
10:00:28.0544 3540 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
10:00:28.0553 3540 Wlansvc - ok
10:00:28.0861 3540 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:00:28.0882 3540 wlidsvc - ok
10:00:28.0979 3540 wltrysvc - ok
10:00:29.0022 3540 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:00:29.0023 3540 WmiAcpi - ok
10:00:29.0100 3540 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
10:00:29.0103 3540 wmiApSrv - ok
10:00:29.0151 3540 WMPNetworkSvc - ok
10:00:29.0203 3540 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
10:00:29.0207 3540 WPCSvc - ok
10:00:29.0250 3540 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
10:00:29.0254 3540 WPDBusEnum - ok
10:00:29.0485 3540 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WP F\WPFFontCache_v0400.exe
10:00:29.0492 3540 WPFFontCache_v0400 - ok
10:00:29.0535 3540 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
10:00:29.0536 3540 ws2ifsl - ok
10:00:29.0571 3540 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
10:00:29.0573 3540 wscsvc - ok
10:00:29.0577 3540 WSearch - ok
10:00:29.0760 3540 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:00:29.0780 3540 wuauserv - ok
10:00:29.0875 3540 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:00:29.0877 3540 WUDFRd - ok
10:00:29.0921 3540 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
10:00:29.0924 3540 wudfsvc - ok
10:00:29.0940 3540 yksvc - ok
10:00:29.0992 3540 yukonx64 (b681cadb266b151061e7baa82b0d77b7) C:\Windows\system32\DRIVERS\yk60x64.sys
10:00:29.0995 3540 yukonx64 - ok
10:00:30.0033 3540 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
10:00:30.0424 3540 \Device\Harddisk0\DR0 - ok
10:00:30.0447 3540 Boot (0x1200) (a3e5cedfa0512034b9ffe0baf6b27230) \Device\Harddisk0\DR0\Partition0
10:00:30.0449 3540 \Device\Harddisk0\DR0\Partition0 - ok
10:00:30.0456 3540 Boot (0x1200) (65dac3fb5ecf4e642337042e87de49b8) \Device\Harddisk0\DR0\Partition1
10:00:30.0459 3540 \Device\Harddisk0\DR0\Partition1 - ok
10:00:30.0459 3540 ================================================== ==========
10:00:30.0460 3540 Scan finished
10:00:30.0460 3540 ================================================== ==========
10:00:30.0476 4988 Detected object count: 0
10:00:30.0476 4988 Actual detected object count: 0
|
|
|
|
|
07-13-2012, 12:45 PM
|
#2
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
OTL.txt
Quote:
OTL logfile created on: 7/13/2012 10:44:26 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Owner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 60.22% Memory free
8.12 Gb Paging File | 6.45 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 196.77 Gb Free Space | 69.43% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 7.05 Gb Free Space | 48.09% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/13 10:37:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2011/11/22 12:37:48 | 000,108,376 | ---- | M] () -- C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
PRC - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011/03/29 14:10:00 | 000,407,552 | ---- | M] () -- C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe
PRC - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2008/12/14 23:13:46 | 000,281,600 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\st wrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/12/14 23:13:30 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\st wrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/11/20 05:21:12 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/23 12:28:24 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcfcoms.exe -- (lxcf_device)
SRV:64bit: - [2006/11/02 06:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2012/07/12 01:37:41 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/19 19:11:48 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/11/22 12:37:54 | 000,120,664 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe -- (CLEARWIRERcAppSvc)
SRV - [2011/11/22 12:37:48 | 000,124,760 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe -- (CACLEARWIRE)
SRV - [2011/11/22 12:37:48 | 000,108,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe -- (SMSI Device Launch Service)
SRV - [2011/06/06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011/03/29 14:10:00 | 000,407,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe -- (clearwireDeviceDiagnosticsService)
SRV - [2011/03/15 22:27:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/09/01 15:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/03/29 08:53:22 | 000,068,000 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) @C:\Program Files (x86)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/23 12:27:50 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcfcoms.exe -- (lxcf_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/31 23:21:07 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 20:37:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\S YMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0502020.003\S RTSP64.SYS -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\S RTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\S YMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\S YMDS64.SYS -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\I ronx64.SYS -- (SymIRON)
DRV:64bit: - [2010/08/05 07:55:24 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PCTINDIS5X64.SYS -- (PCTINDIS5X64)
DRV:64bit: - [2010/07/08 13:34:32 | 000,357,248 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\drxvi314_64.sys -- (bcm)
DRV:64bit: - [2010/07/08 13:29:36 | 000,062,976 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BcmBusCtr_64.sys -- (bcmbusctr)
DRV:64bit: - [2009/03/19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008/12/14 23:13:56 | 000,472,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/12/09 00:12:36 | 008,036,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/12/08 00:32:48 | 000,068,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/11/20 05:20:52 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:64bit: - [2008/10/27 06:21:50 | 001,374,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/09/04 00:29:22 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/09/01 05:19:24 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/09/01 05:15:58 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2007/11/14 04:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2012/06/18 19:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\2 0120711.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/06/14 13:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20 120712.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/05/31 15:36:31 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/05/31 15:36:31 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/15 19:45:49 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\ 20120712.034\ex64.sys -- (NAVEX15)
DRV - [2012/05/15 19:45:48 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\ 20120712.034\eng64.sys -- (NAVENG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E5F5814B-3031-4505-8C09-951775750689}
IE:64bit: - HKLM\..\SearchScopes\{E5F5814B-3031-4505-8C09-951775750689}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&s rc={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=14
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=reta il&geo=US&ver=4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?ilc=1"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.4.3
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_30 0_265.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_30 0_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin,version=3.1.0.05: C:\Program Files (x86)\Skyhook Wireless\Loki ActiveX Component\versions\3.1.0.05\loki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/02/03 02:28:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_9_4 [2012/07/13 09:43:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 19:11:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/18 13:08:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 19:11:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/18 13:08:22 | 000,000,000 | ---D | M]
[2009/04/07 17:20:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2012/07/07 00:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\foxb6eh4.default\extensions
[2010/07/15 14:22:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\foxb6eh4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/18 16:22:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\foxb6eh4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/08 23:56:51 | 000,001,832 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\foxb6eh4.default\searchplugins\bing.xml
[2011/07/17 14:07:36 | 000,002,469 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\foxb6eh4.default\searchplugins\safesearch.xm l
[2012/06/11 09:51:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[1627/09/20 00:53:08 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PRO FILES\FOXB6EH4.DEFAULT\EXTENSIONS\UUDEJXGFHT@UUDEJ XGFHT.ORG.XPI
[2012/06/19 19:11:48 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\mozilla firefox\components\coFFPlgn.dll
[2012/03/05 00:17:52 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/05 00:17:52 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [LXCFCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXCFtime. DLL ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{34B9F487-1A89-4383-B763-92AF2FC663A2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{515F1BEF-5663-44FE-82C2-5BE842D13FF6}: DhcpNameServer = 66.233.169.12 64.13.115.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{B7026E4C-5A49-41C9-BF1D-AFA049BD630B}: DhcpNameServer = 66.209.64.20 66.209.64.21
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\boombox_1920x1200.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\boombox_1920x1200.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5d2c7c35-928a-11de-8e38-0023ae1a43df}\Shell - "" = AutoRun
O33 - MountPoints2\{5d2c7c35-928a-11de-8e38-0023ae1a43df}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{63859628-7f37-11df-b8d0-0023ae1a43df}\Shell\AutoRun\command - "" = D:\Window~1\Setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig:64bit - StartUpReg: Broadcom Wireless Manager UI - hkey= - key= - C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: QuickSet - hkey= - key= - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
MsConfig:64bit - StartUpReg: SysTrayApp - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: tisspwiz.exe - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: UfSeAgnt.exe - hkey= - key= - File not found
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/13 10:05:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\kasperskylog
[2012/07/12 23:56:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/12 23:56:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/12 23:56:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/12 23:56:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/12 23:56:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/12 23:56:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/12 23:56:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/12 23:56:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/12 23:56:11 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/12 23:56:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/12 23:56:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/12 23:56:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/12 23:56:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/11 12:17:17 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/03 10:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
[2012/07/03 10:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clearwire
[2012/07/03 10:55:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clearwire
[2012/06/24 15:21:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Macromedia
[2012/06/22 19:48:13 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/22 19:48:13 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/22 19:48:13 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/22 19:47:38 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/22 19:47:38 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2012/06/22 19:47:38 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/22 19:47:38 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2012/06/22 19:47:38 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/22 19:47:38 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2012/06/22 19:47:26 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/22 19:47:26 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2012/06/22 19:47:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/22 19:47:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2012/06/14 00:03:10 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/14 00:03:10 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
========== Files - Modified Within 30 Days ==========
[2012/07/13 10:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/13 09:43:24 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 09:43:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 09:41:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/13 00:17:20 | 000,306,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/13 00:10:27 | 000,718,676 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/13 00:10:27 | 000,604,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/13 00:10:27 | 000,104,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/13 00:07:14 | 003,142,650 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502020.003\C at.DB
[2012/07/12 01:37:41 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 01:37:41 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/12 01:02:06 | 000,014,503 | ---- | M] () -- C:\Users\Owner\Desktop\College Football 2012.ods
[2012/07/08 00:51:00 | 000,028,942 | ---- | M] () -- C:\Users\Owner\Desktop\GAMBLING INCOME SUMMARY RANDY 2012.ods
[2012/07/08 00:50:10 | 000,019,139 | ---- | M] () -- C:\Users\Owner\Desktop\M HOTEL AND CASINO-2012.ods
[2012/07/08 00:47:33 | 000,014,161 | ---- | M] () -- C:\Users\Owner\Desktop\Orleans Hotel and Casino-2012.ods
[2012/07/08 00:43:52 | 000,043,212 | ---- | M] () -- C:\Users\Owner\Desktop\GAMBLING LOG-2012.ods
[2012/07/07 00:48:14 | 000,020,709 | ---- | M] () -- C:\Users\Owner\Desktop\palms 2012.ods
[2012/07/07 00:47:16 | 000,018,635 | ---- | M] () -- C:\Users\Owner\Desktop\Rampart Casino-2012.ods
[2012/07/06 00:05:06 | 000,013,318 | ---- | M] () -- C:\Users\Owner\Desktop\South Point Hotel and Casino-2012.ods
[2012/07/05 23:53:43 | 000,015,451 | ---- | M] () -- C:\Users\Owner\Desktop\Aliante Hotel and Casino-2012.ods
[2012/07/05 23:37:16 | 000,013,810 | ---- | M] () -- C:\Users\Owner\Desktop\Suncoast Hotel and Casino-2012.ods
[2012/07/05 22:38:23 | 000,015,658 | ---- | M] () -- C:\Users\Owner\Desktop\Green Valley Ranch-2012.ods
[2012/07/03 10:55:18 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2012/07/03 10:50:30 | 000,000,238 | ---- | M] () -- C:\Windows\SysWow64\initparams.ini
[2012/06/18 23:19:18 | 000,013,080 | ---- | M] () -- C:\Users\Owner\Desktop\Red Rock Hotel and Casino-2012.ods
[2012/06/18 22:25:26 | 000,017,686 | ---- | M] () -- C:\Users\Owner\Desktop\Sam's Hotel and Casino-2012.ods
[2012/06/13 23:48:02 | 000,002,197 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
========== Files Created - No Company Name ==========
[2012/07/12 00:22:09 | 000,014,503 | ---- | C] () -- C:\Users\Owner\Desktop\College Football 2012.ods
[2012/07/03 10:55:18 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2012/07/03 10:50:30 | 000,000,238 | ---- | C] () -- C:\Windows\SysWow64\initparams.ini
[2011/06/01 12:00:27 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2011/05/20 23:44:34 | 000,001,940 | ---- | C] () -- C:\Users\Owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/23 21:31:31 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/22 15:11:51 | 000,021,225 | ---- | C] () -- C:\Users\Owner\palms.ods
[2009/08/19 22:12:02 | 000,002,042 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2009/04/07 22:17:33 | 000,003,584 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Custom Scans ==========
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/06/24 05:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2009/02/17 16:50:10 | 000,003,391 | RH-- | M] () -- C:\dell.sdr
[2010/06/24 00:19:57 | 000,083,967 | ---- | M] () -- C:\drivers.log
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 09:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:44:20 | 000,074,768 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2009/08/19 15:09:27 | 000,000,200 | ---- | M] () -- C:\lxcf.log
[2006/12/02 00:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/07/13 09:39:12 | 274,145,279 | -HS- | M] () -- C:\pagefile.sys
[2012/07/13 09:59:03 | 000,117,022 | ---- | M] () -- C:\TDSSKiller.2.7.45.0_13.07.2012_09.58.05_log.txt
[2012/07/13 10:01:01 | 000,117,022 | ---- | M] () -- C:\TDSSKiller.2.7.45.0_13.07.2012_09.59.15_log.txt
[2009/03/13 18:48:27 | 000,000,000 | ---- | M] () -- C:\Updates.txt
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:50:40 | 001,927,956 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:53:12 | 000,242,176 | ---- | M] () -- C:\VC_RED.MSI
< %PROGRAMFILES%\*. >
[2010/09/26 10:04:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Action Gaming, Inc
[2012/01/01 00:26:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/02/17 10:41:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/02/17 10:48:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2009/02/17 15:14:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2012/07/03 10:55:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Clearwire
[2012/07/03 10:55:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2009/02/17 15:28:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cozi Express
[2009/02/17 15:20:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative
[2009/02/17 15:20:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Creative Live! Cam
[2009/02/17 15:24:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2009/02/17 15:44:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2009/02/17 15:21:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Video Chat
[2009/02/17 15:20:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell Webcam
[2009/06/15 18:33:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Full Tilt Poker
[2009/06/14 16:44:28 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/02/17 15:16:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/07/13 00:14:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/05/18 13:27:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/11/18 17:02:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2009/08/19 15:53:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 730 Series
[2010/07/21 14:28:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee Security Scan
[2011/03/27 12:50:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2009/02/17 15:19:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/05/20 19:57:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/02/17 15:40:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/12/17 16:08:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/07/10 09:19:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/06/19 19:11:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/19 23:33:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2006/11/02 10:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/10/02 11:57:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton 360
[2010/10/02 11:54:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NortonInstaller
[2009/04/07 19:47:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NOS
[2011/12/27 22:42:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Oberon Media
[2010/12/28 15:49:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2010/07/15 23:37:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStars
[2012/05/18 13:08:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2006/11/02 10:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2009/02/17 15:24:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2010/06/23 21:31:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Skyhook Wireless
[2006/11/02 10:36:07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/02/17 15:25:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WildTangent
[2009/12/19 23:12:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Calendar
[2008/01/20 22:09:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Collaboration
[2008/01/20 22:09:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/04/03 00:55:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2012/04/15 00:37:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/10/17 14:28:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2006/11/02 10:07:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/12/19 23:12:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Gallery
[2009/12/26 21:47:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/12/19 23:12:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2012/03/29 18:11:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Winpoker 6 Shareware
[2011/12/27 22:42:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo! Games
< MD5 for: ATAPI.SYS >
[2008/01/20 21:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/02/17 16:09:37 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=5EB9EF6EEC5D873E94992095A1719BF6 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.0.6001.22134_none_39c3f1ccf31998cb\atapi.sys
[2009/04/11 02:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009/02/17 16:09:37 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\SysNative\drivers\atapi.sys
[2009/02/17 16:09:37 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.0.6001.18034_none_393a5501d9fbf901\atapi.sys
< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f7 00fe698beb14\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb 106e66a7ac19\explorer.exe
[2008/10/29 01:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba2 56ac352b2919\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b858 3e9d7fda0512\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbe bba22f3bab41\explorer.exe
[2008/10/27 21:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac52 66dd4e2b0a41\explorer.exe
[2008/10/29 01:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96 661c3246ea1e\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba13 65f4639c6d3c\explorer.exe
[2008/10/30 00:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03 944b4b794317\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7 112f828bcc3c\explorer.exe
[2008/01/20 21:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add3 42963219dff5\explorer.exe
[2008/01/20 21:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827 ece8667aa1f0\explorer.exe
< MD5 for: IASTOR.SYS >
[2008/09/01 05:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Drivers\storage\R197861\IaStor.sys
[2008/05/07 18:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/09/01 05:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Windows\SysNative\drivers\iaStor.sys
[2008/05/07 18:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
< MD5 for: USERINIT.EXE >
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28 ba15d1aff80b\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_3847 55998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd 15a68a70b877\winlogon.exe
[2008/01/20 21:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe1 9c9a8d4eed2b\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae 7a22d2134741\winlogon.exe
[2008/01/20 21:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc3 0116d4f17bf5\winlogon.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:5095D8B1
< End of report >
|
|
|
|
|
|
07-13-2012, 12:48 PM
|
#3
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
OTLextras
Quote:
OTL Extras logfile created on: 7/13/2012 10:44:27 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Owner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.96 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 60.22% Memory free
8.12 Gb Paging File | 6.45 Gb Available in Paging File | 79.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 196.77 Gb Free Space | 69.43% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 7.05 Gb Free Space | 48.09% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0A 25 CD 8C 2B 81 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{6CE31412-3DA4-4EF1-8A67-11A2D0F44BA1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7E3AD13B-0F19-4AD4-9197-033EDB25C231}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8DEDE6AB-0600-46AB-96A2-8E254F52552A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BBBEAB67-3F09-47EA-AD23-675CF19D8BED}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C601409E-0742-4ED3-BEDF-BF8E1403BB78}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E8E4B7C3-285A-4695-AD66-30AB4DB1C9D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{FE1F7EE2-80D2-4CE6-9EC8-378866F4ACB9}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{0468F27B-DEF5-483D-973E-342F2A946DDB}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0ED13CAF-8E4C-47D0-8CA2-D52D42939D42}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{10A338B9-7CD9-4F76-8642-5B9D5BAAE04E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2AAA8D42-F5B5-4F4F-BCFF-5EA489075474}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\acrobat.com\acrobat.com.exe |
"{42F37C1A-A246-4F45-B851-8F0287A7E24F}" = protocol=17 | dir=in | app=c:\windows\system32\lxcfcoms.exe |
"{455FA222-6650-4049-82DE-84878780F613}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E3EB4E8-E9A2-46F6-A3AE-4B488FBE3A19}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\acrobat.com\acrobat.com.exe |
"{517EE21A-58B3-48C3-A47A-70BD66CC8AA5}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{5ED63CC6-0C48-41D0-9ED9-9A83DABA4C25}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfps wx.exe |
"{73C1F675-EC81-47B3-86E2-AF7CF264513E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{74C9B910-8B07-4455-9484-476E8E303B06}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{75288B77-B914-400B-83AE-205443EE6B11}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{8CC7B9DA-7B91-4651-A1D7-3BBBE139E293}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8D0A4000-D740-4AF1-A812-570CE42841B2}" = protocol=6 | dir=in | app=c:\windows\system32\lxcfcoms.exe |
"{91B2BC94-C828-48BD-AE8D-C8ED0EAACAF7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D0FE91E-E373-43C0-BE7C-F15005F2C976}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AA221321-CC26-4E27-89A3-D17F502A2765}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AB608B58-BCC0-4DD8-8473-E51F1245B26D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{AB73D6B8-232B-4FC0-999B-97A67721F86E}" = protocol=6 | dir=out | app=system |
"{C57CC3EF-E419-4E6B-AB95-9D8D796EBBD8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C81EAAE2-C0C0-4D8D-A12B-BB5E21753504}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CF09F910-20E2-4294-AF9D-6BC4BA60AAF3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxcfps wx.exe |
"{D53C33A4-A334-4EA7-9E5F-2D7F017C6055}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D95B503D-FCDF-40F5-8A73-7D80C9021E01}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E70644FB-866D-4772-AB58-02839E432AA5}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxcfcoms.exe |
"{EE37C5CB-5377-4C9E-8D90-C5C1F0DFA14C}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxcfcoms.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{781337AB-FB90-466A-B06A-46F112C95D54}" = CLEAR Connection Manager
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
"Creative OA009" = Integrated Webcam Driver (1.02.01.0320)
"Lexmark 730 Series" = Lexmark 730 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{6F6D8BC6-CE36-493B-996F-04CD8CCC35A8}" = Bing Bar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7456BBA3-642F-4E59-9F89-7639977D7C39}" = Cozi
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119579387}" = Bejeweled 3
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) for Adobe
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F9A035E8-731F-4437-93E1-8CD9CB9AACF5}" = Video Poker for Winners
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"Lexmark 730 Series" = Lexmark 730 Series
"Loki ActiveX Control" = Loki ActiveX Control
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"PokerStars" = PokerStars
"WinLiveSuite" = Windows Live Essentials
"WinPokerushr" = WinPoker 6 Shareware
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/10/2012 2:36:56 AM | Computer Name = Owner-PC | Source = EventSystem | ID = 4621
Description =
Error - 7/10/2012 12:04:00 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/11/2012 12:53:32 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/11/2012 1:55:41 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/12/2012 1:08:37 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/12/2012 1:03:52 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/12/2012 11:03:26 PM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/13/2012 1:14:47 AM | Computer Name = Owner-PC | Source = EventSystem | ID = 4621
Description =
Error - 7/13/2012 1:17:57 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/13/2012 10:42:37 AM | Computer Name = Owner-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 7/12/2012 11:03:26 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/12/2012 11:56:56 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 7/12/2012 11:57:26 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 7/13/2012 1:17:52 AM | Computer Name = Owner-PC | Source = netbt | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.1.10. The computer with the IP address 192.168.1.1 did not
allow the name to be claimed by this computer.
Error - 7/13/2012 1:17:57 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/13/2012 1:17:57 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/13/2012 1:17:57 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/13/2012 10:42:38 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/13/2012 10:42:38 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/13/2012 10:42:38 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =
|
|
|
|
|
|
07-13-2012, 12:49 PM
|
#4
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Again, thank you for any help. It's much appreciated.
|
|
|
|
|
07-13-2012, 01:32 PM
|
#5
|
|
Pooh-Bah
Join Date: Dec 2003
Location: US
Posts: 3,627
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
I'd just reinstall if you think you have a virus.
|
|
|
|
|
07-13-2012, 05:07 PM
|
#6
|
|
veteran
Join Date: Oct 2011
Posts: 2,361
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
I just fixed some redirect malware on an XP computer with the Microsoft Windows Malicious Software Removal Tool. The computer in question is a mess and old but nothing else worked.
I recommend you go the whole way like you're doing (or reinstall) just the same though.
|
|
|
|
|
07-15-2012, 03:56 AM
|
#7
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 13,000
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Please do not listen to anyone telling you to reinstall your system unless it is me that says it.
I have glanced quickly at your logs, if the following steps do not solve it I will have to look a little deeper.
- Please run OTL.exe again
- Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:
Code:
:files
:otl
[1627/09/20 00:53:08 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PRO FILES\FOXB6EH4.DEFAULT\EXTENSIONS\UUDEJXGFHT@UUDEJXGFHT.ORG.XPI
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E5F5814B-3031-4505-8C09-951775750689}
IE:64bit: - HKLM\..\SearchScopes\{E5F5814B-3031-4505-8C09-951775750689}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&s rc={referrer:source?}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=reta il&geo=US&ver=4
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
:commands
[reboot]
- CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
- If it asks to reboot the computer, please allow that.
- Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)
====================
You need to install the latest version of Java. Having the latest version is important to take advantage of fixes that have eliminated security vulnerabilities. - Go to Start > Control Panel
- Double-click on Add or Remove Programs
- Look for entries that say Java, Java RunTime Environment or J2SE.
- Uninstall all of them that are not named Java (TM) 7 Update 5
After doing this, you can go to java.com, click on Free Java Download and proceed from there to install the latest version of Java (currently Version 7 Update 5).
After installing Java, go to Start > Control Panel > Java to open the Java Control Panel.
Under the General tab, Temporary Internet Files click Settings, then click Delete Files.
Select both options and click OK to delete the Java cache.
====================
LMK if that helped. If not, please inform me whether redirect occur in FF or in all browsers.
|
|
|
|
|
07-15-2012, 04:26 PM
|
#8
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by Gabethebabe
Please do not listen to anyone telling you to reinstall your system unless it is me that says it.
I have glanced quickly at your logs, if the following steps do not solve it I will have to look a little deeper.
- Please run OTL.exe again
- Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:
Code:
:files
:otl
[1627/09/20 00:53:08 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PRO FILES\FOXB6EH4.DEFAULT\EXTENSIONS\UUDEJXGFHT@UUDEJXGFHT.ORG.XPI
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E5F5814B-3031-4505-8C09-951775750689}
IE:64bit: - HKLM\..\SearchScopes\{E5F5814B-3031-4505-8C09-951775750689}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&s rc={referrer:source?}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=reta il&geo=US&ver=4
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_32)
:commands
[reboot]
- CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
- If it asks to reboot the computer, please allow that.
- Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)
|
Many thanks. Here's the log
Quote:
========== FILES ==========
========== OTL ==========
File C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PRO FILES\FOXB6EH4.DEFAULT\EXTENSIONS\UUDEJXGFHT@UUDEJ XGFHT.ORG.XPI not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E5F5814B-3031-4505-8C09-951775750689}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5F5814 B-3031-4505-8C09-951775750689}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE9 3-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE9 3-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E 0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C84 0-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C84 0-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0032-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.54.0 log created on 07152012_134000
|
|
|
|
|
|
07-15-2012, 04:28 PM
|
#9
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by Gabethebabe
After installing Java, go to Start > Control Panel > Java to open the Java Control Panel.
|
Doesn't work. Says application does not exist.
|
|
|
|
|
07-15-2012, 04:30 PM
|
#10
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by Gabethebabe
LMK if that helped. If not, please inform me whether redirect occur in FF or in all browsers.
|
Parents say it occurred in all browsers, but who knows if that information is 100% accurate. They are a bit on the older side and don't know much about computers. Hell, they only casually mentioned the redirect thing to me in a phone call a couple days after the initial instances and didn't think it was a big deal.
|
|
|
|
|
07-15-2012, 04:31 PM
|
#11
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Again, many thanks (don't know if I can repeat that enough)
|
|
|
|
|
07-16-2012, 05:31 AM
|
#12
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 13,000
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by MyTurn2Raise
Doesn't work. Says application does not exist.
|
??
You have installed the newest java and uninstalled the old ones? You have the Java control panel. But it does not work?
LMK if you are still being redirected.
|
|
|
|
|
07-16-2012, 02:02 PM
|
#13
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by Gabethebabe
??
You have installed the newest java and uninstalled the old ones? You have the Java control panel. But it does not work?
LMK if you are still being redirected.
|
yep... this is what my parents are telling me
they've uninstalled past versions and installed the new Java
It says it has successfully installed
It shows up in programs list a v7 update 5
yet, where it should show up in the control panel is a .txt icon with Java label. When clicked, it asks for permission and then says applications does not exist.
They say they are no longer being redirected when surfing the same websites that were being redirected previously.
|
|
|
|
|
07-17-2012, 01:50 AM
|
#14
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 13,000
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Ok, so I don't know what is going on with Java. I'd say uninstall and reinstall and see if it works. Maybe google your problem. You should not be the first user with this problem.
Anyway, if the redirects are gone, the case is solved 
|
|
|
|
|
07-17-2012, 12:08 PM
|
#15
|
|
Drug Free MVP
Join Date: Jun 2005
Location: Descalso, Jay, and the pitcher
Posts: 40,078
|
Re: Think My Parents' Laptop Has a Virus (redirected when clicking search links)
Quote:
Originally Posted by Gabethebabe
Ok, so I don't know what is going on with Java. I'd say uninstall and reinstall and see if it works. Maybe google your problem. You should not be the first user with this problem.
Anyway, if the redirects are gone, the case is solved |
ty ty
Yeah, I had them uninstall and reinstall... same issues.
On to google.
thank you again.
|
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -4. The time now is 02:48 AM.
|
Two Plus Two
