Jump to content
Sign in to follow this  
goofy1139

My computer is running soo slow and internet wont goto address I type

Recommended Posts

The last few days I had a problem with the internet when goto a website it gets redireted to :

 

utils.babylon.com/abt/inde.php?url=ssl-mpv.montiera.comwidget%2entryPoints%2Ffunmoods.js%3FhrdId%3DE803A9D4E63377F%26vrsn%3D1.5.23.22%26smlGrp%3Dnone%26afltId%3D%26tbrid%3Dbase%26age%3D0%26instlate%3D15560%2loader%3DpagePlatformoader%26ssl%3Dtrue%2flashFlag%3Dtrue

 

and now my computer runs extreamly low

 

My computer runs win 7 home premium sp 1

 

6.00 gig ram

64 BIT opperating

 

i don't knowwhat else to say

Edited by JonTom
Removed infected link - JT

Share this post


Link to post
Share on other sites

Hello goofy1139 and :wp:

 

My name is JonTom

  • Malware Logs can sometimes take a lot of time to research and interpret.
  • Please be patient while I try to assist with your problem. If at any time you do not understand what is required, please ask for further explanation.
  • Please note that there is no "Quick Fix" to modern malware infections and we may need to use several different approaches to get your system clean.
  • Read every reply you receive carefully and thoroughly before carrying out the instructions. You may also find it helpful to print out the instructions you receive, as in some instances you may have to disconnect your computer from the Internet.
  • PLEASE NOTE: If you do not reply after 3 days your thread will be closed.
I removed the link you included in your previous post as others may become infected if they click on it.

 

Lets take a look at your machine and see if we can find out what is going on:

 

  • Download and run OTL by Oldtimer

    • Please download OTL by Oldtimer by clicking here and save the file (called OTL.exe) to your desktop.
    • Close all open windows on your computer then Right click on the OTL.exe icon and select "Run as Administrator" to run the program.
    • Check the boxes beside "LOP Check" and "Purity Check".
    • Under Custom Scan paste this in:

    netsvcs

    %SYSTEMDRIVE%\*.exe

    /md5start

    eventlog.dll

    scecli.dll

    netlogon.dll

    cngaudit.dll

    sceclt.dll

    ntelogon.dll

    logevent.dll

    iaStor.sys

    nvstor.sys

    atapi.sys

    IdeChnDr.sys

    viasraid.sys

    AGP440.sys

    vaxscsi.sys

    nvatabus.sys

    viamraid.sys

    nvata.sys

    nvgts.sys

    iastorv.sys

    ViPrt.sys

    eNetHook.dll

    ahcix86.sys

    KR10N.sys

    nvstor32.sys

    ahcix86s.sys

    nvrd32.sys

    symmpi.sys

    adp3132.sys

    /md5stop

    %systemroot%\*. /mp /s

    %systemroot%\system32\*.dll /lockedfiles

    %systemroot%\Tasks\*.job /lockedfiles

    %systemroot%\system32\drivers\*.sys /lockedfiles

    %systemroot%\System32\config\*.sav

    %systemroot%\system32\drivers\*.sys /90

    CREATERESTOREPOINT

    • Click the "Run Scan" button. Do not change any settings unless specifically told to do so. The scan will not take long.
    • When the scan completes, it will open two notepad windows: OTL.Txt and Extras.Txt.
    • Note: These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please Copy and Paste the contents of both files in your next reply. You may need two posts to fit them both in.
  • aswMBR

    • Download aswMBR.exe to your desktop.
    • Double click the aswMBR.exe to run it.
    • When asked if you want to download Avast's virus definitions please select Yes.
    • Click the "Scan" button to start scan.
    Posted Image

     

    • On completion of the scan click save log, save it to your desktop and post in your next reply.
    Posted Image

     

     

    Please post both OTL logs and the aswMBR log in your next reply. You may need to make more than one post to fit all of the information in.

Share this post


Link to post
Share on other sites

Hello goofy1139

 

i have to download the programs with another computer then transfer them

Thats fine. Once we have the logs we will be able to make a start :)

Share this post


Link to post
Share on other sites

Hello goofy1139

 

I have tried all day to run them but can't get them to start. Even in safe mode.

Lets see if we can get a report using a different approach:

 

  • Farbar Recovery Scan Tool

  • Download Farbar Recovery Scan Tool (64-bit version) from here and save it to a flash drive.
  • Once you have saved it on the flash drive, plug the flashdrive into the infected PC.
Enter System Recovery Options.

 

 

  • To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:

 

 

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:

 

 

 

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
Let me know how you get on in your next reply.

 

Share this post


Link to post
Share on other sites

Hello JonTom,

 

Here is the list;

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2012

Ran by SYSTEM at 27-11-2012 09:20:03

Running from F:

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet001

 

==================== Registry (Whitelisted) ===================

 

HKLM...Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor)

HKLM...Run: [intelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray [1933584 2011-01-04] (Intel® Corporation)

HKLM...Run: [ETDCtrl] %ProgramFiles%ElantechETDCtrl.exe [x]

HKLM...Run: [intelWirelessWiMAX] "C:Program FilesIntelWiMAXBinWiMAXCU.exe" /tasktray /nosplash [1622016 2011-06-02] (Intel® Corporation)

HKLM-x32...Run: [CLMLServer] "C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe" [103720 2009-11-01] (CyberLink)

HKLM-x32...Run: [samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun [618496 2010-06-07] ()

HKLM-x32...Run: [avast] "C:Program FilesAVAST SoftwareAvastavastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)

HKLM-x32...Run: [uVS10 Preload] C:Program Files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe [36864 2006-03-06] (Ulead Systems, Inc.)

HKLM-x32...Run: [updatePPShortCut] "C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkPowerProducer" UpdateWithCreateOnce "SoftwareCyberLinkPowerProducer5.0" [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32...Run: [updatePSTShortCut] "C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe" "C:Program Files (x86)CyberLinkDVD Suite" UpdateWithCreateOnce "SoftwareCyberLinkPowerStarter" [x]

HKLM-x32...Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM-x32...Run: [] [x]

HKLM-x32...Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32...Run: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [59280 2012-10-11] (Apple Inc.)

HKLM-x32...Run: [PowerDVD12DMREngine] "C:Program Files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [505872 2012-09-18] (CyberLink)

HKLM-x32...Run: [PowerDVD12Agent] "C:Program Files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [374560 2012-09-18] (CyberLink Corp.)

HKLM-x32...Run: [ROC_roc_ssl_v12] "C:Program Files (x86)AVG Secure SearchROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [x]

HKLM-x32...Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKLM-x32...Run: [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe [302961 2012-11-24] ()

HKUOwner...Run: [spotify Web Helper] "C:UsersOwnerAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [1199576 2012-10-28] (Spotify Ltd)

HKUOwner...Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot [3528128 2012-08-31] (Tonec Inc.)

HKUOwner...Run: [Xvid] C:Program Files (x86)XvidCheckUpdate.exe [8192 2011-01-17] ()

HKLM...Runonce: [GrpConv] grpconv -o [x]

TcpipParameters: [DhcpNameServer] 24.196.64.53 68.113.206.10 24.178.162.3

AppInit_DLLs: C:Windowssystem32nvinitx.dll

Startup: C:UsersDefaultStart MenuProgramsStartupBest Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:ProgramDataBest Buy pc appClickOnceSetup.exe (Microsoft)

Startup: C:UsersDefault UserStart MenuProgramsStartupBest Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:ProgramDataBest Buy pc appClickOnceSetup.exe (Microsoft)

Startup: C:UsersOwnerStart MenuProgramsStartupMagicDisc.lnk

ShortcutTarget: MagicDisc.lnk -> C:Program Files (x86)MagicDiscMagicDisc.exe (MagicISO, Inc.)

 

==================== Services (Whitelisted) ===================

 

2 avast! Antivirus; "C:Program FilesAVAST SoftwareAvastAvastSvc.exe" [44808 2012-10-30] (AVAST Software)

2 CLHNServiceForPowerDVD12; C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [90640 2012-09-18] (CyberLink Corp.)

2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe" [78352 2012-09-18] (CyberLink)

2 CyberLink PowerDVD 12 Media Server Service; "C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe" [295440 2012-09-18] (CyberLink)

2 HOSTS Anti-PUPs; C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware.exe -update [285795 2012-11-24] ()

2 IswSvc; "C:Program FilesCheckPointZAForceFieldIswSvc.exe" [827560 2012-08-30] (Check Point Software Technologies)

2 MBAMScheduler; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)

2 MBAMService; "C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)

3 MyWiFiDHCPDNS; C:Program FilesIntelWiFibinPanDhcpDns.exe [340240 2011-01-04] ()

2 nlsX86cc; "C:WindowsSysWOW64nlssrv32.exe" [66560 2010-11-22] (Nalpeiron Ltd.)

2 RichVideo; "C:Program Files (x86)CyberLinkShared filesRichVideo.exe" [244904 2009-11-30] ()

2 vsmon; C:Program Files (x86)CheckPointZoneAlarmvsmon.exe -service [2447440 2012-10-09] (Check Point Software Technologies LTD)

 

==================== Drivers (Whitelisted) =====================

 

3 AnyDVD; C:WindowsSystem32DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

3 AnyDVD; C:WindowsSysWow64DriversAnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)

2 aswFsBlk; C:WindowsSystem32DriversaswFsBlk.sys [25232 2012-10-30] (AVAST Software)

2 aswMonFlt; C:WindowsSystem32DriversaswMonFlt.sys [71600 2012-10-30] (AVAST Software)

1 aswRdr; C:WindowsSystem32Driversaswrdr2.sys [54072 2012-10-15] (AVAST Software)

1 aswSnx; C:WindowsSystem32DriversaswSnx.sys [984144 2012-10-30] (AVAST Software)

1 aswSP; C:WindowsSystem32DriversaswSP.sys [370288 2012-10-30] (AVAST Software)

1 aswTdi; C:WindowsSystem32DriversaswTdi.sys [59728 2012-10-30] (AVAST Software)

3 AVerPola; C:WindowsSystem32DriversAVerPola.sys [534144 2011-01-03] (AVerMedia TECHNOLOGIES, Inc.)

1 avgtp; ??C:Windowssystem32driversavgtpx64.sys [30568 2012-11-14] (AVG Technologies)

2 ISWKL; ??C:Program FilesCheckPointZAForceFieldISWKL.sys [33712 2012-08-30] (Check Point Software Technologies)

0 KL1; C:WindowsSystem32DriversKL1.sys [460888 2012-01-09] (Kaspersky Lab ZAO)

1 kl2; C:WindowsSystem32Driverskl2.sys [11864 2012-01-09] (Kaspersky Lab ZAO)

1 KLIF; C:WindowsSystem32DriversKLIF.sys [485680 2012-01-09] (Kaspersky Lab)

3 MBAMProtector; ??C:Windowssystem32driversmbam.sys [25928 2012-09-29] (Malwarebytes Corporation)

2 ntk_PowerDVD12; ??C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)

0 SmartDefragDriver; C:WindowsSystem32DriversSmartDefragDriver.sys [17720 2010-11-26] ()

3 StkCMini; C:WindowsSystem32DriversStkCMini.sys [1816968 2010-04-16] (Syntek)

3 SWDUMon; C:WindowsSystem32DriversSWDUMon.sys [15712 2012-11-26] ()

1 Vsdatant; C:WindowsSystem32DriversVsdatant.sys [454232 2011-05-07] (Check Point Software Technologies LTD)

2 {73526619-C24F-470B-9BED-53D455FBB5C6}; ??C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [147704 2012-09-19] (CyberLink Corp.)

 

==================== NetSvcs (Whitelisted) ====================

 

 

==================== One Month Created Files and Folders ========

 

2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST

2012-11-25 12:29 - 2012-11-25 07:22 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 11:14 - 2012-11-25 14:13 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-25 11:14 - 2012-11-25 08:06 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 11:14 - 2012-11-25 07:36 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 11:14 - 2012-11-25 07:18 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:52 - 2012-11-24 18:05 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 14:52 - 2012-11-24 18:05 - 00000000 ____D C:Program Files (x86)Hosts_Anti_Adwares_PUPs

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:07 - 2012-11-24 07:08 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2011-05-30 05:42 - 00255488 ____A C:WindowsSystem32xvidvfw.dll

2012-11-24 06:58 - 2011-05-30 05:42 - 00240640 ____A C:WindowsSysWOW64xvidvfw.dll

2012-11-24 06:58 - 2011-05-23 01:52 - 00153088 ____A C:WindowsSysWOW64xvid.ax

2012-11-24 06:58 - 2011-05-22 23:49 - 00173568 ____A C:WindowsSystem32xvid.ax

2012-11-24 06:58 - 2011-05-22 23:46 - 00645632 ____A C:WindowsSysWOW64xvidcore.dll

2012-11-24 06:58 - 2011-05-22 23:45 - 00696832 ____A C:WindowsSystem32xvidcore.dll

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 17:49 - 2012-11-24 06:58 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:31 - 2012-11-23 14:32 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-22 06:08 - 2012-11-22 06:08 - 00000000 ____D C:UsersOwnerDesktopNew folder (2)

2012-11-22 06:08 - 2012-11-22 06:08 - 00000000 ____D C:UsersOwnerDesktopNew folder

2012-11-21 11:11 - 2012-11-21 11:12 - 00040013 ____A C:UsersOwnerDesktopdds.txt

2012-11-21 11:11 - 2012-11-21 11:12 - 00016134 ____A C:UsersOwnerDesktopattach.txt

2012-11-21 10:48 - 2010-11-26 15:02 - 00017720 ____A C:WindowsSystem32DriversSmartDefragDriver.sys

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:17 - 2012-11-21 06:19 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-20 14:22 - 2012-11-21 05:17 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml

2012-11-20 14:21 - 2012-01-09 16:59 - 00460888 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl1.sys

2012-11-20 14:21 - 2012-01-09 16:59 - 00011864 ____A (Kaspersky Lab ZAO) C:WindowsSystem32Driverskl2.sys

2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk

2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files

2012-11-20 14:16 - 2012-01-09 16:59 - 00485680 ____A (Kaspersky Lab) C:WindowsSystem32Driversklif.sys

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint

2012-11-20 13:46 - 2012-11-20 14:16 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-11-20 13:00 - 2012-11-24 16:32 - 00027026 ____A C:WindowsPFRO.log

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-20 10:22 - 2012-09-29 17:54 - 00025928 ____A (Malwarebytes Corporation) C:WindowsSystem32Driversmbam.sys

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 08:25 - 2012-11-21 07:57 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-23 05:37 - 00000000 ____D C:Program Files (x86)ARWizard3

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersOwnerDesktopARWizard3.lnk

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:38 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:18 - 2012-11-17 13:19 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:20 - 2012-11-17 11:41 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-17 09:59 - 2012-10-03 09:56 - 01914248 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpip.sys

2012-11-17 09:59 - 2012-10-03 09:44 - 00303104 ____A (Microsoft Corporation) C:WindowsSystem32nlasvc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00246272 ____A (Microsoft Corporation) C:WindowsSystem32netcorehc.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00216576 ____A (Microsoft Corporation) C:WindowsSystem32ncsi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00070656 ____A (Microsoft Corporation) C:WindowsSystem32nlaapi.dll

2012-11-17 09:59 - 2012-10-03 09:44 - 00018944 ____A (Microsoft Corporation) C:WindowsSystem32netevent.dll

2012-11-17 09:59 - 2012-10-03 09:42 - 00569344 ____A (Microsoft Corporation) C:WindowsSystem32iphlpsvc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00175104 ____A (Microsoft Corporation) C:WindowsSysWOW64netcorehc.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00156672 ____A (Microsoft Corporation) C:WindowsSysWOW64ncsi.dll

2012-11-17 09:59 - 2012-10-03 08:42 - 00018944 ____A (Microsoft Corporation) C:WindowsSysWOW64netevent.dll

2012-11-17 09:59 - 2012-10-03 08:07 - 00045568 ____A (Microsoft Corporation) C:WindowsSystem32Driverstcpipreg.sys

2012-11-17 09:59 - 2012-01-12 23:12 - 00052224 ____A (Microsoft Corporation) C:WindowsSysWOW64nlaapi.dll

2012-11-16 15:54 - 2012-11-16 16:52 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 03:37 - 2012-11-26 17:53 - 00003762 ____A C:Windowssetupact.log

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-15 18:35 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdf01000.sys

2012-11-15 18:35 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:WindowsSystem32DriversWdfLdr.sys

2012-11-15 18:35 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:WindowsSystem32Wdfres.dll

2012-11-15 18:35 - 2012-06-02 06:35 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_Kernel_01011_Inbox_Critical.Wdf

2012-11-15 18:30 - 2012-10-08 04:19 - 17811968 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.dll

2012-11-15 18:30 - 2012-10-08 03:42 - 10925568 ____A (Microsoft Corporation) C:WindowsSystem32ieframe.dll

2012-11-15 18:30 - 2012-10-08 03:31 - 02312704 ____A (Microsoft Corporation) C:WindowsSystem32jscript9.dll

2012-11-15 18:30 - 2012-10-08 03:24 - 01346048 ____A (Microsoft Corporation) C:WindowsSystem32urlmon.dll

2012-11-15 18:30 - 2012-10-08 03:23 - 01392128 ____A (Microsoft Corporation) C:WindowsSystem32wininet.dll

2012-11-15 18:30 - 2012-10-08 03:22 - 01494528 ____A (Microsoft Corporation) C:WindowsSystem32inetcpl.cpl

2012-11-15 18:30 - 2012-10-08 03:22 - 00237056 ____A (Microsoft Corporation) C:WindowsSystem32url.dll

2012-11-15 18:30 - 2012-10-08 03:20 - 00085504 ____A (Microsoft Corporation) C:WindowsSystem32jsproxy.dll

2012-11-15 18:30 - 2012-10-08 03:18 - 00173056 ____A (Microsoft Corporation) C:WindowsSystem32ieUnatt.exe

2012-11-15 18:30 - 2012-10-08 03:17 - 00816640 ____A (Microsoft Corporation) C:WindowsSystem32jscript.dll

2012-11-15 18:30 - 2012-10-08 03:17 - 00599040 ____A (Microsoft Corporation) C:WindowsSystem32vbscript.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 02144768 ____A (Microsoft Corporation) C:WindowsSystem32iertutil.dll

2012-11-15 18:30 - 2012-10-08 03:15 - 00729088 ____A (Microsoft Corporation) C:WindowsSystem32msfeeds.dll

2012-11-15 18:30 - 2012-10-08 03:13 - 02382848 ____A (Microsoft Corporation) C:WindowsSystem32mshtml.tlb

2012-11-15 18:30 - 2012-10-08 03:13 - 00096768 ____A (Microsoft Corporation) C:WindowsSystem32mshtmled.dll

2012-11-15 18:30 - 2012-10-08 03:09 - 00248320 ____A (Microsoft Corporation) C:WindowsSystem32ieui.dll

2012-11-15 18:30 - 2012-10-08 00:28 - 12320768 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll

2012-11-15 18:30 - 2012-10-08 00:02 - 09738240 ____A (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll

2012-11-15 18:30 - 2012-10-07 23:56 - 01800704 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01129472 ____A (Microsoft Corporation) C:WindowsSysWOW64wininet.dll

2012-11-15 18:30 - 2012-10-07 23:48 - 01103872 ____A (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll

2012-11-15 18:30 - 2012-10-07 23:47 - 01427968 ____A (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2012-11-15 18:30 - 2012-10-07 23:46 - 00231936 ____A (Microsoft Corporation) C:WindowsSysWOW64url.dll

2012-11-15 18:30 - 2012-10-07 23:45 - 00065024 ____A (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll

2012-11-15 18:30 - 2012-10-07 23:44 - 00142848 ____A (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe

2012-11-15 18:30 - 2012-10-07 23:43 - 00717824 ____A (Microsoft Corporation) C:WindowsSysWOW64jscript.dll

2012-11-15 18:30 - 2012-10-07 23:43 - 00420864 ____A (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll

2012-11-15 18:30 - 2012-10-07 23:42 - 00607744 ____A (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 01793024 ____A (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll

2012-11-15 18:30 - 2012-10-07 23:41 - 00073216 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll

2012-11-15 18:30 - 2012-10-07 23:40 - 02382848 ____A (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb

2012-11-15 18:30 - 2012-10-07 23:37 - 00176640 ____A (Microsoft Corporation) C:WindowsSysWOW64ieui.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00744448 ____A (Microsoft Corporation) C:WindowsSystem32WUDFx.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00229888 ____A (Microsoft Corporation) C:WindowsSystem32WUDFHost.exe

2012-11-15 18:29 - 2012-07-25 19:08 - 00194048 ____A (Microsoft Corporation) C:WindowsSystem32WUDFPlatform.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00084992 ____A (Microsoft Corporation) C:WindowsSystem32WUDFSvc.dll

2012-11-15 18:29 - 2012-07-25 19:08 - 00045056 ____A (Microsoft Corporation) C:WindowsSystem32WUDFCoinstaller.dll

2012-11-15 18:29 - 2012-07-25 18:26 - 00198656 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFRd.sys

2012-11-15 18:29 - 2012-07-25 18:26 - 00087040 ____A (Microsoft Corporation) C:WindowsSystem32DriversWUDFPf.sys

2012-11-15 18:29 - 2012-06-02 06:57 - 00000003 ____A C:WindowsSystem32DriversMsftWdf_User_01_11_00_Inbox_Critical.Wdf

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:36 - 2012-10-18 10:25 - 03149824 ____A (Microsoft Corporation) C:WindowsSystem32win32k.sys

2012-11-15 04:36 - 2012-10-09 10:17 - 00226816 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 10:17 - 00055296 ____A (Microsoft Corporation) C:WindowsSystem32dhcpcsvc6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00193536 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcore6.dll

2012-11-15 04:36 - 2012-10-09 09:40 - 00044032 ____A (Microsoft Corporation) C:WindowsSysWOW64dhcpcsvc6.dll

2012-11-15 04:31 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:WindowsSysWOW64synceng.dll

2012-11-15 04:31 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:WindowsSystem32synceng.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-11-26 17:54 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-11-14 12:30 - 2012-11-26 17:16 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 08:21 - 2012-11-14 08:27 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:33 - 2012-11-12 10:34 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

2012-11-10 15:48 - 2012-11-10 17:15 - 00005978 ____A C:UsersOwnerDesktopcatholicism.txt

2012-11-09 14:07 - 2012-11-09 14:07 - 00000817 ____A C:UsersPublicDesktopPlay Pirate101.lnk

2012-11-09 14:07 - 2012-11-09 14:07 - 00000000 ____D C:UsersAll UsersKingsIsle Entertainment

2012-11-09 06:28 - 2012-11-09 06:49 - 00000000 ____D C:UsersPublicDocumentsCyberLink

2012-11-09 06:28 - 2012-11-09 06:28 - 00000000 ____D C:UsersOwnerAppDataLocalMediaServer

2012-11-09 06:28 - 2012-11-09 06:28 - 00000000 ____D C:MediaServer

2012-11-09 06:27 - 2012-11-09 06:49 - 00000000 ____D C:UsersAll UsersPDVD

2012-11-09 06:27 - 2012-11-09 06:27 - 00002188 ____A C:UsersPublicDesktopCyberLink PowerDVD 12.lnk

2012-11-09 06:23 - 2012-11-09 06:23 - 00000000 ____D C:UsersAll Usersinstall_clap

2012-11-09 06:04 - 2012-11-09 06:04 - 00001051 ____A C:UsersOwnerDocumentsMusic - Shortcut.lnk

2012-11-08 16:01 - 2012-11-08 17:45 - 00000000 ____D C:avengers

2012-11-07 16:43 - 2012-11-07 16:43 - 00000000 ____D C:UsersAll Usersdvdfab

2012-11-07 16:35 - 2012-11-08 16:07 - 00000000 ____D C:UsersOwnerDocumentsDVDFab

2012-11-07 16:34 - 2012-11-07 16:40 - 00000000 ____D C:Program Files (x86)DVDFab 8 Qt

2012-11-07 16:34 - 2012-11-07 16:36 - 00001053 ____A C:UsersOwnerDesktopDVDFab Profile Editor.lnk

2012-11-07 16:34 - 2012-11-07 16:36 - 00001016 ____A C:UsersOwnerDesktopDVDFab 8 Qt.lnk

2012-11-05 05:34 - 2012-11-05 06:02 - 00000000 ____D C:Program Files (x86)WinPalace

2012-11-05 05:34 - 2012-11-05 05:34 - 00001880 ____A C:UsersPublicDesktopWinPalace.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00001973 ____A C:UsersPublicDesktopGameCenter.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00001917 ____A C:UsersPublicDesktopGo for Files.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:UsersOwnerAppDataRoamingGoforFiles

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:UsersOwnerAppDataRoamingGameCenter

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:Program Files (x86)GoforFiles

2012-11-03 14:03 - 2012-11-03 14:03 - 00000000 ____D C:UsersOwnerAppDataRoamingTelevisionFanatic

2012-11-03 14:03 - 2012-11-03 14:03 - 00000000 ____D C:UsersOwnerAppDataRoamingDailyBibleGuide

2012-10-31 14:09 - 2012-10-31 14:09 - 00000000 ____D C:Program FilesMicrosoft Silverlight

2012-10-31 14:09 - 2012-10-31 14:09 - 00000000 ____D C:Program Files (x86)Microsoft Silverlight

2012-10-29 09:29 - 2012-11-21 07:48 - 00000000 ____D C:UsersOwnerAppDataRoamingSystweak

2012-10-29 08:10 - 2012-07-23 14:59 - 00024960 ____A (IObit) C:WindowsSystem32RegistryDefragBootTime.exe

2012-10-29 06:30 - 2012-10-29 11:19 - 00000000 ____D C:pcoptpro

2012-10-29 06:30 - 2012-10-29 07:10 - 00000000 ____D C:port_pcoptpro

2012-10-28 06:36 - 2012-11-26 17:54 - 00000412 ___AH C:WindowsTasksOptimizerPro1UpdaterTask{C5E96462-F51B-49AE-A4E4-4DF0DD2EB7F5}.job

2012-10-28 06:36 - 2012-11-26 17:54 - 00000364 ___AH C:WindowsTasksCodecUpdaterTask{1C789BAE-5B9B-4AE2-976A-D8C3F64224F2}.job

2012-10-28 06:29 - 2012-11-26 17:54 - 00000412 ___AH C:WindowsTasksOptimizerPro1UpdaterTask{FB740894-2D35-44E6-A66C-DAABC812CD88}.job

2012-10-28 06:29 - 2012-11-26 17:54 - 00000364 ___AH C:WindowsTasksCodecUpdaterTask{FC4A0F80-F5A7-4A7F-85AB-2F889D666C1A}.job

2012-10-28 06:29 - 2012-11-21 07:56 - 00000000 ____D C:Program Files (x86)Optimizer Pro

2012-10-28 06:28 - 2012-11-03 06:55 - 00000000 ____D C:UsersAll UsersVaudix

 

==================== One Month Modified Files and Folders =======

 

2012-11-27 09:18 - 2012-11-27 09:18 - 00000000 ____D C:FRST

2012-11-26 17:54 - 2012-11-14 12:30 - 00000410 ____A C:WindowsTasksSlimDrivers Startup.job

2012-11-26 17:54 - 2012-10-28 06:36 - 00000412 ___AH C:WindowsTasksOptimizerPro1UpdaterTask{C5E96462-F51B-49AE-A4E4-4DF0DD2EB7F5}.job

2012-11-26 17:54 - 2012-10-28 06:36 - 00000364 ___AH C:WindowsTasksCodecUpdaterTask{1C789BAE-5B9B-4AE2-976A-D8C3F64224F2}.job

2012-11-26 17:54 - 2012-10-28 06:29 - 00000412 ___AH C:WindowsTasksOptimizerPro1UpdaterTask{FB740894-2D35-44E6-A66C-DAABC812CD88}.job

2012-11-26 17:54 - 2012-10-28 06:29 - 00000364 ___AH C:WindowsTasksCodecUpdaterTask{FC4A0F80-F5A7-4A7F-85AB-2F889D666C1A}.job

2012-11-26 17:54 - 2012-08-03 14:43 - 00000892 ____A C:WindowsTasksGoogleUpdateTaskMachineCore.job

2012-11-26 17:54 - 2009-07-13 21:08 - 00000006 ___AH C:WindowsTasksSA.DAT

2012-11-26 17:53 - 2012-11-16 03:37 - 00003762 ____A C:Windowssetupact.log

2012-11-26 17:32 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-11-26 17:32 - 2009-07-13 20:45 - 00014144 ___AH C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-11-26 17:20 - 2009-07-13 21:13 - 00726316 ____A C:WindowsSystem32PerfStringBackup.INI

2012-11-26 17:16 - 2012-11-14 12:30 - 00015712 ____A C:WindowsSystem32DriversSWDUMon.sys

2012-11-26 16:37 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerAppDataRoamingDMCache

2012-11-25 14:13 - 2012-11-25 11:14 - 00000000 ____D C:UsersOwnerDesktopfor marks computer

2012-11-25 14:12 - 2012-08-03 14:43 - 00000896 ____A C:WindowsTasksGoogleUpdateTaskMachineUA.job

2012-11-25 14:12 - 2012-07-30 16:28 - 00000830 ____A C:WindowsTasksAdobe Flash Player Updater.job

2012-11-25 11:08 - 2012-11-25 11:08 - 00000732 ____A C:UsersOwnerDesktopfor marks computer - Shortcut.lnk

2012-11-25 08:06 - 2012-11-25 11:14 - 00011464 ____A C:UsersOwnerDesktophelp1.txt

2012-11-25 07:36 - 2012-11-25 11:14 - 00027239 ____A C:UsersOwnerDesktopcomp help

2012-11-25 07:22 - 2012-11-25 12:29 - 04732416 ____A (AVAST Software) C:UsersOwnerDesktopaswMBR.exe

2012-11-25 07:18 - 2012-11-25 11:14 - 00602112 ____A C:UsersOwnerDesktopOTL.exe

2012-11-24 18:05 - 2012-11-24 14:52 - 00001181 ____A C:UsersOwnerDesktopDesinstaller_HOSTS_Anti-PUPs.lnk

2012-11-24 18:05 - 2012-11-24 14:52 - 00000000 ____D C:Program Files (x86)Hosts_Anti_Adwares_PUPs

2012-11-24 18:02 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsVideo

2012-11-24 17:57 - 2012-07-30 09:16 - 00000000 ____D C:UsersOwner.umplayer

2012-11-24 16:32 - 2012-11-20 13:00 - 00027026 ____A C:WindowsPFRO.log

2012-11-24 14:56 - 2012-11-24 14:56 - 00001236 ____A C:AdwCleaner[s5].txt

2012-11-24 14:40 - 2012-11-24 14:40 - 00001157 ____A C:AdwCleaner[s4].txt

2012-11-24 07:08 - 2012-11-24 07:07 - 00001096 ____A C:AdwCleaner[s3].txt

2012-11-24 06:58 - 2012-11-23 17:49 - 00000000 ____D C:Program Files (x86)Xvid

2012-11-24 06:57 - 2012-11-24 06:57 - 00000000 ____D C:UsersOwner.bitrock

2012-11-24 06:57 - 2012-07-19 01:23 - 00000000 ____D C:usersOwner

2012-11-24 06:54 - 2012-11-24 06:54 - 00001550 ____A C:AdwCleaner[s2].txt

2012-11-23 18:03 - 2012-09-01 12:04 - 00000000 ____D C:UsersOwnerAppDataRoamingIDM

2012-11-23 14:53 - 2012-11-23 14:53 - 00051166 ____A C:UsersOwnerDocumentsAdwCleaner[s1]1.txt

2012-11-23 14:32 - 2012-11-23 14:31 - 00051166 ____A C:AdwCleaner[s1].txt

2012-11-23 14:27 - 2012-11-23 14:27 - 00543531 ____A C:UsersOwnerDesktopAdwCleaner.exe

2012-11-23 13:31 - 2012-08-02 19:08 - 00001779 ____A C:UsersOwnerDesktoppremier.txt

2012-11-23 06:52 - 2012-11-23 06:52 - 00009544 ____A C:UsersOwnerDesktopbridesmaids unrated.pds

2012-11-23 05:37 - 2012-11-19 11:25 - 00000000 ____D C:Program Files (x86)ARWizard3

2012-11-22 16:34 - 2012-07-30 07:28 - 00000000 ____D C:UsersOwnerDownloadsCompressed

2012-11-22 06:13 - 2012-07-29 03:52 - 00000000 ____D C:Program Files (x86)Mozilla Firefox

2012-11-22 06:08 - 2012-11-22 06:08 - 00000000 ____D C:UsersOwnerDesktopNew folder (2)

2012-11-22 06:08 - 2012-11-22 06:08 - 00000000 ____D C:UsersOwnerDesktopNew folder

2012-11-21 11:12 - 2012-11-21 11:11 - 00040013 ____A C:UsersOwnerDesktopdds.txt

2012-11-21 11:12 - 2012-11-21 11:11 - 00016134 ____A C:UsersOwnerDesktopattach.txt

2012-11-21 08:14 - 2012-09-15 05:28 - 00000000 ____D C:New folder (2)

2012-11-21 07:59 - 2012-10-15 13:09 - 00000000 ____D C:Program Files (x86)TextAloud

2012-11-21 07:57 - 2012-11-20 08:25 - 00000000 ____D C:Program Files (x86)PCPitstop

2012-11-21 07:56 - 2012-10-28 06:29 - 00000000 ____D C:Program Files (x86)Optimizer Pro

2012-11-21 07:54 - 2012-10-14 18:14 - 00000000 ____D C:Program Files (x86)IVONA

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:UsersOwnerAppDataRoamingAnvisoft

2012-11-21 07:50 - 2012-08-09 14:42 - 00000000 ____D C:Program Files (x86)Anvisoft

2012-11-21 07:49 - 2012-08-11 10:53 - 00000000 ____D C:UsersOwnerAppDataRoamingApple Computer

2012-11-21 07:48 - 2012-10-29 09:29 - 00000000 ____D C:UsersOwnerAppDataRoamingSystweak

2012-11-21 07:29 - 2012-11-21 07:29 - 02213976 ____A (Kaspersky Lab ZAO) C:UsersOwnerDesktoptdsskiller.exe

2012-11-21 07:26 - 2012-11-21 07:26 - 00688992 ____R (Swearware) C:UsersOwnerDesktopdds.EXE

2012-11-21 06:19 - 2012-11-21 06:17 - 00000000 ____D C:Program Files (x86)MeadCo Neptune

2012-11-21 06:18 - 2012-11-21 06:18 - 00169816 ____A (Microsoft Corporation) C:UsersOwnerDownloadsMeadCo_Neptune.exe

2012-11-21 06:16 - 2012-09-02 06:28 - 00000000 ____D C:Program Files (x86)Internet Download Manager

2012-11-21 05:17 - 2012-11-20 14:22 - 00415934 ____A C:WindowsSystem32Driversvsconfig.xml

2012-11-20 14:16 - 2012-11-20 14:16 - 00000762 ____A C:UsersPublicDesktopZoneAlarm Security.lnk

2012-11-20 14:16 - 2012-11-20 14:16 - 00000000 ____D C:UsersOwnerDocumentsForceField Shared Files

2012-11-20 14:16 - 2012-11-20 13:46 - 00000000 ____D C:Program Files (x86)CheckPoint

2012-11-20 14:15 - 2012-11-20 14:15 - 00000000 ____D C:UsersOwnerAppDataRoamingCheckPoint

2012-11-20 14:14 - 2012-11-20 14:14 - 00000000 ____D C:Program FilesCheckPoint

2012-11-20 13:46 - 2012-11-20 13:46 - 00000000 ____D C:UsersAll UsersCheckPoint

2012-11-20 10:43 - 2011-02-20 21:12 - 01487181 ____A C:WindowsWindowsUpdate.log

2012-11-20 10:34 - 2012-08-03 15:02 - 00000000 ____D C:UsersOwnerAppDataLocalSpotify

2012-11-20 10:34 - 2012-08-03 14:53 - 00000000 ____D C:UsersOwnerAppDataRoamingSpotify

2012-11-20 10:34 - 2012-07-29 04:08 - 00000000 ____D C:UsersOwnerAppDataRoaminguTorrent

2012-11-20 10:23 - 2012-11-20 10:23 - 00000000 ____D C:UsersOwnerAppDataRoamingMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00001109 ____A C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:UsersAll UsersMalwarebytes

2012-11-20 10:22 - 2012-11-20 10:22 - 00000000 ____D C:Program Files (x86)Malwarebytes' Anti-Malware

2012-11-20 08:27 - 2012-11-20 08:27 - 00000000 ____D C:UsersAll UsersPCPitstop

2012-11-20 03:53 - 2012-11-20 03:53 - 00000000 ____D C:UsersOwnerAppDataRoamingConverterLite

2012-11-20 03:53 - 2012-10-21 17:31 - 00001947 ____A C:UsersPublicDesktopConverterLite.lnk

2012-11-20 03:36 - 2012-11-20 03:36 - 00000000 ____D C:UsersOwnerDocumentsMy Video

2012-11-19 19:27 - 2012-11-19 19:27 - 00010486 ____A C:UsersOwnerDesktopkill bill.pds

2012-11-19 17:03 - 2012-11-19 17:03 - 00000000 ____D C:UsersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-19 16:15 - 2012-07-30 10:38 - 00014336 __ASH C:UsersOwnerThumbs.db

2012-11-19 12:16 - 2012-11-19 12:16 - 00181636 ____A C:UsersOwnerDesktopdisk music.pds

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersUpdatusUserDesktopARWizard3.lnk

2012-11-19 11:25 - 2012-11-19 11:25 - 00001019 ____A C:UsersOwnerDesktopARWizard3.lnk

2012-11-19 08:58 - 2012-08-02 19:07 - 00002902 ____A C:UsersOwnerDesktopkt work 608-264-9826 Your IP 71.90.87.244.odt

2012-11-18 14:50 - 2011-02-20 21:42 - 00000000 ____D C:UsersAll UsersAdobe

2012-11-18 14:46 - 2012-07-30 16:28 - 00697272 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe

2012-11-18 14:46 - 2012-07-30 16:28 - 00073656 ____A (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl

2012-11-18 09:55 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache

2012-11-17 18:29 - 2012-11-17 18:29 - 00157793 ____A C:UsersOwnerDesktopbeer.pds

2012-11-17 13:38 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwner.gimp-2.8

2012-11-17 13:28 - 2012-08-07 13:33 - 00000000 ____D C:UsersOwnerAppDataRoamingCyberLink

2012-11-17 13:25 - 2012-11-17 13:25 - 00001374 ____A C:UsersOwnerAppDataLocalrecently-used.xbel

2012-11-17 13:22 - 2012-11-17 13:22 - 00000000 ____D C:UsersOwner.thumbnails

2012-11-17 13:20 - 2012-11-17 13:20 - 00000000 ____D C:UsersOwnerAppDataLocalgegl-0.2

2012-11-17 13:19 - 2012-11-17 13:18 - 00000000 ____D C:Program FilesGIMP 2

2012-11-17 12:01 - 2012-11-17 12:01 - 01555254 ____A C:UsersOwnerDocumentsSnapshot.bmp

2012-11-17 11:41 - 2012-11-17 11:20 - 3152334848 ____A C:UsersOwnerDesktopBottoms Up.mpg

2012-11-17 10:47 - 2012-11-17 10:47 - 00054406 ____A C:UsersOwnerDesktopbottom.pds

2012-11-16 16:52 - 2012-11-16 15:54 - 1609062400 ____A C:UsersOwnerDocumentsbottoms up.mpg

2012-11-16 15:50 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerDocumentsYoucam

2012-11-16 07:40 - 2012-07-30 09:17 - 00000000 ____D C:UsersOwnerAppDataLocalMPlayer

2012-11-16 03:39 - 2012-07-19 01:29 - 00076920 ____A C:UsersOwnerAppDataLocalGDIPFONTCACHEV1.DAT

2012-11-16 03:37 - 2012-11-16 03:37 - 00000000 ____A C:Windowssetuperr.log

2012-11-16 03:37 - 2009-07-13 20:45 - 00305776 ____A C:WindowsSystem32FNTCACHE.DAT

2012-11-15 18:38 - 2009-07-13 19:20 - 00000000 ____D C:WindowsPolicyDefinitions

2012-11-15 18:15 - 2012-11-15 18:15 - 00001845 ____A C:UsersPublicDesktopQuickTime Player.lnk

2012-11-15 18:15 - 2012-11-15 18:15 - 00000000 ____D C:Program Files (x86)QuickTime

2012-11-15 18:15 - 2012-08-07 15:26 - 00000000 ____D C:UsersAll UsersApple Computer

2012-11-15 06:14 - 2012-11-15 06:14 - 44687360 ____A C:WindowsSystem32configCOMPONENTS.iobit

2012-11-15 04:25 - 2012-07-25 04:45 - 66395536 ____A (Microsoft Corporation) C:WindowsSystem32MRT.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 05773824 ____A (Microsoft Corporation) C:WindowsSystem32mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 04916224 ____A (Microsoft Corporation) C:WindowsSysWOW64mstscax.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 03174912 ____A (Microsoft Corporation) C:WindowsSystem32rdpcorets.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 01123840 ____A (Microsoft Corporation) C:WindowsSystem32mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 01048064 ____A (Microsoft Corporation) C:WindowsSysWOW64mstsc.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00384000 ____A (Microsoft Corporation) C:WindowsSystem32wksprt.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00322560 ____A (Microsoft Corporation) C:WindowsSystem32aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00269312 ____A (Microsoft Corporation) C:WindowsSysWOW64aaclient.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00243200 ____A (Microsoft Corporation) C:WindowsSystem32rdpudd.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00228864 ____A (Microsoft Corporation) C:WindowsSystem32rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00192000 ____A (Microsoft Corporation) C:WindowsSysWOW64rdpendp_winip.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00062976 ____A (Microsoft Corporation) C:WindowsSystem32TSWbPrxy.exe

2012-11-14 17:51 - 2012-11-14 17:51 - 00057856 ____A (Microsoft Corporation) C:WindowsSystem32DriversTsUsbFlt.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00054272 ____A (Microsoft Corporation) C:WindowsSystem32MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00046592 ____A (Microsoft Corporation) C:WindowsSysWOW64MsRdpWebAccess.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00044032 ____A (Microsoft Corporation) C:WindowsSystem32tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00043520 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbGDCoInstaller.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00037376 ____A (Microsoft Corporation) C:WindowsSysWOW64tsgqec.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00019456 ____A (Microsoft Corporation) C:WindowsSystem32Driversrdpvideominiport.sys

2012-11-14 17:51 - 2012-11-14 17:51 - 00018432 ____A (Microsoft Corporation) C:WindowsSystem32wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00016896 ____A (Microsoft Corporation) C:WindowsSysWOW64wksprtPS.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00015360 ____A (Microsoft Corporation) C:WindowsSystem32RdpGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyExtension.dll

2012-11-14 17:51 - 2012-11-14 17:51 - 00013312 ____A (Microsoft Corporation) C:WindowsSystem32TsUsbRedirectionGroupPolicyControl.exe

2012-11-14 17:50 - 2012-11-14 17:50 - 01448448 ____A (Microsoft Corporation) C:WindowsSystem32lsasrv.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00458712 ____A (Microsoft Corporation) C:WindowsSystem32Driverscng.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00340992 ____A (Microsoft Corporation) C:WindowsSystem32schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00307200 ____A (Microsoft Corporation) C:WindowsSystem32ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00247808 ____A (Microsoft Corporation) C:WindowsSysWOW64schannel.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00220160 ____A (Microsoft Corporation) C:WindowsSysWOW64ncrypt.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00154480 ____A (Microsoft Corporation) C:WindowsSystem32Driversksecpkg.sys

2012-11-14 17:50 - 2012-11-14 17:50 - 00096768 ____A (Microsoft Corporation) C:WindowsSysWOW64sspicli.dll

2012-11-14 17:50 - 2012-11-14 17:50 - 00022016 ____A (Microsoft Corporation) C:WindowsSysWOW64secur32.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00514560 ____A (Microsoft Corporation) C:WindowsSysWOW64qdvd.dll

2012-11-14 17:49 - 2012-11-14 17:49 - 00366592 ____A (Microsoft Corporation) C:WindowsSystem32qdvd.dll

2012-11-14 17:45 - 2012-11-14 17:45 - 65363968 ____A C:WindowsSystem32configSOFTWARE.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 19095552 ____A C:WindowsSystem32configSYSTEM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00311296 ____A C:WindowsSystem32configDEFAULT.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00061440 ____A C:WindowsSystem32configSAM.iobit

2012-11-14 17:45 - 2012-11-14 17:45 - 00028672 ____A C:WindowsSystem32configSECURITY.iobit

2012-11-14 12:32 - 2012-11-14 12:32 - 00030568 ____A (AVG Technologies) C:WindowsSystem32Driversavgtpx64.sys

2012-11-14 12:30 - 2012-11-14 12:30 - 00000000 ____D C:UsersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 12:29 - 2012-11-14 12:29 - 00002467 ____A C:UsersPublicDesktopSlimDrivers.lnk

2012-11-14 12:29 - 2012-11-14 12:29 - 00000000 ____D C:UsersPublicDocumentsDownloaded Installers

2012-11-14 11:45 - 2012-08-02 19:08 - 00000541 ____A C:UsersOwnerDesktopphone.txt

2012-11-14 08:27 - 2012-11-14 08:21 - 00000359 ____A C:UsersOwnerDesktopwisconbeer.txt

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:UsersOwnerAppDataLocalMindDabble_4p

2012-11-12 13:06 - 2012-11-12 13:06 - 00000000 ____D C:Program Files (x86)MindDabble_4p

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:UsersOwnerAppDataLocalAPlusGamer_63

2012-11-12 11:26 - 2012-11-12 11:26 - 00000000 ____D C:Program Files (x86)APlusGamer_63

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersUpdatusUserDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000988 ____A C:UsersOwnerDesktopBrain Train Age.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersUpdatusUserDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000956 ____A C:UsersOwnerDesktopUpdate.lnk

2012-11-12 11:05 - 2012-11-12 11:05 - 00000000 ____D C:Program Files (x86)BrainTrainAge

2012-11-12 10:34 - 2012-11-12 10:33 - 74027949 ____A (The Code::Blocks Team) C:UsersOwnerDesktopcodeblocks-10.05mingw-setup.exe

2012-11-11 18:06 - 2012-09-23 15:34 - 00000000 ____D C:UsersOwnerDesktoptgwi

2012-11-10 17:15 - 2012-11-10 15:48 - 00005978 ____A C:UsersOwnerDesktopcatholicism.txt

2012-11-10 12:31 - 2012-09-21 05:05 - 00000000 ____D C:UsersAll Usersgoodsearchtb

2012-11-09 14:07 - 2012-11-09 14:07 - 00000817 ____A C:UsersPublicDesktopPlay Pirate101.lnk

2012-11-09 14:07 - 2012-11-09 14:07 - 00000000 ____D C:UsersAll UsersKingsIsle Entertainment

2012-11-09 14:07 - 2011-02-20 21:08 - 00000000 ___HD C:Program Files (x86)InstallShield Installation Information

2012-11-09 06:49 - 2012-11-09 06:28 - 00000000 ____D C:UsersPublicDocumentsCyberLink

2012-11-09 06:49 - 2012-11-09 06:27 - 00000000 ____D C:UsersAll UsersPDVD

2012-11-09 06:49 - 2011-02-20 21:24 - 00000000 ____D C:UsersAll UsersCyberLink

2012-11-09 06:40 - 2012-08-07 13:34 - 00000000 ____D C:UsersOwnerDocumentsCyberLink

2012-11-09 06:28 - 2012-11-09 06:28 - 00000000 ____D C:UsersOwnerAppDataLocalMediaServer

2012-11-09 06:28 - 2012-11-09 06:28 - 00000000 ____D C:MediaServer

2012-11-09 06:27 - 2012-11-09 06:27 - 00002188 ____A C:UsersPublicDesktopCyberLink PowerDVD 12.lnk

2012-11-09 06:27 - 2012-08-07 13:35 - 00000000 ____D C:UsersOwnerAppDataLocalCyberLink

2012-11-09 06:27 - 2012-08-07 13:34 - 00000000 ____D C:UsersPublicCyberLink

2012-11-09 06:25 - 2011-02-20 21:24 - 00000000 ____D C:Program Files (x86)CyberLink

2012-11-09 06:23 - 2012-11-09 06:23 - 00000000 ____D C:UsersAll Usersinstall_clap

2012-11-09 06:04 - 2012-11-09 06:04 - 00001051 ____A C:UsersOwnerDocumentsMusic - Shortcut.lnk

2012-11-08 17:45 - 2012-11-08 16:01 - 00000000 ____D C:avengers

2012-11-08 16:07 - 2012-11-07 16:35 - 00000000 ____D C:UsersOwnerDocumentsDVDFab

2012-11-08 12:18 - 2012-07-30 09:43 - 00000000 ____D C:UsersOwnerAppDataLocalCrashDumps

2012-11-08 09:13 - 2012-08-01 14:54 - 00000000 ____D C:UsersOwnerDesktopGolden Touch Craps

2012-11-07 16:43 - 2012-11-07 16:43 - 00000000 ____D C:UsersAll Usersdvdfab

2012-11-07 16:40 - 2012-11-07 16:34 - 00000000 ____D C:Program Files (x86)DVDFab 8 Qt

2012-11-07 16:36 - 2012-11-07 16:34 - 00001053 ____A C:UsersOwnerDesktopDVDFab Profile Editor.lnk

2012-11-07 16:36 - 2012-11-07 16:34 - 00001016 ____A C:UsersOwnerDesktopDVDFab 8 Qt.lnk

2012-11-07 14:08 - 2012-10-20 18:41 - 00000000 ____D C:UsersOwnerAppDataRoamingvlc

2012-11-07 12:04 - 2012-08-03 14:43 - 00000000 ____A C:WindowsSysWOW64config.nt

2012-11-05 06:02 - 2012-11-05 05:34 - 00000000 ____D C:Program Files (x86)WinPalace

2012-11-05 05:34 - 2012-11-05 05:34 - 00001880 ____A C:UsersPublicDesktopWinPalace.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00001973 ____A C:UsersPublicDesktopGameCenter.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00001917 ____A C:UsersPublicDesktopGo for Files.lnk

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:UsersOwnerAppDataRoamingGoforFiles

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:UsersOwnerAppDataRoamingGameCenter

2012-11-04 16:49 - 2012-11-04 16:49 - 00000000 ____D C:Program Files (x86)GoforFiles

2012-11-03 14:03 - 2012-11-03 14:03 - 00000000 ____D C:UsersOwnerAppDataRoamingTelevisionFanatic

2012-11-03 14:03 - 2012-11-03 14:03 - 00000000 ____D C:UsersOwnerAppDataRoamingDailyBibleGuide

2012-11-03 13:09 - 2012-07-19 01:23 - 00000000 ____D C:UsersOwnerAppDataLocalVirtualStore

2012-11-03 08:43 - 2009-07-13 21:08 - 00032544 ____A C:WindowsTasksSCHEDLGU.TXT

2012-11-03 06:55 - 2012-10-28 06:28 - 00000000 ____D C:UsersAll UsersVaudix

2012-10-31 14:09 - 2012-10-31 14:09 - 00000000 ____D C:Program FilesMicrosoft Silverlight

2012-10-31 14:09 - 2012-10-31 14:09 - 00000000 ____D C:Program Files (x86)Microsoft Silverlight

2012-10-30 15:51 - 2012-08-03 14:43 - 00984144 ____A (AVAST Software) C:WindowsSystem32DriversaswSnx.sys

2012-10-30 15:51 - 2012-08-03 14:43 - 00370288 ____A (AVAST Software) C:WindowsSystem32DriversaswSP.sys

2012-10-30 15:51 - 2012-08-03 14:43 - 00071600 ____A (AVAST Software) C:WindowsSystem32DriversaswMonFlt.sys

2012-10-30 15:51 - 2012-08-03 14:43 - 00059728 ____A (AVAST Software) C:WindowsSystem32DriversaswTdi.sys

2012-10-30 15:51 - 2012-08-03 14:43 - 00025232 ____A (AVAST Software) C:WindowsSystem32DriversaswFsBlk.sys

2012-10-30 15:51 - 2012-08-03 14:42 - 00041224 ____A (AVAST Software) C:WindowsavastSS.scr

2012-10-30 15:50 - 2012-08-03 14:43 - 00285328 ____A (AVAST Software) C:WindowsSystem32aswBoot.exe

2012-10-30 15:50 - 2012-08-03 14:42 - 00227648 ____A (AVAST Software) C:WindowsSysWOW64aswBoot.exe

2012-10-30 04:02 - 2012-09-14 11:36 - 00000000 ____D C:UsersAll UsersSpeedyPC Software

2012-10-29 11:19 - 2012-10-29 06:30 - 00000000 ____D C:pcoptpro

2012-10-29 09:40 - 2012-08-09 14:25 - 00000000 ____D C:UsersAll UsersIObit

2012-10-29 09:40 - 2012-08-09 14:18 - 00000000 ____D C:UsersOwnerAppDataRoamingIObit

2012-10-29 09:40 - 2012-08-09 14:18 - 00000000 ____D C:Program Files (x86)IObit

2012-10-29 07:10 - 2012-10-29 06:30 - 00000000 ____D C:port_pcoptpro

 

==================== Known DLLs (Whitelisted) =================

 

 

==================== Bamital & volsnap Check =================

 

C:WindowsSystem32winlogon.exe => MD5 is legit

C:WindowsSystem32wininit.exe => MD5 is legit

C:WindowsSysWOW64wininit.exe => MD5 is legit

C:Windowsexplorer.exe => MD5 is legit

C:WindowsSysWOW64explorer.exe => MD5 is legit

C:WindowsSystem32svchost.exe => MD5 is legit

C:WindowsSysWOW64svchost.exe => MD5 is legit

C:WindowsSystem32services.exe => MD5 is legit

C:WindowsSystem32User32.dll => MD5 is legit

C:WindowsSysWOW64User32.dll => MD5 is legit

C:WindowsSystem32userinit.exe => MD5 is legit

C:WindowsSysWOW64userinit.exe => MD5 is legit

C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

 

==================== EXE ASSOCIATION =====================

 

HKLM....exe: exefile => OK

HKLM...exefileDefaultIcon: %1 => OK

HKLM...exefileopencommand: "%1" %* => OK

 

==================== Restore Points =========================

 

 

==================== Memory info ===========================

 

Percentage of memory in use: 11%

Total physical RAM: 6055.2 MB

Available physical RAM: 5358.42 MB

Total Pagefile: 6053.34 MB

Available Pagefile: 5353.56 MB

Total Virtual: 8192 MB

Available Virtual: 8191.9 MB

 

==================== Partitions =============================

 

1 Drive c: () (Fixed) (Total:586.07 GB) (Free:83.1 GB) NTFS

2 Drive e: (zookeeper) (CDROM) (Total:2.84 GB) (Free:0 GB) UDF

3 Drive f: (USB20FD) (Removable) (Total:7.59 GB) (Free:7.58 GB) FAT32

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 0 B

Disk 1 Online 7788 MB 0 B

 

Partitions of Disk 0:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 586 GB 101 MB

Partition 3 OEM 9 GB 586 GB

 

==================================================================================

 

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

 

=========================================================

 

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 586 GB Healthy

 

=========================================================

 

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 RECOVERY NTFS Partition 9 GB Healthy Hidden

 

=========================================================

 

Partitions of Disk 1:

===============

 

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 7782 MB 5820 KB

 

==================================================================================

 

Disk: 1

Partition 1

Type : 0C

Hidden: No

Active: Yes

 

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F USB20FD FAT32 Removable 7782 MB Healthy

 

=========================================================

 

Last Boot: 2012-11-14 22:23

 

==================== End Of Log =============================

 

Thank You for all of your hard work

Share this post


Link to post
Share on other sites

Hello goofy1139

 

There is nothing obvious jumping out from that log.

 

Lets take care of what we can see and then do some more digging:

 

 

Please make sure that you only have one real time antivirus and one firewall running on the machine at any one time. I can see evidence of both Avast and kaspersky on your machine.

 

  • IOBIT Products

    • We note you may be using one or more products from IOBit.
    • IOBit has been accused by Malwarebytes of illegally using their intellectual property without permission.
    • Please see this for additional information on these allegations: http://www.malwareby...howtopic=29681.
    • A thread in the IOBit’s forum responded to the accusations from MalwareBytes. It is noteworthy that several responses from users raising specific questions about IOBit’s response and finding it unsatisfactory were deleted and the thread was closed. The bottom line from IOBit was: “No hard proof shows that IObit stole the database of Malwarebytes.”
    • From what is said above, at least until the issues of possible database theft and spyware packaging is resolved, we do not recommend the use of IOBit products.
  • P2P Programs:

    • P2P programs are a major source of Malware infections.
    • From your log I see you have uTorrent. We do not pass judgment on file-sharing, however we must inform you that engaging in this activity and having this kind of software installed on your system will always make you more susceptible to Malware infections.
    • The use of P2P programs may be contributing to your current situation, and you would certainly be doing yourself a favour by removing them.
    • If you wish to keep the program(s), please do not use them until your computer is cleaned.
    • Information regarding the risk of using these programs can be found from here and here.
    • It is strongly recommend that you uninstall any P2P programs you have on your system.
    • To do this, Click on the "Windows Orb" (bottom left hand corner of your screen), then on "Conrol Panel" and then on the "Programs and Features" tab.
    • A list of currently installed programs will be displayed.
    • Find the "uTorrent" program, click on it once and then click on the "Uninstall" button.
    • If you are prompted to re-boot your computer to complete the uninstall please do so.

       

       

      PLEASE NOTE:

    • Even if you are using a P2P program that is deemed safe, it is only the program that is safe. Any files that you receive using a "safe" P2P program may be infected with Malware. The malware writers use P2P file-sharing as a major conduit to spread infected files.
  • Please download SystemLook by JPShortstuff

    • Please download SystemLook by JPShortstuff by clicking here and save it to your desktop.
    • Right click on SystemLook.exe and select "Run as Administrator" to run the program.
    • Copy the content of the following codebox into the main textfield:
    :regfind
    babylon
    
    :filefind
    *babylon*
    
    :folderfind
    *babylon*
    
    

    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    • Note: The log can also be found on your Desktop entitled SystemLook.txt
    The following tool may present you with the option of curing what has been detected. At this time, please DO NOT allow anything to be cleaned until I have reviewed the log produced.
  • TDSS Killer

    • Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and Right click on TDSSKiller.exe and select "Run as Administrator" to run the application.
    • When the window opens, click on Change Parameters.
    • Under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”.
    • Click on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on SKIP.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    Please post the Systemlook log and the TDSSKiller log in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom

 

Here are the lists. I had to run the programs in safemode

 

 

SystemLook 30.07.11 by jpshortstuff

Log created at 13:30 on 28/11/2012 by Owner

Administrator - Elevation successful

 

========== regfind ==========

 

Searching for "babylon"

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"Host"="dl.babylon.com"

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"Referer"="http://www.babylon.com/claro-search/uninstallthankyou.html?instlRef="

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"Cookie"="visitorID=1346106226-1994354445; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd%3A3367882274%5D%5Bpl%3A1%5D%5Bdw%3A1%5D; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; lang=en; __utmb=159448622.1.10.1348755377; __utmc=159448622"

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"owWPage"="http://www.babylon.com/claro-search/uninstallthankyou.html?instlRef="

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"owWPCookies"="visitorID=1346106226-1994354445; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainSession=TransactionId=aaf1d9886b2b443c828ae2b57d9ccd01&SessionId=04dee976c48d4a2fb6cfe2b57d9ccd01&PrevActionId=2f2fae920d944186b0c9e2b57d9ccd01&ActionId=d0d45a799501434e93a4e2b57d9ccd01&CookieDomain=.babylon.com; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmb=159448622.1.10.1348755377; __utmc=159448622; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mindsparktb_100000422=true; mindsparktbsupport_100000422=true; lang=en; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd%3A3367882274%5D%5Bpl%3A1%5D%5Bdw%3A1%5

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"Url0"="http://www.babylon.com/redirects/download.cgi?type=7380&affID=115770"

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"U0_c"="visitorID=1346106226-1994354445; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainSession=TransactionId=aaf1d9886b2b443c828ae2b57d9ccd01&SessionId=04dee976c48d4a2fb6cfe2b57d9ccd01&PrevActionId=2f2fae920d944186b0c9e2b57d9ccd01&ActionId=d0d45a799501434e93a4e2b57d9ccd01&CookieDomain=.babylon.com; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmb=159448622.1.10.1348755377; __utmc=159448622; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mindsparktb_100000422=true; mindsparktbsupport_100000422=true; lang=en; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd%3A3367882274%5D%5Bpl%3A1%5D%5Bdw%3A1%5D"

[HKEY_CURRENT_USERSoftwareDownloadManager133]

"lastResult"="The requested server name is valid, but it does not have the correct associated data being resolved for (The host itself exists, but is not directly reachable).

 

Find below possible reasons for this error:

 

1. The Internet Connection not found. Please check your Internet Connection.

 

2. You have a firewall application on your computer, and you have just installed, replaced or updated your current version of Internet Download Manager. Please check your firewall settings and ensure that IDM has permits to access the Internet.

 

3. A service that finds servers in the Internet called Domain Name Service (DNS) has temporary problems, or the network connection between DNS and your computer gets broken. It's possible that you need to reboot your computer.

 

 

Details:

Cannot find server dl.babylon.com"

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragebabylon.com]

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"Host"="dl.babylon.com"

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"Referer"="http://www.babylon.com/claro-search/uninstallthankyou.html?instlRef="

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"Cookie"="visitorID=1346106226-1994354445; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd%3A3367882274%5D%5Bpl%3A1%5D%5Bdw%3A1%5D; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; lang=en; __utmb=159448622.1.10.1348755377; __utmc=159448622"

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"owWPage"="http://www.babylon.com/claro-search/uninstallthankyou.html?instlRef="

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"owWPCookies"="visitorID=1346106226-1994354445; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainSession=TransactionId=aaf1d9886b2b443c828ae2b57d9ccd01&SessionId=04dee976c48d4a2fb6cfe2b57d9ccd01&PrevActionId=2f2fae920d944186b0c9e2b57d9ccd01&ActionId=d0d45a799501434e93a4e2b57d9ccd01&CookieDomain=.babylon.com; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmb=159448622.1.10.1348755377; __utmc=159448622; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mindsparktb_100000422=true; mindsparktbsupport_100000422=true; lang=en; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"Url0"="http://www.babylon.com/redirects/download.cgi?type=7380&affID=115770"

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"U0_c"="visitorID=1346106226-1994354445; mntrID=b25a377f00000000000064d4da1d0f92; bsearchCntry=US; __gads=ID=8158578075f4278e:T=1346106228:S=ALNI_MbNSuvwmdOfja313XGRa3rjMEH-9g; DomainSession=TransactionId=aaf1d9886b2b443c828ae2b57d9ccd01&SessionId=04dee976c48d4a2fb6cfe2b57d9ccd01&PrevActionId=2f2fae920d944186b0c9e2b57d9ccd01&ActionId=d0d45a799501434e93a4e2b57d9ccd01&CookieDomain=.babylon.com; DomainUserProfile=AnonymousId=903131c6cf2f4899be8aedb80f93cd01&LastSeenDateTime=9/27/2012 12:53:09 PM&IssueDateTime=9/15/2012 11:30:46 PM&CookieDomain=.babylon.com; PHPSESSID=bk0mahdbhjnurlpgeag3qd3b90; __utma=159448622.1110663359.1348755377.1348755377.1348755377.1; __utmb=159448622.1.10.1348755377; __utmc=159448622; __utmz=159448622.1348755377.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mindsparktb_100000422=true; mindsparktbsupport_100000422=true; lang=en; affilID=113931; trkInfo=%5BTType%3A201208_mnt_n_3512_3%5D%5Bpd%3A3367

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareDownloadManager133]

"lastResult"="The requested server name is valid, but it does not have the correct associated data being resolved for (The host itself exists, but is not directly reachable).

 

Find below possible reasons for this error:

 

1. The Internet Connection not found. Please check your Internet Connection.

 

2. You have a firewall application on your computer, and you have just installed, replaced or updated your current version of Internet Download Manager. Please check your firewall settings and ensure that IDM has permits to access the Internet.

 

3. A service that finds servers in the Internet called Domain Name Service (DNS) has temporary problems, or the network connection between DNS and your computer gets broken. It's possible that you need to reboot your computer.

 

 

Details:

Cannot find server dl.babylon.com"

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001SoftwareMicrosoftInternet ExplorerLowRegistryDOMStoragebabylon.com]

 

========== filefind ==========

 

Searching for "*babylon*"

C:UsersOwnerAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5HF12P1DSisearch.babylon[1].com --a---- 94 bytes [20:09 21/11/2012] [20:09 21/11/2012] 858938DC76C059234B5A17E1CE98DBA8

C:UsersOwnerAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5X02RT5VKisearch_babylon_com[1].htm --a---- 12487 bytes [20:09 21/11/2012] [20:09 21/11/2012] E75C3A704176F6D2862659E61AF527B7

C:UsersOwnerAppDataLocalMicrosoftWindowsTemporary Internet FilesLowContent.IE5XGEO3XY1babylon_small[1].jpg --a---- 1660 bytes [20:09 21/11/2012] [20:09 21/11/2012] C95B90725A6D1C67CD44679D6C07BFEC

C:UsersOwnerAppDataLocalLowMicrosoftInternet ExplorerDOMStoreA439TVVNsearch.babylon[1].xml --a---- 26784 bytes [22:10 01/10/2012] [23:46 26/10/2012] 06880315D735193936D0916E16295FEA

 

========== folderfind ==========

 

Searching for "*babylon*"

C:ProgramDataWildTangentGame Console - WildGamesUIhtdocs2Commonproductbabylonia d------ [05:44 21/02/2011]

C:UsersAll UsersWildTangentGame Console - WildGamesUIhtdocs2Commonproductbabylonia d------ [05:44 21/02/2011]

 

-= EOF =-

 

 

TDSSKiller

 

 

13:40:51.0247 1756 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

13:40:51.0247 1756 ============================================================

13:40:51.0247 1756 Current date / time: 2012/11/28 13:40:51.0247

13:40:51.0247 1756 SystemInfo:

13:40:51.0247 1756

13:40:51.0247 1756 OS Version: 6.1.7601 ServicePack: 1.0

13:40:51.0247 1756 Product type: Workstation

13:40:51.0247 1756 ComputerName: OWNER-PC

13:40:51.0247 1756 UserName: Owner

13:40:51.0247 1756 Windows directory: C:Windows

13:40:51.0247 1756 System windows directory: C:Windows

13:40:51.0247 1756 Running under WOW64

13:40:51.0247 1756 Processor architecture: Intel x64

13:40:51.0247 1756 Number of processors: 4

13:40:51.0247 1756 Page size: 0x1000

13:40:51.0247 1756 Boot type: Safe boot

13:40:51.0247 1756 ============================================================

13:40:51.0902 1756 Drive DeviceHarddisk0DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:40:51.0902 1756 Drive DeviceHarddisk1DR2 - Size: 0x1E6C60000 (7.61 Gb), SectorSize: 0x200, Cylinders: 0x3E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

13:40:51.0902 1756 ============================================================

13:40:51.0902 1756 DeviceHarddisk0DR0:

13:40:51.0902 1756 MBR partitions:

13:40:51.0902 1756 DeviceHarddisk0DR0Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

13:40:51.0902 1756 DeviceHarddisk0DR0Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x49425800

13:40:51.0902 1756 DeviceHarddisk1DR2:

13:40:51.0902 1756 MBR partitions:

13:40:51.0902 1756 DeviceHarddisk1DR2Partition1: MBR, Type 0xC, StartLBA 0x2D78, BlocksNum 0xF33588

13:40:51.0902 1756 ============================================================

13:40:51.0933 1756 C: <-> DeviceHarddisk0DR0Partition2

13:40:51.0933 1756 ============================================================

13:40:51.0933 1756 Initialize success

13:40:51.0933 1756 ============================================================

13:41:27.0486 1784 ============================================================

13:41:27.0486 1784 Scan started

13:41:27.0486 1784 Mode: Manual; TDLFS;

13:41:27.0486 1784 ============================================================

13:41:27.0642 1784 ================ Scan system memory ========================

13:41:27.0642 1784 System memory - ok

13:41:27.0642 1784 ================ Scan services =============================

13:41:27.0767 1784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:Windowssystem32drivers1394ohci.sys

13:41:27.0782 1784 1394ohci - ok

13:41:27.0798 1784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:Windowssystem32driversACPI.sys

13:41:27.0798 1784 ACPI - ok

13:41:27.0829 1784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:Windowssystem32driversacpipmi.sys

13:41:27.0829 1784 AcpiPmi - ok

13:41:27.0923 1784 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

13:41:27.0923 1784 AdobeARMservice - ok

13:41:28.0016 1784 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe

13:41:28.0016 1784 AdobeFlashPlayerUpdateSvc - ok

13:41:28.0047 1784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:Windowssystem32DRIVERSadp94xx.sys

13:41:28.0063 1784 adp94xx - ok

13:41:28.0079 1784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:Windowssystem32DRIVERSadpahci.sys

13:41:28.0079 1784 adpahci - ok

13:41:28.0110 1784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:Windowssystem32DRIVERSadpu320.sys

13:41:28.0110 1784 adpu320 - ok

13:41:28.0125 1784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:WindowsSystem32aelupsvc.dll

13:41:28.0141 1784 AeLookupSvc - ok

13:41:28.0172 1784 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:Windowssystem32driversafd.sys

13:41:28.0172 1784 AFD - ok

13:41:28.0203 1784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:Windowssystem32driversagp440.sys

13:41:28.0203 1784 agp440 - ok

13:41:28.0235 1784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:WindowsSystem32alg.exe

13:41:28.0235 1784 ALG - ok

13:41:28.0250 1784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:Windowssystem32driversaliide.sys

13:41:28.0250 1784 aliide - ok

13:41:28.0266 1784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:Windowssystem32driversamdide.sys

13:41:28.0266 1784 amdide - ok

13:41:28.0297 1784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:Windowssystem32DRIVERSamdk8.sys

13:41:28.0313 1784 AmdK8 - ok

13:41:28.0313 1784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:Windowssystem32DRIVERSamdppm.sys

13:41:28.0313 1784 AmdPPM - ok

13:41:28.0344 1784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:Windowssystem32driversamdsata.sys

13:41:28.0344 1784 amdsata - ok

13:41:28.0375 1784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:Windowssystem32DRIVERSamdsbs.sys

13:41:28.0375 1784 amdsbs - ok

13:41:28.0391 1784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:Windowssystem32driversamdxata.sys

13:41:28.0391 1784 amdxata - ok

13:41:28.0422 1784 [ B5C0F65D6657C6ADD9ED75EC7583390B ] AnyDVD C:Windowssystem32DriversAnyDVD.sys

13:41:28.0422 1784 AnyDVD - ok

13:41:28.0453 1784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:Windowssystem32driversappid.sys

13:41:28.0453 1784 AppID - ok

13:41:28.0484 1784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:WindowsSystem32appidsvc.dll

13:41:28.0484 1784 AppIDSvc - ok

13:41:28.0500 1784 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:WindowsSystem32appinfo.dll

13:41:28.0500 1784 Appinfo - ok

13:41:28.0531 1784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:Windowssystem32DRIVERSarc.sys

13:41:28.0547 1784 arc - ok

13:41:28.0562 1784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:Windowssystem32DRIVERSarcsas.sys

13:41:28.0562 1784 arcsas - ok

13:41:28.0578 1784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:Windowssystem32DRIVERSasyncmac.sys

13:41:28.0593 1784 AsyncMac - ok

13:41:28.0609 1784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:Windowssystem32driversatapi.sys

13:41:28.0609 1784 atapi - ok

13:41:28.0656 1784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:WindowsSystem32Audiosrv.dll

13:41:28.0671 1784 AudioEndpointBuilder - ok

13:41:28.0703 1784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:WindowsSystem32Audiosrv.dll

13:41:28.0703 1784 AudioSrv - ok

13:41:28.0734 1784 [ 3016E1ABE80000A260FF690A0375823D ] AVerPola C:Windowssystem32DRIVERSAVerPola.sys

13:41:28.0749 1784 AVerPola - ok

13:41:28.0765 1784 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:Windowssystem32driversavgtpx64.sys

13:41:28.0765 1784 avgtp - ok

13:41:28.0796 1784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:WindowsSystem32AxInstSV.dll

13:41:28.0796 1784 AxInstSV - ok

13:41:28.0843 1784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:Windowssystem32DRIVERSbxvbda.sys

13:41:28.0843 1784 b06bdrv - ok

13:41:28.0874 1784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:Windowssystem32DRIVERSb57nd60a.sys

13:41:28.0874 1784 b57nd60a - ok

13:41:28.0952 1784 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:Program Files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe

13:41:28.0952 1784 BBSvc - ok

13:41:28.0968 1784 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:Program Files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe

13:41:28.0968 1784 BBUpdate - ok

13:41:28.0999 1784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:WindowsSystem32bdesvc.dll

13:41:28.0999 1784 BDESVC - ok

13:41:29.0030 1784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:Windowssystem32driversBeep.sys

13:41:29.0030 1784 Beep - ok

13:41:29.0061 1784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:WindowsSystem32bfe.dll

13:41:29.0061 1784 BFE - ok

13:41:29.0108 1784 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:WindowsSystem32qmgr.dll

13:41:29.0139 1784 BITS - ok

13:41:29.0155 1784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:Windowssystem32DRIVERSblbdrive.sys

13:41:29.0155 1784 blbdrive - ok

13:41:29.0186 1784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:Windowssystem32DRIVERSbowser.sys

13:41:29.0186 1784 bowser - ok

13:41:29.0217 1784 [ 56E4345F392F17D66683225E214840CB ] bpenum C:Windowssystem32DRIVERSbpenum.sys

13:41:29.0217 1784 bpenum - ok

13:41:29.0233 1784 [ D50B07C4D7AFEC4CA6AC8FCB72583C5B ] bpmp C:Windowssystem32DRIVERSbpmp.sys

13:41:29.0233 1784 bpmp - ok

13:41:29.0249 1784 [ A85BA55E4FE9CB2F342F281AAF7DE810 ] bpusb C:Windowssystem32Driversbpusb.sys

13:41:29.0249 1784 bpusb - ok

13:41:29.0264 1784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:Windowssystem32DRIVERSBrFiltLo.sys

13:41:29.0264 1784 BrFiltLo - ok

13:41:29.0311 1784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:Windowssystem32DRIVERSBrFiltUp.sys

13:41:29.0311 1784 BrFiltUp - ok

13:41:29.0342 1784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:WindowsSystem32browser.dll

13:41:29.0358 1784 Browser - ok

13:41:29.0373 1784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:WindowsSystem32DriversBrserid.sys

13:41:29.0373 1784 Brserid - ok

13:41:29.0405 1784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:WindowsSystem32DriversBrSerWdm.sys

13:41:29.0405 1784 BrSerWdm - ok

13:41:29.0405 1784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:WindowsSystem32DriversBrUsbMdm.sys

13:41:29.0420 1784 BrUsbMdm - ok

13:41:29.0436 1784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:WindowsSystem32DriversBrUsbSer.sys

13:41:29.0436 1784 BrUsbSer - ok

13:41:29.0451 1784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:Windowssystem32DRIVERSbthmodem.sys

13:41:29.0451 1784 BTHMODEM - ok

13:41:29.0498 1784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:Windowssystem32bthserv.dll

13:41:29.0498 1784 bthserv - ok

13:41:29.0514 1784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:Windowssystem32DRIVERScdfs.sys

13:41:29.0529 1784 cdfs - ok

13:41:29.0561 1784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:Windowssystem32DRIVERScdrom.sys

13:41:29.0561 1784 cdrom - ok

13:41:29.0592 1784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:WindowsSystem32certprop.dll

13:41:29.0592 1784 CertPropSvc - ok

13:41:29.0607 1784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:Windowssystem32DRIVERScirclass.sys

13:41:29.0607 1784 circlass - ok

13:41:29.0639 1784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:Windowssystem32CLFS.sys

13:41:29.0639 1784 CLFS - ok

13:41:29.0748 1784 [ 5B80BCD82FFE6D5240BA02AD338C547C ] CLHNServiceForPowerDVD12 C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe

13:41:29.0763 1784 CLHNServiceForPowerDVD12 - ok

13:41:29.0826 1784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe

13:41:29.0826 1784 clr_optimization_v2.0.50727_32 - ok

13:41:29.0873 1784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe

13:41:29.0888 1784 clr_optimization_v2.0.50727_64 - ok

13:41:29.0935 1784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe

13:41:29.0935 1784 clr_optimization_v4.0.30319_32 - ok

13:41:29.0966 1784 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe

13:41:29.0966 1784 clr_optimization_v4.0.30319_64 - ok

13:41:29.0997 1784 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:Windowssystem32DRIVERSclwvd.sys

13:41:29.0997 1784 clwvd - ok

13:41:30.0013 1784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:Windowssystem32DRIVERSCmBatt.sys

13:41:30.0029 1784 CmBatt - ok

13:41:30.0060 1784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:Windowssystem32driverscmdide.sys

13:41:30.0060 1784 cmdide - ok

13:41:30.0091 1784 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:Windowssystem32Driverscng.sys

13:41:30.0091 1784 CNG - ok

13:41:30.0107 1784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:Windowssystem32DRIVERScompbatt.sys

13:41:30.0107 1784 Compbatt - ok

13:41:30.0122 1784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:Windowssystem32driversCompositeBus.sys

13:41:30.0122 1784 CompositeBus - ok

13:41:30.0122 1784 COMSysApp - ok

13:41:30.0138 1784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:Windowssystem32DRIVERScrcdisk.sys

13:41:30.0138 1784 crcdisk - ok

13:41:30.0185 1784 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:Windowssystem32cryptsvc.dll

13:41:30.0185 1784 CryptSvc - ok

13:41:30.0231 1784 [ 392EB4108A6A8B8E46A3A3568055F277 ] CyberLink PowerDVD 12 Media Server Monitor Service C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe

13:41:30.0231 1784 CyberLink PowerDVD 12 Media Server Monitor Service - ok

13:41:30.0247 1784 [ 61A27B34B6A7B534F2DB95C0F8762FAE ] CyberLink PowerDVD 12 Media Server Service C:Program Files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe

13:41:30.0263 1784 CyberLink PowerDVD 12 Media Server Service - ok

13:41:30.0294 1784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:Windowssystem32rpcss.dll

13:41:30.0309 1784 DcomLaunch - ok

13:41:30.0325 1784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:WindowsSystem32defragsvc.dll

13:41:30.0341 1784 defragsvc - ok

13:41:30.0372 1784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:Windowssystem32Driversdfsc.sys

13:41:30.0372 1784 DfsC - ok

13:41:30.0387 1784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:Windowssystem32dhcpcore.dll

13:41:30.0403 1784 Dhcp - ok

13:41:30.0419 1784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:Windowssystem32driversdiscache.sys

13:41:30.0419 1784 discache - ok

13:41:30.0434 1784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:Windowssystem32DRIVERSdisk.sys

13:41:30.0434 1784 Disk - ok

13:41:30.0512 1784 [ 34C3575F9071C933856BD3DCC5A0473B ] DMAgent C:Program FilesIntelWiMAXBinDMAgent.exe

13:41:30.0512 1784 DMAgent - ok

13:41:30.0543 1784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:WindowsSystem32dnsrslvr.dll

13:41:30.0559 1784 Dnscache - ok

13:41:30.0575 1784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:WindowsSystem32dot3svc.dll

13:41:30.0590 1784 dot3svc - ok

13:41:30.0621 1784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:Windowssystem32dps.dll

13:41:30.0621 1784 DPS - ok

13:41:30.0653 1784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:Windowssystem32driversdrmkaud.sys

13:41:30.0653 1784 drmkaud - ok

13:41:30.0699 1784 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:WindowsSystem32driversdxgkrnl.sys

13:41:30.0731 1784 DXGKrnl - ok

13:41:30.0762 1784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:WindowsSystem32eapsvc.dll

13:41:30.0777 1784 EapHost - ok

13:41:30.0855 1784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:Windowssystem32DRIVERSevbda.sys

13:41:30.0933 1784 ebdrv - ok

13:41:30.0965 1784 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:WindowsSystem32lsass.exe

13:41:30.0965 1784 EFS - ok

13:41:31.0027 1784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:WindowsehomeehRecvr.exe

13:41:31.0043 1784 ehRecvr - ok

13:41:31.0074 1784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:Windowsehomeehsched.exe

13:41:31.0074 1784 ehSched - ok

13:41:31.0089 1784 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:Windowssystem32DriversElbyCDIO.sys

13:41:31.0105 1784 ElbyCDIO - ok

13:41:31.0121 1784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:Windowssystem32DRIVERSelxstor.sys

13:41:31.0136 1784 elxstor - ok

13:41:31.0167 1784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:Windowssystem32driverserrdev.sys

13:41:31.0167 1784 ErrDev - ok

13:41:31.0199 1784 [ 9D8739A2A2173C9D27C499A3FC6EDA3F ] ETD C:Windowssystem32DRIVERSETD.sys

13:41:31.0199 1784 ETD - ok

13:41:31.0245 1784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:Windowssystem32es.dll

13:41:31.0261 1784 EventSystem - ok

13:41:31.0323 1784 [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng C:Program FilesIntelWiFibinEvtEng.exe

13:41:31.0355 1784 EvtEng - ok

13:41:31.0386 1784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:Windowssystem32driversexfat.sys

13:41:31.0386 1784 exfat - ok

13:41:31.0417 1784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:Windowssystem32driversfastfat.sys

13:41:31.0417 1784 fastfat - ok

13:41:31.0464 1784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:Windowssystem32fxssvc.exe

13:41:31.0479 1784 Fax - ok

13:41:31.0495 1784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:Windowssystem32DRIVERSfdc.sys

13:41:31.0495 1784 fdc - ok

13:41:31.0526 1784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:Windowssystem32fdPHost.dll

13:41:31.0526 1784 fdPHost - ok

13:41:31.0542 1784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:Windowssystem32fdrespub.dll

13:41:31.0542 1784 FDResPub - ok

13:41:31.0573 1784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:Windowssystem32driversfileinfo.sys

13:41:31.0573 1784 FileInfo - ok

13:41:31.0589 1784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:Windowssystem32driversfiletrace.sys

13:41:31.0589 1784 Filetrace - ok

13:41:31.0604 1784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:Windowssystem32DRIVERSflpydisk.sys

13:41:31.0604 1784 flpydisk - ok

13:41:31.0651 1784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:Windowssystem32driversfltmgr.sys

13:41:31.0651 1784 FltMgr - ok

13:41:31.0698 1784 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:Windowssystem32FntCache.dll

13:41:31.0729 1784 FontCache - ok

13:41:31.0776 1784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe

13:41:31.0776 1784 FontCache3.0.0.0 - ok

13:41:31.0807 1784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:Windowssystem32driversFsDepends.sys

13:41:31.0823 1784 FsDepends - ok

13:41:31.0838 1784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:Windowssystem32driversFs_Rec.sys

13:41:31.0838 1784 Fs_Rec - ok

13:41:31.0869 1784 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:Windowssystem32DRIVERSfvevol.sys

13:41:31.0885 1784 fvevol - ok

13:41:31.0901 1784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:Windowssystem32DRIVERSgagp30kx.sys

13:41:31.0901 1784 gagp30kx - ok

13:41:31.0947 1784 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:Program Files (x86)WildGamesGame Console - WildGamesGameConsoleService.exe

13:41:31.0947 1784 GameConsoleService - ok

13:41:31.0994 1784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:WindowsSystem32gpsvc.dll

13:41:32.0010 1784 gpsvc - ok

13:41:32.0041 1784 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

13:41:32.0057 1784 gupdate - ok

13:41:32.0057 1784 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

13:41:32.0057 1784 gupdatem - ok

13:41:32.0072 1784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:Windowssystem32drivershcw85cir.sys

13:41:32.0088 1784 hcw85cir - ok

13:41:32.0135 1784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:Windowssystem32driversHdAudio.sys

13:41:32.0135 1784 HdAudAddService - ok

13:41:32.0150 1784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:Windowssystem32driversHDAudBus.sys

13:41:32.0166 1784 HDAudBus - ok

13:41:32.0181 1784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:Windowssystem32DRIVERSHidBatt.sys

13:41:32.0181 1784 HidBatt - ok

13:41:32.0213 1784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:Windowssystem32DRIVERShidbth.sys

13:41:32.0213 1784 HidBth - ok

13:41:32.0228 1784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:Windowssystem32DRIVERShidir.sys

13:41:32.0228 1784 HidIr - ok

13:41:32.0259 1784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:Windowssystem32hidserv.dll

13:41:32.0275 1784 hidserv - ok

13:41:32.0291 1784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:Windowssystem32drivershidusb.sys

13:41:32.0291 1784 HidUsb - ok

13:41:32.0322 1784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:Windowssystem32kmsvc.dll

13:41:32.0322 1784 hkmsvc - ok

13:41:32.0353 1784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:Windowssystem32ListSvc.dll

13:41:32.0369 1784 HomeGroupListener - ok

13:41:32.0400 1784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:Windowssystem32provsvc.dll

13:41:32.0415 1784 HomeGroupProvider - ok

13:41:32.0431 1784 HOSTS Anti-PUPs - ok

13:41:32.0447 1784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:Windowssystem32driversHpSAMD.sys

13:41:32.0462 1784 HpSAMD - ok

13:41:32.0493 1784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:Windowssystem32driversHTTP.sys

13:41:32.0525 1784 HTTP - ok

13:41:32.0556 1784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:Windowssystem32drivershwpolicy.sys

13:41:32.0556 1784 hwpolicy - ok

13:41:32.0571 1784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:Windowssystem32driversi8042prt.sys

13:41:32.0571 1784 i8042prt - ok

13:41:32.0603 1784 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:Windowssystem32DRIVERSiaStor.sys

13:41:32.0618 1784 iaStor - ok

13:41:32.0649 1784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:Windowssystem32driversiaStorV.sys

13:41:32.0649 1784 iaStorV - ok

13:41:32.0696 1784 [ F1458110073AD3B6C5DC3C592A36D1D0 ] IDMWFP C:Windowssystem32DRIVERSidmwfp.sys

13:41:32.0696 1784 IDMWFP - ok

13:41:32.0759 1784 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe

13:41:32.0759 1784 IDriverT - ok

13:41:32.0837 1784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:WindowsMicrosoft.NETFramework64v3.0Windows Communication Foundationinfocard.exe

13:41:32.0852 1784 idsvc - ok

13:41:33.0086 1784 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:Windowssystem32DRIVERSigdkmd64.sys

13:41:33.0320 1784 igfx - ok

13:41:33.0351 1784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:Windowssystem32DRIVERSiirsp.sys

13:41:33.0351 1784 iirsp - ok

13:41:33.0398 1784 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:WindowsSystem32ikeext.dll

13:41:33.0414 1784 IKEEXT - ok

13:41:33.0476 1784 [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:Windowssystem32driversRTKVHD64.sys

13:41:33.0539 1784 IntcAzAudAddService - ok

13:41:33.0570 1784 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:Windowssystem32DRIVERSIntcDAud.sys

13:41:33.0585 1784 IntcDAud - ok

13:41:33.0601 1784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:Windowssystem32driversintelide.sys

13:41:33.0601 1784 intelide - ok

13:41:33.0632 1784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:Windowssystem32DRIVERSintelppm.sys

13:41:33.0632 1784 intelppm - ok

13:41:33.0663 1784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:Windowssystem32ipbusenum.dll

13:41:33.0663 1784 IPBusEnum - ok

13:41:33.0695 1784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:Windowssystem32DRIVERSipfltdrv.sys

13:41:33.0695 1784 IpFilterDriver - ok

13:41:33.0741 1784 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:WindowsSystem32iphlpsvc.dll

13:41:33.0757 1784 iphlpsvc - ok

13:41:33.0788 1784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:Windowssystem32driversIPMIDrv.sys

13:41:33.0788 1784 IPMIDRV - ok

13:41:33.0835 1784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:Windowssystem32driversipnat.sys

13:41:33.0835 1784 IPNAT - ok

13:41:33.0866 1784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:Windowssystem32driversirenum.sys

13:41:33.0866 1784 IRENUM - ok

13:41:33.0897 1784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:Windowssystem32driversisapnp.sys

13:41:33.0897 1784 isapnp - ok

13:41:33.0929 1784 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:Windowssystem32driversmsiscsi.sys

13:41:33.0929 1784 iScsiPrt - ok

13:41:34.0038 1784 [ BA8C6135E6E632139DAC5B34861FCB03 ] ISWKL C:Program FilesCheckPointZAForceFieldISWKL.sys

13:41:34.0038 1784 ISWKL - ok

13:41:34.0069 1784 [ EEF0D7308C247294389B566A7830B211 ] IswSvc C:Program FilesCheckPointZAForceFieldIswSvc.exe

13:41:34.0100 1784 IswSvc - ok

13:41:34.0116 1784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:Windowssystem32driverskbdclass.sys

13:41:34.0116 1784 kbdclass - ok

13:41:34.0147 1784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:Windowssystem32driverskbdhid.sys

13:41:34.0147 1784 kbdhid - ok

13:41:34.0163 1784 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:Windowssystem32lsass.exe

13:41:34.0163 1784 KeyIso - ok

13:41:34.0241 1784 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:Windowssystem32DRIVERSkl1.sys

13:41:34.0241 1784 KL1 - ok

13:41:34.0256 1784 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:Windowssystem32DRIVERSkl2.sys

13:41:34.0256 1784 kl2 - ok

13:41:34.0303 1784 [ 055790D38D7EC73AEF03E4AA7F67BA03 ] KLIF C:Windowssystem32DRIVERSklif.sys

13:41:34.0303 1784 KLIF - ok

13:41:34.0319 1784 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:Windowssystem32Driversksecdd.sys

13:41:34.0334 1784 KSecDD - ok

13:41:34.0365 1784 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:Windowssystem32Driversksecpkg.sys

13:41:34.0365 1784 KSecPkg - ok

13:41:34.0381 1784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:Windowssystem32driversksthunk.sys

13:41:34.0381 1784 ksthunk - ok

13:41:34.0428 1784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:Windowssystem32msdtckrm.dll

13:41:34.0428 1784 KtmRm - ok

13:41:34.0475 1784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:Windowssystem32srvsvc.dll

13:41:34.0475 1784 LanmanServer - ok

13:41:34.0506 1784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:WindowsSystem32wkssvc.dll

13:41:34.0506 1784 LanmanWorkstation - ok

13:41:34.0521 1784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:Windowssystem32DRIVERSlltdio.sys

13:41:34.0521 1784 lltdio - ok

13:41:34.0553 1784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:WindowsSystem32lltdsvc.dll

13:41:34.0568 1784 lltdsvc - ok

13:41:34.0584 1784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:WindowsSystem32lmhsvc.dll

13:41:34.0584 1784 lmhosts - ok

13:41:34.0646 1784 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

13:41:34.0646 1784 LMS - ok

13:41:34.0677 1784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:Windowssystem32DRIVERSlsi_fc.sys

13:41:34.0677 1784 LSI_FC - ok

13:41:34.0693 1784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:Windowssystem32DRIVERSlsi_sas.sys

13:41:34.0693 1784 LSI_SAS - ok

13:41:34.0724 1784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:Windowssystem32DRIVERSlsi_sas2.sys

13:41:34.0724 1784 LSI_SAS2 - ok

13:41:34.0740 1784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:Windowssystem32DRIVERSlsi_scsi.sys

13:41:34.0755 1784 LSI_SCSI - ok

13:41:34.0771 1784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:Windowssystem32driversluafv.sys

13:41:34.0771 1784 luafv - ok

13:41:34.0818 1784 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:Windowssystem32driversmbam.sys

13:41:34.0818 1784 MBAMProtector - ok

13:41:34.0849 1784 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe

13:41:34.0865 1784 MBAMScheduler - ok

13:41:34.0880 1784 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

13:41:34.0911 1784 MBAMService - ok

13:41:34.0943 1784 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:Windowssystem32DRIVERSmcdbus.sys

13:41:34.0943 1784 mcdbus - ok

13:41:34.0974 1784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:Windowssystem32Mcx2Svc.dll

13:41:34.0974 1784 Mcx2Svc - ok

13:41:34.0974 1784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:Windowssystem32DRIVERSmegasas.sys

13:41:34.0989 1784 megasas - ok

13:41:35.0021 1784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:Windowssystem32DRIVERSMegaSR.sys

13:41:35.0021 1784 MegaSR - ok

13:41:35.0052 1784 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:Windowssystem32DRIVERSHECIx64.sys

13:41:35.0067 1784 MEIx64 - ok

13:41:35.0083 1784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:Windowssystem32mmcss.dll

13:41:35.0083 1784 MMCSS - ok

13:41:35.0099 1784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:Windowssystem32driversmodem.sys

13:41:35.0099 1784 Modem - ok

13:41:35.0130 1784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:Windowssystem32DRIVERSmonitor.sys

13:41:35.0130 1784 monitor - ok

13:41:35.0145 1784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:Windowssystem32driversmouclass.sys

13:41:35.0145 1784 mouclass - ok

13:41:35.0161 1784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:Windowssystem32DRIVERSmouhid.sys

13:41:35.0161 1784 mouhid - ok

13:41:35.0208 1784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:Windowssystem32driversmountmgr.sys

13:41:35.0208 1784 mountmgr - ok

13:41:35.0255 1784 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe

13:41:35.0255 1784 MozillaMaintenance - ok

13:41:35.0270 1784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:Windowssystem32driversmpio.sys

13:41:35.0270 1784 mpio - ok

13:41:35.0301 1784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:Windowssystem32driversmpsdrv.sys

13:41:35.0301 1784 mpsdrv - ok

13:41:35.0348 1784 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:Windowssystem32mpssvc.dll

13:41:35.0364 1784 MpsSvc - ok

13:41:35.0379 1784 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:Windowssystem32driversmrxdav.sys

13:41:35.0379 1784 MRxDAV - ok

13:41:35.0411 1784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:Windowssystem32DRIVERSmrxsmb.sys

13:41:35.0411 1784 mrxsmb - ok

13:41:35.0426 1784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:Windowssystem32DRIVERSmrxsmb10.sys

13:41:35.0426 1784 mrxsmb10 - ok

13:41:35.0442 1784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:Windowssystem32DRIVERSmrxsmb20.sys

13:41:35.0442 1784 mrxsmb20 - ok

13:41:35.0473 1784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:Windowssystem32driversmsahci.sys

13:41:35.0473 1784 msahci - ok

13:41:35.0489 1784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:Windowssystem32driversmsdsm.sys

13:41:35.0489 1784 msdsm - ok

13:41:35.0504 1784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:WindowsSystem32msdtc.exe

13:41:35.0520 1784 MSDTC - ok

13:41:35.0551 1784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:Windowssystem32driversMsfs.sys

13:41:35.0551 1784 Msfs - ok

13:41:35.0567 1784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:WindowsSystem32driversmshidkmdf.sys

13:41:35.0567 1784 mshidkmdf - ok

13:41:35.0582 1784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:Windowssystem32driversmsisadrv.sys

13:41:35.0582 1784 msisadrv - ok

13:41:35.0629 1784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:Windowssystem32iscsiexe.dll

13:41:35.0629 1784 MSiSCSI - ok

13:41:35.0629 1784 msiserver - ok

13:41:35.0645 1784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:Windowssystem32driversMSKSSRV.sys

13:41:35.0645 1784 MSKSSRV - ok

13:41:35.0676 1784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:Windowssystem32driversMSPCLOCK.sys

13:41:35.0676 1784 MSPCLOCK - ok

13:41:35.0676 1784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:Windowssystem32driversMSPQM.sys

13:41:35.0691 1784 MSPQM - ok

13:41:35.0707 1784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:Windowssystem32driversMsRPC.sys

13:41:35.0723 1784 MsRPC - ok

13:41:35.0723 1784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:Windowssystem32driversmssmbios.sys

13:41:35.0723 1784 mssmbios - ok

13:41:35.0754 1784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:Windowssystem32driversMSTEE.sys

13:41:35.0754 1784 MSTEE - ok

13:41:35.0769 1784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:Windowssystem32DRIVERSMTConfig.sys

13:41:35.0769 1784 MTConfig - ok

13:41:35.0785 1784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:Windowssystem32Driversmup.sys

13:41:35.0785 1784 Mup - ok

13:41:35.0816 1784 [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS C:Program FilesIntelWiFibinPanDhcpDns.exe

13:41:35.0832 1784 MyWiFiDHCPDNS - ok

13:41:35.0863 1784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:Windowssystem32qagentRT.dll

13:41:35.0863 1784 napagent - ok

13:41:35.0879 1784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:Windowssystem32DRIVERSnwifi.sys

13:41:35.0894 1784 NativeWifiP - ok

13:41:35.0941 1784 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:Windowssystem32driversndis.sys

13:41:35.0957 1784 NDIS - ok

13:41:35.0988 1784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:Windowssystem32DRIVERSndiscap.sys

13:41:35.0988 1784 NdisCap - ok

13:41:36.0003 1784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:Windowssystem32DRIVERSndistapi.sys

13:41:36.0019 1784 NdisTapi - ok

13:41:36.0050 1784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:Windowssystem32DRIVERSndisuio.sys

13:41:36.0050 1784 Ndisuio - ok

13:41:36.0066 1784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:Windowssystem32DRIVERSndiswan.sys

13:41:36.0066 1784 NdisWan - ok

13:41:36.0097 1784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:Windowssystem32driversNDProxy.sys

13:41:36.0097 1784 NDProxy - ok

13:41:36.0113 1784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:Windowssystem32DRIVERSnetbios.sys

13:41:36.0113 1784 NetBIOS - ok

13:41:36.0144 1784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:Windowssystem32DRIVERSnetbt.sys

13:41:36.0159 1784 NetBT - ok

13:41:36.0175 1784 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:Windowssystem32lsass.exe

13:41:36.0175 1784 Netlogon - ok

13:41:36.0206 1784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:WindowsSystem32netman.dll

13:41:36.0206 1784 Netman - ok

13:41:36.0222 1784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:WindowsSystem32netprofm.dll

13:41:36.0237 1784 netprofm - ok

13:41:36.0253 1784 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:WindowsMicrosoft.NETFramework64v3.0Windows Communication FoundationSMSvcHost.exe

13:41:36.0253 1784 NetTcpPortSharing - ok

13:41:36.0440 1784 [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64 C:Windowssystem32DRIVERSNETwNs64.sys

13:41:36.0612 1784 NETwNs64 - ok

13:41:36.0643 1784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:Windowssystem32DRIVERSnfrd960.sys

13:41:36.0643 1784 nfrd960 - ok

13:41:36.0674 1784 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:WindowsSystem32nlasvc.dll

13:41:36.0690 1784 NlaSvc - ok

13:41:36.0752 1784 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:WindowsSysWOW64nlssrv32.exe

13:41:36.0768 1784 nlsX86cc - ok

13:41:36.0783 1784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:Windowssystem32driversNpfs.sys

13:41:36.0783 1784 Npfs - ok

13:41:36.0815 1784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:Windowssystem32nsisvc.dll

13:41:36.0815 1784 nsi - ok

13:41:36.0830 1784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:Windowssystem32driversnsiproxy.sys

13:41:36.0830 1784 nsiproxy - ok

13:41:36.0877 1784 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:Windowssystem32driversNtfs.sys

13:41:36.0924 1784 Ntfs - ok

13:41:37.0049 1784 [ A773AA47341A1FD16C6A9BA3C11D7DAA ] ntk_PowerDVD12 C:Program Files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys

13:41:37.0049 1784 ntk_PowerDVD12 - ok

13:41:37.0080 1784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:Windowssystem32driversNull.sys

13:41:37.0080 1784 Null - ok

13:41:37.0111 1784 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:Windowssystem32DRIVERSnusb3hub.sys

13:41:37.0111 1784 nusb3hub - ok

13:41:37.0127 1784 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:Windowssystem32DRIVERSnusb3xhc.sys

13:41:37.0127 1784 nusb3xhc - ok

13:41:37.0376 1784 [ 35AFE139F5CAAE2C54AC3DAF2F0DA525 ] nvlddmkm C:Windowssystem32DRIVERSnvlddmkm.sys

13:41:37.0641 1784 nvlddmkm - ok

13:41:37.0688 1784 [ 07A4DF15E49F0875B633C39CBEFAE4EC ] nvpciflt C:Windowssystem32DRIVERSnvpciflt.sys

13:41:37.0688 1784 nvpciflt - ok

13:41:37.0704 1784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:Windowssystem32driversnvraid.sys

13:41:37.0704 1784 nvraid - ok

13:41:37.0751 1784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:Windowssystem32driversnvstor.sys

13:41:37.0766 1784 nvstor - ok

13:41:37.0813 1784 [ BBA0F7E4E545CD8C5BEA5BAB815A3A43 ] NVSvc C:Windowssystem32nvvsvc.exe

13:41:37.0844 1784 NVSvc - ok

13:41:37.0907 1784 [ E4A5158EBD8DE1EA94A4AAEA13232594 ] nvUpdatusService C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

13:41:37.0953 1784 nvUpdatusService - ok

13:41:37.0985 1784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:Windowssystem32driversnv_agp.sys

13:41:37.0985 1784 nv_agp - ok

13:41:38.0000 1784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:Windowssystem32driversohci1394.sys

13:41:38.0000 1784 ohci1394 - ok

13:41:38.0047 1784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:Windowssystem32pnrpsvc.dll

13:41:38.0047 1784 p2pimsvc - ok

13:41:38.0063 1784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:Windowssystem32p2psvc.dll

13:41:38.0078 1784 p2psvc - ok

13:41:38.0125 1784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:Windowssystem32DRIVERSparport.sys

13:41:38.0125 1784 Parport - ok

13:41:38.0156 1784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:Windowssystem32driverspartmgr.sys

13:41:38.0156 1784 partmgr - ok

13:41:38.0172 1784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:WindowsSystem32pcasvc.dll

13:41:38.0172 1784 PcaSvc - ok

13:41:38.0187 1784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:Windowssystem32driverspci.sys

13:41:38.0187 1784 pci - ok

13:41:38.0219 1784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:Windowssystem32driverspciide.sys

13:41:38.0219 1784 pciide - ok

13:41:38.0265 1784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:Windowssystem32DRIVERSpcmcia.sys

13:41:38.0265 1784 pcmcia - ok

13:41:38.0281 1784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:Windowssystem32driverspcw.sys

13:41:38.0281 1784 pcw - ok

13:41:38.0312 1784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:Windowssystem32driverspeauth.sys

13:41:38.0328 1784 PEAUTH - ok

13:41:38.0359 1784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:WindowsSysWow64perfhost.exe

13:41:38.0359 1784 PerfHost - ok

13:41:38.0421 1784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:Windowssystem32pla.dll

13:41:38.0453 1784 pla - ok

13:41:38.0515 1784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:Windowssystem32umpnpmgr.dll

13:41:38.0515 1784 PlugPlay - ok

13:41:38.0531 1784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:Windowssystem32pnrpauto.dll

13:41:38.0531 1784 PNRPAutoReg - ok

13:41:38.0562 1784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:Windowssystem32pnrpsvc.dll

13:41:38.0562 1784 PNRPsvc - ok

13:41:38.0593 1784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:WindowsSystem32ipsecsvc.dll

13:41:38.0609 1784 PolicyAgent - ok

13:41:38.0624 1784 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:Windowssystem32umpo.dll

13:41:38.0624 1784 Power - ok

13:41:38.0671 1784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:Windowssystem32DRIVERSraspptp.sys

13:41:38.0671 1784 PptpMiniport - ok

13:41:38.0718 1784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:Windowssystem32DRIVERSprocessr.sys

13:41:38.0718 1784 Processor - ok

13:41:38.0749 1784 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:Windowssystem32profsvc.dll

13:41:38.0765 1784 ProfSvc - ok

13:41:38.0780 1784 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:Windowssystem32lsass.exe

13:41:38.0780 1784 ProtectedStorage - ok

13:41:38.0796 1784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:Windowssystem32DRIVERSpacer.sys

13:41:38.0796 1784 Psched - ok

13:41:38.0843 1784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:Windowssystem32DRIVERSql2300.sys

13:41:38.0874 1784 ql2300 - ok

13:41:38.0905 1784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:Windowssystem32DRIVERSql40xx.sys

13:41:38.0905 1784 ql40xx - ok

13:41:38.0952 1784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:Windowssystem32qwave.dll

13:41:38.0952 1784 QWAVE - ok

13:41:38.0967 1784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:Windowssystem32driversqwavedrv.sys

13:41:38.0967 1784 QWAVEdrv - ok

13:41:38.0999 1784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:Windowssystem32DRIVERSrasacd.sys

13:41:38.0999 1784 RasAcd - ok

13:41:39.0030 1784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:Windowssystem32DRIVERSAgileVpn.sys

13:41:39.0030 1784 RasAgileVpn - ok

13:41:39.0045 1784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:WindowsSystem32rasauto.dll

13:41:39.0045 1784 RasAuto - ok

13:41:39.0077 1784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:Windowssystem32DRIVERSrasl2tp.sys

13:41:39.0077 1784 Rasl2tp - ok

13:41:39.0092 1784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:WindowsSystem32rasmans.dll

13:41:39.0108 1784 RasMan - ok

13:41:39.0123 1784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:Windowssystem32DRIVERSraspppoe.sys

13:41:39.0123 1784 RasPppoe - ok

13:41:39.0123 1784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:Windowssystem32DRIVERSrassstp.sys

13:41:39.0139 1784 RasSstp - ok

13:41:39.0155 1784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:Windowssystem32DRIVERSrdbss.sys

13:41:39.0170 1784 rdbss - ok

13:41:39.0186 1784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:Windowssystem32DRIVERSrdpbus.sys

13:41:39.0186 1784 rdpbus - ok

13:41:39.0217 1784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:Windowssystem32DRIVERSRDPCDD.sys

13:41:39.0217 1784 RDPCDD - ok

13:41:39.0233 1784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:Windowssystem32driversrdpencdd.sys

13:41:39.0233 1784 RDPENCDD - ok

13:41:39.0233 1784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:Windowssystem32driversrdprefmp.sys

13:41:39.0233 1784 RDPREFMP - ok

13:41:39.0295 1784 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:Windowssystem32driversrdpvideominiport.sys

13:41:39.0295 1784 RdpVideoMiniport - ok

13:41:39.0342 1784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:Windowssystem32driversRDPWD.sys

13:41:39.0342 1784 RDPWD - ok

13:41:39.0373 1784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:Windowssystem32driversrdyboost.sys

13:41:39.0389 1784 rdyboost - ok

13:41:39.0451 1784 [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe

13:41:39.0482 1784 RegSrvc - ok

13:41:39.0513 1784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:WindowsSystem32mprdim.dll

13:41:39.0513 1784 RemoteAccess - ok

13:41:39.0545 1784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:Windowssystem32regsvc.dll

13:41:39.0545 1784 RemoteRegistry - ok

13:41:39.0607 1784 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:Program Files (x86)CyberLinkShared filesRichVideo.exe

13:41:39.0607 1784 RichVideo - ok

13:41:39.0623 1784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:WindowsSystem32RpcEpMap.dll

13:41:39.0623 1784 RpcEptMapper - ok

13:41:39.0654 1784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:Windowssystem32locator.exe

13:41:39.0654 1784 RpcLocator - ok

13:41:39.0685 1784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:Windowssystem32rpcss.dll

13:41:39.0685 1784 RpcSs - ok

13:41:39.0701 1784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:Windowssystem32DRIVERSrspndr.sys

13:41:39.0701 1784 rspndr - ok

13:41:39.0747 1784 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:Windowssystem32DRIVERSRt64win7.sys

13:41:39.0747 1784 RTL8167 - ok

13:41:39.0779 1784 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:Windowssystem32DriversSABI.sys

13:41:39.0779 1784 SABI - ok

13:41:39.0794 1784 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:Windowssystem32lsass.exe

13:41:39.0794 1784 SamSs - ok

13:41:39.0825 1784 [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:WindowsSystem32SUPDSvc.exe

13:41:39.0825 1784 Samsung UPD Service - ok

13:41:39.0857 1784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:Windowssystem32driverssbp2port.sys

13:41:39.0872 1784 sbp2port - ok

13:41:39.0903 1784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:WindowsSystem32SCardSvr.dll

13:41:39.0903 1784 SCardSvr - ok

13:41:39.0935 1784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:Windowssystem32DRIVERSscfilter.sys

13:41:39.0935 1784 scfilter - ok

13:41:39.0966 1784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:Windowssystem32schedsvc.dll

13:41:39.0997 1784 Schedule - ok

13:41:40.0028 1784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:WindowsSystem32certprop.dll

13:41:40.0028 1784 SCPolicySvc - ok

13:41:40.0059 1784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:WindowsSystem32SDRSVC.dll

13:41:40.0075 1784 SDRSVC - ok

13:41:40.0106 1784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:Windowssystem32driverssecdrv.sys

13:41:40.0106 1784 secdrv - ok

13:41:40.0122 1784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:Windowssystem32seclogon.dll

13:41:40.0122 1784 seclogon - ok

13:41:40.0169 1784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:WindowsSystem32sens.dll

13:41:40.0169 1784 SENS - ok

13:41:40.0184 1784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:Windowssystem32sensrsvc.dll

13:41:40.0184 1784 SensrSvc - ok

13:41:40.0215 1784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:Windowssystem32DRIVERSserenum.sys

13:41:40.0231 1784 Serenum - ok

13:41:40.0247 1784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:Windowssystem32DRIVERSserial.sys

13:41:40.0247 1784 Serial - ok

13:41:40.0262 1784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:Windowssystem32DRIVERSsermouse.sys

13:41:40.0262 1784 sermouse - ok

13:41:40.0325 1784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:Windowssystem32sessenv.dll

13:41:40.0340 1784 SessionEnv - ok

13:41:40.0371 1784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:Windowssystem32driverssffdisk.sys

13:41:40.0371 1784 sffdisk - ok

13:41:40.0371 1784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:Windowssystem32driverssffp_mmc.sys

13:41:40.0371 1784 sffp_mmc - ok

13:41:40.0371 1784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:Windowssystem32driverssffp_sd.sys

13:41:40.0387 1784 sffp_sd - ok

13:41:40.0387 1784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:Windowssystem32DRIVERSsfloppy.sys

13:41:40.0387 1784 sfloppy - ok

13:41:40.0465 1784 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:WindowsSystem32ipnathlp.dll

13:41:40.0465 1784 SharedAccess - ok

13:41:40.0496 1784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:WindowsSystem32shsvcs.dll

13:41:40.0496 1784 ShellHWDetection - ok

13:41:40.0512 1784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:Windowssystem32DRIVERSSiSRaid2.sys

13:41:40.0512 1784 SiSRaid2 - ok

13:41:40.0559 1784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:Windowssystem32DRIVERSsisraid4.sys

13:41:40.0559 1784 SiSRaid4 - ok

13:41:40.0590 1784 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:Program Files (x86)SkypeUpdaterUpdater.exe

13:41:40.0590 1784 SkypeUpdate - ok

13:41:40.0621 1784 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:Windowssystem32DriversSmartDefragDriver.sys

13:41:40.0637 1784 SmartDefragDriver - ok

13:41:40.0637 1784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:Windowssystem32DRIVERSsmb.sys

13:41:40.0637 1784 Smb - ok

13:41:40.0668 1784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:WindowsSystem32snmptrap.exe

13:41:40.0668 1784 SNMPTRAP - ok

13:41:40.0699 1784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:Windowssystem32driversspldr.sys

13:41:40.0699 1784 spldr - ok

13:41:40.0730 1784 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:WindowsSystem32spoolsv.exe

13:41:40.0746 1784 Spooler - ok

13:41:40.0839 1784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:Windowssystem32sppsvc.exe

13:41:40.0917 1784 sppsvc - ok

13:41:40.0964 1784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:Windowssystem32sppuinotify.dll

13:41:40.0964 1784 sppuinotify - ok

13:41:40.0980 1784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:Windowssystem32DRIVERSsrv.sys

13:41:40.0995 1784 srv - ok

13:41:41.0011 1784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:Windowssystem32DRIVERSsrv2.sys

13:41:41.0027 1784 srv2 - ok

Share this post


Link to post
Share on other sites

Hello goofy1139

 

The TDSSKiller log appears to have been cut off.

 

Please post the remainder of the log in your next reply for me to review.

Share this post


Link to post
Share on other sites

Hello JonTom,

 

here is the rest of the report

 

13:41:41.0027 1784 srv2 - ok

13:41:41.0042 1784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:Windowssystem32DRIVERSsrvnet.sys

13:41:41.0042 1784 srvnet - ok

13:41:41.0073 1784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:WindowsSystem32ssdpsrv.dll

13:41:41.0073 1784 SSDPSRV - ok

13:41:41.0089 1784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:Windowssystem32sstpsvc.dll

13:41:41.0089 1784 SstpSvc - ok

13:41:41.0136 1784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:Windowssystem32DRIVERSstexstor.sys

13:41:41.0136 1784 stexstor - ok

13:41:41.0167 1784 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:Windowssystem32DRIVERSserscan.sys

13:41:41.0167 1784 StillCam - ok

13:41:41.0214 1784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:WindowsSystem32wiaservc.dll

13:41:41.0214 1784 stisvc - ok

13:41:41.0276 1784 [ DF3E643F066534BDE8E1A91E94AF3125 ] StkCMini C:Windowssystem32DriversStkCMini.sys

13:41:41.0323 1784 StkCMini - ok

13:41:41.0401 1784 [ 5B8E5218A1649E66859DB52A83673DCD ] SWDUMon C:Windowssystem32DRIVERSSWDUMon.sys

13:41:41.0401 1784 SWDUMon - ok

13:41:41.0432 1784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:Windowssystem32driversswenum.sys

13:41:41.0432 1784 swenum - ok

13:41:41.0463 1784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:WindowsSystem32swprv.dll

13:41:41.0479 1784 swprv - ok

13:41:41.0541 1784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:Windowssystem32sysmain.dll

13:41:41.0588 1784 SysMain - ok

13:41:41.0619 1784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:WindowsSystem32TabSvc.dll

13:41:41.0619 1784 TabletInputService - ok

13:41:41.0651 1784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:WindowsSystem32tapisrv.dll

13:41:41.0666 1784 TapiSrv - ok

13:41:41.0682 1784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:WindowsSystem32tbssvc.dll

13:41:41.0682 1784 TBS - ok

13:41:41.0744 1784 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:Windowssystem32driverstcpip.sys

13:41:41.0822 1784 Tcpip - ok

13:41:41.0869 1784 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:Windowssystem32DRIVERStcpip.sys

13:41:41.0885 1784 TCPIP6 - ok

13:41:41.0916 1784 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:Windowssystem32driverstcpipreg.sys

13:41:41.0916 1784 tcpipreg - ok

13:41:41.0947 1784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:Windowssystem32driverstdpipe.sys

13:41:41.0947 1784 TDPIPE - ok

13:41:41.0994 1784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:Windowssystem32driverstdtcp.sys

13:41:41.0994 1784 TDTCP - ok

13:41:42.0025 1784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:Windowssystem32DRIVERStdx.sys

13:41:42.0041 1784 tdx - ok

13:41:42.0056 1784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:Windowssystem32driverstermdd.sys

13:41:42.0056 1784 TermDD - ok

13:41:42.0087 1784 [ 2E648163254233755035B46DD7B89123 ] TermService C:WindowsSystem32termsrv.dll

13:41:42.0119 1784 TermService - ok

13:41:42.0134 1784 [ F0344071948D1A1FA732231785A0664C ] Themes C:Windowssystem32themeservice.dll

13:41:42.0150 1784 Themes - ok

13:41:42.0165 1784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:Windowssystem32mmcss.dll

13:41:42.0165 1784 THREADORDER - ok

13:41:42.0197 1784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:WindowsSystem32trkwks.dll

13:41:42.0197 1784 TrkWks - ok

13:41:42.0259 1784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:WindowsservicingTrustedInstaller.exe

13:41:42.0259 1784 TrustedInstaller - ok

13:41:42.0290 1784 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:Windowssystem32DRIVERStssecsrv.sys

13:41:42.0290 1784 tssecsrv - ok

13:41:42.0321 1784 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:Windowssystem32driverstsusbflt.sys

13:41:42.0321 1784 TsUsbFlt - ok

13:41:42.0353 1784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:Windowssystem32DRIVERStunnel.sys

13:41:42.0353 1784 tunnel - ok

13:41:42.0384 1784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:Windowssystem32DRIVERSuagp35.sys

13:41:42.0384 1784 uagp35 - ok

13:41:42.0415 1784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:Windowssystem32DRIVERSudfs.sys

13:41:42.0415 1784 udfs - ok

13:41:42.0446 1784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:Windowssystem32UI0Detect.exe

13:41:42.0446 1784 UI0Detect - ok

13:41:42.0509 1784 [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:Program Files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

13:41:42.0509 1784 UleadBurningHelper - ok

13:41:42.0524 1784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:Windowssystem32driversuliagpkx.sys

13:41:42.0524 1784 uliagpkx - ok

13:41:42.0555 1784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:Windowssystem32DRIVERSumbus.sys

13:41:42.0555 1784 umbus - ok

13:41:42.0587 1784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:Windowssystem32DRIVERSumpass.sys

13:41:42.0587 1784 UmPass - ok

13:41:42.0696 1784 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe

13:41:42.0789 1784 UNS - ok

13:41:42.0821 1784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:WindowsSystem32upnphost.dll

13:41:42.0821 1784 upnphost - ok

13:41:42.0852 1784 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:Windowssystem32driversusbaudio.sys

13:41:42.0867 1784 usbaudio - ok

13:41:42.0899 1784 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:Windowssystem32DRIVERSusbccgp.sys

13:41:42.0899 1784 usbccgp - ok

13:41:42.0914 1784 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:Windowssystem32driversusbcir.sys

13:41:42.0914 1784 usbcir - ok

13:41:42.0930 1784 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:Windowssystem32driversusbehci.sys

13:41:42.0930 1784 usbehci - ok

13:41:42.0945 1784 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:Windowssystem32DRIVERSusbhub.sys

13:41:42.0945 1784 usbhub - ok

13:41:42.0977 1784 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:Windowssystem32driversusbohci.sys

13:41:42.0977 1784 usbohci - ok

13:41:43.0023 1784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:Windowssystem32DRIVERSusbprint.sys

13:41:43.0023 1784 usbprint - ok

13:41:43.0039 1784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:Windowssystem32DRIVERSUSBSTOR.SYS

13:41:43.0039 1784 USBSTOR - ok

13:41:43.0070 1784 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:Windowssystem32driversusbuhci.sys

13:41:43.0070 1784 usbuhci - ok

13:41:43.0101 1784 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:WindowsSystem32Driversusbvideo.sys

13:41:43.0101 1784 usbvideo - ok

13:41:43.0133 1784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:WindowsSystem32uxsms.dll

13:41:43.0133 1784 UxSms - ok

13:41:43.0148 1784 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:Windowssystem32lsass.exe

13:41:43.0148 1784 VaultSvc - ok

13:41:43.0179 1784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:Windowssystem32driversvdrvroot.sys

13:41:43.0179 1784 vdrvroot - ok

13:41:43.0226 1784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:WindowsSystem32vds.exe

13:41:43.0226 1784 vds - ok

13:41:43.0257 1784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:Windowssystem32DRIVERSvgapnp.sys

13:41:43.0257 1784 vga - ok

13:41:43.0273 1784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:WindowsSystem32driversvga.sys

13:41:43.0273 1784 VgaSave - ok

13:41:43.0304 1784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:Windowssystem32driversvhdmp.sys

13:41:43.0304 1784 vhdmp - ok

13:41:43.0335 1784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:Windowssystem32driversviaide.sys

13:41:43.0335 1784 viaide - ok

13:41:43.0367 1784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:Windowssystem32driversvolmgr.sys

13:41:43.0367 1784 volmgr - ok

13:41:43.0398 1784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:Windowssystem32driversvolmgrx.sys

13:41:43.0398 1784 volmgrx - ok

13:41:43.0413 1784 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:Windowssystem32driversvolsnap.sys

13:41:43.0429 1784 volsnap - ok

13:41:43.0491 1784 [ 239D8D72730226CD460BDC8CA0A23D43 ] Vsdatant C:Windowssystem32DRIVERSvsdatant.sys

13:41:43.0491 1784 Vsdatant - ok

13:41:43.0538 1784 vsmon - ok

13:41:43.0554 1784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:Windowssystem32DRIVERSvsmraid.sys

13:41:43.0569 1784 vsmraid - ok

13:41:43.0632 1784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:Windowssystem32vssvc.exe

13:41:43.0679 1784 VSS - ok

13:41:43.0710 1784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:Windowssystem32DRIVERSvwifibus.sys

13:41:43.0710 1784 vwifibus - ok

13:41:43.0725 1784 [ 13A0DECD1794DE60A8427862C8669D27 ] VWiFiFlt C:Windowssystem32DRIVERSvwififlt.sys

13:41:43.0725 1784 VWiFiFlt - ok

13:41:43.0741 1784 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:Windowssystem32DRIVERSvwifimp.sys

13:41:43.0741 1784 vwifimp - ok

13:41:43.0772 1784 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:Windowssystem32w32time.dll

13:41:43.0788 1784 W32Time - ok

13:41:43.0819 1784 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:Windowssystem32DRIVERSwacompen.sys

13:41:43.0819 1784 WacomPen - ok

13:41:43.0850 1784 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:Windowssystem32DRIVERSwanarp.sys

13:41:43.0850 1784 WANARP - ok

13:41:43.0866 1784 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:Windowssystem32DRIVERSwanarp.sys

13:41:43.0866 1784 Wanarpv6 - ok

13:41:43.0913 1784 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:Windowssystem32WatWatAdminSvc.exe

13:41:43.0944 1784 WatAdminSvc - ok

13:41:44.0006 1784 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:Windowssystem32wbengine.exe

13:41:44.0037 1784 wbengine - ok

13:41:44.0069 1784 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:WindowsSystem32wbiosrvc.dll

13:41:44.0069 1784 WbioSrvc - ok

13:41:44.0100 1784 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:WindowsSystem32wcncsvc.dll

13:41:44.0100 1784 wcncsvc - ok

13:41:44.0115 1784 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:WindowsSystem32WcsPlugInService.dll

13:41:44.0115 1784 WcsPlugInService - ok

13:41:44.0147 1784 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:Windowssystem32DRIVERSwd.sys

13:41:44.0147 1784 Wd - ok

13:41:44.0178 1784 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:Windowssystem32DRIVERSwdcsam64.sys

13:41:44.0178 1784 WDC_SAM - ok

13:41:44.0225 1784 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:Windowssystem32driversWdf01000.sys

13:41:44.0240 1784 Wdf01000 - ok

13:41:44.0256 1784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:Windowssystem32wdi.dll

13:41:44.0256 1784 WdiServiceHost - ok

13:41:44.0256 1784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:Windowssystem32wdi.dll

13:41:44.0271 1784 WdiSystemHost - ok

13:41:44.0287 1784 [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd C:Windowssystem32DRIVERSWDKMD.sys

13:41:44.0287 1784 wdkmd - ok

13:41:44.0318 1784 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:WindowsSystem32webclnt.dll

13:41:44.0318 1784 WebClient - ok

13:41:44.0334 1784 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:Windowssystem32wecsvc.dll

13:41:44.0349 1784 Wecsvc - ok

13:41:44.0349 1784 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:WindowsSystem32wercplsupport.dll

13:41:44.0349 1784 wercplsupport - ok

13:41:44.0381 1784 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:WindowsSystem32WerSvc.dll

13:41:44.0381 1784 WerSvc - ok

13:41:44.0396 1784 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:Windowssystem32DRIVERSwfplwf.sys

13:41:44.0412 1784 WfpLwf - ok

13:41:44.0474 1784 [ CE397F3DDB8C5B54ED7B47527D88F754 ] WiMAXAppSrv C:Program FilesIntelWiMAXBinAppSrv.exe

13:41:44.0505 1784 WiMAXAppSrv - ok

13:41:44.0537 1784 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:Windowssystem32driverswimmount.sys

13:41:44.0537 1784 WIMMount - ok

13:41:44.0552 1784 WinDefend - ok

13:41:44.0568 1784 WinHttpAutoProxySvc - ok

13:41:44.0677 1784 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:Windowssystem32wbemWMIsvc.dll

13:41:44.0677 1784 Winmgmt - ok

13:41:44.0739 1784 [ BCB1310604AA415C4508708975B3931E ] WinRM C:Windowssystem32WsmSvc.dll

13:41:44.0849 1784 WinRM - ok

13:41:44.0895 1784 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:Windowssystem32DRIVERSWinUsb.sys

13:41:44.0895 1784 WinUsb - ok

13:41:44.0942 1784 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:WindowsSystem32wlansvc.dll

13:41:44.0958 1784 Wlansvc - ok

13:41:45.0005 1784 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:Program FilesWindows LiveMeshwlcrasvc.exe

13:41:45.0005 1784 wlcrasvc - ok

13:41:45.0083 1784 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

13:41:45.0161 1784 wlidsvc - ok

13:41:45.0192 1784 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:Windowssystem32driverswmiacpi.sys

13:41:45.0192 1784 WmiAcpi - ok

13:41:45.0223 1784 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:Windowssystem32wbemWmiApSrv.exe

13:41:45.0239 1784 wmiApSrv - ok

13:41:45.0254 1784 WMPNetworkSvc - ok

13:41:45.0270 1784 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:WindowsSystem32wpcsvc.dll

13:41:45.0285 1784 WPCSvc - ok

13:41:45.0317 1784 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:Windowssystem32wpdbusenum.dll

13:41:45.0332 1784 WPDBusEnum - ok

13:41:45.0348 1784 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:Windowssystem32driversws2ifsl.sys

13:41:45.0348 1784 ws2ifsl - ok

13:41:45.0363 1784 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:WindowsSystem32wscsvc.dll

13:41:45.0379 1784 wscsvc - ok

13:41:45.0379 1784 WSearch - ok

13:41:45.0457 1784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:Windowssystem32wuaueng.dll

13:41:45.0504 1784 wuauserv - ok

13:41:45.0535 1784 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:Windowssystem32driversWudfPf.sys

13:41:45.0535 1784 WudfPf - ok

13:41:45.0566 1784 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:Windowssystem32DRIVERSWUDFRd.sys

13:41:45.0566 1784 WUDFRd - ok

13:41:45.0597 1784 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:WindowsSystem32WUDFSvc.dll

13:41:45.0597 1784 wudfsvc - ok

13:41:45.0613 1784 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:WindowsSystem32wwansvc.dll

13:41:45.0613 1784 WwanSvc - ok

13:41:45.0707 1784 [ 6F610F00DC6B4489811EDCBC76D3EBA6 ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:Program Files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl

13:41:45.0707 1784 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok

13:41:45.0707 1784 ================ Scan global ===============================

13:41:45.0738 1784 [ BA0CD8C393E8C9F83354106093832C7B ] C:Windowssystem32basesrv.dll

13:41:45.0769 1784 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:Windowssystem32winsrv.dll

13:41:45.0785 1784 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:Windowssystem32winsrv.dll

13:41:45.0816 1784 [ D6160F9D869BA3AF0B787F971DB56368 ] C:Windowssystem32sxssrv.dll

13:41:45.0831 1784 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:Windowssystem32services.exe

13:41:45.0831 1784 [Global] - ok

13:41:45.0831 1784 ================ Scan MBR ==================================

13:41:45.0847 1784 [ 933337B9CF1D440B7DD76057050B4626 ] DeviceHarddisk0DR0

13:41:46.0221 1784 DeviceHarddisk0DR0 - ok

13:41:46.0221 1784 [ 8F558EB6672622401DA993E1E865C861 ] DeviceHarddisk1DR2

13:41:48.0639 1784 DeviceHarddisk1DR2 - ok

13:41:48.0639 1784 ================ Scan VBR ==================================

13:41:48.0655 1784 [ 0398AB7033364FC2BBA6227276478796 ] DeviceHarddisk0DR0Partition1

13:41:48.0655 1784 DeviceHarddisk0DR0Partition1 - ok

13:41:48.0655 1784 [ 61FA7043E3B9482FACA31DE3D8386E8C ] DeviceHarddisk0DR0Partition2

13:41:48.0655 1784 DeviceHarddisk0DR0Partition2 - ok

13:41:48.0671 1784 [ 1F6ABC284D869447AF0FBDAB81C957D4 ] DeviceHarddisk1DR2Partition1

13:41:48.0671 1784 DeviceHarddisk1DR2Partition1 - ok

13:41:48.0671 1784 ============================================================

13:41:48.0671 1784 Scan finished

13:41:48.0671 1784 ============================================================

13:41:48.0671 1260 Detected object count: 0

13:41:48.0671 1260 Actual detected object count: 0

13:41:59.0450 1712 Deinitialize success

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Thank you for the logs.

 

TDSSKiller looks fine.

 

There appears to be some minor adware on your system but that should not really prevent us from running scans on your machine (which is my main concern right now).

 

Lets see if we can get the following to run:

 

  • Temporary File Cleaner

    • Download TFC to your desktop.
    • Close any open windows.
    • Right click the TFC icon and select "Run as Administrator" to run the program.
    • TFC will close all open programs itself in order to run.
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish.
    • Once complete it should automatically reboot your machine.
    • If your machine does not reboot automatically, manually reboot to ensure a complete clean.
    • Note: After running TFC your machine may take slightly longer to boot the first time. This is normal.
  • Junkware Removal Tool

     

    Please download Junkware Removal Tool to your desktop.

    • Shutdown your antivirus to avoid any conflicts.
    • Right-mouse click JRT.exe and select Run as administrator
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
  • Please perform the following scan:

    • Please download MalwareBytes AntiMalware by clicking here and save the file (called mbam-setup.exe) to your desktop.
    • Right click on the mbam-setup.exe icon and select "Run as Administrator" to install the program.
    • Follow the prompts during installation and have the Installation Wizzard create a desktop icon.
    • Once installed, double click on the MalwareBytes AntiMalware icon to launch the program.
    • Click on the "Update" tab and then on "Check for Updates".
    • The program will now install the latest Malware definition files.
    • Once complete, click on the "Scanner" tab, select "Perform Quick Scan"and then click on "Scan".
    • Once the program has scanned your computer, a log file will be created in Notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • If the scan detects any Malware-related objects, make sure that everything is checked, and click "Remove Selected" <– Very Important.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to restart your computer.
    • The log is automatically saved by MBAM and can be viewed by clicking the "Logs" tab.
    • Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart your computer, please do so immediately.
    • Come back here to this thread and Paste the log in your next reply.
    Once you have run the above tools lets see if we can get a system scan to review:
  • Please perform the following scan

    • Please download DDS from here and save it to your desktop.
    • Disable any script blocking protection (How to Disable your Security Programs)
    • Right click on the DDS icon and select "Run as Administrator" to run the tool (may take up to 3 minutes to run).
    • When done, DDS.txt will open.
    • After a few moments, attach.txt will open in a second window.
    • Save both reports to your desktop.
    • Please post the contents of the DDS.txt and Attach.txt logs in your next reply.
    Let me know how you get on with the scans and post the required logs in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom

 

The computer seems to be runnin better after these scans. here are the logs

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 3.6.8 (11.30.2012:1)

OS: Windows 7 Home Premium x64

Ran by Owner on Fri 11/30/2012 at 8:16:47.23

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] hkey_current_usersoftwaremicrosoftwindowscurrentversionrunSpotify Web Helper

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] hkey_classes_rootclsid{0055c089-8582-441b-a0bf-17b458c2a3a8}

Successfully deleted: [Registry Key] hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{0055c089-8582-441b-a0bf-17b458c2a3a8}

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:usersdefault userstart menuprogramsstartupbest buy pc app.lnk"

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:ProgramDatabest buy pc app"

Successfully deleted: [Folder] "C:ProgramDataspeedypc software"

Successfully deleted: [Folder] "C:UsersOwnerAppDataRoamingspeedypc software"

Successfully deleted: [Folder] "C:UsersOwnerAppDataRoamingsystweak"

Successfully deleted: [Folder] "C:UsersOwnerAppDataRoamingtelevisionfanatic"

Successfully deleted: [Folder] "C:UsersOwnerappdatalocalbest buy pc app"

Successfully deleted: [Folder] "C:UsersOwnerappdatalocaltelevisionfanatic"

Successfully deleted: [Folder] "C:Program Files (x86)optimizer pro"

Successfully deleted: [Folder] "C:Program Files (x86)televisionfanatic"

 

 

 

~~~ FireFox

 

Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensions508d42f54b49b@508d42f54b4d5.com

Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensions508d44c4523e4@508d44c45241d.com

Successfully deleted: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensions64ffxtbr@TelevisionFanatic.com

Failed to delete: [Folder] C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultextensionsiobit@mybrowserbar.com

Successfully deleted the following from C:UsersOwnerAppDataRoamingmozillafirefoxprofilesnww68hdh.defaultprefs.js

 

user_pref("CT2704262.RSSapp2704262a129531303481232105000000ReadItemsArr", "%7B%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fus%2Fpolitics%2Fa-conservative-bid-for-paul-ryan-to-be-mitt-romneys-running-mate.html%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fsports%2Folympics%2Folympic-mens-200-meters-bolt-and-blake.html%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fsports%2Folympics%2Funited-states-beats-japan-for-womens-soccer-gold.html%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fsports%2Folympics%2Fashton-eaton-wins-gold-medal-in-decathlon.html%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fworld%2Fasia%2Fmurder-trial-of-bo-xilais-wife-concludes.html%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fworld%2Fasia%2Fus-moves-to-address-agent-orange-contamination-in-vietnam.html%22%3A0%2C%22http%3A%2F%2Fbits.blogs.nytimes.com%2F2012%2F08%2F09%2Fresearchers-find-possible-state-sponsored-virus-in-mideast%2F%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fnyregion%2Fleiby-kletzkys-killer-levi-aron-pleads-guilty-to-murdering-8-year-old.html%22%3A0%2C%22http%3A%2F%2Fdealbook.nytimes.com%2F2012%2F08%2F09%2Fex-goldman-programmer-is-arrested-again%2F%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F10%2Fus%2Fpolitics%2Fpostal-service-reports-5-2-billion-loss-for-quarter.html%22%3A0%2C%22http%3A%2F%2Fbits.blogs.nytimes.com%2F2012%2F08%2F09%2Ff-t-c-fines-google-22-5-million-for-safari-privacy-violations%2F%22%3A0%2C%22http%3A%2F%2Fwww.nytimes.com%2F2012%2F08%2F12%2Fmagazine%2Fthe-secret-to-solar-power.html%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fondeadline%2Fpost%2F2012%2F08%2Fpoisoned-oaks-strong-enough-for-auburns-victory-papering%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fonpolitics%2Fpost%2F2012%2F08%2Fmarco-rubio-vice-president-chris-christie-cnn-poll%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fnews%2Fhealth%2Fstory%2F2012-08-09%2Fswine-flu-cases%2F56915084%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fweather%2Fdrought%2Fstory%2F2012-08-09%2Fdrought-hydropower-Midwest-Plains%2F56920252%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fondeadline%2Fpost%2F2012%2F08%2Fla-seeks-to-ban-ticket-scalpers-from-big-venues%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Ftheoval%2Fpost%2F2012%2F08%2Fcnn-poll-obama-52-romney-45%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fnews%2Fnation%2Fstory%2F2012-08-09%2Fmayor-jail-grant%2F56918878%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fonpolitics%2Fpost%2F2012%2F08%2Fdemocrats-bus-tour-mitt-romney-swing-states-%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fnews%2Fworld%2Fstory%2F2012-08-09%2Fphilippines-floods%2F56918230%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Ftheoval%2Fpost%2F2012%2F08%2Ftrump-upset-over-appearance-in-pro-obama-ad%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fnews%2Fworld%2Fstory%2F2012-08-09%2Fjapan-nagasaki-anniversary%2F56915846%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fondeadline%2Fpost%2F2012%2F08%2Famerican-sunscapes-clarks-hill-sc%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.usatoday.com%2Fnews%2Fnation%2Fstory%2F2012-08-09%2Fsikhs-return-temple%2F56915166%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Ftheoval%2Fpost%2F2012%2F08%2Fobama-i-will-be-outspent-this-election%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fcontent.usatoday.com%2Fcommunities%2Fondeadline%2Fpost%2F2012%2F08%2Flawyer-cites-colo-shooting-suspects-mental-illness%2F1%3Fcsp%3D34news%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2Facid-attacks-rising-in-colombia%2F2012%2F08%2F03%2Fe8c85528-c843-11e1-9634-0dcc540e7171_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fhumble-taco-is-subject-of-new-research%2F2012%2F08%2F03%2F3beaef00-db8f-11e1-8ad1-909913931f71_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2Fdefining-mexicos-middle-class%2F2012%2F07%2F23%2FgJQAtut54W_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2F2012%2F07%2F22%2FgJQAMdtD3W_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2Fmexicos-congress-presents-the-unpresentable-ones%2F2012%2F07%2F13%2FgJQAYj6piW_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2Fsenate-report-says-mexico-must-focus-on-cops-and-courts-not-army%2F2012%2F07%2F11%2FgJQAufLudW_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fthe_americas%2Fin-mexico-city-the-left-extends-its-reign%2F2012%2F07%2F07%2FgJQApJFrUW_story.html%3Fwprss%3Drss_americas%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fnational%2Freport_warned_that_loughner_condition_RXXTGNzChS4oOdPkjDRepN%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20National%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fnj_towns_turn_down_jersey_shore_vOpItBvTXsWJGjVLBfsA5O%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Local%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fwarner_music_loss_narrows_as_digital_FLUVFKkZuuYFmuVnAdxTnM%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Business%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fbrooklyn%2Flevi_aron_pleads_guilty_to_abducting_N1bBQRvULB23tKzUVRtzHL%3Futm_medium%3Drss%26utm_content%3DBrooklyn%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fmanhattan%2Fcalvin_klein_former_boy_toy_accompanied_vG1ueSdubl7hlI295t5uFO%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20%20%20Manhattan%20%20%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Finternational%2Fglitch_al_airlines_to_honor_tickets_nqXjp6Glh2aOZV75v0sKsM%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20International%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fnj_gov_rejects_halfway_house_oversight_Tqi8WBnqorR9bGfVwQ5epI%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Local%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fnational%2Fmars_rover_sends_back_st_degree_TGGTgNCOd0PYsBlJ1N5y7N%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20National%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fap_source_ex_sachs_programmer_charged_l9JzZ1ctWq7iorPPUICHmM%3Futm_medium%3Drss%26utm_content%3DBusiness%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fnational%2Fpenn_state_trustees_to_meet_over_vAKiwzufTkGYu7Et7V2E3N%3Futm_medium%3Drss%26utm_content%3DNational%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Flawyer_son_dad_in_faked_death_case_vWvddADg15gnKVLdcCFSCL%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Local%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fbilly_crystal_writing_book_on_aging_XCnlGkyBHyKlJIgFfDzYaO%3Futm_medium%3Drss%26utm_content%3DLocal%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fmayor_bloomberg_lifts_ban_on_free_dFn5cKLPtPRzLdZOchn6kO%3Futm_medium%3Drss%26utm_content%3DLocal%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fleader_of_american_airlines_pilots_Lm20xzRH1duKkIpJX7gJhL%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Business%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fmanhattan%2Ftaxi_injures_kids_in_central_park_76oSXD09VxkiF2eB4zXefL%3Futm_medium%3Drss%26utm_content%3DManhattan%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fgoogle_agrees_to_pay_record_fine_bEdSVHwLOm3YggyJhdvFIN%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Business%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Flocal%2Fromney_says_new_york_election_going_Z98t2PUAZN6wUHlFzDhSNL%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Local%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fnational%2Fmodel_who_lost_left_eye_in_airplane_bsTpUfxlU7o0Yb5Yq3EqiK%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20National%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fgoldman_sachs_securities_selling_J9AjbWP39gqQYWISDGAAtN%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Business%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.nypost.com%2Fp%2Fnews%2Fbusiness%2Fmore_than_million_hazard_dishwashers_zw33jIhl9N2C12RjyRj1OL%3Futm_medium%3Drss%26utm_content%3D%20%20%20%20%20%20%20%20Business%20%20%20%20%20%20%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F06%2F18%2F2855731%2Fwife-to-zimmerman-jail-calls.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2789774%2Fmiami-beach-officials-expect-resignation.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2790178%2Fmiami-heat-looks-to-stay-tough.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2789942%2Fgop-fumbles-hispanic-outreach.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2789965%2Fgov-rick-scotts-top-advisor-arranged.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2789495%2Fum-laying-off-800.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F08%2F2790161%2F23-pro-union-protesters-arrested.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2788571%2Fjurors-will-deliberate-tuesday.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2787808%2Fjury-selection-begins-in-murder.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F04%2F2787774%2Fcolombia-bar-at-center-of-secret.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2788228%2Funivision-abc-news-to-team-up.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2788556%2Fjackson-health-system-quality.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2788488%2Fkey-biscayne-man-in-fatal-cyclist.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2787147%2Fmiami-heat-falls-to-new-york-knicks.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F05%2F2784943%2Ffeds-fear-medicare-fraud-suspect.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F06%2F2787106%2Fnew-play-for-parks-in-hallandale.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F06%2F2786539%2F911-defense-attorneys-call-guantanamo.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2783602%2Fkelly-bensimon-wants-to-make-you.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F07%2F2787149%2Fmiami-marlins-top-san-diego-padres.html%22%3A0%2C%22http%3A%2F%2Fwww.miamiherald.com%2F2012%2F05%2F03%2F2782229%2Fmiami-dolphins-ryan-tannehill.html%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7062908%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7063445%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7060407%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7061015%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7061148%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7060672%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7060737%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7060326%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7060007%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7058600%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7058144%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7059862%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7058052%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7054369%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7054990%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7054592%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7054145%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7054058%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7057338%22%3A0%2C%22tag%3Awww.montrealgazette.com%3Acontent%3D7055192%22%3A0%2C%2233814511344528420%22%3A0%2C%2233814461344528240%22%3A0%2C%2233813281344522480%22%3A0%2C%2233813271344522240%22%3A0%2C%2233813251344522060%22%3A0%2C%2233813241344521700%22%3A0%2C%2233813221344521460%22%3A0%2C%2233812791344519600%22%3A0%2C%2233812481344518520%22%3A0%2C%2233811111344512340%22%3A0%2C%2233805931344465420%22%3A0%2C%2233802661344449280%22%3A0%2C%2233802811344448980%22%3A0%2C%2233799231344431700%22%3A0%2C%2233798891344429480%22%3A0%2C%2233800751344428400%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18914449%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18913924%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18914952%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18914380%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19199402%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18913470%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19203228%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18914439%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fgolf%2F19196323%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19090499%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fathletics%2F19202411%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18913411%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F19194104%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Frugby-union%2F19195208%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18914350%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ftennis%2F19203362%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F19199719%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19196349%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18913382%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19195276%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19194974%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19189499%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19090493%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F18913686%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19186547%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19196773%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19192252%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19197486%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19048370%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19181196%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19179259%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19074394%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Ffootball%2F19074400%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F19157190%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Folympics%2F19116616%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19183540%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19185902%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19195339%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19195504%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19194201%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19195498%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19195333%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19200961%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19177019%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19182236%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19182523%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19184788%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19185523%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19167580%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19138968%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19201498%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19197065%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19181119%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fsport%2F0%2Fcricket%2F19156890%22%3A0%2C%22http%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Fuk-england-manchester-19169583%22%3A0%2C%2227f882e7b94a991c613bb24b37a4ea3a%22%3A0%2C%220c4f658d3e6d5a3acd5e9ac320ff27cc%22%3A0%2C%2245683f52fc34b5bac80e2af81fb034ce%22%3A0%2C%225e7ea7f8610c2ef20f1f6484cfa61635%22%3A0%2C%225fbfbdb1f4ee0c11a81c53169099ba08%22%3A0%2C%22f767751f93da6641db114125f5db6c5b%22%3A0%2C%2200567ec93bae88647d44fb0a03812234%22%3A0%2C%2247bfea8c7e15118ee4a27ad2a06e8c03%22%3A0%2C%22ba066f8b50e2cf3c88f06dacf9c66d5f%22%3A0%2C%2269595a94d3f0c31ee73b271aabdb8341%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18093%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18077%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18066%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18062%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18058%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18050%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18046%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18042%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18037%22%3A0%2C%22http%3A%2F%2Fwww.viprumor.com%2F%3Fp%3D18026%22%3A0%2C%22b336790%22%3A0%2C%22b336768%22%3A0%2C%22b336805%22%3A0%2C%22b336789%22%3A0%2C%22b336743%22%3A0%2C%22b336791%22%3A0%2C%22b336748%22%3A0%2C%22b336741%22%3A0%2C%22b336759%22%3A0%2C%22b336761%22%3A0%2C%22b336664%22%3A0%2C%22b336701%22%3A0%2C%22b336709%22%3A0%2C%22b336679%22%3A0%2C%22b336695%22%3A0%2C%22b336680%22%3A0%2C%22b336681%22%3A0%2C%22b336673%22%3A0%2C%22b336685%22%3A0%2C%22b336659%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625478%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625678%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625715%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625716%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625555%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625701%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D613589%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625637%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625656%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625619%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625598%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625529%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625579%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625512%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625508%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625483%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625489%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625465%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625421%22%3A0%2C%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625097%22%3A0%2C%22google-agrees-record-22-5m-fine-privacy-154303160--finance%22%3A0%2C%22t-mobile-loses-subscribers-smartphones-flat-144224609--finance%22%3A0%2C%22multimillion-dollar-verdict-against-rim-overturned-154612858%22%3A0%2C%22blogs%2Ftechnology-blog%2Fouya-game-console-snags-8-5-million-kickstarter-174046003%22%3A0%2C%22blogs%2Ftechnology-blog%2Folympic-swimmer-ryan-lochte-gets-gold-medal-gold-173549931%22%3A0%2C%22zynga-launches-gems-friends-171457686%22%3A0%2C%22facebook-pressured-remove-page-deemed-racist-073133354--finance%22%3A0%2C%22google-peoples-gmail-search-results-181508036--finance%22%3A0%2C%22facebook-email-address-phishing-scams-143522951%22%3A0%2C%22tech%2Farticles%2F12553-fresh-iphone-apps-for-august-9-pitfall-tm-trigger-fist-ocarina-2%22%3A0%2C%22biographical-details-yahoo-ceo-marissa-mayer-212356268--finance%22%3A0%2C%22key-events-involving-yahoo-performance-214550136%22%3A0%2C%22news-summary-google-fined-22-5m-privacy-213336023--finance%22%3A0%2C%22google-fined-22-5m-latest-privacy-breakdown-213128718--finance%22%3A0%2C%22look-telecom-industry-subscriber-reports-230208847%22%3A0%2C%22subscriber-data-internet-providers-161133168--finance%22%3A0%2C%22financial-reports-reveal-movie-studios-205410834--finance%22%3A0%2C%22yahoo-ceo-mulling-possible-changes-strategy-211915488--finance%22%3A0%2C%22fusion-io-stock-jumps-strong-4q-results-211856706--finance%22%3A0%2C%223349416%22%3A0%2C%223348529%22%3A0%2C%223348491%22%3A0%2C%22300832%22%3A0%2C%223350367%22%3A0%2C%2243961%22%3A0%2C%2237439%22%3A0%2C%223350243%22%3A0%2C%2248866%22%3A0%2C%2261696%22%3A0%2C%2231474%22%3A0%2C%225203%22%3A0%2C%2291540%22%3A0%2C%2214613%22%3A0%2C%2221450%22%3A0%2C%2268384%22%3A0%2C%223331903%22%3A0%2C%2270205%22%3A0%2C%2268465%22%3A0%2C%2237615%22%3A0%2C%223350369%22%3A0%2C%2260984%22%3A0%2C%2215893%22%3A0%2C%22317842%22%3A0%2C%226218%22%3A0%2C%22319934%22%3A0%2C%223341274%22%3A0%2C%223340133%22%3A0%2C%2237788%22%3A0%2C%223348408%22%3A0%2C%22321359%22%3A0%2C%2222535%22%3A0%2C%223349509%22%3A0%2C%223348521%22%3A0%2C%2218137%22%3A0%2C%2214373%22%3A0%2C%2216601%22%3A0%2C%2291752%22%3A0%2C%2282988%22%3A0%2C%22191473%22%3A0%2C%223336134%22%3A0%2C%2264437%22%3A0%2C%2249169%22%3A0%2C%2265466%22%3A0%2C%2276460%22%3A0%2C%2248028%22%3A0%2C%2254577%22%3A0%2C%2272034%22%3A0%2C%2227297%22%3A0%2C%2234876%22%3A0%2C%2229335%22%3A0%2C%2225228%22%3A0%2C%2294187%22%3A0%2C%2244808%22%3A0%2C%2280436%22%3A0%2C%2278439%22%3A0%2C%2235883%22%3A0%2C%2280812%22%3A0%2C%2269039%22%3A0%2C%2215023%22%3A0%2C%22334509%22%3A0%2C%223336209%22%3A0%2C%22329255%22%3A0%2C%223343746%22%3A0%2C%22333651%22%3A0%2C%22329256%22%3A0%2C%22329379%22%3A0%2C%22334511%22%3A0%2C%22334510%22%3A0%2C%22333809%22%3A0%2C%22329905%22%3A0%2C%22329378%22%3A0%2C%22329381%22%3A0%2C%2256108%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhow-to-use-google-translates-camera-translation%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fpulse-turns-its-mobile-newsreader-into-a-beautiful-web-app%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhow-to-delete-comments-and-captions-on-instagram%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhow-to-set-up-google-2-step-verification%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fsteam-to-start-offering-non-gaming-apps%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fwindows-8-guide-touch-commands%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fwindows-essentials-2012-available-today%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fyoutube-and-google-maps-removed-from-ios-6-by-apple%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fget-candybar-for-mac-free%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fmicrosoft-office-store-opens-in-beta%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Flike-slender-then-try-slenderman%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fgoogle-wallet-and-the-long-road-ahead%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Ffive-free-and-terrifying-alternatives-to-slender%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhow-to-change-the-color-of-facebook%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Funlimited-radio-streaming-on-spotify-comes-to-us-android-users%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fminecraft-1-3-1-update-now-with-demo-mode%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fgiveaway-iobit-advanced-system-care%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhands-on-preview-hotmail-com-turns-into-outlook-com%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fhow-to-take-screenshots-with-android-4-0-and-higher%22%3A0%2C%22http%3A%2F%2Fonsoftware.en.softonic.com%2Fwindows-8-guide-how-to-control-windows-8-with-a-mouse-and-keyboard%22%3A0%7D");

user_pref("CT2704262.RSSapp2704262a129531303481232105000000cat3", "%5B%7B%22type%22%3A%22rss%22%2C%22version%22%3A%222.0%22%2C%22title%22%3A%22TechCrunch%22%2C%22link%22%3A%22http%3A%2F%2Ftechcrunch.com%22%2C%22description%22%3A%22TechCrunch%20is%20a%20group-edited%20blog%20that%20profiles%20the%20companies%2C%20products%20and%20events%20defining%20and%20transforming%20the%20new%20web.%22%2C%22language%22%3A%22en%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2022%3A05%3A17%20%2B0000%22%2C%22items%22%3A%5B%7B%22title%22%3A%22TechCrunch%20Disrupt%20SF%20Hackathon%20%E2%80%93%20Judges%20Announced%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FBc7cyptytjs%2F%22%2C%22description%22%3A%22Howdy%20all.%20We're%20a%20month%20away%20from%20the%20fourth%20annual%20TechCrunch%20Disrupt%20SF%20Hackathon.To%20meet%20the%20demand%2C%20we're%20releasing%20more%20tickets%20to%20the%20public.%20If%20you%20haven't%20already%20gotten%20your%20ticket%2C%20go%20get%20one%20now.%20This%20will%20be%20sold%20out.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2022%3A02%3A55%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625478%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Ftcdisrupt_web-001-4.jpeg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FBc7cyptytjs%2F%22%2C%22share_text%22%3A%22TechCrunch%2520Disrupt%2520SF%2520Hackathon%2520%25E2%2580%2593%2520Judges%2520Announced%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A0%7D%2C%7B%22title%22%3A%22Back%20To%20School%3A%205%20Apps%20That%20Will%20Make%20You%20Fall%20(Even%20More)%20In%20Love%20With%20Your%20Phone%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FGfoAyXxND0U%2F%22%2C%22description%22%3A%22You're%20heading%20off%20to%20college.%20You%20have%20no%20idea%20that%20the%20next%20four%20years%20of%20fun%20will%20fly%20by%2C%20likely%20leaving%20you%20jobless%20and%20in%20debt.%20You're%20unconcerned%20with%20nonsense%20like%20that%20%26%238212%3B%20you're%20ready%20to%20achieve%20your%20dreams!%20You're%20ready%20to%20party!%20You're%20ready%20to%20meet%20your%20mate%20in%20life!%20But%20before%20you%20pack%20up%20the%20family%20van%20full%20of%20clothes%2C%20collapsible%20IKEA%20furniture%20and%20school%20supplies%2C%20there's%20one%20thing%20you%20can't%20forget%20to%20pack%3A%20your%20trusty%20smartphone.%20It's%20the%20one%20thing%20that%20no%20college%20student%20%26%238212%3B%20not%20a%20drama%20geek%20nor%20homecoming%20queen%2C%20not%20a%20stoner%20nor%20a%20virgin%20%26%238212%3B%20can%20live%20without.%20And%20as%20we%20all%20know%2C%20apps%20are%20the%20life%20blood%20of%20a%20smartphone%20(aside%20from%20electricity).%20All%20that%20said%2C%20these%20are%20the%20ones%20you'll%20come%20to%20know%2C%20love%2C%20and%20use%20every%20day%20as%20your%20pursue%20your%20dreams%20of%20higher%20education.%20%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2022%3A01%3A23%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625678%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fbacktoschool12c4111.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FGfoAyXxND0U%2F%22%2C%22share_text%22%3A%22Back%2520To%2520School%253A%25205%2520Apps%2520That%2520Will%2520Make%2520You%2520Fall%2520(Even%2520More)%2520In%2520Love%2520With%2520Your%2520Phone%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A1%7D%2C%7B%22title%22%3A%22Microsoft%E2%80%99s%20New%20Bing%20Fund%20Announces%20Its%20First%20Two%20Companies%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FjzS21PVGvMk%2F%22%2C%22description%22%3A%22Just%20about%20a%20month%20ago%2C%20Microsoft%20officially%20announced%20its%20Bing%20Fund%20angel%20fund%20and%20incubator%20program.%20Today%2C%20Bing%20Fund%20announced%20that%20it%20has%20enrolled%20its%20first%20two%20companies%3A%20app%20development%20service%20Buddy%20and%20Pinion%2C%20an%20advertising%20service%20with%20a%20focus%20on%20gaming%20communities.%20Both%20companies%20hail%20from%20Microsoft's%20own%20home%20state%20of%20Washington%20and%20will%2C%20among%20other%20things%2C%20get%20subsidized%20use%20of%20Bing's%20APIs%2C%20mentorship%2C%20funding%20and%20access%20to%20co-working%20space%20in%20Bellevue%2C%20WA%20where%20Microsoft%E2%80%99s%20Online%20Services%20Division%20is%20located.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2021%3A22%3A51%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625715%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F07%2F6644-b-fund-logo_3669b89f.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FjzS21PVGvMk%2F%22%2C%22share_text%22%3A%22Microsoft%25E2%2580%2599s%2520New%2520Bing%2520Fund%2520Announces%2520Its%2520First%2520Two%2520Companies%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A2%7D%2C%7B%22title%22%3A%22Chinese%20Manufacturers%2C%20Carriers%20And%20Developers%20Form%20An%20Alliance%20To%20Block%20Apple%E2%80%99s%20Siri%20In%20China%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FB1IyxV83pEs%2F%22%2C%22description%22%3A%22Chinese%20companies%20don't%20view%20Siri%20in%20a%20favorable%20light%2C%20hence%20the%20creation%20of%20the%20Speech%20Industry%20Alliance%20of%20China%20(SIAC).%20They%20are%20willing%20to%20offer%20an%20alternative%20that%20is%20supposed%20to%20work%20better%20with%20Mandarin%20and%20Cantonese.%20In%20fact%2C%20iOS%206%20will%20include%20a%20new%20version%20of%20Siri%20that%20understands%20and%20speaks%20Mandarin%20and%20Cantonese.%20It%20is%20a%20threat%20for%20Chinese%20mobile%20phone%20manufacturers%2C%20carriers%20and%20speech%20recognition%20software%20developers%20and%20it%20needs%20to%20be%20addressed.One%20of%20the%20key%20points%20behind%20that%20new%20strategy%20is%20that%20developing%20speech%20recognition%20for%20multi-tone%20oriental%20languages%20is%20very%20hard.%20Apparently%2C%20according%20to%20early%20tests%20of%20Mandarin%20and%20Cantonese%20support%20in%20iOS%206%20beta%2C%20it%20is%20still%20lacking%20and%20the%20alliance%20hopes%20to%20take%20advantage%20of%20that.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2021%3A05%3A34%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625716%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fsirichina.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FB1IyxV83pEs%2F%22%2C%22share_text%22%3A%22Chinese%2520Manufacturers%252C%2520Carriers%2520And%2520Developers%2520Form%2520An%2520Alliance%2520To%2520Block%2520Apple%25E2%2580%2599s%2520Siri%2520In%2520China%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A3%7D%2C%7B%22title%22%3A%22Felix%20Baumgartner%E2%80%99s%20Free-fall%20From%20120%2C000%20Feet%20Pushed%20Back%20To%20October%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3UbKVeJkCTY%2F%22%2C%22description%22%3A%22Felix%20Baumgartner%20and%20the%20Red%20Bull%20Stratos%20team%20will%20have%20to%20wait%20a%20little%20longer%20to%20leap%20from%20the%20edge%20of%20space.%20After%20a%20successful%20second%20test%20jump%20from%20over%2096%2C000%20feet%20last%20month%2C%20Red%20Bull%20announced%20today%20that%20Baumgartner's%20final%20jump%20from%20120%2C000%20feet%20has%20been%20pushed%20back%20to%20October.%20Originally%20scheduled%20for%20this%20summer%2C%20the%20capsule%20that%20carried%20the%20famed%20BASE%20jumper%20during%20his%2090-minute%20ascent%20suffered%20damage%20after%20landing%20on%20some%20rough%20terrain.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2020%3A57%3A54%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625555%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fp-20120809-00053_hires-jpeg-24bit-rgb.jpg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3UbKVeJkCTY%2F%22%2C%22share_text%22%3A%22Felix%2520Baumgartner%25E2%2580%2599s%2520Free-fall%2520From%2520120%252C000%2520Feet%2520Pushed%2520Back%2520To%2520October%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A4%7D%2C%7B%22title%22%3A%22Snailmail%20Photos%20To%20Friends%20With%20Facebook%E2%80%99s%20New%20Postcards%20Feature%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F4QIxD6jFJ-k%2F%22%2C%22description%22%3A%22In%20what%20could%20blossom%20into%20an%20ecommerce%20opportunity%2C%20Facebook%20is%20testing%20a%20new%20%5C%22Mail%20A%20Postcard%5C%22%20feature%20powered%20by%20Sincerely%20that%20lets%20you%20choose%20one%20of%20your%20photos%2Cand%20have%20Facebook%20send%20it%20to%20a%20friend%20as%20a%20postcard%20--%20in%20real%20life.%20You%20can%20add%20a%20message%20that%20will%20appear%20on%20the%20back%2C%20and%20also%20mail%20friends%20prints%20of%20their%20own%20photos.%20The%20sender%20is%20charged%20a%20small%20fee%2C%20and%20Facebook%20is%20trying%20out%20a%20few%20different%20price%20points.Though%20built%20as%20a%20spur-of-the-moment%20Hackathon%20project%2C%20if%20Facebook%20rolls%20out%20Mail%20A%20Postcard%20it%20could%20give%20users%20a%20new%20reason%20to%20upload%20and%20interact%20with%20photos%2C%20plus%20earn%20the%20social%20network%20a%20little%20money%20too.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2019%3A56%3A23%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625701%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Ffacebook-mail-a-postcard.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F4QIxD6jFJ-k%2F%22%2C%22share_text%22%3A%22Snailmail%2520Photos%2520To%2520Friends%2520With%2520Facebook%25E2%2580%2599s%2520New%2520Postcards%2520Feature%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A5%7D%2C%7B%22title%22%3A%22%E2%80%9CIn%20the%20Studio%2C%E2%80%9D%20Naval%20Ravikant%20Offers%20a%20Glimpse%20into%20AngelList%E2%80%99s%20Roadmap%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3AdcMA7Zd10%2F%22%2C%22description%22%3A%22%5C%22In%20the%20Studio%5C%22%20rolls%20into%20the%20dog%20days%20of%20summer%20by%20welcoming%20a%20guest%20who%2C%20originally%20trained%20in%20computer%20science%2C%20went%20on%20to%20found%20a%20large%20consumer%20website%2C%20worked%20in%20venture%20capital%20on%20Sand%20Hill%20Road%2C%20and%20after%20helping%20out%20his%20would-be%20business%20partner%20learn%20the%20ropes%20of%20%5C%22hacking%5C%22%20the%20fundraising%20process%2C%20set%20out%20on%20a%20journey%20to%20build%20what%20a%20platform%20for%20startup%20investing%20and%20other%20related%20activities%20that%20has%20been%20gaining%20momentum%20and%20strength%20over%20the%20past%20few%20years.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2019%3A00%3A31%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D613589%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fscreen-shot-2012-08-07-at-5-14-59-pm.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3AdcMA7Zd10%2F%22%2C%22share_text%22%3A%22%25E2%2580%259CIn%2520the%2520Studio%252C%25E2%2580%259D%2520Naval%2520Ravikant%2520Offers%2520a%2520Glimpse%2520into%2520AngelList%25E2%2580%2599s%2520Roadmap%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A6%7D%2C%7B%22title%22%3A%22EXCLUSIVE%3A%20Area%20Woman%20Reads%20Newspaper%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2Fd-DJEUGKtSw%2F%22%2C%22description%22%3A%22While%20we%20usually%20bring%20you%20photos%20of%20the%20iPhone%205%C2%A0or%20Google%20Glass%20spotted%20in%20the%20wild%2C%20I%E2%80%99ve%20seen%20something%20much%20more%20rare.This%20morning%2C%20I%20saw%20a%20woman%20reading%20words%20on%20printed%20paper.This%20is%20the%20most%20disruptive%20thing%20since%20Dalton%20Caldwell%E2%80%99s%20last%20bowel%20movement.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2018%3A54%3A32%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625637%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fphoto-3.jpg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2Fd-DJEUGKtSw%2F%22%2C%22share_text%22%3A%22EXCLUSIVE%253A%2520Area%2520Woman%2520Reads%2520Newspaper%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A7%7D%2C%7B%22title%22%3A%22The%20Hovis%20Eco%20Is%20A%20Robot%20That%20Can%20Dance%2C%20Do%20Martial%20Arts%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FfNlzLaFE3lM%2F%22%2C%22description%22%3A%22It's%20a%20little%20known%20fact%20that%20Isaac%20Asimov's%20Three%20Laws%20of%20Robotics%20is%20missing%20a%20law%3A%20The%20robot%20shall%20be%20able%20to%20do%20Tai%20Chi.%20Thankfully%2C%20there's%20the%20Hovis%20Eco%2C%20a%20tiny%2C%20plastic-clad%20humanoid%20robot%20by%20Dongbu%20Robot.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2018%3A13%3A45%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625656%22%2C%22img%22%3Anull%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FfNlzLaFE3lM%2F%22%2C%22share_text%22%3A%22The%2520Hovis%2520Eco%2520Is%2520A%2520Robot%2520That%2520Can%2520Dance%252C%2520Do%2520Martial%2520Arts%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A8%7D%2C%7B%22title%22%3A%22Facebook%20Courts%20Small%20Business%20Dollars%20With%20Easy%20Social%20Ad%20Campaign%20Creation%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3oS3uVRoGts%2F%22%2C%22description%22%3A%22Facebook%20says%20it's%20testing%20a%20redesign%20of%20its%20ad%20creator%20tool%20that%20will%20give%20more%20guidance%20to%20advertisers%20as%20they%20create%20their%20campaigns%20%E2%80%94%20specifically%20by%20helping%20them%20find%20the%20right%20mix%20of%20Facebook%20ads%20and%20Sponsored%20Stories%20to%20achieve%20their%20stated%20objectives.You%20can%20see%20a%20screenshot%20of%20the%20new%20workflow%20below.%20(Yes%2C%20it's%20a%20looooong%20screenshot%2C%20but%20that%20means%20you%20can%20see%20the%20whole%20thing.)%20As%20shown%2C%20the%20small%20businesses%20and%20others%20who%20use%20Facebook's%20self-serve%20tool%20start%20out%20by%20specifying%20what%20they're%20hoping%20to%20accomplish%20with%20a%20given%20campaign%2C%20whether%20it's%20specifically%20getting%20more%20Page%20likes%20or%20promoting%20Page%20posts%20(they%20can%20also%20take%20a%20more%20nuanced%20approach%20by%20choosing%20%5C%22advanced%20options%5C%22).%20Once%20advertisers%20have%20identified%20their%20goal%2C%20the%20ad%20creator%20will%20recommend%20a%20combination%20of%20ads%20and%20Sponsored%20Stories%20to%20achieve%20that%20objective.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2017%3A43%3A44%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625619%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Ffacebook-ads.jpeg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F3oS3uVRoGts%2F%22%2C%22share_text%22%3A%22Facebook%2520Courts%2520Small%2520Business%2520Dollars%2520With%2520Easy%2520Social%2520Ad%2520Campaign%2520Creation%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A9%7D%2C%7B%22title%22%3A%22Google%20Translate%20For%20Android%20Gets%20Pumped%20Up%20With%20Picture%20Translations%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FJ5t6Gj3ze8s%2F%22%2C%22description%22%3A%22As%20is%20their%20wont%2C%20the%20folks%20at%20Google%20pushed%20out%20a%20nifty%20new%20update%20for%20its%20Translate%20for%20Android%20app%20earlier%20today%2C%20and%20it%20packs%20a%20handful%20of%20new%20goodies%20for%20the%20lexically%20inquisitive%20to%20play%20with.The%20feature%20that's%20gotten%20the%20most%20love%20is%20the%20app's%20new%20camera%20support%20(seen%20above).%20Curious%20users%20can%20snap%20photos%20of%20foreign%20text%20from%20directly%20within%20Google%20Translate%2C%20and%20furiously%20swipe%20their%20fingers%20over%20the%20specific%20tidbits%20to%20be%20translated.%20%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2017%3A30%3A32%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625598%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fcameratranslate.jpg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FJ5t6Gj3ze8s%2F%22%2C%22share_text%22%3A%22Google%2520Translate%2520For%2520Android%2520Gets%2520Pumped%2520Up%2520With%2520Picture%2520Translations%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A10%7D%2C%7B%22title%22%3A%2210%20Million%20Views%2C%20%E2%80%98Political%20Prostitution%E2%80%99%20Video%20Shows%20Content%20Pirates%20Aren%E2%80%99t%20Terrorists%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2Fa06sastkyic%2F%22%2C%22description%22%3A%22A%20professionally%20produced%20anti-entertainment%20lobby%20video%20has%20already%20garnered%2010%20million%20views%20for%20illustrating%20why%20movie%20pirates%20shouldn't%20be%20treated%20like%20terrorists.%20Political%20Prostitution%2C%20a%20new%20website%20backed%20by%20anonymous%20donors%2C%20argues%20that%20the%20commando-style%20raids%20of%20piracy%20websites%20is%20driven%20by%20congressional%20corruption%2C%20bought%20by%20the%20entertainment%20lobby.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2017%3A23%3A04%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625529%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fscreenshot.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2Fa06sastkyic%2F%22%2C%22share_text%22%3A%2210%2520Million%2520Views%252C%2520%25E2%2580%2598Political%2520Prostitution%25E2%2580%2599%2520Video%2520Shows%2520Content%2520Pirates%2520Aren%25E2%2580%2599t%2520Terrorists%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A11%7D%2C%7B%22title%22%3A%22Google%20Settles%20With%20FTC%2C%20Agrees%20To%20Pay%20%2422.5M%20Penalty%20For%20Bypassing%20Safari%20Privacy%20Settings%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F5caL7J5yx90%2F%22%2C%22description%22%3A%22Google%20today%20agreed%20to%20pay%20%2422.5%20million%20to%20settle%20a%20Federal%20Trade%20Commission%20(FTC)%20charge%20that%20it%20bypassed%20Safari's%20privacy%20settings%20to%20serve%20targeted%20ads%20to%20consumers.%20Google%20placed%20these%20cookies%20on%20Safari%20users'%20computers%2C%20despite%20the%20fact%20that%2C%20as%20the%20FTC%20notes%2C%20%5C%22Google%20had%20previously%20told%20these%20users%20they%20would%20automatically%20be%20opted%20out%20of%20such%20tracking%2C%20as%20a%20result%20of%20the%20default%20settings%20of%20the%20Safari%20browser%20used%20in%20Macs%2C%20iPhones%20and%20iPads.%5C%22%20This%2C%20according%20to%20the%20FTC%2C%20was%20in%20direct%20violation%20of%20the%20earlier%20privacy%20settlement%20between%20Google%20and%20the%20FTC.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2017%3A17%3A08%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625579%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fgoogle_logo.jpeg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F5caL7J5yx90%2F%22%2C%22share_text%22%3A%22Google%2520Settles%2520With%2520FTC%252C%2520Agrees%2520To%2520Pay%2520%252422.5M%2520Penalty%2520For%2520Bypassing%2520Safari%2520Privacy%2520Settings%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A12%7D%2C%7B%22title%22%3A%22Using%20The%20iPhone%E2%80%99s%20Front-Facing%20Camera%2C%20Cardiio%20Measures%20Your%20Heartrate%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FxXA5bVqC2v0%2F%22%2C%22description%22%3A%22It's%20still%20relatively%20early%20in%20mobile%20health%2C%20although%20there%20are%20glucose%20monitors%20that%20can%20be%20tacked%20onto%20iPhones%2C%20heart%20rate%20and%20sleep%20monitoring%20apps%20and%20of%20course%2C%20plenty%20of%20exercise%20and%20diet-tracking%20products.Now%20that%20many%20basic%20product%20concepts%20have%20been%20laid%20out%2C%20it's%20time%20for%20iteration.%20Enter%20Cardiio%2C%20a%20startup%20and%20graduate%20of%20the%20Rock%20Health%20incubator.%20Founded%20by%20a%20team%20of%20Ph.Ds%20out%20of%20MIT's%20Media%20Lab%2C%20the%20company%20has%20built%20a%20%244.99%20heart%20rate%20monitoring%20app%20that%20doesn't%20require%20you%20to%20touch%20the%20iPhone's%20camera.%C2%A0It%20actually%20doesn't%20require%20any%20contact%20aside%20from%20holding%20the%20phone%20so%20that%20the%20front-facing%20camera%20captures%20your%20face.%C2%A0From%20that%2C%20Cardiio's%20sensors%20can%20pick%20up%20minute%20changes%20in%20the%20color%20of%20your%20face%20that%20indicate%20heart%20rate.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2017%3A00%3A15%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625512%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fcardiio.jpeg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FxXA5bVqC2v0%2F%22%2C%22share_text%22%3A%22Using%2520The%2520iPhone%25E2%2580%2599s%2520Front-Facing%2520Camera%252C%2520Cardiio%2520Measures%2520Your%2520Heartrate%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A13%7D%2C%7B%22title%22%3A%22Skyscrpr%20Makes%20Direct%20Ad%20Sales%20Easier%20For%20Bloggers%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FGjlOZaqIFr4%2F%22%2C%22description%22%3A%22Selling%20ads%20online%20isn't%20easy%20and%20unless%20you%20have%20a%20site%20with%20a%20large%20audience%2C%20chances%20are%20you%20the%20major%20advertising%20networks%20aren't%20interested%20in%20working%20with%20you.%20Direct%20ad%20sales%20are%20often%20an%20attractive%20option%20for%20smaller%20blogs%20and%20online%20publications%2C%20but%20managing%20them%20can%20be%20a%20major%20hassle.%20Skyscrpr%2C%20a%20new%20startup%20launching%20out%20of%20Vancouver's%20GrowLab%20accelerator%20today%2C%20wants%20to%20make%20direct%20ad%20sales%20easy%20for%20publishers.%20As%20the%20company's%20co0-founder%20Paul%20Burger%20told%20me%20yesterday%2C%20SkyScrpr%20wants%20to%20take%20the%20hassle%20out%20of%20direct%20ad%20sales%20and%20let%20publishers%20focus%20on%20creating%20content.%20The%20service%20offers%20a%20very%20well%20designed%20and%20easy%20to%20use%20drag%20and%20drop%20interface%20to%20set%20up%20ad%20units%20on%20your%20site.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A30%3A39%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625508%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fskyscrpr-logo.jpg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FGjlOZaqIFr4%2F%22%2C%22share_text%22%3A%22Skyscrpr%2520Makes%2520Direct%2520Ad%2520Sales%2520Easier%2520For%2520Bloggers%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A14%7D%2C%7B%22title%22%3A%22MacKenzie%20%26%20Marr%20Bring%20Guitar-making%20Into%20The%2021st%20Century%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FwL9Ju-KgTYc%2F%22%2C%22description%22%3A%22Guitar-making%20is%20a%20noble%20and%20beautiful%20art%20and%20it's%20high%20time%20luthiers%20started%20thinking%20about%20the%20web.%20MacKenzie%20%26%2338%3B%20Marr%20is%20a%20tiny%20company%20in%20Quebec%20that%20designs%20and%20hand%20makes%20relatively%20inexpensive%20but%20amazingly%20handsome%20guitars.%20While%20they%20do%20outsource%20much%20of%20the%20manufacturing%20to%20China%2C%20there%20is%20not%20a%20single%20robot%20involved%20in%20the%20building%20of%20their%20cedar-top%20git-fiddles%20and%20guitarists%20can%20order%20their%20handsome%20axes%20with%20a%20few%20button-clicks.Why%20did%20the%20boys%20go%20online%3F%20%5C%22The%20music%20business%20is%20the%20worst%20distribution%20channel%20imaginable.%20Factory%20to%20brand%20to%20warehouse%20to%20multiple%20distributors%20to%20dealers.%20High%20end%20guitars%20are%20almost%20always%20in%20small%20retailers%2C%5C%22%20said%20John%20Marr%2C%20co-founder.%20This%20allows%20them%20to%20cut%2060%25%20off%20of%20the%20price%20of%20hand-crafted%20guitars.%20%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A30%3A20%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625483%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fmackenziemarr_modern_logo.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FwL9Ju-KgTYc%2F%22%2C%22share_text%22%3A%22MacKenzie%2520%2526%2520Marr%2520Bring%2520Guitar-making%2520Into%2520The%252021st%2520Century%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A15%7D%2C%7B%22title%22%3A%224moms%20Raises%20%2420%20Million%20For%20Its%20Gadgetized%20Baby%20Gear%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FFYXpkfczYVw%2F%22%2C%22description%22%3A%224moms%2C%20the%20small%20Pittsburgh-based%20company%20that's%20re-imagining%20the%20baby%20products%20industry%20by%20incorporating%20robotics%2C%20electronics%2C%20and%20innovative%20engineering%20into%20things%20like%20strollers%2C%20infant%20seats%20and%20playpens%2C%20has%20raised%20%2420%20million%20from%20Bain%20Capital%20Ventures.%20The%20firm's%20sister%20fund%20Bain%20Capital%20also%20has%20investments%20in%20Toys%20R'%20Us%20(Babies%20R'%20Us)%20and%20Gymboree%2C%20so%20there's%20the%20opportunity%20for%20some%20knowledge-sharing%20and%20marketing%20opportunities%20here%2C%20it%20seems.As%20for%20the%204moms%20products%2C%20in%20case%20you%20haven't%20seen%20them%20-%20well%2C%20they're%20pretty%20crazy.%20TechCrunch's%20gadgets%20team%20has%20been%20going%20hands-on%20with%20these%20things%20for%20years%2C%20and%20doling%20out%20compliments%20like%20%5C%22the%20coolest%20gadget%20I%20have%20ever%20seen%20since%20the%20original%20TiVo...and%20it's%20just%20a%20damn%20stroller.%5C%22%C2%A0Seriously%2C%20these%20things%20almost%20make%20you%20want%20to%20pump%20out%20babies%20(or%20more%20babies)%20just%20to%20try%20them%20out.%20Well%2C%20almost.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A02%3A41%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625489%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2F4moms-origami-stroller.jpg%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FFYXpkfczYVw%2F%22%2C%22share_text%22%3A%224moms%2520Raises%2520%252420%2520Million%2520For%2520Its%2520Gadgetized%2520Baby%2520Gear%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A16%7D%2C%7B%22title%22%3A%22Zachary%20Bogue%20And%20Matt%20Ocko%20Launch%20Data%20Collective%2C%20An%20Early%20Stage%20Fund%20For%20Big%20Data%20Startups%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FeHH5K7r5LGU%2F%22%2C%22description%22%3A%22Founders%20Den%20co-founder%20and%20angel%20investor%20Zachary%20Bogue%20has%20joined%20forces%20with%20seasoned%20big%20data%20VC%20Matt%20Ocko%2C%20Metamarkets%20founder%20Michael%20Driscoll%20and%20Prismatic%20CEO%20Bradford%20Cross%C2%A0to%20launch%20Data%20Collective%2C%20the%20world's%20first%20Big%20Data-only%20early%20stage%20investment%20fund.The%20two%20Data%20Collective%20co-founders%2C%20who%20are%20currently%20raising%20fund%20number%20two%2C%20tell%20me%20that%20the%20timing%20is%20right%20for%20a%20fund%20committed%20exclusively%20to%20Big%20Data%20companies%2C%20as%20the%20barriers%20to%20entry%20in%20launching%20these%20sorts%20of%20startups%20are%20only%20getting%20lower.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A00%3A54%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625465%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fscreen-shot-2012-08-09-at-11-57-53-am.png%3Fw%3D100%26amp%3Bh%3D67%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FeHH5K7r5LGU%2F%22%2C%22share_text%22%3A%22Zachary%2520Bogue%2520And%2520Matt%2520Ocko%2520Launch%2520Data%2520Collective%252C%2520An%2520Early%2520Stage%2520Fund%2520For%2520Big%2520Data%2520Startups%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A17%7D%2C%7B%22title%22%3A%22Following%20App.net%E2%80%99s%20Reboot%2C%20Smore%20Introduces%20App%20Flyers%20For%20DIY%20Mobile%20App%20Marketing%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F_GhsN1K6pEs%2F%22%2C%22description%22%3A%22Smore%2C%20a%20startup%20which%20lets%20anyone%20quickly%20build%20attractive%2C%20single-page%20websites%20which%20it%20calls%20flyers%2C%20is%20rolling%20out%20a%20new%20version%20of%20its%20service%20today%20to%20specifically%20targets%20mobile%20app%20developers.%20Called%20simply%20%5C%22app%20flyers%2C%5C%22%20these%20mini%2C%20customized%20websites%20can%20be%20built%20in%20seconds%20by%20pulling%20in%20data%20from%20the%20App%20Store%20itself%2C%20then%20allowing%20users%20to%20tweak%20the%20design%20using%20a%20handful%20of%20built-in%20styles.%5C%22Most%20apps%20are%20not%20built%20by%20these%20huge%20companies%20that%20have%20a%20ton%20of%20money%20to%20spend%20on%20marketing%2C%5C%22%20says%C2%A0Smore%20co-founder%20Gilad%20Avidan%20of%20the%20new%20offering.%20%5C%22Most%20apps%20are%20small%20or%20micro%20businesses%20-%20and%20these%20people%20need%20help%20getting%20the%20word%20out.%5C%22%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A00%3A20%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625421%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fsmore-logo-dark-bg.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2F_GhsN1K6pEs%2F%22%2C%22share_text%22%3A%22Following%2520App.net%25E2%2580%2599s%2520Reboot%252C%2520Smore%2520Introduces%2520App%2520Flyers%2520For%2520DIY%2520Mobile%2520App%2520Marketing%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A18%7D%2C%7B%22title%22%3A%22Wantworthy%20Is%20Wanted%3A%20The%20%E2%80%9CInstapaper%20For%20Shopping%E2%80%9D%20Raises%20%241%20Million%20From%20RRE%2C%20Google%20Ventures%20And%20Others%22%2C%22link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FBnuGQ7Wg514%2F%22%2C%22description%22%3A%22Wantworthy%2C%20a%202011%20TechStars%20NYC%20grad%20offering%20an%20online%20shopping%20tool%20for%20tracking%20everything%20you%20want%20to%20buy%20in%20one%20place%2C%20has%20just%20raised%20a%20%241%20million%20in%20seed%20funding.%20RRE%20Ventures%C2%A0led%20the%20round%2C%20and%C2%A0Google%20Ventures%2C%20Quotidian%20Ventures%2C%20and%20several%20NYC-area%20angels%20also%20participated.Although%20on%20the%20surface%20the%20company%20might%20appear%20to%20be%C2%A0competitive%C2%A0with%20Pinterest%2C%20various%20bookmarking%20tools%2C%20or%20even%20Amazon's%20Universal%20Wish%20List%20utility%2C%20for%20example%2C%20Wantworthy%20has%20a%20bigger%20vision.%20The%20long-term%20goal%20is%20not%20just%20to%20be%20a%20place%20where%20you%20collect%20things%20you%20want%20to%20purchase%2C%20it%20will%20also%20tell%20you%20when%20to%20buy%20them.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2016%3A00%3A19%20%2B0000%22%2C%22id%22%3A%22http%3A%2F%2Ftechcrunch.com%2F%3Fp%3D625097%22%2C%22img%22%3A%22http%3A%2F%2Ftctechcrunch2011.files.wordpress.com%2F2012%2F08%2Fwantworthy_logo_2.png%3Fw%3D100%26amp%3Bh%3D70%26amp%3Bcrop%3D1%5C%22%20class%3D%5C%22attachment-tc-carousel-river-thumb%20wp-post-image%22%2C%22share_link%22%3A%22http%3A%2F%2Ffeedproxy.google.com%2F~r%2FTechcrunch%2F~3%2FBnuGQ7Wg514%2F%22%2C%22share_text%22%3A%22Wantworthy%2520Is%2520Wanted%253A%2520The%2520%25E2%2580%259CInstapaper%2520For%2520Shopping%25E2%2580%259D%2520Raises%2520%25241%2520Million%2520From%2520RRE%252C%2520Google%2520Ventures%2520And%2520Others%22%2C%22feed_idx%22%3A0%2C%22item_idx%22%3A19%7D%5D%7D%2C%7B%22type%22%3A%22rss%22%2C%22version%22%3A%222.0%22%2C%22title%22%3A%22Tech%20News%20Headlines%20-%20Yahoo!%20News%22%2C%22link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Ftech%2F%22%2C%22description%22%3A%22Get%20the%20latest%20Tech%20news%20headlines%20from%20Yahoo!%20News.%20Find%20breaking%20Tech%20news%2C%20including%20analysis%20and%20opinion%20on%20top%20Tech%20stories.%22%2C%22language%22%3A%22en-US%22%2C%22updated%22%3A%22%22%2C%22items%22%3A%5B%7B%22title%22%3A%22Google%20agrees%20to%20record%20%2422.5M%20fine%20on%20privacy%22%2C%22link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Fgoogle-agrees-record-22-5m-fine-privacy-154303160--finance.html%22%2C%22description%22%3A%22Google%20is%20paying%20a%20record%20%2422.5%20million%20fine%20to%20settle%20allegations%20that%20it%20broke%20a%20privacy%20promise%20by%20secretly%20tracking%20millions%20of%20Web%20surfers%20who%20use%20Apple%26%23039%3Bs%20Safari%20browser.%3Cbr%20%2F%3E%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2011%3A43%3A35%20-0400%22%2C%22id%22%3A%22google-agrees-record-22-5m-fine-privacy-154303160--finance%22%2C%22img%22%3A%22http%3A%2F%2Fl.yimg.com%2Fbt%2Fapi%2Fres%2F1.2%2FSauEjp0qe1ivqRcGCm_neA--%2FYXBwaWQ9eW5ld3M7Zmk9ZmlsbDtoPTg2O3E9ODU7dz0xMzA-%2Fhttp%3A%2F%2Fmedia.zenfs.com%2Fen_us%2FNews%2Fap_webfeeds%2Fce91389c57e6c816170f6a7067001e31.jpg%22%2C%22share_link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Fgoogle-agrees-record-22-5m-fine-privacy-154303160--finance.html%22%2C%22share_text%22%3A%22Google%2520agrees%2520to%2520record%2520%252422.5M%2520fine%2520on%2520privacy%22%2C%22feed_idx%22%3A1%2C%22item_idx%22%3A0%7D%2C%7B%22title%22%3A%22T-Mobile%20loses%20subscribers%2C%20smartphones%20flat%22%2C%22link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Ft-mobile-loses-subscribers-smartphones-flat-144224609--finance.html%22%2C%22description%22%3A%22The%20long%20slide%20of%20T-Mobile%20USA%20continued%20in%20the%20latest%20quarter%2C%20as%20the%20country's%20No.%204%20cellphone%20company%20lost%20subscribers%20and%20struggled%20to%20sign%20people%20up%20for%20smartphones.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2011%3A17%3A49%20-0400%22%2C%22id%22%3A%22t-mobile-loses-subscribers-smartphones-flat-144224609--finance%22%2C%22img%22%3Anull%2C%22share_link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Ft-mobile-loses-subscribers-smartphones-flat-144224609--finance.html%22%2C%22share_text%22%3A%22T-Mobile%2520loses%2520subscribers%252C%2520smartphones%2520flat%22%2C%22feed_idx%22%3A1%2C%22item_idx%22%3A1%7D%2C%7B%22title%22%3A%22Multimillion-dollar%20verdict%20against%20RIM%20overturned%22%2C%22link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Fmultimillion-dollar-verdict-against-rim-overturned-154612858.html%22%2C%22description%22%3A%22A%20U.S.%20judge%20has%20overturned%20a%20multimillion-dollar%20patent-infringement%20verdict%20against%20BlackBerry%20maker%20Research%20In%20Motion.%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2015%3A18%3A08%20-0400%22%2C%22id%22%3A%22multimillion-dollar-verdict-against-rim-overturned-154612858%22%2C%22img%22%3Anull%2C%22share_link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Fmultimillion-dollar-verdict-against-rim-overturned-154612858.html%22%2C%22share_text%22%3A%22Multimillion-dollar%2520verdict%2520against%2520RIM%2520overturned%22%2C%22feed_idx%22%3A1%2C%22item_idx%22%3A2%7D%2C%7B%22title%22%3A%22Ouya%20game%20console%20snags%20%248.5%20million%20in%20Kickstarter%20funding%2C%20but%20what%E2%80%99s%20next%3F%22%2C%22link%22%3A%22http%3A%2F%2Fnews.yahoo.com%2Fblogs%2Ftechnology-blog%2Fouya-game-console-snags-8-5-million-kickstarter-174046003.html%22%2C%22description%22%3A%22As%20everyone%20sits%20and%20waits%20for%20Microsoft%20and%20Sony%20to%20finally%20pull%20the%20trigger%20on%20the%20next%20generation%20of%20the%20Xbox%20and%20PlayStation%20platforms%2C%20the%20Ouya%20project%20plans%20to%20bring%20Android-based%20gaming%20to%20the%20big%20screen%20%E2%80%94%20and%20has%20already%20%E2%80%A6%20Continue%20reading%20%E2%86%92%22%2C%22updated%22%3A%22Thu%2C%2009%20Aug%202012%2013%3A40%3A46%20-0400%22%2C%22id%22%3A%22blo

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Sorry for the delayed response. I did not receive a notification that you had posted.

 

Lets continue:

 

Please uninstall IObit Toolbar v6.5

 

 

I would like to take a closer look at a number of files on your machine:

 

  • Please scan the following files

    • On the page you'll find a "Choose File" button.
    • Click on the Choose File button.
    • In the File Upload window which opens, copy and paste this into the File Name box.
    C:\ProgramData\Vaudix\508d44c452574.ocx

     

     

    • Next, click the Open button.
    • Then click the "Scan it" button just below.
    • This will scan the file. Please be patient.
    • If you get a message saying File has already been analyzed: click Reanalyze file now.
    • Once scanned, copy and paste the link to the results page in your next reply.
    • Repeat for the following files:
    C:\ProgramData\Vaudix\508d42f54b62d.ocx

     

    C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll

     

    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe

  • Security Check

    • Please download Security Check by screen317 from here or here and save the file (called securitycheck.exe) to your desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box (NOTE: If you are running Vista or Win7 please Right click and select "Run as Administrator"..
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.
    Post the links to the virus total scan pages and the security check log in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom,

 

Here is what you asked for.

 

 

https://www.virustotal.com/file/5cbd7f4b8f991ccab51cfc1fd0a5437013c5196f3c636632d691103aa3708adb/analysis/1354500367/

 

 

https://www.virustotal.com/file/5cbd7f4b8f991ccab51cfc1fd0a5437013c5196f3c636632d691103aa3708adb/analysis/1354501325/

 

 

https://www.virustotal.com/file/00e5e1fa89080ba5f0f582c552caa36eed3c737eec35ee1ff63f70e5f25ed6ba/analysis/1354501891/

 

 

https://www.virustotal.com/file/a9265115b70fd00ea9516b67545b9e5633aff757312572fb8d304fd372d67650/analysis/1354502148/

 

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

ZoneAlarm Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Java 7 Update 9

Adobe Flash Player 11.5.502.110

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox 14.0.1 Firefox out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.92

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.95

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

CheckPoint ZoneAlarm vsmon.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

Hello goofy1139

 

Please work your way through the following steps:

 

  • Combofix

  • Download ComboFix from one of the following locations:

     

    Link 1

    Link 2

  • VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here.
  • Right click on ComboFix.exe and select "Run as Administrator" to run the program. Follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Posted Image

 

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Posted Image

 

  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • Notes: Do not mouse-click Combofix's window while it is running. That may cause it to stall.
  • Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
  • Should there be issues with internet afterward:

     

    In IE: Tools Menu -> Internet Options -> Connections Tab -> Lan Settings -> uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

     

    In Firefox: Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.

Please post the Combofix log in your next reply.

 

Share this post


Link to post
Share on other sites

hello JonTom

 

here you go

 

ComboFix 12-12-02.01 - Owner 12/03/2012 10:29:05.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6055.3988 [GMT -6:00]

Running from: c:usersOwnerDesktopComboFix.exe

AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}

FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:programdataReadOnlyInstaller.msi

c:programdataRoaming

c:programdatauninstaller.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------Service_HOSTS Anti-PUPs

.

.

((((((((((((((((((((((((( Files Created from 2012-11-03 to 2012-12-03 )))))))))))))))))))))))))))))))

.

.

2012-11-30 15:39 . 2012-11-30 21:47 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2012-11-30 15:39 . 2012-09-30 01:54 25928 ----a-w- c:windowssystem32driversmbam.sys

2012-11-30 14:16 . 2012-11-30 14:16 -------- d-----w- c:windowsERUNT

2012-11-30 14:15 . 2012-11-30 14:15 -------- d-----w- C:JRT

2012-11-27 17:18 . 2012-11-27 17:18 -------- d-----w- C:FRST

2012-11-25 02:04 . 2012-11-25 02:04 -------- d-----w- c:usersOwnerAppDataLocalElevatedDiagnostics

2012-11-24 22:52 . 2012-11-25 02:05 -------- d-----w- c:program files (x86)Hosts_Anti_Adwares_PUPs

2012-11-24 14:58 . 2011-05-30 13:42 240640 ----a-w- c:windowsSysWow64xvidvfw.dll

2012-11-24 14:58 . 2011-05-30 13:42 255488 ----a-w- c:windowssystem32xvidvfw.dll

2012-11-24 14:58 . 2011-05-23 09:52 153088 ----a-w- c:windowsSysWow64xvid.ax

2012-11-24 14:58 . 2011-05-23 07:49 173568 ----a-w- c:windowssystem32xvid.ax

2012-11-24 14:58 . 2011-05-23 07:46 645632 ----a-w- c:windowsSysWow64xvidcore.dll

2012-11-24 14:58 . 2011-05-23 07:45 696832 ----a-w- c:windowssystem32xvidcore.dll

2012-11-24 14:57 . 2012-11-24 14:57 -------- d-----w- c:usersOwner.bitrock

2012-11-24 01:49 . 2012-11-24 14:58 -------- d-----w- c:program files (x86)Xvid

2012-11-21 18:48 . 2010-11-26 23:02 17720 ----a-w- c:windowssystem32driversSmartDefragDriver.sys

2012-11-21 14:17 . 2012-11-21 14:19 -------- d-----w- c:program files (x86)MeadCo Neptune

2012-11-20 22:21 . 2012-01-10 00:59 11864 ----a-w- c:windowssystem32driverskl2.sys

2012-11-20 22:21 . 2012-01-10 00:59 460888 ----a-w- c:windowssystem32driverskl1.sys

2012-11-20 22:16 . 2012-01-10 00:59 485680 ----a-w- c:windowssystem32driversklif.sys

2012-11-20 22:16 . 2012-11-20 22:21 -------- dc----w- c:windowssystem32DRVSTORE

2012-11-20 22:15 . 2012-11-20 22:15 -------- d-----w- c:usersOwnerAppDataRoamingCheckPoint

2012-11-20 22:14 . 2012-11-20 22:14 -------- d-----w- c:program filesCheckPoint

2012-11-20 21:46 . 2012-11-20 22:16 -------- d-----w- c:program files (x86)CheckPoint

2012-11-20 21:46 . 2012-11-20 21:46 -------- d-----w- c:programdataCheckPoint

2012-11-20 18:23 . 2012-11-20 18:23 -------- d-----w- c:usersOwnerAppDataRoamingMalwarebytes

2012-11-20 18:22 . 2012-11-20 18:22 -------- d-----w- c:programdataMalwarebytes

2012-11-20 16:27 . 2012-11-20 16:27 -------- d-----w- c:programdataPCPitstop

2012-11-20 16:25 . 2012-11-21 15:57 -------- d-----w- c:program files (x86)PCPitstop

2012-11-20 12:55 . 2012-11-08 17:24 9125352 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{981D4DA8-857B-4241-8D4D-3835FDF581A0}mpengine.dll

2012-11-20 11:53 . 2012-11-20 11:53 -------- d-----w- c:usersOwnerAppDataRoamingConverterLite

2012-11-20 01:03 . 2012-11-20 01:03 -------- d-----w- c:usersOwnerKILL BILL- THE WHOLE BLOODY AFFAIR (2012)

2012-11-17 21:22 . 2012-11-17 21:22 -------- d-----w- c:usersOwner.thumbnails

2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalfontconfig

2012-11-17 21:20 . 2012-11-17 21:38 -------- d-----w- c:usersOwner.gimp-2.8

2012-11-17 21:20 . 2012-11-17 21:20 -------- d-----w- c:usersOwnerAppDataLocalgegl-0.2

2012-11-17 21:18 . 2012-11-17 21:19 -------- d-----w- c:program filesGIMP 2

2012-11-17 17:59 . 2012-10-03 17:56 1914248 ----a-w- c:windowssystem32driverstcpip.sys

2012-11-17 17:59 . 2012-10-03 17:44 246272 ----a-w- c:windowssystem32netcorehc.dll

2012-11-17 17:59 . 2012-10-03 17:44 216576 ----a-w- c:windowssystem32ncsi.dll

2012-11-17 17:59 . 2012-10-03 17:42 569344 ----a-w- c:windowssystem32iphlpsvc.dll

2012-11-17 17:59 . 2012-10-03 16:42 156672 ----a-w- c:windowsSysWow64ncsi.dll

2012-11-17 17:59 . 2012-10-03 17:44 70656 ----a-w- c:windowssystem32nlaapi.dll

2012-11-17 17:59 . 2012-10-03 17:44 303104 ----a-w- c:windowssystem32nlasvc.dll

2012-11-17 17:59 . 2012-10-03 17:44 18944 ----a-w- c:windowssystem32netevent.dll

2012-11-17 17:59 . 2012-10-03 16:42 18944 ----a-w- c:windowsSysWow64netevent.dll

2012-11-17 17:59 . 2012-10-03 16:42 175104 ----a-w- c:windowsSysWow64netcorehc.dll

2012-11-17 17:59 . 2012-10-03 16:07 45568 ----a-w- c:windowssystem32driverstcpipreg.sys

2012-11-17 17:59 . 2012-01-13 07:12 52224 ----a-w- c:windowsSysWow64nlaapi.dll

2012-11-16 02:35 . 2012-07-26 04:47 2560 ----a-w- c:windowssystem32driversen-USwdf01000.sys.mui

2012-11-16 02:35 . 2012-07-26 04:55 785512 ----a-w- c:windowssystem32driversWdf01000.sys

2012-11-16 02:35 . 2012-07-26 04:55 54376 ----a-w- c:windowssystem32driversWdfLdr.sys

2012-11-16 02:35 . 2012-07-26 02:36 9728 ----a-w- c:windowssystem32Wdfres.dll

2012-11-16 02:29 . 2012-07-26 03:08 84992 ----a-w- c:windowssystem32WUDFSvc.dll

2012-11-16 02:29 . 2012-07-26 03:08 194048 ----a-w- c:windowssystem32WUDFPlatform.dll

2012-11-16 02:29 . 2012-07-26 02:26 87040 ----a-w- c:windowssystem32driversWUDFPf.sys

2012-11-16 02:29 . 2012-07-26 02:26 198656 ----a-w- c:windowssystem32driversWUDFRd.sys

2012-11-16 02:29 . 2012-07-26 03:08 45056 ----a-w- c:windowssystem32WUDFCoinstaller.dll

2012-11-16 02:29 . 2012-07-26 03:08 229888 ----a-w- c:windowssystem32WUDFHost.exe

2012-11-16 02:29 . 2012-07-26 03:08 744448 ----a-w- c:windowssystem32WUDFx.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin7.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin6.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin5.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin4.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin3.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin2.dll

2012-11-16 02:15 . 2012-11-16 02:15 159744 ----a-w- c:program files (x86)Internet ExplorerPluginsnpqtplugin.dll

2012-11-16 02:15 . 2012-11-16 02:15 -------- d-----w- c:program files (x86)QuickTime

2012-11-15 12:36 . 2012-10-09 18:17 55296 ----a-w- c:windowssystem32dhcpcsvc6.dll

2012-11-15 12:36 . 2012-10-09 18:17 226816 ----a-w- c:windowssystem32dhcpcore6.dll

2012-11-15 12:36 . 2012-10-09 17:40 44032 ----a-w- c:windowsSysWow64dhcpcsvc6.dll

2012-11-15 12:36 . 2012-10-09 17:40 193536 ----a-w- c:windowsSysWow64dhcpcore6.dll

2012-11-15 12:36 . 2012-10-18 18:25 3149824 ----a-w- c:windowssystem32win32k.sys

2012-11-15 12:31 . 2012-09-25 22:47 78336 ----a-w- c:windowsSysWow64synceng.dll

2012-11-15 12:31 . 2012-09-25 22:46 95744 ----a-w- c:windowssystem32synceng.dll

2012-11-15 01:50 . 2012-11-15 01:50 96768 ----a-w- c:windowsSysWow64sspicli.dll

2012-11-15 01:50 . 2012-11-15 01:50 458712 ----a-w- c:windowssystem32driverscng.sys

2012-11-15 01:50 . 2012-11-15 01:50 340992 ----a-w- c:windowssystem32schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 307200 ----a-w- c:windowssystem32ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 247808 ----a-w- c:windowsSysWow64schannel.dll

2012-11-15 01:50 . 2012-11-15 01:50 220160 ----a-w- c:windowsSysWow64ncrypt.dll

2012-11-15 01:50 . 2012-11-15 01:50 22016 ----a-w- c:windowsSysWow64secur32.dll

2012-11-15 01:50 . 2012-11-15 01:50 154480 ----a-w- c:windowssystem32driversksecpkg.sys

2012-11-15 01:50 . 2012-11-15 01:50 1448448 ----a-w- c:windowssystem32lsasrv.dll

2012-11-15 01:49 . 2012-11-15 01:49 514560 ----a-w- c:windowsSysWow64qdvd.dll

2012-11-15 01:49 . 2012-11-15 01:49 366592 ----a-w- c:windowssystem32qdvd.dll

2012-11-14 20:32 . 2012-11-14 20:32 30568 ----a-w- c:windowssystem32driversavgtpx64.sys

2012-11-14 20:30 . 2012-12-03 17:03 15712 ----a-w- c:windowssystem32driversSWDUMon.sys

2012-11-14 20:30 . 2012-11-14 20:30 -------- d-----w- c:usersOwnerAppDataLocalSlimWare Utilities Inc

2012-11-14 20:29 . 2012-11-14 20:29 -------- d--h--w- c:programdataCommon Files

2012-11-14 20:29 . 2012-11-14 20:29 -------- d-----w- c:program files (x86)SlimDrivers

2012-11-12 21:06 . 2012-11-30 17:06 -------- d-----w- c:usersOwnerAppDataLocalMindDabble_4p

2012-11-12 21:06 . 2012-11-12 21:06 -------- d-----w- c:program files (x86)MindDabble_4p

2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:usersOwnerAppDataLocalAPlusGamer_63

2012-11-12 19:26 . 2012-11-12 19:26 -------- d-----w- c:program files (x86)APlusGamer_63

2012-11-12 19:05 . 2012-11-12 19:05 -------- d-----w- c:program files (x86)BrainTrainAge

2012-11-09 22:07 . 2012-11-09 22:07 -------- d-----w- c:programdataKingsIsle Entertainment

2012-11-09 14:28 . 2012-11-09 14:28 -------- d-----w- C:MediaServer

2012-11-09 14:28 . 2012-11-09 14:28 -------- d-----w- c:usersOwnerAppDataLocalMediaServer

2012-11-09 14:27 . 2012-11-09 14:49 -------- d-----w- c:programdataPDVD

2012-11-09 14:23 . 2012-11-09 14:23 -------- d-----w- c:programdatainstall_clap

2012-11-09 00:01 . 2012-11-09 01:45 -------- d-----w- C:avengers

2012-11-08 00:43 . 2012-11-08 00:43 -------- d-----w- c:programdatadvdfab

2012-11-08 00:34 . 2012-11-08 00:40 -------- d-----w- c:program files (x86)DVDFab 8 Qt

2012-11-05 13:34 . 2012-11-05 14:02 -------- d-----w- c:program files (x86)WinPalace

2012-11-05 00:49 . 2012-11-05 00:49 -------- d-----w- c:usersOwnerAppDataRoamingGameCenter

2012-11-05 00:49 . 2012-11-05 00:49 -------- d-----w- c:usersOwnerAppDataRoamingGoforFiles

2012-11-05 00:49 . 2012-11-05 00:49 -------- d-----w- c:program files (x86)GoforFiles

2012-11-03 22:03 . 2012-11-03 22:03 -------- d-----w- c:usersOwnerAppDataRoamingDailyBibleGuide

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-11-24 01:35 . 2012-10-06 20:26 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCoreMicrosoft.MediaCenter.Sports.UI.dll

2012-11-18 22:46 . 2012-07-31 00:28 73656 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl

2012-11-18 22:46 . 2012-07-31 00:28 697272 ----a-w- c:windowsSysWow64FlashPlayerApp.exe

2012-11-15 12:25 . 2012-07-25 12:45 66395536 ----a-w- c:windowssystem32MRT.exe

2012-10-30 23:50 . 2012-08-03 22:43 285328 ----a-w- c:windowssystem32aswBoot.exe

2012-10-25 09:12 . 2012-10-25 09:12 94208 ----a-w- c:windowsSysWow64QuickTimeVR.qtx

2012-10-25 09:12 . 2012-10-25 09:12 69632 ----a-w- c:windowsSysWow64QuickTime.qts

2012-10-22 22:34 . 2012-10-22 22:34 95208 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll

2012-10-22 22:34 . 2012-10-22 22:35 821736 ----a-w- c:windowsSysWow64npDeployJava1.dll

2012-10-22 22:34 . 2012-10-22 22:35 746984 ----a-w- c:windowsSysWow64deployJava1.dll

2012-10-17 13:39 . 2012-10-17 13:39 737072 ----a-w- c:programdataMicrosofteHomePackagesSportsV2SportsTemplateCore-2Microsoft.MediaCenter.Sports.UI.dll

2012-10-17 13:39 . 2012-10-17 13:39 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkup-2markup.dll

2012-10-17 13:37 . 2012-10-17 13:37 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSM-2StartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 2876528 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXUpdateableMarkupmarkup.dll

2012-10-06 20:26 . 2012-10-06 20:26 42776 ----a-w- c:programdataMicrosofteHomePackagesMCEClientUXdSMStartResources.dll

2012-10-06 20:26 . 2012-10-06 20:26 539984 ----a-w- c:programdataMicrosofteHomePackagesMCESpotlightMCESpotlightSpotlightResources.dll

2012-09-14 19:19 . 2012-10-12 13:06 2048 ----a-w- c:windowssystem32tzres.dll

2012-09-14 18:28 . 2012-10-12 13:06 2048 ----a-w- c:windowsSysWow64tzres.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]

2012-10-28 14:44 129024 ----a-w- c:programdataVaudix508d44c452574.ocx

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]

2012-10-28 14:36 129024 ----a-w- c:programdataVaudix508d42f54b62d.ocx

.

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]

"IDMan"="c:program files (x86)Internet Download ManagerIDMan.exe" [2012-09-01 3528128]

"Xvid"="c:program files (x86)XvidCheckUpdate.exe" [2011-01-17 8192]

"AnyDVD"="c:program files (x86)SlySoftAnyDVDAnyDVDtray.exe" [2012-11-23 6663840]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"CLMLServer"="c:program files (x86)CyberLinkPower2GoCLMLSvc.exe" [2009-11-02 103720]

"Samsung PanelMgr"="c:windowsSamsungPanelMgrSSMMgr.exe" [2010-06-08 618496]

"UVS10 Preload"="c:program files (x86)Ulead SystemsUlead VideoStudio 10uvPL.exe" [2006-03-07 36864]

"UpdatePPShortCut"="c:program files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe" [2009-05-20 222504]

"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2012-07-03 252848]

"APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2012-10-12 59280]

"PowerDVD12DMREngine"="c:program files (x86)CyberLinkPowerDVD12KernelDMRPowerDVD12DMREngine.exe" [2012-09-19 505872]

"PowerDVD12Agent"="c:program files (x86)CyberLinkPowerDVD12PowerDVD12Agent.exe" [2012-09-19 374560]

"QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2012-10-25 421888]

"HOSTS Anti-Adware_PUPs"="c:program files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe" [2012-11-25 302961]

.

c:usersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

MagicDisc.lnk - c:program files (x86)MagicDiscMagicDisc.exe [2012-9-15 576000]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:windowsSysWOW64nvinit.dll

.

[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]

"wave6"=wdmaud.drv

.

R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerCLHNServiceForPowerDVD12.exe [2012-09-19 90640]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe [2012-07-13 160944]

R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:windowssystem32DRIVERSAVerPola.sys [2011-01-04 534144]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:program filesIntelWiFibinPanDhcpDns.exe [2011-01-05 340240]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversrdpvideominiport.sys [2012-11-15 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:windowsSystem32SUPDSvc.exe [2010-08-09 166704]

R3 StkCMini;Syntek AVStream USB2.0 ATV;c:windowssystem32DriversStkCMini.sys [2010-04-16 1816968]

R3 SWDUMon;SWDUMon;c:windowssystem32DRIVERSSWDUMon.sys [2012-12-03 15712]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [2012-11-15 57856]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [2012-07-25 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys [2008-05-06 14464]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:windowssystem32DRIVERSnvpciflt.sys [2010-12-14 25576]

S0 SmartDefragDriver;SmartDefragDriver;c:windowsSystem32DriversSmartDefragDriver.sys [2010-11-26 17720]

S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2012-11-14 30568]

S1 kl2;kl2;c:windowssystem32DRIVERSkl2.sys [2012-01-10 11864]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:windowssystem32DriversSABI.sys [2009-05-28 13824]

S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/09 08:34];c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl [2012-09-19 22:12 147704]

S2 BBSvc;BingBar Service;c:program files (x86)MicrosoftBingBar7.1.361.0BBSvc.exe [2012-02-10 193816]

S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSMonitorServicePDVD12.exe [2012-09-19 78352]

S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:program files (x86)CyberLinkPowerDVD12KernelDMSCLMSServerPDVD12.exe [2012-09-19 295440]

S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:program filesIntelWiMAXBinDMAgent.exe [2011-06-06 498688]

S2 IDMWFP;IDMWFP;c:windowssystem32DRIVERSidmwfp.sys [2012-08-02 158944]

S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:program filesCheckPointZAForceFieldISWKL.sys [2012-08-30 33712]

S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:program filesCheckPointZAForceFieldIswSvc.exe [2012-08-30 827560]

S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2012-09-30 399432]

S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-09-30 676936]

S2 nlsX86cc;Nalpeiron Licensing Service;c:windowsSysWOW64nlssrv32.exe [2010-11-22 66560]

S2 ntk_PowerDVD12;ntk_PowerDVD12;c:program files (x86)CyberLinkPowerDVD12KernelDMPCLHNServerntk_PowerDVD12_64.sys [2012-06-20 83704]

S2 UNS;Intel® Management and Security Application User Notification Service;c:program files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2010-10-06 2655768]

S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:program filesIntelWiMAXBinAppSrv.exe [2011-06-06 986112]

S3 BBUpdate;BBUpdate;c:program files (x86)MicrosoftBingBar7.1.361.0SeaPort.exe [2012-02-10 240408]

S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:windowssystem32DRIVERSbpenum.sys [2011-05-19 84480]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:windowssystem32DRIVERSbpmp.sys [2011-05-19 182272]

S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:windowssystem32Driversbpusb.sys [2011-05-19 83968]

S3 clwvd;CyberLink WebCam Virtual Driver;c:windowssystem32DRIVERSclwvd.sys [2010-11-10 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:windowssystem32DRIVERSIntcDAud.sys [2010-10-15 317440]

S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys [2012-09-30 25928]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:windowssystem32DRIVERSnusb3hub.sys [2010-10-11 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:windowssystem32DRIVERSnusb3xhc.sys [2010-10-11 180736]

S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys [2011-06-10 539240]

S3 wdkmd;Intel WiDi KMD;c:windowssystem32DRIVERSWDKMD.sys [2010-11-30 42392]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-03 c:windowsTasksAdobe Flash Player Updater.job

- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-07-31 22:46]

.

2012-12-03 c:windowsTasksGoogleUpdateTaskMachineCore.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2012-08-03 22:43]

.

2012-12-03 c:windowsTasksGoogleUpdateTaskMachineUA.job

- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2012-08-03 22:43]

.

2012-12-03 c:windowsTasksSlimDrivers Startup.job

- c:program files (x86)SlimDriversSlimDrivers.exe [2012-10-14 21:29]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersIDM Shell Extension]

@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"

[HKEY_CLASSES_ROOTCLSID{CDC95B92-E27C-4745-A8C5-64A52A78855D}]

2012-02-08 00:49 23432 ----a-w- c:program files (x86)Internet Download ManagerIDMShellExt64.dll

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"IgfxTray"="c:windowssystem32igfxtray.exe" [2011-01-04 167960]

"HotKeysCmds"="c:windowssystem32hkcmd.exe" [2011-01-04 391704]

"Persistence"="c:windowssystem32igfxpers.exe" [2011-01-04 417304]

"RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2010-11-30 11660904]

"IntelWireless"="c:program filesCommon FilesIntelWirelessCommoniFrmewrk.exe" [2011-01-05 1933584]

"IntelWirelessWiMAX"="c:program filesIntelWiMAXBinWiMAXCU.exe" [2011-06-02 1622016]

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]

"AppInit_DLLs"=c:windowsSystem32nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page = hxxp://www.google.com

mStart Page = hxxp://samsung.msn.com

mLocal Page = c:windowsSysWOW64blank.htm

IE: Download all links with IDM - c:program files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - c:program files (x86)Internet Download ManagerIEExt.htm

FF - ProfilePath - c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.default

FF - prefs.js: keyword.URL - hxxp://www.goodsearch.com/search.aspx?toolbarcharity=___toolbarcharity___&id=goodsearchtb&v=2_1&keywords=

FF - ExtSQL: 2012-11-04 18:39; 50970cb9d50ba@50970cb9d50f3.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions50970cb9d50ba@50970cb9d50f3.com.xpi

FF - ExtSQL: 2012-11-12 13:25; 63ffxtbr@APlusGamer_63.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions63ffxtbr@APlusGamer_63.com

FF - ExtSQL: 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:usersOwnerAppDataRoamingMozillaFirefoxProfilesnww68hdh.defaultextensions4pffxtbr@MindDabble_4p.com

FF - ExtSQL: 2012-11-20 16:15; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:program filesCheckPointZAForceFieldWOW64TrustChecker

FF - ExtSQL: !HIDDEN! 2012-11-12 13:26; 63ffxtbr@APlusGamer_63.com; c:program files (x86)APlusGamer_63bar1.bin

FF - ExtSQL: !HIDDEN! 2012-11-12 15:06; 4pffxtbr@MindDabble_4p.com; c:program files (x86)MindDabble_4pbar1.bin

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{34114ac1-b899-4a25-a167-cb054d5025f3} - c:program files (x86)APlusGamer_63bar1.bin63SrcAs.dll

Toolbar-Locked - (no file)

Toolbar-{8945176c-2823-4272-9735-873e75bfe1b4} - c:program files (x86)APlusGamer_63bar1.bin63bar.dll

Wow6432Node-HKLM-Run-UpdatePSTShortCut - c:program files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe

Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:program files (x86)AVG Secure SearchROC_roc_ssl_v12.exe

Toolbar-Locked - (no file)

HKLM-Run-ETDCtrl - c:program files (x86)ElantechETDCtrl.exe

.

.

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001services{73526619-C24F-470B-9BED-53D455FBB5C6}]

"ImagePath"="??c:program files (x86)CyberLinkPowerDVD12CommonNavFilter000.fcl"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"scansk"=hex(0):c5,88,12,3d,a1,66,02,aa,b6,69,27,77,2a,36,ce,6b,62,5d,c5,5b,dd,

32,c3,0e,3c,fd,35,14,a9,f8,c3,8a,76,15,a2,42,fb,fb,4e,66,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]

@Denied: (Full) (Everyone)

"scansk"=hex(0):92,20,a6,2c,ac,da,97,ad,d1,24,a3,f8,5b,7f,d7,fc,ab,59,6e,1b,bf,

51,95,0a,ae,4d,7b,37,63,5b,fa,ad,73,d0,1a,32,83,42,de,9e,00,00,00,00,00,00,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{b5572adb-f71b-41a1-ad6e-0832b120e9ea}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:000000f0

"Therad"=dword:0000001e

"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,

38,95,44,85,b1,12,f9,90,dd,23,a1,46,8f,3c,f2,5c,68,ee,21,c4,91,5d,38,fc,54,

.

[HKEY_USERSS-1-5-21-4159443991-512847242-1124234837-1001_ClassesWow6432NodeCLSID{c9fa1039-b2b9-4ecb-85ad-32f7d18bc0ed}]

@Denied: (Full) (Everyone)

@Allowed: (Read) (RestrictedCode)

"Model"=dword:0000012c

"Therad"=dword:00000001

"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,

1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:Windowssystem32MacromedFlashFlashUtil64_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_4_402_287_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash32_11_4_402_287.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:program files (x86)Common FilesAdobeARM1.0armsvc.exe

c:program files (x86)GoforFilesGFFUpdater.exe

c:program files (x86)IObitSmart Defrag 2SmartDefrag.exe

c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe

c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

c:program files (x86)CyberLinkShared filesRichVideo.exe

c:program files (x86)Common FilesUlead SystemsDVDULCDRSvr.exe

c:program files (x86)SamsungEasy Display ManagerWifiManager.exe

c:program files (x86)CyberLinkYouCamYCMMirage.exe

c:program files (x86)SamsungSamsung Recovery Solution 5WCScheduler.exe

c:program files (x86)SamsungMovie Color EnhancerMovieColorEnhancer.exe

c:program files (x86)SamsungSamsung Support CenterSSCKbdHk.exe

c:program files (x86)SamsungSamsung Update PlusSUPBackground.exe

c:program files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe

c:program files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

.

**************************************************************************

.

Completion time: 2012-12-03 11:11:02 - machine was rebooted

ComboFix-quarantined-files.txt 2012-12-03 17:11

.

Pre-Run: 88,245,633,024 bytes free

Post-Run: 88,461,398,016 bytes free

.

- - End Of File - - EF328B06C22B6AD5150578574EB06594

Share this post


Link to post
Share on other sites

Hello gooty1139

 

Thank you for the log.

 

We need to use Combofix again but this time, we will be running it in a slightly different way:

  • Please work through the following steps

  • Hold down the Windows key (has the Windows symbol on it) and press the "R" key. A Run box will open. Type in Notepad and press Enter then click on "OK").
  • NOTE: Do not Use Wordpad or any other text editor except Notepad or the script will fail.
  • Copy and Paste the text in the codebox below (including the link) into the open Notepad window:

     

    http://forums.pcpitstop.com/index.php?/topic/200361-my-computer-is-running-soo-slow-and-internet-wont-goto-address-i-type-in/
    
    Collect::
    c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    
    File::
    C:\ProgramData\Vaudix\508d44c452574.ocx
    C:\ProgramData\Vaudix\508d42f54b62d.ocx
    
    Folder::
    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
    
    Registry::
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30C456C5-0E73-2343-38F0-D9F9CF8B0F52}]
    
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D28FF82E-DC7D-E13A-28EC-1D5CD8855ADE}]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "HOSTS Anti-Adware_PUPs"=-
    
    
  • Save this as "CFScript.txt" (including the quotation marks), change the "Save as type" to "All Files" and save it to your desktop.
  • Close any open browsers.
  • Disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Refering to the picture below, drag CFScript.txt into ComboFix.exe

     

    Posted Image

  • When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • Once the log is produced, re-engage your resident anti virus.
  • Note: When ComboFix finishes running, the ComboFix log will open along with a message box - do not be alarmed. With the above script, ComboFix will capture files to submit for analysis.
  • Ensure you are connected to the internet and click OK on the message box.
Please post the new Combofix log that is produced in your next reply.

 

Share this post


Link to post
Share on other sites

Hello JonTom

 

I have little problem...when I ran combofix I followed your instructions but the last part about IE and Firefox was not shown. I ran the program but now I can't get on the internet.

 

i'm now using an unidentified network and i have no network access. I says I have limited connectivity to my wifi. help

Share this post


Link to post
Share on other sites

Hello goofy1139

 

I says I have limited connectivity to my wifi

Odd?

 

Did Combofix produce a log?

 

First, try rebooting your machine then see if normal access is restored.

 

If it is not, please run the following tool (you may need to download ot using a different machine and tranfer it across if you no longer have net access).

  • Farbar Service Scanner

  • Please download Farbar Service Scanner by clicking here and save the file to your desktop.
  • Run the tool on the infected machine.
  • Make sure the following options are checked:
Internet Services

Windows Firewall

System Restore

Security Center

Windows Update

Windows Defender

 

 

  • Click on "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Share this post


Link to post
Share on other sites

I haven't done the second combfix scan yet, should I run that first before farbar? Should I run both then send both logs? When I rebooted the internet was still giving me problems.

Share this post


Link to post
Share on other sites

Hello goofy1139

 

I haven't done the second combfix scan yet, should I run that first before farbar?

I'm a little confused here. Do you mean you have not yet ran the combofix script I provided in post number 18?

Share this post


Link to post
Share on other sites

Hello JonTom,

 

The computer says I have limited access when I try to connect to my router and can't connect. Here is the farbar report

 

Farbar Service Scanner Version: 04-12-2012

Ran by Owner (administrator) on 05-12-2012 at 11:03:48

Running from "C:UsersOwnerDesktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline

There is no connection to network.

Attempt to access Google IP returned error.

Attempt to access Google.com returned error: Other errors

Attempt to access Yahoo IP returned error.

Attempt to access Yahoo.com returned error: Other errors

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]

"EnableFirewall"=DWORD:0

 

 

System Restore:

============

 

System Restore Disabled Policy:

========================

 

 

Action Center:

============

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

 

Windows Defender:

==============

 

Other Services:

==============

 

 

File Check:

========

C:WindowsSystem32nsisvc.dll => MD5 is legit

C:WindowsSystem32driversnsiproxy.sys => MD5 is legit

C:WindowsSystem32dhcpcore.dll => MD5 is legit

C:WindowsSystem32driversafd.sys => MD5 is legit

C:WindowsSystem32driverstdx.sys => MD5 is legit

C:WindowsSystem32Driverstcpip.sys => MD5 is legit

C:WindowsSystem32dnsrslvr.dll => MD5 is legit

C:WindowsSystem32mpssvc.dll => MD5 is legit

C:WindowsSystem32bfe.dll => MD5 is legit

C:WindowsSystem32driversmpsdrv.sys => MD5 is legit

C:WindowsSystem32SDRSVC.dll => MD5 is legit

C:WindowsSystem32vssvc.exe => MD5 is legit

C:WindowsSystem32wscsvc.dll => MD5 is legit

C:WindowsSystem32wbemWMIsvc.dll => MD5 is legit

C:WindowsSystem32wuaueng.dll => MD5 is legit

C:WindowsSystem32qmgr.dll => MD5 is legit

C:WindowsSystem32es.dll => MD5 is legit

C:WindowsSystem32cryptsvc.dll => MD5 is legit

C:Program FilesWindows DefenderMpSvc.dll => MD5 is legit

C:WindowsSystem32svchost.exe => MD5 is legit

C:WindowsSystem32rpcss.dll => MD5 is legit

 

 

**** End of log ****

Share this post


Link to post
Share on other sites

Hello goofy1139

 

You still have not told me if you ran the combofix script I provided in post number 18.

 

Please let me know if you ran the script in your next reply.

Share this post


Link to post
Share on other sites

Hello JonTom,

 

Sorry about this confusion. I have not ran the posted in 18 yet, but i will this afternoon. I ran the one in 16 and posted that one. after i ran that i started having internet problems.

 

Sorry again for the confusion and thank you for all of your help!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...