Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Virus warnings on all downloads
Message
<blockquote data-quote="mensatic" data-source="post: 143755" data-attributes="member: 14788"><p>Here is the log Combofix generated:</p><p></p><p>ComboFix 13-11-11.01 - Emily 11/11/2013 18:13:23.1.6 - x64</p><p>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.10232.8031 [GMT -5:00]</p><p>Running from: c:\users\Emily\Desktop\ComboFix.exe</p><p>AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}</p><p>SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}</p><p>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>.</p><p>.</p><p>((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>C:\END</p><p>c:\program files (x86)\Caller ID\Caller ID.exe</p><p>c:\program files (x86)\Google\Desktop\Install</p><p>c:\program files (x86)\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\9519~1\A535~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\@</p><p>c:\program files (x86)\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\9519~1\A535~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\L\00000004.@</p><p>c:\programdata\ntuser.dat</p><p>c:\users\Emily\AppData\Local\fhojbfdm.exe</p><p>c:\users\Emily\AppData\Local\Google\Desktop\Install</p><p>c:\users\Emily\AppData\Local\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\2E2F~1\28F0~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\@</p><p>c:\users\Emily\AppData\Roaming\SearchProtect</p><p>c:\users\Emily\AppData\Roaming\SearchProtect\bin\rep.dat</p><p>c:\users\Emily\Documents\~WRL0001.tmp</p><p>c:\windows\assembly\GAC_32\Desktop.ini</p><p>c:\windows\assembly\GAC_64\Desktop.ini</p><p>c:\windows\PFRO.log</p><p>c:\windows\SysWow64\.txt</p><p>c:\windows\SysWow64\Cache</p><p>c:\windows\SysWow64\Cache\0285860eb8fbd3af.fb</p><p>c:\windows\SysWow64\Cache\075884af680ff6dc.fb</p><p>c:\windows\SysWow64\Cache\227113dfa1ca894d.fb</p><p>c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb</p><p>c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb</p><p>c:\windows\SysWow64\Cache\633a76311867bd11.fb</p><p>c:\windows\SysWow64\Cache\691f14230153a9e1.fb</p><p>c:\windows\SysWow64\Cache\6cb409d7ac73d9f1.fb</p><p>c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb</p><p>c:\windows\SysWow64\Cache\77664b6ccc36be9f.fb</p><p>c:\windows\SysWow64\Cache\881b3593316772f0.fb</p><p>c:\windows\SysWow64\Cache\98657d0579ae1930.fb</p><p>c:\windows\SysWow64\Cache\d5c0f4e7bbe35bf3.fb</p><p>c:\windows\SysWow64\Cache\d9ca663388d21ec0.fb</p><p>c:\windows\SysWow64\Cache\f2cda51fd108941f.fb</p><p>c:\windows\SysWow64\Cache\f34d8db84131d925.fb</p><p>.</p><p>.</p><p>((((((((((((((((((((((((( Files Created from 2013-10-11 to 2013-11-11 )))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>2013-11-11 23:25 . 2013-11-11 23:25 -------- d-----w- c:\users\Default\AppData\Local\temp</p><p>2013-11-11 22:18 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys</p><p>2013-11-11 22:18 . 2013-11-11 22:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware</p><p>2013-11-11 22:06 . 2013-11-11 22:06 -------- d-----w- c:\programdata\p3Vgvns3</p><p>2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\users\Emily\AppData\Roaming\Malwarebytes</p><p>2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\programdata\Malwarebytes</p><p>2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\users\Emily\AppData\Local\Programs</p><p>2013-11-10 22:08 . 2013-11-10 22:26 -------- d-----w- c:\program files (x86)\supportdotcom</p><p>2013-11-10 22:06 . 2013-11-10 22:06 -------- d-----w- c:\program files (x86)\Common Files\supportdotcom</p><p>2013-11-10 03:27 . 2013-08-29 02:17 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe</p><p>2013-11-10 03:24 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll</p><p>2013-11-10 03:06 . 2013-11-10 03:06 -------- d-----w- c:\programdata\SMR410</p><p>2013-11-01 19:59 . 2013-11-11 02:16 -------- d-----w- c:\program files (x86)\SearchProtect</p><p>2013-11-01 19:59 . 2013-11-01 19:59 -------- d-----w- c:\users\Emily\AppData\Local\NativeMessaging</p><p>2013-11-01 14:45 . 2013-11-02 03:00 -------- d-----w- c:\programdata\AVG SafeGuard toolbar</p><p>2013-11-01 13:45 . 2013-11-01 13:45 -------- d-----w- c:\users\Emily\AppData\Local\AVG Secure Search</p><p>2013-11-01 01:57 . 2013-11-01 01:58 -------- d-----w- c:\users\Emily\AppData\Local\AVG SafeGuard toolbar</p><p>2013-11-01 01:57 . 2013-11-01 01:56 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys</p><p>2013-11-01 01:56 . 2013-11-01 01:57 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search</p><p>2013-11-01 01:56 . 2013-11-02 03:00 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar</p><p>2013-11-01 01:56 . 2013-11-01 01:56 -------- d--h--w- c:\programdata\Common Files</p><p>2013-10-20 12:08 . 2013-10-20 12:08 -------- d-----w- c:\programdata\Oracle</p><p>2013-10-20 12:08 . 2013-10-20 12:08 -------- d-----w- c:\program files (x86)\Common Files\Java</p><p>2013-10-20 12:07 . 2013-10-08 11:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll</p><p>.</p><p>.</p><p>.</p><p>(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>2013-10-23 13:37 . 2013-10-23 13:37 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin</p><p>2013-09-25 15:10 . 2013-09-25 15:10 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 61952 ----a-w- c:\windows\SysWow64\tdc.ocx</p><p>2013-09-25 15:10 . 2013-09-25 15:10 523264 ----a-w- c:\windows\SysWow64\vbscript.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 38400 ----a-w- c:\windows\SysWow64\imgutil.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 361984 ----a-w- c:\windows\SysWow64\html.iec</p><p>2013-09-25 15:10 . 2013-09-25 15:10 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 226304 ----a-w- c:\windows\system32\elshyph.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 185344 ----a-w- c:\windows\SysWow64\elshyph.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 158720 ----a-w- c:\windows\SysWow64\msls31.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl</p><p>2013-09-25 15:10 . 2013-09-25 15:10 138752 ----a-w- c:\windows\SysWow64\wextract.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 12800 ----a-w- c:\windows\SysWow64\mshta.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 97280 ----a-w- c:\windows\system32\mshtmled.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 81408 ----a-w- c:\windows\system32\icardie.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 762368 ----a-w- c:\windows\system32\ieapfltr.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 452096 ----a-w- c:\windows\system32\dxtmsft.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 441856 ----a-w- c:\windows\system32\html.iec</p><p>2013-09-25 15:10 . 2013-09-25 15:10 281600 ----a-w- c:\windows\system32\dxtrans.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 27648 ----a-w- c:\windows\system32\licmgr10.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 270848 ----a-w- c:\windows\system32\iedkcs32.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 247296 ----a-w- c:\windows\system32\webcheck.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 235008 ----a-w- c:\windows\system32\url.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 216064 ----a-w- c:\windows\system32\msls31.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 197120 ----a-w- c:\windows\system32\msrating.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 1509376 ----a-w- c:\windows\system32\inetcpl.cpl</p><p>2013-09-25 15:10 . 2013-09-25 15:10 144896 ----a-w- c:\windows\system32\wextract.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 1400416 ----a-w- c:\windows\system32\ieapfltr.dat</p><p>2013-09-25 15:10 . 2013-09-25 15:10 102912 ----a-w- c:\windows\system32\inseng.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 167424 ----a-w- c:\windows\system32\iexpress.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 77312 ----a-w- c:\windows\system32\tdc.ocx</p><p>2013-09-25 15:10 . 2013-09-25 15:10 62976 ----a-w- c:\windows\system32\pngfilt.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 599552 ----a-w- c:\windows\system32\vbscript.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 52224 ----a-w- c:\windows\system32\msfeedsbs.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 51200 ----a-w- c:\windows\system32\imgutil.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 48640 ----a-w- c:\windows\system32\mshtmler.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 173568 ----a-w- c:\windows\system32\ieUnatt.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 149504 ----a-w- c:\windows\system32\occache.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 13824 ----a-w- c:\windows\system32\mshta.exe</p><p>2013-09-25 15:10 . 2013-09-25 15:10 136192 ----a-w- c:\windows\system32\iepeers.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 135680 ----a-w- c:\windows\system32\IEAdvpack.dll</p><p>2013-09-25 15:10 . 2013-09-25 15:10 12800 ----a-w- c:\windows\system32\msfeedssync.exe</p><p>2013-09-25 15:07 . 2013-09-25 15:07 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 648192 ----a-w- c:\windows\system32\d3d10level9.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 465920 ----a-w- c:\windows\system32\WMPhoto.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3928064 ----a-w- c:\windows\system32\d2d1.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 363008 ----a-w- c:\windows\system32\dxgi.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 333312 ----a-w- c:\windows\system32\d3d10_1core.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 296960 ----a-w- c:\windows\system32\d3d10core.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 293376 ----a-w- c:\windows\SysWow64\dxgi.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 2565120 ----a-w- c:\windows\system32\d3d10warp.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 221184 ----a-w- c:\windows\system32\UIAnimation.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 194560 ----a-w- c:\windows\system32\d3d10_1.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1682432 ----a-w- c:\windows\system32\XpsPrint.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1238528 ----a-w- c:\windows\system32\d3d10.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1175552 ----a-w- c:\windows\system32\FntCache.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll</p><p>2013-09-25 15:07 . 2013-09-25 15:07 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll</p><p>2013-08-29 01:48 . 2013-11-10 03:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll</p><p>.</p><p>.</p><p>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))</p><p>.</p><p>.</p><p>*Note* empty entries & legit default entries are not shown </p><p>REGEDIT4</p><p>.</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]</p><p>"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936]</p><p>.</p><p>[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]</p><p>2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]</p><p>2013-11-02 02:59 3353624 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]</p><p>"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936]</p><p>"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll" [2013-11-02 3353624]</p><p>.</p><p>[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]</p><p>.</p><p>[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]</p><p>[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]</p><p>[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]</p><p>@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]</p><p>2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]</p><p>@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]</p><p>2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]</p><p>@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]</p><p>2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll</p><p>.</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928]</p><p>"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20681584]</p><p>"BackgroundContainer"="c:\users\Emily\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-10-14 319264]</p><p>"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-11-11 109784]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]</p><p>"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-14 336384]</p><p>"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]</p><p>"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" [2009-04-04 385024]</p><p>"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]</p><p>"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]</p><p>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]</p><p>"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]</p><p>"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]</p><p>"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]</p><p>"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136]</p><p>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]</p><p>"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-11-02 2404376]</p><p>.</p><p>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\</p><p>HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]</p><p>"ConsentPromptBehaviorAdmin"= 5 (0x5)</p><p>"ConsentPromptBehaviorUser"= 3 (0x3)</p><p>"EnableLUA"= 0 (0x0)</p><p>"EnableUIADesktopToggle"= 0 (0x0)</p><p>"EnableVirtualization"= 0 (0x0)</p><p>.</p><p>R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/05/19 00:16;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x]</p><p>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]</p><p>R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]</p><p>R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]</p><p>R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]</p><p>R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x]</p><p>R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]</p><p>R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]</p><p>R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]</p><p>R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys;c:\windows\SYSNATIVE\DRIVERS\rcmirror.sys [x]</p><p>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]</p><p>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]</p><p>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]</p><p>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]</p><p>S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x]</p><p>S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]</p><p>S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMDS64.SYS [x]</p><p>S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMEFA64.SYS [x]</p><p>S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]</p><p>S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\BASHDefs\20131101.003\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [x]</p><p>S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\ccSetx64.sys [x]</p><p>S1 ccSet_NST;Norton Safe Web Lite Settings Manager;c:\windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\0200000.010\ccSetx64.sys [x]</p><p>S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\IPSDefs\20131110.003\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\IPSDefs\20131110.003\IDSvia64.sys [x]</p><p>S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\Ironx64.SYS [x]</p><p>S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1404000.028\SYMNETS.SYS [x]</p><p>S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]</p><p>S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]</p><p>S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [x]</p><p>S2 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe [x]</p><p>S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]</p><p>S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]</p><p>S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [x]</p><p>S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]</p><p>S2 NSL;Norton Safe Web Lite;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [x]</p><p>S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]</p><p>S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x]</p><p>S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]</p><p>S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x]</p><p>S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x]</p><p>S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]</p><p>S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]</p><p>S3 HCW723x;Hauppauge WinTV 723x PCIe Card;c:\windows\system32\DRIVERS\HCW723x.sys;c:\windows\SYSNATIVE\DRIVERS\HCW723x.sys [x]</p><p>S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]</p><p>S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]</p><p>S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]</p><p>S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x]</p><p>.</p><p>.</p><p>--- Other Services/Drivers In Memory ---</p><p>.</p><p>*NewlyCreated* - WS2IFSL</p><p>*Deregistered* - CLKMDRV10_38F51D56</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]</p><p>hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]</p><p>2013-10-17 12:32 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe</p><p>.</p><p>Contents of the 'Scheduled Tasks' folder</p><p>.</p><p>2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 01:26]</p><p>.</p><p>2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 01:26]</p><p>.</p><p>2013-11-11 c:\windows\Tasks\HPCeeScheduleForEmily.job</p><p>- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]</p><p>.</p><p>.</p><p>--------- X64 Entries -----------</p><p>.</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]</p><p>@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]</p><p>2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]</p><p>@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]</p><p>2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]</p><p>@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"</p><p>[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]</p><p>2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll</p><p>.</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]</p><p>"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]</p><p>.</p><p>------- Supplementary Scan -------</p><p>.</p><p>uStart Page = hxxp://my.yahoo.com/</p><p>uLocal Page = c:\windows\system32\blank.htm</p><p>uInternet Settings,ProxyOverride = *.local</p><p>uSearchAssistant = hxxp://www.google.com/ie</p><p>uSearchURL,(Default) = hxxp://www.google.com/search?q=%s</p><p>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200</p><p>IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html</p><p>IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html</p><p>IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html</p><p>IE: Show RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html</p><p>TCP: DhcpNameServer = 192.168.1.1</p><p>Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll</p><p>.</p><p>- - - - ORPHANS REMOVED - - - -</p><p>.</p><p>URLSearchHooks-{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)</p><p>c:\users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Caller ID.lnk - c:\program files (x86)\Caller ID\Caller ID.exe</p><p>c:\users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk - c:\program files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe</p><p>HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start</p><p>WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)</p><p>WebBrowser-{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - (no file)</p><p>AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe</p><p>AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe</p><p>.</p><p>.</p><p>.</p><p>[HKEY_LOCAL_MACHINE\system\ControlSet002\services\NAV]</p><p>"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"</p><p>--</p><p>.</p><p>[HKEY_LOCAL_MACHINE\system\ControlSet002\services\NSL]</p><p>"ImagePath"="\"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1"</p><p>--</p><p>.</p><p>[HKEY_LOCAL_MACHINE\system\ControlSet002\services\pdfcDispatcher]</p><p>"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"</p><p>.</p><p>--------------------- LOCKED REGISTRY KEYS ---------------------</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]</p><p>@Denied: (A) (Everyone)</p><p>"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]</p><p>@Denied: (A) (Everyone)</p><p>.</p><p>[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]</p><p>"Key"="ActionsPane3"</p><p>"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"</p><p>.</p><p>[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]</p><p>@Denied: (Full) (Everyone)</p><p>.</p><p>------------------------ Other Running Processes ------------------------</p><p>.</p><p>c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>c:\windows\SysWOW64\Rundll32.exe</p><p>c:\program files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe</p><p>c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe</p><p>c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe</p><p>c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe</p><p>c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe</p><p>c:\program files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe</p><p>c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe</p><p>c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe</p><p>c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe</p><p>c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe</p><p>.</p><p>**************************************************************************</p><p>.</p><p>Completion time: 2013-11-11 18:34:07 - machine was rebooted</p><p>ComboFix-quarantined-files.txt 2013-11-11 23:34</p><p>.</p><p>Pre-Run: 1,324,952,137,728 bytes free</p><p>Post-Run: 1,334,658,850,816 bytes free</p><p>.</p><p>- - End Of File - - 554DAD0F1E823C9670E1C7622866ADDB</p></blockquote><p></p>
[QUOTE="mensatic, post: 143755, member: 14788"] Here is the log Combofix generated: ComboFix 13-11-11.01 - Emily 11/11/2013 18:13:23.1.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.10232.8031 [GMT -5:00] Running from: c:\users\Emily\Desktop\ComboFix.exe AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\program files (x86)\Caller ID\Caller ID.exe c:\program files (x86)\Google\Desktop\Install c:\program files (x86)\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\9519~1\A535~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\@ c:\program files (x86)\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\9519~1\A535~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\L\00000004.@ c:\programdata\ntuser.dat c:\users\Emily\AppData\Local\fhojbfdm.exe c:\users\Emily\AppData\Local\Google\Desktop\Install c:\users\Emily\AppData\Local\Google\Desktop\Install\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\2E2F~1\28F0~1\E628~1\{d50b01d0-e134-56dd-6ab6-f41b4cec6db3}\@ c:\users\Emily\AppData\Roaming\SearchProtect c:\users\Emily\AppData\Roaming\SearchProtect\bin\rep.dat c:\users\Emily\Documents\~WRL0001.tmp c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\PFRO.log c:\windows\SysWow64\.txt c:\windows\SysWow64\Cache c:\windows\SysWow64\Cache\0285860eb8fbd3af.fb c:\windows\SysWow64\Cache\075884af680ff6dc.fb c:\windows\SysWow64\Cache\227113dfa1ca894d.fb c:\windows\SysWow64\Cache\49fbbc5a8678d502.fb c:\windows\SysWow64\Cache\613e8ce7ab7106af.fb c:\windows\SysWow64\Cache\633a76311867bd11.fb c:\windows\SysWow64\Cache\691f14230153a9e1.fb c:\windows\SysWow64\Cache\6cb409d7ac73d9f1.fb c:\windows\SysWow64\Cache\7614bd6cfa99e546.fb c:\windows\SysWow64\Cache\77664b6ccc36be9f.fb c:\windows\SysWow64\Cache\881b3593316772f0.fb c:\windows\SysWow64\Cache\98657d0579ae1930.fb c:\windows\SysWow64\Cache\d5c0f4e7bbe35bf3.fb c:\windows\SysWow64\Cache\d9ca663388d21ec0.fb c:\windows\SysWow64\Cache\f2cda51fd108941f.fb c:\windows\SysWow64\Cache\f34d8db84131d925.fb . . ((((((((((((((((((((((((( Files Created from 2013-10-11 to 2013-11-11 ))))))))))))))))))))))))))))))) . . 2013-11-11 23:25 . 2013-11-11 23:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-11 22:18 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-11-11 22:18 . 2013-11-11 22:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-11-11 22:06 . 2013-11-11 22:06 -------- d-----w- c:\programdata\p3Vgvns3 2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\users\Emily\AppData\Roaming\Malwarebytes 2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\programdata\Malwarebytes 2013-11-11 01:58 . 2013-11-11 01:58 -------- d-----w- c:\users\Emily\AppData\Local\Programs 2013-11-10 22:08 . 2013-11-10 22:26 -------- d-----w- c:\program files (x86)\supportdotcom 2013-11-10 22:06 . 2013-11-10 22:06 -------- d-----w- c:\program files (x86)\Common Files\supportdotcom 2013-11-10 03:27 . 2013-08-29 02:17 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-11-10 03:24 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll 2013-11-10 03:06 . 2013-11-10 03:06 -------- d-----w- c:\programdata\SMR410 2013-11-01 19:59 . 2013-11-11 02:16 -------- d-----w- c:\program files (x86)\SearchProtect 2013-11-01 19:59 . 2013-11-01 19:59 -------- d-----w- c:\users\Emily\AppData\Local\NativeMessaging 2013-11-01 14:45 . 2013-11-02 03:00 -------- d-----w- c:\programdata\AVG SafeGuard toolbar 2013-11-01 13:45 . 2013-11-01 13:45 -------- d-----w- c:\users\Emily\AppData\Local\AVG Secure Search 2013-11-01 01:57 . 2013-11-01 01:58 -------- d-----w- c:\users\Emily\AppData\Local\AVG SafeGuard toolbar 2013-11-01 01:57 . 2013-11-01 01:56 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-11-01 01:56 . 2013-11-01 01:57 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2013-11-01 01:56 . 2013-11-02 03:00 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar 2013-11-01 01:56 . 2013-11-01 01:56 -------- d--h--w- c:\programdata\Common Files 2013-10-20 12:08 . 2013-10-20 12:08 -------- d-----w- c:\programdata\Oracle 2013-10-20 12:08 . 2013-10-20 12:08 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-10-20 12:07 . 2013-10-08 11:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-23 13:37 . 2013-10-23 13:37 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin 2013-09-25 15:10 . 2013-09-25 15:10 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-09-25 15:10 . 2013-09-25 15:10 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-09-25 15:10 . 2013-09-25 15:10 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-09-25 15:10 . 2013-09-25 15:10 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-09-25 15:10 . 2013-09-25 15:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-09-25 15:10 . 2013-09-25 15:10 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-09-25 15:10 . 2013-09-25 15:10 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-09-25 15:10 . 2013-09-25 15:10 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-09-25 15:10 . 2013-09-25 15:10 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-09-25 15:10 . 2013-09-25 15:10 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-09-25 15:10 . 2013-09-25 15:10 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-09-25 15:10 . 2013-09-25 15:10 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-09-25 15:10 . 2013-09-25 15:10 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-09-25 15:10 . 2013-09-25 15:10 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-09-25 15:10 . 2013-09-25 15:10 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-09-25 15:10 . 2013-09-25 15:10 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-09-25 15:10 . 2013-09-25 15:10 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-09-25 15:10 . 2013-09-25 15:10 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-09-25 15:10 . 2013-09-25 15:10 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-09-25 15:10 . 2013-09-25 15:10 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-09-25 15:10 . 2013-09-25 15:10 81408 ----a-w- c:\windows\system32\icardie.dll 2013-09-25 15:10 . 2013-09-25 15:10 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-09-25 15:10 . 2013-09-25 15:10 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-09-25 15:10 . 2013-09-25 15:10 441856 ----a-w- c:\windows\system32\html.iec 2013-09-25 15:10 . 2013-09-25 15:10 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-09-25 15:10 . 2013-09-25 15:10 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-09-25 15:10 . 2013-09-25 15:10 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-09-25 15:10 . 2013-09-25 15:10 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-09-25 15:10 . 2013-09-25 15:10 235008 ----a-w- c:\windows\system32\url.dll 2013-09-25 15:10 . 2013-09-25 15:10 216064 ----a-w- c:\windows\system32\msls31.dll 2013-09-25 15:10 . 2013-09-25 15:10 197120 ----a-w- c:\windows\system32\msrating.dll 2013-09-25 15:10 . 2013-09-25 15:10 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-09-25 15:10 . 2013-09-25 15:10 144896 ----a-w- c:\windows\system32\wextract.exe 2013-09-25 15:10 . 2013-09-25 15:10 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-09-25 15:10 . 2013-09-25 15:10 102912 ----a-w- c:\windows\system32\inseng.dll 2013-09-25 15:10 . 2013-09-25 15:10 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-09-25 15:10 . 2013-09-25 15:10 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-09-25 15:10 . 2013-09-25 15:10 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-09-25 15:10 . 2013-09-25 15:10 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-09-25 15:10 . 2013-09-25 15:10 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-09-25 15:10 . 2013-09-25 15:10 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-09-25 15:10 . 2013-09-25 15:10 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-09-25 15:10 . 2013-09-25 15:10 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-09-25 15:10 . 2013-09-25 15:10 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-09-25 15:10 . 2013-09-25 15:10 149504 ----a-w- c:\windows\system32\occache.dll 2013-09-25 15:10 . 2013-09-25 15:10 13824 ----a-w- c:\windows\system32\mshta.exe 2013-09-25 15:10 . 2013-09-25 15:10 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-09-25 15:10 . 2013-09-25 15:10 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-09-25 15:10 . 2013-09-25 15:10 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-09-25 15:07 . 2013-09-25 15:07 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-09-25 15:07 . 2013-09-25 15:07 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-09-25 15:07 . 2013-09-25 15:07 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-09-25 15:07 . 2013-09-25 15:07 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-09-25 15:07 . 2013-09-25 15:07 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-09-25 15:07 . 2013-09-25 15:07 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-09-25 15:07 . 2013-09-25 15:07 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-09-25 15:07 . 2013-09-25 15:07 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-09-25 15:07 . 2013-09-25 15:07 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-09-25 15:07 . 2013-09-25 15:07 293376 ----a-w- c:\windows\SysWow64\dxgi.dll 2013-09-25 15:07 . 2013-09-25 15:07 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-09-25 15:07 . 2013-09-25 15:07 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-09-25 15:07 . 2013-09-25 15:07 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-09-25 15:07 . 2013-09-25 15:07 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-09-25 15:07 . 2013-09-25 15:07 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2013-09-25 15:07 . 2013-09-25 15:07 221184 ----a-w- c:\windows\system32\UIAnimation.dll 2013-09-25 15:07 . 2013-09-25 15:07 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-09-25 15:07 . 2013-09-25 15:07 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-09-25 15:07 . 2013-09-25 15:07 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2013-09-25 15:07 . 2013-09-25 15:07 194560 ----a-w- c:\windows\system32\d3d10_1.dll 2013-09-25 15:07 . 2013-09-25 15:07 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll 2013-09-25 15:07 . 2013-09-25 15:07 1682432 ----a-w- c:\windows\system32\XpsPrint.dll 2013-09-25 15:07 . 2013-09-25 15:07 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2013-09-25 15:07 . 2013-09-25 15:07 1238528 ----a-w- c:\windows\system32\d3d10.dll 2013-09-25 15:07 . 2013-09-25 15:07 1175552 ----a-w- c:\windows\system32\FntCache.dll 2013-09-25 15:07 . 2013-09-25 15:07 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-09-25 15:07 . 2013-09-25 15:07 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll 2013-09-25 15:07 . 2013-09-25 15:07 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-09-25 15:07 . 2013-09-25 15:07 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-08-29 01:48 . 2013-11-10 03:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2013-11-02 02:59 3353624 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files (x86)\Swag_Bucks\prxtbSwa0.dll" [2011-05-09 176936] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll" [2013-11-02 3353624] . [HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1] [HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-08-17 04:13 220608 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20681584] "BackgroundContainer"="c:\users\Emily\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-10-14 319264] "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-11-11 109784] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-14 336384] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" [2009-04-04 385024] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392] "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-13 204136] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2013-11-02 2404376] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "EnableVirtualization"= 0 (0x0) . R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/05/19 00:16;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x] R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x] R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys;c:\windows\SYSNATIVE\DRIVERS\rcmirror.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\SYMEFA64.SYS [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\BASHDefs\20131101.003\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [x] S1 ccSet_NAV;Norton AntiVirus Settings Manager;c:\windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\ccSetx64.sys [x] S1 ccSet_NST;Norton Safe Web Lite Settings Manager;c:\windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\0200000.010\ccSetx64.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\IPSDefs\20131110.003\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.4.0.40\Definitions\IPSDefs\20131110.003\IDSvia64.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1404000.028\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1404000.028\SYMNETS.SYS [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [x] S2 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [x] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 NSL;Norton Safe Web Lite;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [x] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\SYSNATIVE\drivers\amdiox64.sys [x] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 HCW723x;Hauppauge WinTV 723x PCIe Card;c:\windows\system32\DRIVERS\HCW723x.sys;c:\windows\SYSNATIVE\DRIVERS\HCW723x.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_38F51D56 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-17 12:32 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 01:26] . 2013-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-04 01:26] . 2013-11-11 c:\windows\Tasks\HPCeeScheduleForEmily.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2012-08-17 04:13 244672 ----a-w- c:\users\Emily\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] . ------- Supplementary Scan ------- . uStart Page = hxxp://my.yahoo.com/ uLocal Page = c:\windows\system32\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html IE: Show RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file) c:\users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Caller ID.lnk - c:\program files (x86)\Caller ID\Caller ID.exe c:\users\Emily\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk - c:\program files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file) WebBrowser-{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\NAV] "ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\NSL] "ImagePath"="\"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\system\ControlSet002\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\SysWOW64\Rundll32.exe c:\program files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe c:\program files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe c:\program files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe . ************************************************************************** . Completion time: 2013-11-11 18:34:07 - machine was rebooted ComboFix-quarantined-files.txt 2013-11-11 23:34 . Pre-Run: 1,324,952,137,728 bytes free Post-Run: 1,334,658,850,816 bytes free . - - End Of File - - 554DAD0F1E823C9670E1C7622866ADDB [/QUOTE]
Insert quotes…
Verification
Post reply
Top