Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I think I have the ib.adnxs tracker, and possibly similar.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I think I have the ib.adnxs tracker, and possibly similar.

Unread postby Chandler1987 » July 30th, 2012, 8:35 pm

DDS:.

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Christopher at 1:12:30 on 2012-07-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4009.1583 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\rundll32.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Samsung\PanelMgr\caller64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://ts.fujitsu.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun: [DeskUpdateNotifier] "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [CLX3180_Scan2Pc] C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
mRun: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
StartupFolder: C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{56E64B47-5279-43B2-87CE-4E64A1ABA77F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{56E64B47-5279-43B2-87CE-4E64A1ABA77F}\2416E6E69637475627 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{56E64B47-5279-43B2-87CE-4E64A1ABA77F}\35B4950393838383 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{56E64B47-5279-43B2-87CE-4E64A1ABA77F}\4514C4B44514C4B4D2033373431303 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{72FFA8FD-55F8-48B3-9BD5-7B5688FE03FC} : DhcpNameServer = 192.168.1.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
mRun-x64: [snp2uvc] C:\Windows\vsnp2uvc.exe
mRun-x64: [DeskUpdateNotifier] "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe"
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun-x64: [YouCam Mirror Tray icon] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun-x64: [CLX3180_Scan2Pc] C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe
mRun-x64: [3180 Scan2PC] "C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\Windows\system32\Drivers\FBIOSDRV.sys --> C:\Windows\system32\Drivers\FBIOSDRV.sys [?]
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-7-12 1161376]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120727.001\IDSviA64.sys [2012-7-28 509088]
R1 RapportCerberus_34302;RapportCerberus_34302;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_34302.sys [2012-6-21 397520]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-7-8 55096]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-7-8 297048]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-11-3 983104]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-12 130008]
R2 PFNService;PFNService;C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2010-10-7 331776]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2011-5-7 63336]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-7-8 976728]
R2 Samsung Network Fax Server;Samsung Network Fax Server;C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe [2012-7-7 229888]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --> C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-24 2656280]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-3 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-14 138912]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\system32\drivers\FUJ02E3.sys --> C:\Windows\system32\drivers\FUJ02E3.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-23 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-29 250056]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-23 136176]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-07-24 18:39:44 -------- d-----w- C:\Users\Christopher\AppData\Local\ElevatedDiagnostics
2012-07-23 00:36:26 -------- d-----w- C:\Users\Christopher\AppData\Local\{F4E5C905-0E2D-4E48-A897-BABD2E78E009}
2012-07-23 00:36:15 -------- d-----w- C:\Users\Christopher\AppData\Local\{1EB88240-6469-43DF-BA7E-1CD9142DC8C2}
2012-07-23 00:26:54 -------- d-----w- C:\Users\Christopher\AppData\Local\{AE92B10A-323B-4806-AAD7-B7DF7F4EEE61}
2012-07-23 00:26:42 -------- d-----w- C:\Users\Christopher\AppData\Local\{79BA9BDE-0D7B-4275-BB54-160A46A25F24}
2012-07-23 00:25:10 -------- d-----w- C:\Users\Christopher\AppData\Local\{F4740A95-A9B0-4D9C-B562-24E8FA83BCE2}
2012-07-23 00:24:59 -------- d-----w- C:\Users\Christopher\AppData\Local\{8A709A8F-FDAD-4445-B1B2-6661DE1744EB}
2012-07-23 00:24:48 -------- d-----w- C:\Users\Christopher\AppData\Local\{3E6D4A16-1D4D-432D-B105-D764AEFC6443}
2012-07-23 00:24:37 -------- d-----w- C:\Users\Christopher\AppData\Local\{CE105938-DE3C-4526-AE3E-E5402145DE57}
2012-07-23 00:22:10 -------- d-----w- C:\Users\Christopher\AppData\Local\{7A1E933A-B598-4770-AAF7-8AC1862E134A}
2012-07-23 00:21:59 -------- d-----w- C:\Users\Christopher\AppData\Local\{ED402DDC-4035-48EB-AE98-BF60E14DA5CF}
2012-07-23 00:21:22 -------- d-----w- C:\Users\Christopher\AppData\Local\{06710D16-FB0E-4F31-BFAB-19EB65771780}
2012-07-23 00:21:09 -------- d-----w- C:\Users\Christopher\AppData\Local\{7E96E8A1-2ECE-4BE9-9353-3242CB31FE41}
2012-07-22 23:59:02 -------- d-----w- C:\Users\Christopher\AppData\Local\{5C67F866-037A-45FC-A3D4-2C00235391ED}
2012-07-22 23:58:51 -------- d-----w- C:\Users\Christopher\AppData\Local\{8B84F68F-858C-41AC-96DA-B1007FE83FE5}
2012-07-22 23:58:40 -------- d-----w- C:\Users\Christopher\AppData\Local\{417EDBFA-1D6F-4CBA-BD64-8F5FF2C0D809}
2012-07-22 23:58:29 -------- d-----w- C:\Users\Christopher\AppData\Local\{7BCF857B-C54F-4F6E-B0A4-F7121053204D}
2012-07-22 23:54:49 -------- d-----w- C:\Users\Christopher\AppData\Local\{24727021-05B7-4DF0-98A6-2ACD29E6AF1F}
2012-07-22 23:54:37 -------- d-----w- C:\Users\Christopher\AppData\Local\{A0977A1A-1C00-4BDB-BAC3-18EC86C66CF0}
2012-07-22 23:52:03 -------- d-----w- C:\Users\Christopher\AppData\Local\{ECB5BAAA-702E-4F9B-8F8A-82620188069F}
2012-07-22 23:51:52 -------- d-----w- C:\Users\Christopher\AppData\Local\{6688FE1E-B836-4997-8174-4CA985B55DC4}
2012-07-22 23:50:24 -------- d-----w- C:\Users\Christopher\AppData\Local\{E7FA76E8-ADAC-4168-BCA4-C21B24B4A8FA}
2012-07-22 23:50:13 -------- d-----w- C:\Users\Christopher\AppData\Local\{ECBD5E9A-6746-48EE-81DE-AE18E29C5A22}
2012-07-22 23:47:04 -------- d-----w- C:\Users\Christopher\AppData\Local\{B4E0D396-7020-4507-B506-E6D3B0F9B7A2}
2012-07-22 23:46:52 -------- d-----w- C:\Users\Christopher\AppData\Local\{B7076357-649C-4290-BBD5-0B138506A737}
2012-07-22 23:42:00 -------- d-----w- C:\Users\Christopher\AppData\Local\{CC8E4E0D-AB95-4679-BD4A-A70062727A2C}
2012-07-22 23:41:48 -------- d-----w- C:\Users\Christopher\AppData\Local\{60544D65-7097-49A1-BA61-3C2717A5344E}
2012-07-22 23:39:28 -------- d-----w- C:\Users\Christopher\AppData\Local\{7A2E6C51-F017-4CE3-AC87-4FDA723E67D3}
2012-07-22 23:39:17 -------- d-----w- C:\Users\Christopher\AppData\Local\{25ACA3F4-B33E-4436-9D53-14DDF84CDFDD}
2012-07-22 23:39:06 -------- d-----w- C:\Users\Christopher\AppData\Local\{C61B2642-9FB5-4F03-A938-5AA2DD4812F3}
2012-07-22 23:38:53 -------- d-----w- C:\Users\Christopher\AppData\Local\{95DCCBD7-C3E6-4608-AD80-E15B096E39BD}
2012-07-15 23:50:54 -------- d-----w- C:\Users\Christopher\AppData\Local\{BFB872C2-E30B-4AF8-AEB0-D7E87D417691}
2012-07-15 23:50:43 -------- d-----w- C:\Users\Christopher\AppData\Local\{194904ED-3F2C-4003-862D-D04071C2E94A}
2012-07-15 20:49:06 -------- d-----w- C:\Users\Christopher\AppData\Local\{F53DA260-6632-46F1-8069-5CF66175AB41}
2012-07-15 20:48:56 -------- d-----w- C:\Users\Christopher\AppData\Local\{735AD2B9-09AD-49C5-9B08-CBEE499D4089}
2012-07-15 20:48:45 -------- d-----w- C:\Users\Christopher\AppData\Local\{76A59A2F-F637-40F5-B9BA-A4CAFF9A1028}
2012-07-15 20:48:35 -------- d-----w- C:\Users\Christopher\AppData\Local\{A60E262B-B410-415C-B174-8A4FA59FCC69}
2012-07-15 20:48:24 -------- d-----w- C:\Users\Christopher\AppData\Local\{A2EFC297-72E1-49E5-AB13-CFF02E6035F9}
2012-07-15 20:48:13 -------- d-----w- C:\Users\Christopher\AppData\Local\{9F10F87D-4FDD-45C0-A9DC-08BFFE604E3A}
2012-07-15 20:48:02 -------- d-----w- C:\Users\Christopher\AppData\Local\{C553F1E5-6D14-4057-94CD-30311EB2EB34}
2012-07-15 20:47:52 -------- d-----w- C:\Users\Christopher\AppData\Local\{61F5EA34-94CB-4FEE-8C77-307CE00D884D}
2012-07-15 20:47:40 -------- d-----w- C:\Users\Christopher\AppData\Local\{FB6DCCDD-642D-4B86-AB14-CF9DC6B80787}
2012-07-15 20:47:30 -------- d-----w- C:\Users\Christopher\AppData\Local\{E30CD0F6-282B-4410-8E06-9D0956535A1B}
2012-07-15 20:27:57 -------- d-----w- C:\Users\Christopher\AppData\Local\{61A1EA89-ADAB-44A5-9C30-F917FB829458}
2012-07-12 02:07:49 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 08:41:15 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-07 12:20:40 474624 ----a-w- C:\Windows\prinst.exe
2012-07-07 12:20:23 240640 ----a-r- C:\Windows\System32\NetFaxPort64.dll
2012-07-07 12:19:32 53816 ----a-r- C:\Windows\System32\drivers\DgivEcp.sys
2012-07-07 12:19:31 36864 ------w- C:\Windows\SysWow64\SvcMan.exe
2012-07-07 12:16:37 -------- d-----w- C:\Program Files (x86)\Readiris10
2012-07-07 12:16:20 -------- d-----w- C:\Program Files (x86)\SmarThru 4
2012-07-07 12:15:46 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-07-07 12:15:46 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-07-07 12:15:46 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-07-07 12:15:45 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-07-07 12:14:51 -------- d-----w- C:\Program Files (x86)\Scan Assistant
2012-07-07 12:13:38 -------- d-----w- C:\Users\Christopher\AppData\Local\S2PC
2012-07-07 12:11:47 493432 ----a-w- C:\Windows\ssndii.exe
2012-07-07 12:11:46 -------- d-----w- C:\Program Files (x86)\SamsungPrinterLiveUpdate
2012-07-07 12:11:44 -------- d-----w- C:\Windows\Samsung
2012-07-07 12:11:42 143872 ----a-w- C:\Windows\Wiainst64.exe
2012-07-07 12:09:56 74240 ----a-w- C:\Windows\System32\ssdevm64.dll
2012-07-07 12:09:51 81920 ----a-w- C:\Windows\SysWow64\ssdevm.dll
2012-07-07 12:09:50 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
2012-07-07 12:09:48 701440 ----a-w- C:\Windows\SysWow64\msxml2.dll
2012-07-07 12:09:48 38160 ----a-w- C:\Windows\SysWow64\msxml2r.dll
2012-07-07 12:09:48 21776 ----a-w- C:\Windows\SysWow64\msxml2a.dll
2012-07-07 12:05:47 -------- d-----w- C:\Program Files (x86)\Samsung
2012-07-07 12:01:52 36864 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\sst2cpc.dll
2012-07-06 02:00:45 294912 ----a-w- C:\Windows\System32\browserchoice.exe
.
==================== Find3M ====================
.
2012-07-26 23:12:25 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-26 23:12:25 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-08 06:19:18 101464 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 14:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 14:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 1:13:12.37 ===============

ATTACH:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 23/09/2011 17:44:09
System Uptime: 30/07/2012 23:35:32 (2 hours ago)
.
Motherboard: FUJITSU | | FJNBB0F
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | Onboard | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 80 GiB total, 16.325 GiB free.
D: is FIXED (NTFS) - 365 GiB total, 354.219 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP113: 12/07/2012 03:00:27 - Windows Update
RP114: 18/07/2012 23:59:20 - Installed Rapport
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Advertising Center
Amazon MP3 Downloader 1.0.9
Anytime USB Charge Utility
Apple Application Support
Apple Software Update
Betfair Poker JPC 1.0.0
Championship Manager 01-02
CM3 Series SaveGame Editor 4.0 Build 4000
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeskUpdate 4.11
eBay
FJ Camera
Football Manager 2012
Fujitsu Display Manager
Fujitsu Hotkey Utility
Fujitsu MobilityCenter Extension Utility
Fujitsu System Extension Utility
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
ImagXpress
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) WiDi
International Cricket Captain 2009
Junk Mail filter update
LifeBook Application Panel
Maintenance Samsung CLX-3180 Series
Medieval II Total War
Mesh Runtime
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9 Essentials
Nero BurnRights
Nero BurnRights Help
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
neroxml
Norton Internet Security
Power Saving Utility
Raccolta foto di Windows Live
Rapport
Readiris Pro 10
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Samsung Network PC Fax
Samsung Scan Assistant
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Sid Meier's Civilization Chronicles
Skype Click to Call
Skype™ 5.5
SmarThru 4
Steam
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Worms Reloaded
.
==== Event Viewer Messages From Past Week ========
.
30/07/2012 23:36:04, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
26/07/2012 23:14:17, Error: Service Control Manager [7031] - The Google Software Updater service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.
24/07/2012 23:09:27, Error: bowser [8003] - The master browser has received a server announcement from the computer STEWART-TOSH that believes that it is the master browser for the domain on transport NetBT_Tcpip_{56E64B47-5279-43B2-87CE-4E64A1ABA77F}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

DESCRIPTION:

I have noticed that my computer's internet performance has slowed recently. What has specifically alerted me to the probable existence of adware on my machine though was click and holding 'back' in my browser only to see a list of website URLs including "ib.adnxs". I fear there may be other, similar pieces of software acting also, though I have no specific pointers here.

Thanks in advance for any help.
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm
Advertisement
Register to Remove

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby askey127 » August 2nd, 2012, 12:44 pm

Hi Chandler1987,
This looks harder and more complex than it is.
Just take one step at a time.
---------------------------------------------
Please download SystemLook from the link below and save it to your Desktop.
Download Mirror (32-bit)
Download Mirror (64-bit)
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox and paste it into the main textfield of SystemLook:
    Code: Select all
    :filefind
    *eoengine*
    *eobho*
    *EoRezo*
    
    :Regfind
    AFBB7970-789A-4264-BA70-E8127DECE400
    18AF7201-4F14-4BCF-93FE-45617CF259FF
    DF76E9B7-35EC-46FC-AF56-5B79DED9D64F
    C10DC1F4-CCDF-4224-A24D-B23AFC3573C8
    EoRezo
    eobho
    ieobho
    eoengine
    
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The results log can also be found on your Desktop, entitled SystemLook.txt

---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.

---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

So we will be looking for the contents of SystemLook.txt, and the contents of the two logs (OTL.txt and Extras.txt) from OTL.
You may use separate replies if more convenient.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby Chandler1987 » August 2nd, 2012, 7:56 pm

SystemLook:

SystemLook 30.07.11 by jpshortstuff
Log created at 00:47 on 03/08/2012 by Christopher
Administrator - Elevation successful

========== filefind ==========

Searching for "*eoengine*"
No files found.

Searching for "*eobho*"
No files found.

Searching for "*EoRezo*"
No files found.

========== Regfind ==========

Searching for "AFBB7970-789A-4264-BA70-E8127DECE400"
No data found.

Searching for "18AF7201-4F14-4BCF-93FE-45617CF259FF"
No data found.

Searching for "DF76E9B7-35EC-46FC-AF56-5B79DED9D64F"
No data found.

Searching for "C10DC1F4-CCDF-4224-A24D-B23AFC3573C8"
No data found.

Searching for "EoRezo"
No data found.

Searching for "eobho"
No data found.

Searching for "ieobho"
No data found.

Searching for "eoengine"
No data found.

-= EOF =-
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby Chandler1987 » August 2nd, 2012, 8:12 pm

OTL:

OTL logfile created on: 8/3/2012 12:55:08 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Christopher\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.91 Gb Total Physical Memory | 0.20 Gb Available Physical Memory | 5.03% Memory free
7.83 Gb Paging File | 0.72 Gb Available in Paging File | 9.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80.00 Gb Total Space | 14.99 Gb Free Space | 18.74% Space Free | Partition Type: NTFS
Drive D: | 365.13 Gb Total Space | 354.22 Gb Free Space | 97.01% Space Free | Partition Type: NTFS

Computer Name: CHRISTOPHERFUJI | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/03 00:53:23 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
PRC - [2012/08/02 23:43:18 | 007,601,880 | ---- | M] (Spotify Ltd) -- C:\Users\Christopher\AppData\Roaming\Spotify\spotify.exe
PRC - [2012/07/08 07:19:02 | 000,976,728 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/07/08 07:19:00 | 001,668,952 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/04/01 17:04:00 | 002,530,671 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\adb.exe
PRC - [2012/04/01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
PRC - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/02/23 18:25:16 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/01/03 14:10:44 | 001,494,424 | ---- | M] (Adobe Systems Incorporated) -- D:\Adobe\Reader\AcroRd32.exe
PRC - [2012/01/03 14:10:44 | 001,243,040 | ---- | M] (Adobe Systems Incorporated) -- D:\Adobe\Reader\AdobeCollabSync.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/27 07:22:28 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2011/07/06 13:17:17 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2011/04/29 08:58:05 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
PRC - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
PRC - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 19:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/10/13 13:04:22 | 000,097,560 | ---- | M] (Fujitsu Technology Solutions) -- C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
PRC - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/07/16 15:16:42 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/07/08 21:58:26 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/02 23:43:18 | 020,219,096 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2012/06/21 19:57:13 | 000,520,464 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll
MOD - [2012/06/14 01:53:42 | 000,113,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeskUpdateNotifier\e162e22686bf86d335d5ade7c7bc1844\DeskUpdateNotifier.ni.exe
MOD - [2012/06/14 01:45:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 01:45:05 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 09:17:14 | 000,696,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\log4net\9ab326b1ab7ea0327be0f063a352f29c\log4net.ni.dll
MOD - [2012/05/10 09:15:18 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/10 09:14:29 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 09:14:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 09:14:24 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 09:14:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/01 17:04:00 | 002,530,671 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\adb.exe
MOD - [2012/04/01 17:04:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll
MOD - [2012/04/01 17:04:00 | 000,634,880 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
MOD - [2012/04/01 17:04:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll
MOD - [2012/04/01 17:04:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll
MOD - [2012/04/01 17:04:00 | 000,385,024 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll
MOD - [2012/04/01 17:04:00 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll
MOD - [2012/04/01 17:04:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll
MOD - [2012/04/01 17:04:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll
MOD - [2012/04/01 17:04:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll
MOD - [2012/02/01 14:43:10 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2012/01/03 14:10:44 | 000,249,232 | ---- | M] () -- D:\Adobe\Reader\sqlite.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/06 13:17:17 | 000,688,128 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2011/04/29 08:58:05 | 001,990,144 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/11 10:46:14 | 000,293,888 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\NetModule2.dll
MOD - [2009/10/31 14:42:43 | 001,384,520 | ---- | M] () -- C:\Windows\twain_32\Samsung\CLX3180\SSOle.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/28 11:20:25 | 000,229,888 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Windows\SysNative\spool\drivers\x64\3\NetFaxServer64.exe -- (Samsung Network Fax Server)
SRV:64bit: - [2011/01/05 21:41:38 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/05 21:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/05 21:26:56 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/10/07 23:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/17 23:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/02 23:15:39 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/08 07:19:02 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/07/03 23:21:17 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/28 11:20:25 | 000,229,888 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe -- (Samsung Network Fax Server)
SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2011/02/01 22:24:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 22:24:38 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/03 20:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 20:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/16 15:16:42 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/08 07:19:18 | 000,101,464 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/24 14:50:21 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/04/15 03:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/24 06:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/03/24 06:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/03/15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/01/04 03:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/28 19:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/04 13:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 11:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/20 02:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/10/09 13:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010/05/07 03:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/11/19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/11/02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 09:16:42 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009/07/13 09:13:51 | 000,053,816 | R--- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV:64bit: - [2009/06/24 06:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 11:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 11:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2012/07/08 07:19:20 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/07/08 07:19:18 | 000,297,048 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/06/21 19:56:07 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2012/06/19 01:01:13 | 001,161,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120711.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/06/18 20:18:46 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120801.037\ex64.sys -- (NAVEX15)
DRV - [2012/06/18 20:18:46 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120801.037\eng64.sys -- (NAVENG)
DRV - [2012/06/14 19:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120801.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/05/31 15:34:53 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/05/31 15:34:53 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}
IE:64bit: - HKLM\..\SearchScopes\{D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}
IE - HKLM\..\SearchScopes\{D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bbc.co.uk/ [binary data]
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\..\SearchScopes,DefaultScope = {D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\..\SearchScopes\{D4C80E19-BBF2-4FC3-9CA0-6BC7912664FE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_enGB450GB450
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Adobe\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/02/19 22:45:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_10_1 [2012/07/30 23:36:26 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8773_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = D:\Adobe\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Search = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8773_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Users\Christopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [3180 Scan2PC] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLX3180_Scan2Pc] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe ()
O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1137987784-1896462866-409123985-1001..\Run: [Spotify] C:\Users\Christopher\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1137987784-1896462866-409123985-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56E64B47-5279-43B2-87CE-4E64A1ABA77F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72FFA8FD-55F8-48B3-9BD5-7B5688FE03FC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/03 00:53:18 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
[2012/08/03 00:35:25 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\VeryAndroid
[2012/08/03 00:35:23 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCToolforSMS
[2012/08/03 00:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCToolforSMS
[2012/08/02 23:43:22 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Spotify
[2012/08/02 23:42:17 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Spotify
[2012/08/02 23:41:41 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Apps
[2012/08/02 23:41:40 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Deployment
[2012/08/02 01:24:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\2012 Old
[2012/08/02 00:45:04 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{B6596573-FA15-414C-B47E-3D5E16CD4E68}
[2012/08/01 00:16:10 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/08/01 00:14:46 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012/08/01 00:14:39 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012/08/01 00:14:33 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012/08/01 00:14:27 | 000,000,000 | ---D | C] -- C:\Windows\it
[2012/08/01 00:14:20 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012/08/01 00:08:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/01 00:07:35 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{D4CC02E5-0982-4DBD-8AAE-C995D7DD2782}
[2012/08/01 00:06:00 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{41D14B4D-D13A-44B3-83A0-B0618355FF01}
[2012/08/01 00:05:49 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{42B74770-5D1F-45A6-8739-73D5703135D4}
[2012/08/01 00:04:23 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{F3A5203D-A580-4F64-A771-E8C240679215}
[2012/08/01 00:04:11 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{83832363-B506-413F-91D0-EF90C35F0613}
[2012/07/31 23:46:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/07/31 23:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2012/07/31 23:35:58 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\Outlook
[2012/07/31 23:35:04 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{6F0B2DC9-B0D1-474F-9D9D-652022E3F2A8}
[2012/07/31 23:34:53 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{497E25D9-CC25-421D-9694-32E7DE60BA81}
[2012/07/31 23:34:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My Photos
[2012/07/31 23:34:32 | 000,000,000 | ---D | C] -- C:\Users\Christopher\Documents\My Documents
[2012/07/31 23:32:02 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/07/31 23:29:44 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Htc
[2012/07/31 23:29:20 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Roaming\HTC
[2012/07/31 23:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2012/07/31 23:26:18 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\Downloaded Installations
[2012/07/31 23:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2012/07/31 23:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2012/07/31 23:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2012/07/31 23:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/07/31 23:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/07/24 19:39:44 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\ElevatedDiagnostics
[2012/07/23 01:36:26 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{F4E5C905-0E2D-4E48-A897-BABD2E78E009}
[2012/07/23 01:36:15 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{1EB88240-6469-43DF-BA7E-1CD9142DC8C2}
[2012/07/23 01:26:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{AE92B10A-323B-4806-AAD7-B7DF7F4EEE61}
[2012/07/23 01:26:42 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{79BA9BDE-0D7B-4275-BB54-160A46A25F24}
[2012/07/23 01:25:10 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{F4740A95-A9B0-4D9C-B562-24E8FA83BCE2}
[2012/07/23 01:24:59 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{8A709A8F-FDAD-4445-B1B2-6661DE1744EB}
[2012/07/23 01:24:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{3E6D4A16-1D4D-432D-B105-D764AEFC6443}
[2012/07/23 01:24:37 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{CE105938-DE3C-4526-AE3E-E5402145DE57}
[2012/07/23 01:22:10 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{7A1E933A-B598-4770-AAF7-8AC1862E134A}
[2012/07/23 01:21:59 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{ED402DDC-4035-48EB-AE98-BF60E14DA5CF}
[2012/07/23 01:21:22 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{06710D16-FB0E-4F31-BFAB-19EB65771780}
[2012/07/23 01:21:09 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{7E96E8A1-2ECE-4BE9-9353-3242CB31FE41}
[2012/07/23 00:59:02 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{5C67F866-037A-45FC-A3D4-2C00235391ED}
[2012/07/23 00:58:51 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{8B84F68F-858C-41AC-96DA-B1007FE83FE5}
[2012/07/23 00:58:40 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{417EDBFA-1D6F-4CBA-BD64-8F5FF2C0D809}
[2012/07/23 00:58:29 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{7BCF857B-C54F-4F6E-B0A4-F7121053204D}
[2012/07/23 00:54:49 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{24727021-05B7-4DF0-98A6-2ACD29E6AF1F}
[2012/07/23 00:54:37 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{A0977A1A-1C00-4BDB-BAC3-18EC86C66CF0}
[2012/07/23 00:52:03 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{ECB5BAAA-702E-4F9B-8F8A-82620188069F}
[2012/07/23 00:51:52 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{6688FE1E-B836-4997-8174-4CA985B55DC4}
[2012/07/23 00:50:24 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{E7FA76E8-ADAC-4168-BCA4-C21B24B4A8FA}
[2012/07/23 00:50:13 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{ECBD5E9A-6746-48EE-81DE-AE18E29C5A22}
[2012/07/23 00:47:04 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{B4E0D396-7020-4507-B506-E6D3B0F9B7A2}
[2012/07/23 00:46:52 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{B7076357-649C-4290-BBD5-0B138506A737}
[2012/07/23 00:42:00 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{CC8E4E0D-AB95-4679-BD4A-A70062727A2C}
[2012/07/23 00:41:48 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{60544D65-7097-49A1-BA61-3C2717A5344E}
[2012/07/23 00:39:28 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{7A2E6C51-F017-4CE3-AC87-4FDA723E67D3}
[2012/07/23 00:39:17 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{25ACA3F4-B33E-4436-9D53-14DDF84CDFDD}
[2012/07/23 00:39:06 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{C61B2642-9FB5-4F03-A938-5AA2DD4812F3}
[2012/07/23 00:38:53 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{95DCCBD7-C3E6-4608-AD80-E15B096E39BD}
[2012/07/16 00:50:54 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{BFB872C2-E30B-4AF8-AEB0-D7E87D417691}
[2012/07/16 00:50:43 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{194904ED-3F2C-4003-862D-D04071C2E94A}
[2012/07/15 21:49:06 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{F53DA260-6632-46F1-8069-5CF66175AB41}
[2012/07/15 21:48:56 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{735AD2B9-09AD-49C5-9B08-CBEE499D4089}
[2012/07/15 21:48:45 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{76A59A2F-F637-40F5-B9BA-A4CAFF9A1028}
[2012/07/15 21:48:35 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{A60E262B-B410-415C-B174-8A4FA59FCC69}
[2012/07/15 21:48:24 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{A2EFC297-72E1-49E5-AB13-CFF02E6035F9}
[2012/07/15 21:48:13 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{9F10F87D-4FDD-45C0-A9DC-08BFFE604E3A}
[2012/07/15 21:48:02 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{C553F1E5-6D14-4057-94CD-30311EB2EB34}
[2012/07/15 21:47:52 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{61F5EA34-94CB-4FEE-8C77-307CE00D884D}
[2012/07/15 21:47:40 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{FB6DCCDD-642D-4B86-AB14-CF9DC6B80787}
[2012/07/15 21:47:30 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{E30CD0F6-282B-4410-8E06-9D0956535A1B}
[2012/07/15 21:27:57 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\{61A1EA89-ADAB-44A5-9C30-F917FB829458}
[2012/07/12 03:02:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/12 03:02:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/12 03:02:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/12 03:02:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/12 03:02:09 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/12 03:02:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/12 03:02:09 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/12 03:02:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/12 03:02:07 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/12 03:02:07 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/12 03:02:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/12 03:02:06 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/12 03:02:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/11 09:41:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 09:41:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/11 09:41:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 09:41:07 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/11 09:41:07 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/07 13:20:40 | 000,474,624 | ---- | C] (Samsung Software Center) -- C:\Windows\prinst.exe
[2012/07/07 13:20:23 | 000,240,640 | R--- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\NetFaxPort64.dll
[2012/07/07 13:19:32 | 000,053,816 | R--- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\DgivEcp.sys
[2012/07/07 13:18:57 | 000,931,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTR13N.DLL
[2012/07/07 13:18:57 | 000,760,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx13n.ocx
[2012/07/07 13:18:57 | 000,533,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRVW13N.OCX
[2012/07/07 13:18:57 | 000,465,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRPR13n.DLL
[2012/07/07 13:18:57 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13s.DLL
[2012/07/07 13:18:57 | 000,326,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRIO13N.DLL
[2012/07/07 13:18:57 | 000,249,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13s.dll
[2012/07/07 13:18:57 | 000,187,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13s.dll
[2012/07/07 13:18:57 | 000,152,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13s.dll
[2012/07/07 13:18:57 | 000,099,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13s.dll
[2012/07/07 13:18:57 | 000,087,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13s.dll
[2012/07/07 13:18:57 | 000,086,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13s.dll
[2012/07/07 13:18:57 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13n.dll
[2012/07/07 13:18:57 | 000,057,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13s.dll
[2012/07/07 13:18:57 | 000,043,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13s.dll
[2012/07/07 13:18:57 | 000,043,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13s.dll
[2012/07/07 13:18:57 | 000,040,448 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13s.dll
[2012/07/07 13:18:57 | 000,037,888 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13s.dll
[2012/07/07 13:18:57 | 000,037,376 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13s.dll
[2012/07/07 13:18:57 | 000,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13s.dll
[2012/07/07 13:18:57 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13s.dll
[2012/07/07 13:18:57 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13s.dll
[2012/07/07 13:18:57 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13s.dll
[2012/07/07 13:18:57 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13s.dll
[2012/07/07 13:18:57 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13s.dll
[2012/07/07 13:18:57 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13n.dll
[2012/07/07 13:18:57 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13n.dll
[2012/07/07 13:18:57 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13n.dll
[2012/07/07 13:18:56 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCLR13n.dll
[2012/07/07 13:18:56 | 000,389,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13n.DLL
[2012/07/07 13:18:56 | 000,246,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13n.dll
[2012/07/07 13:18:56 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2012/07/07 13:18:56 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx13n.dll
[2012/07/07 13:18:56 | 000,182,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13n.dll
[2012/07/07 13:18:56 | 000,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltpnt13n.dll
[2012/07/07 13:18:56 | 000,142,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13n.dll
[2012/07/07 13:18:56 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTOCR13n.dll
[2012/07/07 13:18:56 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13n.dll
[2012/07/07 13:18:56 | 000,077,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTTLB13n.dll
[2012/07/07 13:18:56 | 000,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltbar13n.dll
[2012/07/07 13:18:56 | 000,067,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltpdg13n.dll
[2012/07/07 13:18:56 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13n.dll
[2012/07/07 13:18:56 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13n.dll
[2012/07/07 13:18:56 | 000,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn13n.dll
[2012/07/07 13:18:56 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttmb13n.dll
[2012/07/07 13:18:56 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13n.dll
[2012/07/07 13:18:56 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13n.dll
[2012/07/07 13:18:56 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13n.dll
[2012/07/07 13:18:56 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13n.dll
[2012/07/07 13:18:56 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13n.dll
[2012/07/07 13:18:56 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13n.dll
[2012/07/07 13:18:56 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13n.dll
[2012/07/07 13:18:56 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13n.dll
[2012/07/07 13:18:55 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlg13n.dll
[2012/07/07 13:18:55 | 001,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltwvc13n.dll
[2012/07/07 13:18:55 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn13n.dll
[2012/07/07 13:18:55 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg13n.dll
[2012/07/07 13:18:55 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS13n.dll
[2012/07/07 13:18:55 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil13n.DLL
[2012/07/07 13:18:55 | 000,051,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltlst13n.dll
[2012/07/07 13:18:54 | 000,146,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mfcoleui.dll
[2012/07/07 13:18:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SRC Shared
[2012/07/07 13:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Applications
[2012/07/07 13:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Readiris10
[2012/07/07 13:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmarThru 4
[2012/07/07 13:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scan Assistant
[2012/07/07 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Christopher\AppData\Local\S2PC
[2012/07/07 13:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
[2012/07/07 13:11:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdate
[2012/07/07 13:11:44 | 000,000,000 | ---D | C] -- C:\Windows\Samsung
[2012/07/07 13:09:56 | 000,074,240 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\ssdevm64.dll
[2012/07/07 13:09:51 | 000,081,920 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssdevm.dll
[2012/07/07 13:09:50 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2012/07/07 13:09:48 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2.dll
[2012/07/07 13:09:48 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2r.dll
[2012/07/07 13:09:48 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2a.dll
[2012/07/07 13:05:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012/07/06 03:00:45 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe

========== Files - Modified Within 30 Days ==========

[2012/08/03 00:53:23 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Christopher\Desktop\OTL.exe
[2012/08/03 00:46:50 | 000,165,376 | ---- | M] () -- C:\Users\Christopher\Desktop\SystemLook_x64.exe
[2012/08/03 00:46:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/03 00:36:00 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/03 00:36:00 | 000,664,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/03 00:36:00 | 000,125,696 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/03 00:35:23 | 000,000,703 | ---- | M] () -- C:\Users\Christopher\Desktop\PCToolforSMS.lnk
[2012/08/03 00:34:08 | 000,967,733 | ---- | M] () -- C:\Users\Christopher\Desktop\veryandroid-sms-backup.zip
[2012/08/03 00:12:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/02 23:43:22 | 000,001,850 | ---- | M] () -- C:\Users\Christopher\Desktop\Spotify.lnk
[2012/08/02 23:15:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/02 23:15:37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/02 22:17:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/02 18:46:06 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/02 18:31:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/02 13:57:11 | 000,215,688 | ---- | M] () -- C:\Users\Christopher\Desktop\BoardingPass.pdf
[2012/08/02 01:49:35 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/31 23:47:02 | 000,001,137 | ---- | M] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/07/31 23:29:15 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2012/07/31 23:20:18 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/31 23:20:18 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/30 23:35:47 | 3152,506,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/12 18:38:21 | 000,011,897 | ---- | M] () -- C:\Users\Christopher\AppData\Roaming\SmarThruOptions.xml
[2012/07/12 03:26:50 | 000,414,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/09 00:46:09 | 000,319,840 | ---- | M] () -- C:\Users\Christopher\Desktop\london-rail-and-tube-services-map.pdf
[2012/07/08 07:19:18 | 000,101,464 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/07/07 21:28:57 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012/07/07 13:20:47 | 000,000,276 | ---- | M] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2012/07/07 13:18:46 | 000,000,136 | ---- | M] () -- C:\Windows\Readiris.ini
[2012/07/07 13:16:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\SmarThru 4.lnk

========== Files Created - No Company Name ==========

[2012/08/03 00:46:39 | 000,165,376 | ---- | C] () -- C:\Users\Christopher\Desktop\SystemLook_x64.exe
[2012/08/03 00:35:23 | 000,000,703 | ---- | C] () -- C:\Users\Christopher\Desktop\PCToolforSMS.lnk
[2012/08/03 00:34:04 | 000,967,733 | ---- | C] () -- C:\Users\Christopher\Desktop\veryandroid-sms-backup.zip
[2012/08/02 23:43:22 | 000,001,850 | ---- | C] () -- C:\Users\Christopher\Desktop\Spotify.lnk
[2012/08/02 23:43:22 | 000,001,836 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/08/02 22:17:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/02 13:56:59 | 000,215,688 | ---- | C] () -- C:\Users\Christopher\Desktop\BoardingPass.pdf
[2012/07/31 23:47:01 | 000,001,137 | ---- | C] () -- C:\Users\Christopher\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/07/31 23:29:15 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2012/07/09 00:46:09 | 000,319,840 | ---- | C] () -- C:\Users\Christopher\Desktop\london-rail-and-tube-services-map.pdf
[2012/07/07 21:28:57 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2012/07/07 13:20:47 | 000,000,276 | ---- | C] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2012/07/07 13:19:43 | 000,011,897 | ---- | C] () -- C:\Users\Christopher\AppData\Roaming\SmarThruOptions.xml
[2012/07/07 13:19:32 | 000,007,297 | ---- | C] () -- C:\Windows\SysWow64\SSPORT.CAT
[2012/07/07 13:19:32 | 000,007,036 | ---- | C] () -- C:\Windows\SysWow64\DgivEcp.cat
[2012/07/07 13:19:31 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe
[2012/07/07 13:18:57 | 000,000,422 | ---- | C] () -- C:\Windows\SysWow64\ltocx13.lic
[2012/07/07 13:18:46 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini
[2012/07/07 13:18:44 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2012/07/07 13:16:22 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\SmarThru 4.lnk
[2012/07/07 13:11:47 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012/07/07 13:11:42 | 000,143,872 | ---- | C] () -- C:\Windows\Wiainst64.exe
[2012/07/07 13:06:43 | 001,909,016 | ---- | C] () -- C:\Windows\sst2cLTR.prn
[2012/07/07 13:06:43 | 001,909,016 | ---- | C] () -- C:\Windows\sst2cA4.prn
[2011/09/24 01:34:30 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2011/09/24 01:34:30 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2011/09/24 01:34:30 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011/05/07 18:16:59 | 000,765,178 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/11/25 05:43:32 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL

========== LOP Check ==========

[2012/04/20 18:48:38 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Amazon
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Fujitsu
[2011/09/23 17:09:01 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Fujitsu Launch Center
[2012/07/31 23:35:57 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\HTC
[2012/07/31 23:32:02 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/07/31 23:35:58 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Outlook
[2011/10/28 16:17:30 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Sports Interactive
[2012/08/03 00:43:23 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Spotify
[2011/11/09 23:05:02 | 000,000,000 | ---D | M] -- C:\Users\Christopher\AppData\Roaming\Windows Live Writer
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/07 20:24:53 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2009/07/14 06:08:49 | 000,023,016 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby Chandler1987 » August 2nd, 2012, 8:16 pm

Extras:

OTL Extras logfile created on: 8/3/2012 12:55:08 AM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Christopher\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.91 Gb Total Physical Memory | 0.20 Gb Available Physical Memory | 5.03% Memory free
7.83 Gb Paging File | 0.72 Gb Available in Paging File | 9.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 80.00 Gb Total Space | 14.99 Gb Free Space | 18.74% Space Free | Partition Type: NTFS
Drive D: | 365.13 Gb Total Space | 354.22 Gb Free Space | 97.01% Space Free | Partition Type: NTFS

Computer Name: CHRISTOPHERFUJI | User Name: Christopher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B9341B-335B-45E8-B472-791869858A64}" = lport=137 | protocol=17 | dir=in | app=system |
"{0194E714-8467-47AB-AD78-63284C73D3D6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{02470B95-96D7-4443-8C8D-91CE5F2B4797}" = rport=139 | protocol=6 | dir=out | app=system |
"{06E89086-29C2-4D18-AC5D-25C083906403}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1ABD829C-AB2E-4971-91A6-643D86EC1758}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{271AEAEB-CD3C-4E75-8591-763B86446A6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{354F5DF9-D8C5-4CEF-90C3-44538771F33F}" = lport=445 | protocol=6 | dir=in | app=system |
"{35D3FA76-8E5B-4B34-A570-825B26180709}" = rport=10243 | protocol=6 | dir=out | app=system |
"{39697303-8E2E-442C-8712-8113EC945DB9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{424A2D37-AB2D-4716-B4C1-AB7171EFB04F}" = lport=139 | protocol=6 | dir=in | app=system |
"{44736B58-4197-4580-AEE1-43A405A6F514}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{488598CD-4107-4DBF-AA42-F34F130810EC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E64AD08-F784-428C-95AF-F20DFEE13C6E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{68B58276-6BFA-4A4B-BBBB-CA586BD86C1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6BA97EB1-FC67-48CE-999C-A918CBFF4156}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FF73B96-FFED-484C-9A1B-D9083CD6B56D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A9B4E21-DA6C-4D90-BB50-F962F59F8551}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8229D85D-ED50-49F5-A0B7-FB70556E992E}" = lport=138 | protocol=17 | dir=in | app=system |
"{914D0BAF-6433-45C1-8A70-B859928ADFB5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D22670A-E622-43F1-B76A-F8B38D7D9C04}" = rport=137 | protocol=17 | dir=out | app=system |
"{A2404D65-82C0-4019-A3C1-9119BC874A0E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{A2534FE3-5798-4FAC-8C2C-F4DF4ADE4394}" = rport=138 | protocol=17 | dir=out | app=system |
"{C7FC7592-C767-4D43-9EED-340C668B1429}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D26FCF6E-C1E1-40D3-AFAD-D6ABA1A2267B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D590AE3B-65EB-4CE4-876F-E53EC6D16D83}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D83BDD52-003B-47D3-A12C-474F1BB65C71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DED9293E-C8F5-435F-BF93-5DB3EE7F7152}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04959C52-27B5-451F-8469-AC92E140A26D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{12E4EA13-73DC-4FFA-9E62-A6EA6B1F7B36}" = protocol=17 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe |
"{1A15EDB5-48F8-4AB5-8EBA-BB906778517A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1C2224FC-BD2B-4ADD-98F5-F7B32F9A627C}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\clx3180\scan2pc.exe |
"{1EB5E94E-FAC7-496B-9DEF-1339FFC350B3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1F2BC377-0F1E-4969-AC18-967D919351CB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{21BF49EC-5763-43A9-B89D-AA57A2E72C80}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{25F8390B-24F7-4E4A-808C-B3FFBA3661D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2674E0F5-CA22-43D0-987E-CE016696A16C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2E792480-9070-46C7-8186-A890F9309283}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F409166-20E7-43BA-877D-98B37926EC79}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3B5D21D7-56DC-4BE8-A163-DB405E89527E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{432C1A65-812F-4C9E-83E3-A303ACDFFC51}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{5109A6B3-D0E8-4122-B83C-EFFA2329D264}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B180880-F538-4CA8-B24F-9D9384D3C5FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6399AC6D-74BB-4BD3-8E56-0937267B18C5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{63A96004-6C0E-4695-A1AA-C3A5A0102A85}" = protocol=6 | dir=in | app=c:\program files (x86)\scan assistant\usdagent.exe |
"{652DCE77-4C01-4BE9-BF51-AE822F4BE5E8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{658518C3-275A-4C8F-88ED-14EB79506CDD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67805BF0-5207-4523-B4BF-B1D358DA07DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68D44747-963D-4080-BA40-725600282429}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{710D8D31-6AC1-4F5D-B8CF-F79F5E98681C}" = protocol=6 | dir=out | app=system |
"{73FF8CAB-6DE7-48E2-B2DB-9D70C6BFA60A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7823FDDE-31A3-4B80-B572-AC77EDFA7AB2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81337846-5AB9-48CD-9EEF-715FFEA6378E}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\clx3180\sscan2io.exe |
"{88599510-3ABA-46CB-A734-C3A0624C8396}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9468FD53-5F8E-4B40-A96A-3E4117B1B523}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{96FEDF9F-E23D-4680-A1C2-DBE7B5B259D7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{99D0C016-0940-4046-8C63-9876C24EA91C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B568760-64D9-4C2E-8298-E67B92EED8C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A539188D-712B-4736-A7C3-2863BFBE150D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{AB7F55EA-E52B-4FA8-8EBD-9A4E7E3466C4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AC14E684-9476-40DC-AA52-F811B6DB9832}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B2CBB9C5-8A70-4986-9F08-4B55DE38A3F2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B34FC855-07C9-4506-8E06-00719ADCCC3E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B663B796-4369-4E4D-910E-CCD3A7C166F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C25B058D-2E20-455F-8D77-5B6BB5D0677B}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{C4C1E72F-823C-46CD-822C-902EE5B7452A}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{C86D7918-8B1D-4228-BD51-4B29E581122C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D37080C6-7F8D-4012-9F3E-5CCF2B65464D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{D7485108-B5D9-46FA-BF34-E303230A8E60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8F88FDE-62F0-4156-A132-F38525BBB9D1}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\clx3180\sscan2io.exe |
"{EDFE7EA3-33C7-46D0-9238-B7F5549CD0B7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8797565-3474-45FF-8395-1F642ED8DB28}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\clx3180\scan2pc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07ef28ab-173f-42f5-b02a-f25f45908b10}" = Nero 9 Essentials
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{1195D65E-91B2-4B5F-8DEE-EB3B2388BD31}" = International Cricket Captain 2009
"{146EF662-0071-4EF5-A1FC-3143C56B7FF1}" = Sid Meier's Civilization Chronicles
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A423411-E28A-4A13-BDB0-8E8BC42FFA29}" = HTC Sync
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9983CD31-473F-4808-8317-5346119F0187}" = eBay
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights Help
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"Betfair Poker JPC_is1" = Betfair Poker JPC 1.0.0
"Championship Manager 01-02" = Championship Manager 01-02
"CM3 Series SaveGame Editor_is1" = CM3 Series SaveGame Editor 4.0 Build 4000
"DeskUpdate_is1" = DeskUpdate 4.11
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PC Tool for VeryAndroid SMS Backup" = PC Tool for VeryAndroid SMS Backup 2.2
"Rapport_msi" = Rapport
"Samsung CLX-3180 Series" = Maintenance Samsung CLX-3180 Series
"Samsung Network PC Fax" = Samsung Network PC Fax
"Samsung Scan Assistant" = Samsung Scan Assistant
"Steam App 22600" = Worms Reloaded
"Steam App 71270" = Football Manager 2012
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1137987784-1896462866-409123985-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/2/2012 9:50:32 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1045

Error - 8/2/2012 10:10:49 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/2/2012 10:10:49 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1217993

Error - 8/2/2012 10:10:49 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1217993

Error - 8/2/2012 10:47:16 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/2/2012 10:47:16 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1170

Error - 8/2/2012 10:47:16 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1170

Error - 8/2/2012 10:52:22 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/2/2012 10:52:22 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 306932

Error - 8/2/2012 10:52:22 AM | Computer Name = ChristopherFuji | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 306932

[ System Events ]
Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36874
Description = An SSL 3.0 connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 107.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36874
Description = An SSL 3.0 connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 107.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36874
Description = An SSL 3.0 connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 107.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36874
Description = An SSL 3.0 connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 107.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36874
Description = An SSL 3.0 connection request was received from a remote client application,
but none of the cipher suites supported by the client application are supported
by the server. The SSL connection request has failed.

Error - 8/2/2012 7:41:09 PM | Computer Name = ChristopherFuji | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 40. The internal error state
is 107.


< End of report >
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby Chandler1987 » August 2nd, 2012, 8:20 pm

Thanks very much askey127. Hopefully I have done all that correctly.
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby askey127 » August 3rd, 2012, 5:42 pm

Chandler1987,
I don't see the normal symptoms of the "ib.adnxs" tracker on your machine. This is an infection called "Win32/EoRezo"
Are your running from a router?
Are there any other machines on the same router?
Do any show the symptoms?
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby Chandler1987 » August 3rd, 2012, 5:50 pm

Hello again askey127.

I'm not sure if I understand correctly your question regards running from a router - I use a wireless router to access the internet?! There are three other machines in the same household which use the same router, plus two smartphones.

I am not sure whether they show symptoms - two are very new (about a month and a week old respectively) and I haven't heard of any complaints, and the third other machine is a desktop of about 3-4 years old. It is generally 'slow' anyway.

I did run a Norton scan after I found what I thought were the symptoms of ib.adnxs, so I suppose there is a chance that that could have successfully removed it? It's just that what I read briefly after searching regarding the tracker, it didn't sound like something that an out-the-box piece of software would remove.

I do apologise if I have wasted your time. I haven't experienced any of the slowing, or the lists of pages including the ib.adnxs since I originally posted.

Thanks again.
Chandler1987
Active Member
 
Posts: 10
Joined: July 30th, 2012, 8:15 pm

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby askey127 » August 3rd, 2012, 9:12 pm

Chandler,
That's fine.
I only asked because, in the absence of any direct evidence on your machine, it's possible that your router has been hacked.
If true, this would show as search redirects on the other machines as well.
It may be that the offending item has been removed.
If you're Ok, I am also.
Let me know, or post again if you see anything worrisome.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: I think I have the ib.adnxs tracker, and possibly simila

Unread postby askey127 » August 8th, 2012, 7:44 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 54 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware