Solved Google and Yahoo search engine results get redirected

Status
Not open for further replies.
ComboFix 11-09-11.06 - user 09/11/2011 17:04:17.4.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.858 [GMT -7:00]
Running from: c:\users\user\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-08-12 to 2011-09-12 )))))))))))))))))))))))))))))))
.
.
2011-09-12 00:32 . 2011-09-12 00:32 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-09-12 00:32 . 2011-09-12 00:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-11 22:44 . 2011-09-11 22:44 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-09-11 22:31 . 2011-09-11 22:31 -------- d-----w- c:\users\user\AppData\Roaming\f-secure
2011-09-11 22:31 . 2011-09-11 22:31 -------- d-----w- c:\programdata\F-Secure
2011-09-11 22:19 . 2011-09-11 22:19 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-11 21:55 . 2011-09-11 21:55 -------- d-----w- c:\program files (x86)\ESET
2011-09-11 21:19 . 2011-09-11 21:19 -------- d-----w- C:\_OTL
2011-09-10 22:23 . 2011-09-10 22:23 -------- d-----w- c:\users\user\AppData\Local\Mozilla
2011-09-10 21:07 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{265C96FC-96EE-429A-9282-75E86A87E551}\mpengine.dll
2011-09-08 17:18 . 2011-09-08 17:18 -------- d-----w- C:\Firefox
2011-09-07 21:45 . 2011-09-07 21:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-09-07 20:32 . 2011-09-07 20:32 388096 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-07 20:32 . 2011-09-07 20:32 -------- d-----w- c:\program files (x86)\Trend Micro
2011-09-07 19:32 . 2011-09-07 19:32 -------- d-----w- c:\users\user\AppData\Roaming\Avira
2011-09-07 19:17 . 2011-07-07 02:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-09-07 19:17 . 2011-09-07 19:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-09-07 19:11 . 2011-07-21 19:15 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-09-07 19:11 . 2011-07-21 19:15 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-07 19:11 . 2011-09-08 17:19 -------- d-----w- c:\programdata\Avira
2011-09-07 19:11 . 2011-09-07 19:11 -------- d-----w- c:\program files (x86)\Avira
2011-09-07 18:38 . 2011-09-07 18:38 -------- d-----w- c:\program files\CCleaner
2011-09-06 20:18 . 2011-09-06 20:18 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes
2011-09-06 20:18 . 2011-09-06 20:18 -------- d-----w- c:\programdata\Malwarebytes
2011-08-26 15:27 . 2011-07-11 13:45 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-26 15:27 . 2011-07-11 13:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-21 18:49 . 2011-06-16 22:52 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-23 11:31 . 2011-08-10 16:50 1147904 ----a-w- c:\windows\system32\wininet.dll
2011-07-23 11:24 . 2011-08-10 16:50 56832 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-23 11:23 . 2011-08-10 16:50 1538560 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-23 11:23 . 2011-08-10 16:50 132096 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-23 11:23 . 2011-08-10 16:50 77312 ----a-w- c:\windows\system32\iesetup.dll
2011-07-23 11:04 . 2011-08-10 16:50 916480 ----a-w- c:\windows\SysWow64\wininet.dll
2011-07-23 11:00 . 2011-08-10 16:50 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-07-23 10:59 . 2011-08-10 16:50 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-07-23 10:59 . 2011-08-10 16:50 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-07-23 10:59 . 2011-08-10 16:50 71680 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-07-23 10:31 . 2011-08-10 16:50 479232 ----a-w- c:\windows\system32\html.iec
2011-07-23 10:03 . 2011-08-10 16:50 385024 ----a-w- c:\windows\SysWow64\html.iec
2011-07-23 09:50 . 2011-08-10 16:50 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-23 09:48 . 2011-08-10 16:50 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-23 09:27 . 2011-08-10 16:50 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-07-23 09:25 . 2011-08-10 16:50 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-06 15:49 . 2011-08-10 16:50 275456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-20 08:45 . 2011-08-10 16:50 4699536 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-17 20:14 . 2011-08-10 16:50 1427344 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-17 16:16 . 2011-08-10 16:50 451072 ----a-w- c:\windows\system32\winsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-15 47904]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 vcdrom;Virtual CD-ROM Device Driver;c:\users\user\Downloads\Rosetta Stone\Virtual CD ROM\VCdRom.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-07 366640]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-05-09 428200]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 17:36]
.
2011-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 17:36]
.
2011-09-11 c:\windows\Tasks\User_Feed_Synchronization-{34E03105-FFB4-473A-9A85-1C1A2FA5255E}.job
- c:\windows\system32\msfeedssync.exe [2011-08-10 09:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2007-12-17 5453824]
"Skytel"="Skytel.exe" [2007-11-21 1826816]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://my.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\m5bc5uou.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\user\AppData\Roaming\Macromedia\Flash Player\
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10v_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10v.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-09-11 17:50:42
ComboFix-quarantined-files.txt 2011-09-12 00:50
ComboFix2.txt 2011-09-10 19:30
.
Pre-Run: 309,853,884,416 bytes free
Post-Run: 310,413,905,920 bytes free
.
- - End Of File - - 36A9FBB68003EC593D39B5DF0F5BD265
 
Nothing there....

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
2011/09/12 09:44:22.0278 2120 TDSS rootkit removing tool 2.5.21.0 Sep 10 2011 21:07:05
2011/09/12 09:44:22.0808 2120 ================================================================================
2011/09/12 09:44:22.0808 2120 SystemInfo:
2011/09/12 09:44:22.0808 2120
2011/09/12 09:44:22.0808 2120 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/12 09:44:22.0808 2120 Product type: Workstation
2011/09/12 09:44:22.0808 2120 ComputerName: USER-PC
2011/09/12 09:44:22.0808 2120 UserName: user
2011/09/12 09:44:22.0808 2120 Windows directory: C:\Windows
2011/09/12 09:44:22.0808 2120 System windows directory: C:\Windows
2011/09/12 09:44:22.0808 2120 Running under WOW64
2011/09/12 09:44:22.0808 2120 Processor architecture: Intel x64
2011/09/12 09:44:22.0808 2120 Number of processors: 2
2011/09/12 09:44:22.0808 2120 Page size: 0x1000
2011/09/12 09:44:22.0808 2120 Boot type: Normal boot
2011/09/12 09:44:22.0808 2120 ================================================================================
2011/09/12 09:44:23.0370 2120 Initialize success
2011/09/12 09:44:56.0832 3116 ================================================================================
2011/09/12 09:44:56.0832 3116 Scan started
2011/09/12 09:44:56.0832 3116 Mode: Manual;
2011/09/12 09:44:56.0832 3116 ================================================================================
2011/09/12 09:44:58.0361 3116 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/09/12 09:44:58.0423 3116 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/09/12 09:44:58.0548 3116 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/09/12 09:44:58.0563 3116 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/09/12 09:44:58.0579 3116 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/09/12 09:44:58.0657 3116 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
2011/09/12 09:44:58.0719 3116 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/09/12 09:44:58.0735 3116 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/09/12 09:44:58.0782 3116 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
2011/09/12 09:44:58.0813 3116 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/09/12 09:44:58.0860 3116 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/09/12 09:44:58.0953 3116 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/09/12 09:44:58.0969 3116 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/09/12 09:44:59.0016 3116 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/12 09:44:59.0063 3116 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2011/09/12 09:44:59.0125 3116 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/09/12 09:44:59.0141 3116 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
2011/09/12 09:44:59.0219 3116 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/09/12 09:44:59.0281 3116 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/12 09:44:59.0312 3116 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/12 09:44:59.0343 3116 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/09/12 09:44:59.0390 3116 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/09/12 09:44:59.0421 3116 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/09/12 09:44:59.0468 3116 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/12 09:44:59.0546 3116 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/09/12 09:44:59.0609 3116 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/09/12 09:44:59.0655 3116 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
2011/09/12 09:44:59.0967 3116 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/12 09:45:00.0014 3116 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/12 09:45:00.0045 3116 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
2011/09/12 09:45:00.0108 3116 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/09/12 09:45:00.0217 3116 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/09/12 09:45:00.0264 3116 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
2011/09/12 09:45:00.0435 3116 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/12 09:45:00.0513 3116 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
2011/09/12 09:45:00.0607 3116 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/09/12 09:45:00.0669 3116 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/09/12 09:45:00.0747 3116 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/12 09:45:00.0841 3116 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/09/12 09:45:00.0903 3116 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/09/12 09:45:00.0981 3116 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/09/12 09:45:01.0044 3116 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2011/09/12 09:45:01.0106 3116 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/09/12 09:45:01.0215 3116 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/09/12 09:45:01.0356 3116 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/12 09:45:01.0512 3116 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/09/12 09:45:01.0621 3116 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/09/12 09:45:01.0683 3116 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/12 09:45:01.0761 3116 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/09/12 09:45:01.0886 3116 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/12 09:45:01.0995 3116 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/12 09:45:02.0042 3116 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/12 09:45:02.0198 3116 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/09/12 09:45:02.0339 3116 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
2011/09/12 09:45:02.0541 3116 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/12 09:45:02.0760 3116 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/09/12 09:45:02.0822 3116 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
2011/09/12 09:45:02.0869 3116 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/12 09:45:02.0947 3116 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/09/12 09:45:03.0009 3116 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/09/12 09:45:03.0056 3116 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/09/12 09:45:03.0134 3116 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/12 09:45:03.0259 3116 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/09/12 09:45:03.0446 3116 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/09/12 09:45:03.0571 3116 IntcAzAudAddService (e28d6b50a12bfa3df0bd7c31e19599f3) C:\Windows\system32\drivers\RTKVHD64.sys
2011/09/12 09:45:03.0711 3116 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/09/12 09:45:03.0774 3116 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/12 09:45:03.0836 3116 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/12 09:45:03.0899 3116 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/12 09:45:04.0070 3116 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/12 09:45:04.0133 3116 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/09/12 09:45:04.0195 3116 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/09/12 09:45:04.0273 3116 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/12 09:45:04.0367 3116 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/09/12 09:45:04.0429 3116 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/09/12 09:45:04.0491 3116 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/12 09:45:04.0725 3116 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/12 09:45:04.0928 3116 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/12 09:45:05.0037 3116 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/09/12 09:45:05.0100 3116 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/12 09:45:05.0193 3116 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/12 09:45:05.0240 3116 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/12 09:45:05.0303 3116 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/12 09:45:05.0349 3116 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/09/12 09:45:05.0490 3116 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/09/12 09:45:05.0599 3116 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/09/12 09:45:05.0677 3116 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/09/12 09:45:05.0771 3116 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/12 09:45:05.0880 3116 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/12 09:45:05.0958 3116 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/12 09:45:05.0973 3116 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/09/12 09:45:06.0005 3116 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/09/12 09:45:06.0020 3116 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/12 09:45:06.0036 3116 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/12 09:45:06.0067 3116 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/09/12 09:45:06.0254 3116 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/12 09:45:06.0504 3116 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/12 09:45:06.0566 3116 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/12 09:45:06.0644 3116 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
2011/09/12 09:45:06.0816 3116 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/09/12 09:45:06.0941 3116 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/09/12 09:45:07.0003 3116 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/09/12 09:45:07.0065 3116 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/12 09:45:07.0081 3116 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/12 09:45:07.0097 3116 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/09/12 09:45:07.0206 3116 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/09/12 09:45:07.0268 3116 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/12 09:45:07.0299 3116 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/09/12 09:45:07.0346 3116 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/09/12 09:45:07.0424 3116 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/09/12 09:45:07.0518 3116 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/12 09:45:07.0596 3116 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/09/12 09:45:07.0627 3116 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/12 09:45:07.0830 3116 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/12 09:45:07.0970 3116 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/12 09:45:08.0017 3116 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/09/12 09:45:08.0064 3116 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/12 09:45:08.0173 3116 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/12 09:45:08.0189 3116 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/09/12 09:45:08.0220 3116 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/09/12 09:45:08.0282 3116 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/12 09:45:08.0719 3116 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/09/12 09:45:08.0828 3116 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/09/12 09:45:08.0891 3116 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
2011/09/12 09:45:10.0045 3116 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/12 09:45:10.0357 3116 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/09/12 09:45:10.0419 3116 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/09/12 09:45:10.0451 3116 nvstor64 (e87e17e9fd94ee9f0dbde4b6ad882f26) C:\Windows\system32\DRIVERS\nvstor64.sys
2011/09/12 09:45:10.0482 3116 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/09/12 09:45:10.0544 3116 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/12 09:45:10.0622 3116 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
2011/09/12 09:45:10.0653 3116 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/09/12 09:45:10.0934 3116 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/09/12 09:45:11.0012 3116 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
2011/09/12 09:45:11.0075 3116 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/09/12 09:45:11.0137 3116 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/09/12 09:45:11.0215 3116 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/12 09:45:11.0262 3116 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/09/12 09:45:11.0293 3116 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/12 09:45:11.0652 3116 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/09/12 09:45:11.0761 3116 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/09/12 09:45:11.0808 3116 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/12 09:45:11.0823 3116 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/12 09:45:11.0855 3116 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/12 09:45:11.0901 3116 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/12 09:45:11.0917 3116 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/12 09:45:11.0979 3116 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/12 09:45:12.0307 3116 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/12 09:45:12.0338 3116 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/09/12 09:45:12.0354 3116 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/12 09:45:12.0510 3116 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/09/12 09:45:12.0588 3116 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/12 09:45:12.0650 3116 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/09/12 09:45:12.0681 3116 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/12 09:45:12.0697 3116 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/12 09:45:12.0728 3116 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
2011/09/12 09:45:12.0744 3116 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/09/12 09:45:12.0791 3116 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2011/09/12 09:45:12.0822 3116 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/12 09:45:13.0025 3116 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/12 09:45:13.0040 3116 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2011/09/12 09:45:13.0087 3116 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/09/12 09:45:13.0243 3116 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/09/12 09:45:13.0399 3116 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/09/12 09:45:13.0493 3116 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/09/12 09:45:13.0539 3116 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/09/12 09:45:13.0602 3116 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/12 09:45:13.0664 3116 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/12 09:45:13.0773 3116 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/12 09:45:13.0836 3116 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/09/12 09:45:13.0929 3116 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/09/12 09:45:14.0054 3116 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/09/12 09:45:14.0351 3116 Tcpip (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\drivers\tcpip.sys
2011/09/12 09:45:14.0569 3116 Tcpip6 (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/12 09:45:14.0663 3116 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/12 09:45:14.0725 3116 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/09/12 09:45:14.0834 3116 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/09/12 09:45:14.0975 3116 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/12 09:45:15.0037 3116 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/12 09:45:15.0115 3116 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/12 09:45:15.0131 3116 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/12 09:45:15.0162 3116 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/12 09:45:15.0209 3116 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/09/12 09:45:15.0255 3116 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/12 09:45:15.0333 3116 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/12 09:45:15.0365 3116 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/09/12 09:45:15.0443 3116 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/09/12 09:45:15.0489 3116 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/09/12 09:45:15.0505 3116 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/12 09:45:15.0567 3116 USBAAPL64 (e1da5e7233ca28371506f112b6dc16e2) C:\Windows\system32\Drivers\usbaapl64.sys
2011/09/12 09:45:15.0599 3116 usbbus (5fcc71487888589a9244af54cfefab29) C:\Windows\system32\DRIVERS\lgx64bus.sys
2011/09/12 09:45:15.0645 3116 usbccgp (66627c6008319def7909f21fb75a8991) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/12 09:45:15.0661 3116 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2011/09/12 09:45:15.0723 3116 UsbDiag (3fb6e423f7567c92c32ea786f5fd0c69) C:\Windows\system32\DRIVERS\lgx64diag.sys
2011/09/12 09:45:15.0801 3116 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/12 09:45:15.0833 3116 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/12 09:45:15.0864 3116 USBModem (78d551f5b93488b4666f5fc8dd4815f3) C:\Windows\system32\DRIVERS\lgx64modem.sys
2011/09/12 09:45:15.0879 3116 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/12 09:45:15.0911 3116 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
2011/09/12 09:45:15.0957 3116 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/12 09:45:16.0051 3116 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/12 09:45:16.0145 3116 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/12 09:45:16.0176 3116 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/09/12 09:45:16.0207 3116 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/09/12 09:45:16.0254 3116 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/09/12 09:45:16.0301 3116 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/09/12 09:45:16.0363 3116 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/09/12 09:45:16.0410 3116 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/09/12 09:45:16.0441 3116 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/09/12 09:45:16.0488 3116 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/12 09:45:16.0488 3116 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/12 09:45:16.0613 3116 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/09/12 09:45:16.0893 3116 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/12 09:45:17.0049 3116 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/12 09:45:17.0127 3116 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/12 09:45:17.0159 3116 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/12 09:45:17.0283 3116 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/12 09:45:17.0393 3116 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/12 09:45:17.0408 3116 Boot (0x1200) (5015418bd9bcdbcdd74be5bb7d2d8bb1) \Device\Harddisk0\DR0\Partition0
2011/09/12 09:45:17.0408 3116 ================================================================================
2011/09/12 09:45:17.0408 3116 Scan finished
2011/09/12 09:45:17.0408 3116 ================================================================================
2011/09/12 09:45:17.0424 3480 Detected object count: 0
2011/09/12 09:45:17.0424 3480 Actual detected object count: 0
 
Another update. Another Windows computer in our household now has it as of this morning. She just logged onto her work computer, connected to her VPN and started working as usual and all of a sudden, she is getting the search redirect. I sent her nothing via email or otherwise. The only common denominator here seems to be the fact that we're using the same router (which we've reset twice in the past few days). ????
 
I am now successfully using OpenDNS after following the instructions above. My DNS settings were using those provided by the ISP but now they are using OpenDNS. However both Firefox and IE are still being redirected.
 
I turned off the computer, reset the router, then turned off the cable modem, turned off the router, turned on the cable modem, turned the router back on, reset the router 2x in a row, then restarted computer and retested. Still redirecting. Can I shoot myself now?
 
Restart computer in Safe Mode with Networking and see if you have same issue there.
 
Turn the computer off.
Turn MODEM off.
Connect computer straight to the modem bypassing router.
Wait 1 minute.
Turn modem on.
Turn computer on.
Same issue?
 
Yep. I'm directly connected to the modem now (after shutting it down) and rebooted in Safe Mode with Networking. Same Issue.
 
If you have Vista/7 DVD...

start with step 2

If you don't have Vista/7 DVD...

1. Create Vista/7 Recovery Disc.

Option 1 :
Vista: http://www.vistax64.com/tutorials/141820-create-recovery-disc.html (Option Two)
Windows 7: http://www.guidingtech.com/3816/system-repair-recovery-disc-windows-7/

Option 2:
Download Vista Recovery Disc iso image: http://digiex.net/downloads/downloa...6-windows-vista-32-bit-x86-recovery-disc.html
Download Windows 7 Recovery Disc iso image: http://digiex.net/downloads/downloa.../2659-windows-7-32-bit-x86-recovery-disc.html
Burn it to CD, or DVD: http://neosmart.net/wiki/display/G/Burning+ISO+Images+to+a+CD+or+DVD

2. Boot from created disk. You may need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)

Vista users. At first screen click on Repair your computer:
setup-option.jpg


Windows 7 users. At first screen click on Install now:
25672d1251414873-mbr-restore-windows-7-master-boot-record-mbr_02.png

Select your language and click next:
25673d1251414836-mbr-restore-windows-7-master-boot-record-mbr_03.png

Click the button for "Use recovery tools":
25674d1251414836-mbr-restore-windows-7-master-boot-record-mbr_04.png


The following applies to both, Vista and Windows 7 users.

This will bring you to a new screen where the repair process will look for all Windows Vista/7 installations on your computer. When done you will be presented with the System Recovery Options dialog box:
system-recovery-options.jpg

After this, it will present you with a list of options including startup repair, system restore and command prompt:
systemrecovery.jpg

Select Command Prompt

Type in:
bootrec /fixmbr (<--- there is a "space" after "bootrec")
and then press Enter

Once completed then type Exit, press Enter and restart computer.

Same issue?
 
Thanks Broni,

I went through the 13 steps and installed a bunch of things (Secunia, SpyWareBlaster, etc, etc) and will definitely keep things safe. Here is the output of my latest OTL scan before cleanup:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry value HKEY_USERS\S-1-5-21-1250386527-3665318005-4005016050-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
File/Folder C:\Windows\*.tmp not found.
File C:\ProgramData\~P1kAlMiG2Kb7Fz not found.
File C:\ProgramData\~P1kAlMiG2Kb7Fzr not found.
File C:\ProgramData\P1kAlMiG2Kb7Fz not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: user
->Temp folder emptied: 82944 bytes
->Temporary Internet Files folder emptied: 39906971 bytes
->Java cache emptied: 3993606 bytes
->FireFox cache emptied: 7219332 bytes
->Flash cache emptied: 1464497 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6898 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 13999658 bytes

Total Files Cleaned = 64.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.27.0 log created on 09112011_142747

Files\Folders moved on Reboot...
File\Folder C:\Users\user\AppData\Local\Temp\~DFCD57.tmp not found!
File\Folder C:\Users\user\AppData\Local\Temp\~DFCD63.tmp not found!
File\Folder C:\Users\user\AppData\Local\Temp\~DFCDBA.tmp not found!
File\Folder C:\Users\user\AppData\Local\Temp\~DFCDC5.tmp not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\c=52_rand=808466391_pv=y_rt=ifr[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\click[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\e[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\fan[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\login_status[1].htm moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\m[1].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\redirect_v92_cim_11_12_4[1].html moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\set[2].gif not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGBEZCOM\track-home[1].htm moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\20110911212818[1].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\index[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5XI2SJV\lgl[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\ad[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[3].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[4].htm moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\like[5].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJ7CCC02\provider[1].htm moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5TLVA1R\e[1].htm not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5TLVA1R\janumet[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KOQ7D9T\detect[1].act moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KOQ7D9T\login_status[3].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\bn[1].htm moved successfully.
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[1] not found!
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[2] not found!
File\Folder C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ca[3] not found!
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\ie[1].css moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4XYYHYIS\jquery-ui[1].css moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\01[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\audmeasure[1].gif moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\visitormatch[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46J3MVSI\x1743[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\blank[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\likeCAKCT3D8.htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[10].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[11].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[1].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[2].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[3].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[4].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[5].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[6].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[7].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[8].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\like[9].htm moved successfully.
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VEIDZEE\robert-pattinson-reese-witherspoons-australia-arrival-503088[1].htm moved successfully.

Registry entries deleted on Reboot...


Many thanks to you!!!!
 
Status
Not open for further replies.
Back