ComboFix 12-06-13.04 - Alexander 06/13/2012 17:55:50.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3061.1347 [GMT -4:00]
Running from: c:\users\Alexander\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
c:\program files (x86)\StartNow Toolbar
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_images.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_news.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files (x86)\StartNow Toolbar\Resources\images\engine_web.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_games.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files (x86)\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files (x86)\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files (x86)\StartNow Toolbar\Resources\installer.xml
c:\program files (x86)\StartNow Toolbar\Resources\protect\index.html
c:\program files (x86)\StartNow Toolbar\Resources\protect\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\SearchProtectIcon.png
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.css
c:\program files (x86)\StartNow Toolbar\Resources\protect\window.js
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\index.html
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\LeftImage.png
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\NotIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\OnlyIE6.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.css
c:\program files (x86)\StartNow Toolbar\Resources\reactivate\window.js
c:\program files (x86)\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\separator.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\splitter.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files (x86)\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files (x86)\StartNow Toolbar\Resources\toolbar.xml
c:\program files (x86)\StartNow Toolbar\Resources\update.xml
c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files (x86)\StartNow Toolbar\ToOLbar32.dll
c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files (x86)\StartNow Toolbar\uninstall.dat
c:\program files (x86)\whitesmoketoolbar\whITesmoketoolbarx.dll
c:\users\Alexander\AppData\Local\assembly\tmp
c:\users\Alexander\AppData\Roaming\dach100.dll
c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\8a3g8cog.default\searchplugins\bing-zugo.xml
c:\users\Alexander\g2mdlhlpx.exe
c:\users\Public\AlexaNSISPlugin.4996.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Failed to delete
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2012-05-13 to 2012-06-13 )))))))))))))))))))))))))))))))
.
.
2012-06-13 22:06 . 2012-06-13 22:0669000----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1A2463D-143F-4822-8607-F27AEC795CA3}\offreg.dll
2012-06-13 22:04 . 2012-06-13 22:04--------d-----w-c:\users\Default\AppData\Local\temp
2012-06-13 22:01 . 2012-06-13 22:02--------d-----w-C:\FRST
2012-06-13 17:03 . 2012-06-13 17:02927800----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{275AFAB4-A72C-4CEF-AC45-7ACA500EFA88}\gapaengine.dll
2012-06-13 17:03 . 2012-05-08 14:028955792----a-w-c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E1A2463D-143F-4822-8607-F27AEC795CA3}\mpengine.dll
2012-06-13 16:50 . 2012-06-13 16:50--------d-----w-c:\program files (x86)\Microsoft Security Client
2012-06-13 16:50 . 2012-06-13 16:51--------d-----w-c:\program files\Microsoft Security Client
2012-06-13 16:34 . 2012-06-13 16:34--------d-----w-c:\program files (x86)\Microsoft
2012-06-13 16:33 . 2012-05-04 11:00366592----a-w-c:\windows\system32\qdvd.dll
2012-06-13 16:33 . 2012-05-04 09:59514560----a-w-c:\windows\SysWow64\qdvd.dll
2012-06-13 15:58 . 2012-04-24 05:37184320----a-w-c:\windows\system32\cryptsvc.dll
2012-06-13 15:58 . 2012-04-24 05:37140288----a-w-c:\windows\system32\cryptnet.dll
2012-06-13 15:58 . 2012-04-24 05:371462272----a-w-c:\windows\system32\crypt32.dll
2012-06-13 15:58 . 2012-04-24 04:361158656----a-w-c:\windows\SysWow64\crypt32.dll
2012-06-13 15:58 . 2012-04-24 04:36140288----a-w-c:\windows\SysWow64\cryptsvc.dll
2012-06-13 15:58 . 2012-04-24 04:36103936----a-w-c:\windows\SysWow64\cryptnet.dll
2012-06-13 15:57 . 2012-04-07 12:313216384----a-w-c:\windows\system32\msi.dll
2012-06-13 15:57 . 2012-04-07 11:262342400----a-w-c:\windows\SysWow64\msi.dll
2012-06-13 15:57 . 2012-05-04 11:065559664----a-w-c:\windows\system32\ntoskrnl.exe
2012-06-13 15:57 . 2012-05-04 10:033968368----a-w-c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 15:57 . 2012-05-04 10:033913072----a-w-c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 15:57 . 2012-05-01 05:40209920----a-w-c:\windows\system32\profsvc.dll
2012-06-13 15:57 . 2012-04-28 03:55210944----a-w-c:\windows\system32\drivers\rdpwd.sys
2012-06-13 15:57 . 2012-05-15 01:323146752----a-w-c:\windows\system32\win32k.sys
2012-06-13 15:57 . 2012-04-26 05:4177312----a-w-c:\windows\system32\rdpwsx.dll
2012-06-13 15:57 . 2012-04-26 05:41149504----a-w-c:\windows\system32\rdpcorekmts.dll
2012-06-13 15:57 . 2012-04-26 05:349216----a-w-c:\windows\system32\rdrmemptylst.exe
2012-06-13 04:11 . 2012-06-13 04:11--------d-----w-c:\users\Alexander\AppData\Local\AVG Secure Search
2012-06-11 02:41 . 2012-06-11 02:41--------d-----w-c:\users\Alexander\AppData\Local\Macromedia
2012-06-07 15:03 . 2012-06-07 15:03--------d-sh--w-c:\windows\system32\%APPDATA%
2012-06-07 15:01 . 2012-06-07 15:01--------d-----w-c:\programdata\Speedbit
2012-06-06 23:46 . 2012-06-06 23:46770384----a-w-c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 23:46 . 2012-06-06 23:46421200----a-w-c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 17:42 . 2012-05-29 15:0025952----a-w-c:\windows\system32\authuitu.dll
2012-06-06 17:42 . 2012-05-29 15:0021344----a-w-c:\windows\SysWow64\authuitu.dll
2012-06-06 17:42 . 2012-05-29 15:0035680----a-w-c:\windows\system32\uxtuneup.dll
2012-06-06 17:42 . 2012-05-29 15:0029024----a-w-c:\windows\SysWow64\uxtuneup.dll
2012-05-29 03:36 . 2012-05-29 03:36--------d-----w-c:\program files (x86)\Amazon
2012-05-29 03:36 . 2012-06-13 22:03--------d-----w-c:\program files (x86)\Amazon Browser Bar
2012-05-16 12:46 . 2012-05-16 12:46--------d-----w-c:\users\Alexander\AppData\Local\Google Translator
2012-05-16 04:12 . 2012-05-16 04:12--------d-----w-c:\program files\Microsoft Silverlight
2012-05-16 04:12 . 2012-05-16 04:12--------d-----w-c:\program files (x86)\Microsoft Silverlight
2012-05-15 18:22 . 2012-05-15 18:22--------d-----w-c:\program files (x86)\fec
2012-05-15 16:24 . 2012-05-15 16:25216064----a-w-c:\windows\iun3405.exe
2012-05-15 16:23 . 2012-05-15 16:26--------d-----w-c:\program files\Extractor
2012-05-15 16:06 . 2012-05-15 16:36--------d-----w-c:\program files (x86)\Advanced Email Extractor PRO
2012-05-15 16:06 . 2012-05-15 16:36--------d-----w-c:\program files (x86)\Common Files\TweakMarketing
2012-05-15 16:06 . 1999-06-25 14:55149504----a-w-c:\windows\UNWISE.EXE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-10 22:31 . 2012-04-01 11:54426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-10 22:31 . 2011-05-14 16:2670344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-29 15:00 . 2011-12-03 00:1634656----a-w-c:\windows\system32\TURegOpt.exe
2012-05-05 22:08 . 2012-04-01 12:088744608----a-w-c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 00:56 . 2012-04-19 00:5694208----a-w-c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:5669632----a-w-c:\windows\SysWow64\QuickTime.qts
2012-04-04 20:18 . 2012-04-28 15:2530592----a-w-c:\windows\help\OEM\Scripts\PWAlertEnable.exe
2012-03-30 11:35 . 2012-05-12 16:501918320----a-w-c:\windows\system32\drivers\tcpip.sys
2012-03-22 19:12 . 2012-03-22 19:124435968----a-w-c:\windows\SysWow64\GPhotos.scr
2012-03-21 00:44 . 2012-03-21 00:4498688----a-w-c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2012-03-21 00:44203888----a-w-c:\windows\system32\drivers\MpFilter.sys
2012-03-17 07:58 . 2012-05-12 16:5175120----a-w-c:\windows\system32\drivers\partmgr.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-12 21:372068536----a-w-c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41120104----a-w-c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-12 2068536]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0294208----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0294208----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0294208----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpeedBitVideoAccelerator"="c:\program files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe" [2011-04-20 2098376]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-04 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
"chromium"="c:\users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-06-07 1239576]
"Camfrog"="c:\program files (x86)\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2011-05-16 54664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-12 1104440]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-03-30 1858152]
.
c:\users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
AntiCrash.lnk - c:\program files (x86)\Dachshund Software\AntiCrash\AntiCrash.exe [2002-12-17 2301798]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-11 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 257224]
R3 B-Service;B-Service;c:\users\Alexander\AppData\Roaming\Mikogo\B-Service.exe [2011-03-25 185640]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-11 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-03-30 151656]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 Updater Service for AMZN;Updater Service for AMZN;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [2012-02-01 203776]
S2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~2\SPEEDB~1\VideoAcceleratorService.exe [2011-04-20 265928]
S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-12 935480]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-31 11856]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 22:31]
.
2012-06-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3626317991-3059357334-302776294-1000Core.job
- c:\users\Alexander\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-14 00:43]
.
2012-06-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3626317991-3059357334-302776294-1000UA.job
- c:\users\Alexander\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-14 00:43]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 00:14]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-09 00:14]
.
2012-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3626317991-3059357334-302776294-1000Core.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-11 00:14]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3626317991-3059357334-302776294-1000UA.job
- c:\users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-11 00:14]
.
2012-06-10 c:\windows\Tasks\HPCeeScheduleForAlexander.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-09-15 21:38]
.
2012-05-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0297792----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0297792----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0297792----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:0297792----a-w-c:\users\Alexander\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 363544]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"combofix"="c:\combofix\CF23202.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page = hxxp://isearch.avg.com/?cid={DB873D3F-EE80-49A2-B88F-730CDBC56D3A}&mid=a42300b8b4ca47d0b2dd9128c0b46698-895317a0b638a0f6d808ae02f25486aebc4b1298&lang=en&ds=gh011&pr=sa&d=2012-04-09 22:48&v=10.2.0.3&sap=hp
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://
www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://
www.google.com/ie
uSearchURL,(Default) = hxxp://
www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files (x86)\SpeedBit Video Accelerator\LSP3.2.2.4\SBLSP.dll
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
FF - ProfilePath - c:\users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\8a3g8cog.default\
FF - prefs.js: browser.search.selectedEngine - Amazon
FF - prefs.js: browser.startup.homepage - hxxp://
www.google.com/
FF - prefs.js: keyword.URL - hxxp://
www.amazon.com/websearch/ref=bit_bds-amzn_serp_ff_us_display?ie=UTF8&tag=bds-amzn-serp-us-ff-20&tagbase=bds-amzn&tbrId=v1_abb-channel-17_90d0fa7bc45f46fcacf0d0c31461f42c_17_17_20120529_US_ff_ab_&query=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109932
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - cce66faa000000000000406186508f6b
FF - user.js: extensions.BabylonToolbar_i.hardId - cce66faa000000000000406186508f6b
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15426
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:25
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{008f6853-9cb4-41c5-a950-39d55e5e06ba} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
BHO-{F443A627-5009-4323-9C1D-7FD598D0D712} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
Toolbar-{EA582743-9076-4178-9AA6-7393FDF4D5CE} - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll
Wow6432Node-HKLM-Run-SwitchBoard - c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
Notify-WgaLogon - (no file)
WebBrowser-{D1E06B91-60E6-4492-AF9F-53043FA32716} - (no file)
HKLM-Run-AdobeAAMUpdater-1.0 - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
AddRemove-StartNow Toolbar - c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
AddRemove-{1D106581-6726-4D1B-ABEC-0CA02410F24F} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
AddRemove-{DA1B174B-4297-467C-9EF8-0AB8D4D5171E} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
AddRemove-Game Organizer - c:\programdata\Easybits GO\EasyBitsGO.exe
.
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_·\00\00·\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~·\00\00·\00\00\00\00u\00\00\00\00\00\00\00\00‘’“"
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{52794457-AF6C-4C50-9DEF-F2E24F4C8889}"=hex:51,66,7a,6c,4c,1d,38,12,39,47,6a,
56,5e,e1,3e,09,e2,f9,b1,a2,4a,12,cc,9d
"{5911488E-9D1E-40EC-8CBB-06B231CC153F}"=hex:51,66,7a,6c,4c,1d,38,12,e0,4b,02,
5d,2c,d3,82,05,f3,ad,45,f2,34,92,51,2b
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{EA582743-9076-4178-9AA6-7393FDF4D5CE}"=hex:51,66,7a,6c,4c,1d,38,12,2d,24,4b,
ee,44,de,16,04,e5,b0,30,d3,f8,aa,91,da
"{008F6853-9CB4-41C5-A950-39D55E5E06BA}"=hex:51,66,7a,6c,4c,1d,38,12,3d,6b,9c,
04,86,d2,ab,04,d6,46,7a,95,5b,00,42,ae
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{6E13D095-45C3-4271-9475-F3B48227DD9F}"=hex:51,66,7a,6c,4c,1d,38,12,fb,d3,00,
6a,f1,0b,1f,07,eb,63,b0,f4,87,79,99,8b
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{ABD3B5E1-B268-407B-A150-2641DAB8D898}"=hex:51,66,7a,6c,4c,1d,38,12,8f,b6,c0,
af,5a,fc,15,05,de,46,65,01,df,e6,9c,8c
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F443A627-5009-4323-9C1D-7FD598D0D712}"=hex:51,66,7a,6c,4c,1d,38,12,49,a5,50,
f0,3b,1e,4d,06,e3,0b,3c,95,9d,8e,93,06
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:d0,bf,95,6b,a3,48,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S30RP1.EXE
c:\program files (x86)\FileZilla Server\FileZilla Server.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-06-13 19:55:45 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-13 23:55
.
Pre-Run: 180,125,691,904 bytes free
Post-Run: 180,183,199,744 bytes free
.
- - End Of File - - B44D998194244AD083BC3FB2D222F1CD