[Inactive] absolutely positive my system is infected - Page 4
Page 4 of 5 FirstFirst ... 2345 LastLast
Results 46 to 60 of 72

Thread: [Inactive] absolutely positive my system is infected

  1. February 3rd, 2013, 10:48 AM #46
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    yes. will post today. sorry during the week had no time.
  2. February 3rd, 2013, 10:49 AM #47
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    also even after updating java it keeps popping up to update..idk y?
  3. February 7th, 2013, 09:13 PM #48
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: orianna
    ->Temp folder emptied: 2389736 bytes
    ->Temporary Internet Files folder emptied: 9798656 bytes
    ->Java cache emptied: 515215 bytes
    ->FireFox cache emptied: 0 bytes
    ->Google Chrome cache emptied: 273816293 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Flash cache emptied: 1130 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 155735 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 134 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 273.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: orianna
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: orianna
    ->Java cache emptied: 0 bytes

    User: Public

    Total Java Files Cleaned = 0.00 mb

    System Restore Service not available.

    OTL by OldTimer - Version 3.2.69.0 log created on 02062013_235620

    Files\Folders moved on Reboot...
    C:\Users\orianna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  4. February 7th, 2013, 11:09 PM #49
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    everytime i try to update java it says that a program; ZUMADRIVE.EXE is running i have no idea what that is???
  5. February 7th, 2013, 11:17 PM #50
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    It looks like some game.
    I can see Zuma Deluxe installed on your computer.
    If you don't use it uninstall it.
    My Home Page
  6. February 9th, 2013, 02:06 PM #51
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    I never installed that game on my pc and it's not in my install/uninstall programs. There's something still on my pc, its still running hot and only does that when it's infected. I don't understand where the hell this is coming from??
  7. February 9th, 2013, 03:04 PM #52
    Train
    Train is offline Friend of Site Staff
    Join Date
    Apr 2000
    Location
    Sheboygan, WI
    Posts
    53,392
    Zuma when installed can be accessed from all accounts on the PC. One reason the better half has her own desktop.
    It saves me the grief that sharing can cause. Just my experience with it.
  8. February 9th, 2013, 03:18 PM #53
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download Autoruns for Windows: http://technet.microsoft.com/en-us/s.../bb963902.aspx
    No installation required.
    Simply unzip Autoruns.zip file, and double click on autoruns.exe file to run the program.
    Go File>Save, and save it as AutoRuns.txt file to know location.
    You must select Text from drop-down menu as a file type:



    Attach the file to your next reply.
    My Home Page
  9. February 10th, 2013, 10:50 AM #54
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    "HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
    + "rdpclip" "" "" "File not found: rdpclip"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
    + "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
    + "HPWirelessAssistant" "" "" "c:\program files\hewlett-packard\hp wireless assistant\delayedappstarter.exe"
    + "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
    + "IntelWireless" "Intel(R) PROSet/Wireless Framework" "Intel(R) Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
    + "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
    + "SmartMenu" "SmartMenu" "" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
    + "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
    + "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
    + "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
    + "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
    + "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
    + "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
    + "HP Quick Launch" "HP Message Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
    + "KiesTrayAgent" "Kies TrayAgent Application" "Samsung Electronics Co., Ltd." "c:\program files (x86)\samsung\kies\kiestrayagent.exe"
    + "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\monitor.exe"
    + "SunJavaUpdateSched" "Java(TM) Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
    + "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
    "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
    + "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
    + "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files (x86)\secunia\psi\psi_tray.exe"
    + "Snapfish PictureMover.lnk" "PictureMover Application" "Hewlett-Packard Company" "c:\program files (x86)\picturemover\bin\picturemover.exe"
    + "WDDMStatus.lnk" "WD Drive Manager" "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmstatus.exe"
    + "WDSmartWare.lnk" "WD SmartWare" "Western Digital" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartware.exe"
    "C:\Users\orianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
    + "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropbox.exe"
    "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
    + "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
    + "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
    "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
    + "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\orianna\appdata\local\facebook\update\facebookupdate.exe"
    + "Google Update" "Google Installer" "Google Inc." "c:\users\orianna\appdata\local\google\update\googleupdate.exe"
    + "googletalk" "Google Talk" "Google" "c:\users\orianna\appdata\roaming\google\google talk\googletalk.exe"
    + "KiesHelper" "Kies" "Samsung" "c:\program files (x86)\samsung\kies\kieshelper.exe"
    + "KiesPDLR" "KiesPDLR" "" "c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe"
    + "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
    + "ZumoDrive" "" "" "c:\program files (x86)\hewlett-packard\hp clouddrive\zumolauncher.lnk"
    "HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
    + "JavaInstallRetry" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\users\orianna\appdata\locallow\sun\java\jrerunonce.exe"
    "HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
    + "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
    + "FencesShellExt" "Stardock Fences Shell Extension" "Stardock" "c:\program files\stardock\fences pro\fencesmenu64.dll"
    "HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
    + "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
    + "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
    + "FencesShellExt" "Stardock Fences Shell Extension" "Stardock" "c:\program files\stardock\fences pro\fencesmenu64.dll"
    + "Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    "HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
    + "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
    "HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
    + "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
    + "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
    "HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
    + "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
    "HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
    + "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    "HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
    + "FencesShellExt" "Stardock Fences Shell Extension" "Stardock" "c:\program files\stardock\fences pro\fencesmenu64.dll"
    "HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
    + "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
    "HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
    + "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
    + "FencesShellExt" "Stardock Fences Shell Extension" "Stardock" "c:\program files\stardock\fences pro\fencesmenu64.dll"
    + "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
    + "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
    "HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
    + "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
    "HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
    + "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
    "HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
    + "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
    + "FencesShellExt" "Stardock Fences Shell Extension" "Stardock" "c:\program files\stardock\fences pro\fencesmenu64.dll"
    + "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
    + "Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    "HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
    + "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
    + "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
    + "00Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    + "01Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    + "02Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    + "03Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    + "04Zecter" "ShellExt Dynamic Link Library" "Versionate Inc." "c:\program files (x86)\hewlett-packard\hp clouddrive\shellext64.dll"
    + "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    + "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    + "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    + "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
    + "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext.17.dll"
    + "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext.17.dll"
    + "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext.17.dll"
    + "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\orianna\appdata\roaming\dropbox\bin\dropboxext.17.dll"
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
    + "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
    + "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
    + "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
    "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
    + "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
    + "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
    + "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
    + "HP Network Check Helper" "HP Network Check IE Plug-in" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll"
    + "Java(tm) Plug-In 2 SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
    + "Java(tm) Plug-In SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
    + "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
    + "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
    + "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
    "HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
    + "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
    "HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
    + "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
    "HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
    + "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
    + "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
    + "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
    "HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
    + "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
    + "HP Network Check" "NCLauncherFromIE" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe"
    + "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
    + "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
    + "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
    "Task Scheduler" "" "" ""
    + "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
    + "\FacebookUpdateTaskUserS-1-5-21-4252668056-3129422254-446305870-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\orianna\appdata\local\facebook\update\facebookupdate.exe"
    + "\FacebookUpdateTaskUserS-1-5-21-4252668056-3129422254-446305870-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\orianna\appdata\local\facebook\update\facebookupdate.exe"
    + "\GoogleUpdateTaskUserS-1-5-21-4252668056-3129422254-446305870-1000Core" "Google Installer" "Google Inc." "c:\users\orianna\appdata\local\google\update\googleupdate.exe"
    + "\GoogleUpdateTaskUserS-1-5-21-4252668056-3129422254-446305870-1000UA" "Google Installer" "Google Inc." "c:\users\orianna\appdata\local\google\update\googleupdate.exe"
    + "\HPCeeScheduleFororianna" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
    + "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
    + "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
    + "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
    + "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
    + "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\hewlett-packard\media\webcam\ycmmirage.exe"
    + "\RealUpgradeLogonTaskS-1-5-21-4252668056-3129422254-446305870-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
    + "\RealUpgradeScheduledTaskS-1-5-21-4252668056-3129422254-446305870-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
    + "\{25325189-B7AF-4FD7-8B42-4E242CD23CCA}" "" "" "File not found: C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe"
    "HKLM\System\CurrentControlSet\Services" "" "" ""
    + "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
    + "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
    + "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
    + "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
    + "avast! Firewall" "Implements main functionality for avast! Firewall" "AVAST Software" "c:\program files\avast software\avast\afwserv.exe"
    + "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
    + "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel(R) Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
    + "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
    + "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
    + "HP Wireless Assistant Service" "This service monitors the wireless devices in this computer and allows the HP Wireless Assistant application to turn devices on and off." "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp wireless assistant\hpwa_service.exe"
    + "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
    + "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
    + "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
    + "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
    + "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\commandservice.exe"
    + "LMS" "Allows applications to access the local Intel(R) Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe"
    + "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
    + "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
    + "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
    + "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel(R) Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
    + "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\psia.exe"
    + "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
    + "UNS" "Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe"
    + "WDDMService" "Provides functionality for Western Digital disk drives." "WDC" "c:\program files\western digital\wd smartware\wd drive manager\wddmservice.exe"
    + "WDSmartWareBackgroundService" "Manages background tasks for WDSmartWare Applications" "Memeo" "c:\program files (x86)\western digital\wd smartware\front parlor\wdsmartwarebackgroundservice.exe"
    + "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
    + "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
    + "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
    "HKLM\System\CurrentControlSet\Services" "" "" ""
    + "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
    + "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
    + "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
    + "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
    + "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
    + "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
    + "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
    + "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
    + "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
    + "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
    + "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
    + "aswFW" "avast! TDI Firewall driver" "AVAST Software" "c:\windows\system32\drivers\aswfw.sys"
    + "aswKbd" "avast! keyboard filter driver (aswKbd)" "AVAST Software" "c:\windows\system32\drivers\aswkbd.sys"
    + "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
    + "aswNdis" "avast! Filtering NDIS driver" "ALWIL Software" "c:\windows\system32\drivers\aswndis.sys"
    + "aswNdis2" "avast! Firewall Core Firewall Service" "AVAST Software" "c:\windows\system32\drivers\aswndis2.sys"
    + "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
    + "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
    + "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
    + "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
    + "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
    + "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
    + "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
    + "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
    + "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
    + "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
    + "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
    + "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
    + "btwampfl" "Broadcom Bluetooth USB AMP Filter for Windows Vista" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys"
    + "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
    + "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
    + "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
    + "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
    + "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
    + "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys"
    + "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
    + "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
    + "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
    + "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
    + "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
    + "HECIx64" "Intel(R) Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
    + "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
    + "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
    + "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
    + "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
    + "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
    + "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
    + "Impcd" "Intel(R) Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
    + "IntcDAud" "Intel(R) Display Audio Driver" "Intel(R) Corporation" "c:\windows\system32\drivers\intcdaud.sys"
    + "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
    + "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
    + "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
    + "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
    + "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
    + "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
    + "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
    + "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
    + "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
    + "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
    + "nvraid" "NVIDIA® nForce(TM) RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
    + "nvstor" "NVIDIA® nForce(TM) Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
    + "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
    + "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
    + "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
    + "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
    + "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
    + "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
    + "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
    + "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
    + "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
    + "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
    + "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
    + "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
    + "ssadbus" "SAMSUNG Android USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\ssadbus.sys"
    + "ssudmdm" "SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
    + "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
    + "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
    + "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
    + "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
    + "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
    + "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
    + "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
    + "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
    + "ZTEusbmdm6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbmdm6k.sys"
    + "ZTEusbnmea" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbnmea.sys"
    + "ZTEusbser6k" "USB Modem/Serial Device Driver" "ZTE Incorporated" "c:\windows\system32\drivers\zteusbser6k.sys"
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
    + "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
    "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
    + "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
    + "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
    + "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
    + "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
    "HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
    + "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
    "HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
    + "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
    + "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
    + "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
    + "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
    + "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
    + "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
    + "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
    + "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
    + "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
    + "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
    + "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
    + "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
    + "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
    + "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
    + "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
    + "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
    + "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
    + "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
    + "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
    + "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
    + "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
    + "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
    + "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
    + "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
    + "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
    + "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
    + "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
    + "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
    + "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
    + "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
    + "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
    + "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
    + "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
    + "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
    + "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
    + "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
    + "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
    + "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
    + "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
    + "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
    + "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
    + "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "(c) MusicCity" "c:\windows\syswow64\muzmpgsp.ax"
    + "MusicCity OGG Splitter" "OGG Splitter" "(c) PeeringPortal" "c:\windows\syswow64\muzoggsp.ax"
    + "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
    + "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
    + "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
    + "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
    + "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
    + "P3Audio" "PCube Audio Decoder Filter" "(c) MusicCity" "c:\windows\syswow64\muzdecode.ax"
    + "P3AudioEffect" "P3AudioEffect Filter" "(c) MUSICCITY" "c:\windows\syswow64\muzeffect.ax"
    + "P3MP4Splitter" "P3MP4Splitter Filter" "(c) MusicCity" "c:\windows\syswow64\muzmp4sp.ax"
    + "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows\syswow64\muzaf1.dll"
    + "P3WMTSplitter" "P3WMTSplitter Filter" " (c) MusicCity" "c:\windows\syswow64\muzwmts.dll"
    + "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
    + "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
    + "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
    + "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
    + "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
    + "SpatialStereo Filter" "" "" "c:\windows\syswow64\3daudio.ax"
    + "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
    + "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
    + "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    + "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
    + "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
    + "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
    + "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
    "HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
    + "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
    + "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
    "HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
    + "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
    + "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
    "C:\Users\orianna\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
    + "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
  10. February 10th, 2013, 10:51 AM #55
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    Train, no one else has access to my computer, thats why I say I never installed it, so I have no idea where it has come from??
  11. February 10th, 2013, 02:18 PM #56
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I don't see any traces of Zuma.

    Download latest Java manually from here: http://www.java.com/en/download/manual.jsp and install it.
    My Home Page
  12. February 12th, 2013, 09:58 PM #57
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    exactly, because I have never installed it on my pc, yet it keeps appearing. and also when I go to certain pages and I scroll down and then back up there are these lines that appear. I followed all your directions to a T and yet it still seems like it is infected. It only runs hot when it's infected and slow on loading pages and the lines and weirdness...is there a possibility it's still hidden on my pc?
  13. February 12th, 2013, 10:02 PM #58
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Where, when and how exactly do you see Zuma presence?
    My Home Page
  14. February 12th, 2013, 11:21 PM #59
    ladytinkerbell
    ladytinkerbell is offline Virtual Intern
    Join Date
    Apr 2009
    Posts
    245
    only when trying to install java update it says that i have that program running... but i dont never have
  15. February 12th, 2013, 11:36 PM #60
    Broni's Avatar
    Broni
    Broni is offline Friend of Site Staff
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    64-bit users go HERE

    • Double-click SystemLook.exe to run it.
    • Vista users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box and paste it into the main textfield:
      Code:
      :filefind
zuma*
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

    Note: The log can also be found on your Desktop entitled SystemLook.txt
    My Home Page
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules