Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer slow Virus suspected. [Solved]

Started by Ardant , Mar 19 2013 11:53 AM

This topic is locked

#1
Ardant

Posted 19 March 2013 - 11:53 AM

Member

Member
229 posts

This is my daughters computer.I found several BHO's on this computer several of which are adware I am sure. I have cleaned up as much as I can find however it does not seem to have helped. I believe there is something else here. I have run spybot, avast, malwarebytes and eset. All now seem to be comming up clean. Please advise.

OTL logfile created on: 3/19/2013 1:13:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daddy\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 30.89% Memory free
3.98 Gb Paging File | 2.64 Gb Available in Paging File | 66.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.20 Gb Total Space | 53.85 Gb Free Space | 24.02% Space Free | Partition Type: NTFS

Computer Name: SUMMERCAMP20-PC | User Name: Daddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/19 13:11:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
PRC - [2013/03/10 20:24:32 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/03/06 19:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 19:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/20 22:44:22 | 002,238,704 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2013/02/08 14:32:00 | 000,150,768 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2013/02/06 04:01:52 | 003,579,024 | ---- | M] () -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 15:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2010/07/11 12:00:30 | 000,028,766 | ---- | M] (IObit) -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe
PRC - [2010/07/09 19:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2009/04/11 02:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/04 17:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/19 00:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/02 17:26:48 | 000,505,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008/05/09 15:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/04/24 16:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 03:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/17 03:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/15 21:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 21:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 19:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 17:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/02/06 17:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/12/03 21:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/11/02 08:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/12/28 07:21:37 | 000,270,336 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/10 20:24:29 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/13 15:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 15:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 15:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 15:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/01/12 19:56:14 | 000,071,504 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\taskdll.dll
MOD - [2009/01/12 19:56:00 | 000,059,216 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\NtfsData.dll
MOD - [2008/03/06 14:14:54 | 005,121,912 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007/12/25 16:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007/12/15 01:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/10/10 14:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 14:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/12/28 07:21:37 | 000,270,336 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/03/13 21:20:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/10 20:24:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 19:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/08 14:29:56 | 000,295,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2013/02/06 04:01:52 | 003,579,024 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/11 07:18:21 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2011/07/06 19:28:00 | 003,980,648 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/07/11 12:00:30 | 000,028,766 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/08/04 17:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/07/19 00:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 19:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 21:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/02/06 17:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 21:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TMPassthru.sys -- (TMPassthruMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - [2013/03/06 19:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 19:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 19:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 19:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 19:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/03/06 19:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 19:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 19:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/01/03 04:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 04:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/04/20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2011/03/18 12:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2011/03/16 19:00:08 | 000,032,672 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2008/07/28 19:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 22:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/04/28 20:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 13:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/18 12:22:00 | 000,009,216 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\sysprep\PEDRV.SYS -- (SVRPEDRV)
DRV - [2007/12/14 15:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/09 18:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 17:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 02:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSHB&bmod=TSHB
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}: "URL" = http://results.myway...r={searchTerms}
IE - HKLM\..\SearchScopes\{5D7ECE36-D93B-4DD9-B3A4-71B183018E6D}: "URL" = http://www.google.co...ng}&rlz=1I7TSHB

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSHB&bmod=TSHB
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\..\SearchScopes,DefaultScope = {099EF85B-3260-4b87-9239-33355EE6A548}
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@IObitBar.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\IObitBar\toolbar\1.bin [2011/05/01 14:58:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/29 13:40:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/08 22:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/12 23:04:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/26 17:44:20 | 000,000,000 | ---D | M]

[2013/03/16 22:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daddy\AppData\Roaming\Mozilla\Extensions
[2013/02/12 22:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/08 22:14:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009/09/04 06:01:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2013/03/10 20:24:32 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/08 17:22:30 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/10/24 02:15:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/06 16:30:36 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/05 13:58:00 | 000,000,686 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\searchresultstb.xml
[2013/03/10 20:24:26 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/03/14 10:19:47 | 000,445,018 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15308 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ImageBoost v1.1) - {11111111-1111-1111-1111-110111281132} - Reg Error: Value error. File not found
O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [ooVoo] C\ooVoo.exe /minimized File not found
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Summer Camp 2009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6099CFF0-8952-40D1-9DB5-CBF03C339178}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~1\safemule\safemule.dll) - c:\Program Files\SafeMule\safemule.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/19 13:11:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
[2013/03/19 12:06:04 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Apple
[2013/03/18 20:14:43 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Wise Registry Cleaner
[2013/03/16 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Macromedia
[2013/03/16 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Macromedia
[2013/03/16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Mozilla
[2013/03/16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Mozilla
[2013/03/16 21:57:08 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Toshiba
[2013/03/16 09:16:12 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Adobe
[2013/03/16 09:16:05 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Logitech
[2013/03/16 09:16:00 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Apple Computer
[2013/03/16 09:14:56 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Real
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Searches
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/16 09:14:15 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Identities
[2013/03/16 09:14:13 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Contacts
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\Temporary Internet Files
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Templates
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Start Menu
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\SendTo
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Recent
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\PrintHood
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\NetHood
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Videos
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Pictures
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Music
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Local Settings
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\History
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Cookies
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Application Data
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\Application Data
[2013/03/16 09:13:52 | 000,000,000 | --SD | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Videos
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Saved Games
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Pictures
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Music
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Links
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Favorites
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Downloads
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Documents
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Desktop
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/16 09:13:52 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\My Documents
[2013/03/16 09:13:52 | 000,000,000 | -H-D | C] -- C:\Users\Daddy\AppData
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\temp
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Microsoft Help
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Microsoft
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\IObit
[2013/03/14 10:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013/03/13 21:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013/03/11 11:30:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/03/11 11:29:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013/03/10 20:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/03/04 18:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2013/03/04 18:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2013/03/03 15:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/02/26 17:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/02/26 17:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/02/26 17:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/25 21:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2013/02/25 18:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/02/25 18:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/02/23 23:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/02/22 17:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\SafeMule
[2013/02/22 17:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\ImageBoost v1.1
[2013/02/22 17:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\GoodSync
[2013/02/22 17:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
[2013/02/22 17:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Siber Systems
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/19 13:15:11 | 000,613,520 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/19 13:15:11 | 000,108,446 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/19 13:11:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
[2013/03/19 13:08:10 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/19 13:07:57 | 000,000,620 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/03/19 13:07:57 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2013/03/19 13:07:43 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 13:07:43 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 13:06:35 | 000,410,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/19 13:06:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/19 13:06:12 | 2009,067,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/19 12:29:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/19 12:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/16 22:06:41 | 000,000,632 | RHS- | M] () -- C:\Users\Daddy\ntuser.pol
[2013/03/16 22:01:03 | 000,000,914 | ---- | M] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/16 09:14:36 | 000,001,966 | ---- | M] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/14 18:33:18 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/14 10:19:47 | 000,445,018 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/03/14 10:14:52 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/03/13 09:34:30 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/03/13 09:33:30 | 000,445,018 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130314-101947.backup
[2013/03/10 20:30:24 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/10 18:47:38 | 000,001,218 | ---- | M] () -- C:\Windows\WININIT.INI
[2013/03/08 22:15:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/06 19:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/06 19:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/06 19:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/06 19:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/06 19:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/03/06 19:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/06 19:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/06 19:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/06 19:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/06 19:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/02/26 17:52:53 | 000,001,635 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/22 17:45:56 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\GoodSync Explorer.lnk
[2013/02/22 17:45:56 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\GoodSync.lnk
[2013/02/20 23:45:41 | 000,444,292 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130313-093330.backup
[2013/02/20 17:14:35 | 000,444,292 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130220-224541.backup
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/19 12:53:41 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2013/03/16 22:01:03 | 000,000,914 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/16 09:18:57 | 000,000,632 | RHS- | C] () -- C:\Users\Daddy\ntuser.pol
[2013/03/16 09:14:37 | 000,000,920 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/16 09:14:36 | 000,001,966 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/16 09:14:24 | 000,000,915 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/03/16 09:14:12 | 000,000,886 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2013/03/16 09:13:52 | 000,000,258 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/16 09:13:52 | 000,000,240 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/14 10:14:52 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/03/08 22:15:15 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/08 22:15:15 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/02/26 17:52:53 | 000,001,635 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/22 17:45:56 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\GoodSync Explorer.lnk
[2013/02/22 17:45:56 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\GoodSync.lnk
[2012/08/12 18:30:06 | 000,000,295 | ---- | C] () -- C:\Windows\ka.ini
[2012/08/11 15:48:16 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/08/11 15:48:16 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/08/11 15:48:16 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/08/11 15:48:12 | 000,000,305 | ---- | C] () -- C:\Windows\EReg515.dat
[2012/08/11 15:45:49 | 000,000,909 | ---- | C] () -- C:\Windows\disney.ini
[2012/01/14 17:26:14 | 000,022,032 | ---- | C] () -- C:\Windows\DCEBoot.exe
[2011/10/29 13:29:15 | 000,207,226 | ---- | C] () -- C:\Windows\hpwins28.dat
[2011/07/10 18:21:47 | 000,000,075 | ---- | C] () -- C:\Windows\muppets2pc.ini
[2011/07/10 18:21:47 | 000,000,026 | ---- | C] () -- C:\Windows\ESINSTALL.INI
[2010/10/21 20:41:51 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/19 12:53:40 | 000,000,000 | ---D | M] -- C:\Users\Daddy\AppData\Roaming\IObit
[2013/03/18 20:18:53 | 000,000,000 | ---D | M] -- C:\Users\Daddy\AppData\Roaming\Wise Registry Cleaner
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/03/10 20:34:21 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\BitTorrent
[2013/02/22 17:55:56 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Claro LTD
[2012/10/08 12:26:15 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\CrystalIdea Software
[2013/02/15 18:32:28 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DealPly
[2013/01/20 11:36:38 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DriverCure
[2012/06/03 16:25:43 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DVDVideoSoft
[2012/06/03 16:07:46 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/01/20 11:36:35 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Foresight Software
[2012/10/24 12:01:22 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Garmin
[2013/02/22 19:45:20 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\GoodSync
[2013/03/04 18:53:27 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\HandBrake
[2012/10/05 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\IObit
[2012/10/08 11:34:32 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Leadertech
[2013/03/18 18:51:44 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\MP3Rocket
[2012/12/02 12:43:08 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\ooVoo Details
[2012/10/07 11:18:25 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\pdfforge
[2013/02/21 22:35:28 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\QuickScan
[2012/06/27 07:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Sony
[2013/01/20 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\TOSHIBA
[2013/01/20 11:06:09 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\VOWSoft
[2012/08/22 14:25:48 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\WildTangent
[2013/02/25 21:13:04 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\WindSolutions
[2013/01/06 17:50:39 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Wise Registry Cleaner
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\IObit
[2010/10/31 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\AnVi
[2012/05/06 21:50:22 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\DriverCure
[2010/03/28 17:37:47 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\FOG Downloader
[2009/09/25 11:33:55 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\GARMIN
[2011/10/12 19:08:44 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\IObit
[2009/08/16 00:02:46 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Jane s Hotel Family Hero
[2011/01/01 14:16:32 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Kalydo
[2010/06/04 18:59:08 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\LaJangada
[2009/07/09 11:16:17 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Leadertech
[2012/05/22 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\MP3Rocket
[2012/04/18 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Smart PC Cleaner
[2012/10/09 20:41:34 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Smilebox
[2012/05/06 21:50:22 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\SpeedyPC Software
[2012/04/19 13:25:19 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Toshiba
[2010/08/16 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Turbine
[2010/11/20 19:48:35 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Unity
[2010/06/04 22:02:43 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\VampireSaga
[2011/05/01 16:31:01 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\wargaming.net
[2009/07/07 17:48:49 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\WildTangent
[2012/05/28 18:06:08 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\YourFileDownloader

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

OTL Extras logfile created on: 3/19/2013 1:13:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daddy\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 30.89% Memory free
3.98 Gb Paging File | 2.64 Gb Available in Paging File | 66.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.20 Gb Total Space | 53.85 Gb Free Space | 24.02% Space Free | Partition Type: NTFS

Computer Name: SUMMERCAMP20-PC | User Name: Daddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06639640-0DFF-4C1D-8EF6-77D0270C7C4C}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
"{79670A2A-A127-47AE-84F4-FC7FF738D6D8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{A0B68027-872B-4089-9276-FCD322D75C80}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{B89AB3DE-162D-4C9C-B4C8-F0776A3187D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F59DE8BB-721D-474F-98BD-B610FAB8A5BD}" = lport=49166 | protocol=6 | dir=in | name=akamai netsession interface |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022049E2-E107-4633-8E61-ADE6A233BE86}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{0750D301-1075-43B1-934A-F7D20EF267EB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{0A4D8753-CB00-41C5-BE7A-14FC2803D0E3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{0AB3C233-AC7A-41EE-B55D-905C6DF9536C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{0BA78073-86C8-4030-8D1F-175668BEEF3C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{0E3F966F-DDD1-4CA8-9E5E-006692C4BE6F}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{10D5786B-5CB2-475E-A2F5-D4EAE4251DD2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{155E65B7-57F0-48B5-8B51-C55B868BB654}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{15E1D63F-A4EB-42BE-A21F-455D136F0082}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{19ED5999-C01B-4D4F-8439-282012202032}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{1AC80BEF-76CC-4419-B263-624A61E6DBAA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1AF5B023-9ED1-488C-9234-DD1E282BCD82}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |
"{1B18A58C-EAC8-4E1E-A998-5DC74B42FEA3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{1BB07EF1-51E1-4158-B8BF-334A8AE4D6B1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1C99D370-2A51-4243-BF3E-F53EA3B03716}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{1D928F5D-C318-4F07-9BC2-76F6D056872B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{25DA7DFE-F3DF-4933-A28F-1EA81249398C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{2725CA94-B2D4-4D84-B41B-926A64BEAEAA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{27282627-C9E0-4A74-8816-E30BAC03BB05}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{273C44C0-088D-4FFF-A89D-6EE9E2EE4D7E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{2AD2DAD1-86A2-4C98-828D-783D8D798701}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2F00160B-85E3-4054-8D6F-3ADCFE0CEE06}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2F51DA21-D5ED-453B-86CB-E832D51DBC61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{306238E0-5B23-4E47-A92F-6884089FFFB5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{31902EA1-1019-4F87-8B88-84F09551E262}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{38E4088F-38DE-419C-A4C7-A2551593F0A8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{41A543B0-4DDB-43C2-ACC4-24CFDD282188}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{426977C6-2422-44AE-B72A-5EF141526C86}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{46250208-625D-4EBD-BA79-F2EAA6304698}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{475F8A93-3C00-4180-85D4-CB5E7AA02F05}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{47D691D8-DAEA-4508-AA4B-6D061113519A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4EDEBADD-CD8C-40BF-8294-2453B3B0AB9C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{4EE97929-E24D-419C-8165-EAAA18AE7916}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{4F15337E-65BA-4640-875C-D7B66AF710EF}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{515D5AE7-2255-46EC-84FA-FF3D905D2939}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{54B80E85-8282-456D-BDE0-3BAB23A67555}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5522BF46-851C-48AA-9357-CB7CFE442E65}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{5565BCC9-DE28-4AF9-AB73-07E509CDFE43}" = dir=in | app=c:\users\lindsay\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{5F924961-1C17-4CC2-8DCC-43FAFBCAC24E}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{5FE18143-6DEB-4C84-9FBD-D7C2188B689A}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{616A7ED4-4EF1-46D8-9BB2-7AC6B27B456E}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\yourfile.exe |
"{6ED9BBBB-0BBD-46E6-9CAA-CCC15E654C89}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{72B6E631-1411-48E6-A7BF-58278F1CBC25}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{73ACBAD6-1763-4A4E-842E-472A9926DEBC}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{75F40218-FE75-453F-B2A8-4734DECB1967}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{7BBA6405-145E-4479-BFAA-F7C574C54E7F}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{999E214A-50D0-409F-B929-6819996AA139}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{9A916362-1C06-44AE-B67E-223097D6CA37}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{A2C5F3D1-4F33-43BD-A23A-196E909C3CD9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{B0CF2A17-AB04-4D8B-B67F-BFCBF548B6E2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{B599D1F7-9835-4D8E-BB78-28AF8C57947B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fear2\fear2.exe |
"{B74B819D-9590-4C7A-82BE-BD2C120AC073}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{BF0F773C-A372-48A4-909A-DA317F69B9B0}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BF2E5D63-B792-482E-BFA5-D1F71960277E}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{C90B8D75-79DA-4FD0-925A-E4545B503C77}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{CE742052-93C7-4D8A-B239-BD6BF9C27A4E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{CF273075-7246-45E7-B6AA-90FE7DB59598}" = protocol=17 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{CF5A3520-42DC-4A44-BC93-0BAF8373304A}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{D51E7B16-CF2E-4AD5-8949-AD9708EE531E}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe |
"{DAFEFAFD-2FA7-4A7B-A8BA-E5FEFC63F79C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{DC7C048D-FA15-4224-9E0D-90D14BB92BED}" = protocol=6 | dir=in | app=c:\program files\yourfiledownloader\downloader.exe |
"{E55A07CF-A24A-4CF1-B43A-6B0B2290EB4B}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{E61CA2B4-C9D3-476E-BF61-EE913BCC1905}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{E81DB8ED-F416-42AC-9A34-9CAA4B3E53B6}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{E92600E6-F958-47F4-9732-E778C7F10696}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{EAF659DF-A79E-4A29-8144-5F68E7807A0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"TCP Query User{0400A81F-9447-4DDF-B7BE-90BF1FD0539D}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{040A37C8-F403-48E5-9352-04A03864AA04}C:\netmarbleglobal\marblestation\nmgdownloader\nmgdownload.exe" = protocol=6 | dir=in | app=c:\netmarbleglobal\marblestation\nmgdownloader\nmgdownload.exe |
"TCP Query User{0B98C254-D6E9-4CF2-96FF-7B84B1153959}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{0C849874-C9D9-445E-8192-3DEC8762216C}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{2DBF2363-3EC9-4E2E-8C8C-CA4599F42797}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{375E7DB6-93BB-440F-9E4F-8256C55ED4BB}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{4869C3BF-46F8-42E8-9A28-EAA93A52A625}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{49878E88-5D48-4EBC-B982-459A4E93B5A8}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{4CF91A4F-A273-4A83-B940-DE29DBACCC29}C:\users\nathan\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\nathan\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6D605771-2BB2-4D2C-9BAF-99E8058917BB}C:\users\nathan\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\nathan\appdata\local\akamai\netsession_win.exe |
"TCP Query User{74FE6749-679C-4555-A1DB-28A4884BDF23}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{78F0EF20-3CC5-4CEA-B50E-7C72CC443E05}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{ACB114D2-DA75-4D1E-BD87-53539B29B854}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{B8600E13-C528-43C9-82BC-E6FA5B2D757A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{ECCC3D5F-BB6B-4951-8105-3FD16C47BDBF}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{F5368AA6-24B8-4D7D-A577-6DD10899E75C}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{FFB28CBF-E28E-4252-9731-310D0EA717EA}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{0D1211BA-8C4C-48F4-B84D-47B5A3BC1EF7}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{135F9354-823F-4996-BABE-33449BCFA54A}C:\users\nathan\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\nathan\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2C78EB7D-9A14-4D78-8381-15761254D9C6}C:\netmarbleglobal\marblestation\nmgdownloader\nmgdownload.exe" = protocol=17 | dir=in | app=c:\netmarbleglobal\marblestation\nmgdownloader\nmgdownload.exe |
"UDP Query User{365DF9DF-261D-4E78-B5C9-545DBFAB5A67}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{59CFB5C0-0288-460F-A265-CCC96CAF2875}C:\users\nathan\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\nathan\appdata\local\akamai\netsession_win.exe |
"UDP Query User{77C6EC7C-1B8B-4E9D-870B-FF76A4217B91}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{84ACA12E-7182-4F88-83D0-004603B8B0D6}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{8E82405D-DDB5-407F-8877-276BDE3DF1BE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{8FF468C9-B331-4D47-A00F-06A5A50B6219}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{A2D7FB2A-9F5F-4AE1-BCE8-E82E3E90A007}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A8665EC7-7B92-4C63-90FB-6B67B543BADC}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{BD2E3237-3BF1-48AF-BE3F-3316976504DF}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{CD2037FF-A319-4CC6-8B79-06396F424AA0}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{DC4E2BE4-2CB6-4BD6-9978-1E2E0B8EE78E}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{E23D4106-E10D-440D-8489-8211C3FD3008}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{EE00F8E5-8A39-46B6-8928-37B2CE506830}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{02034A48-25C6-4BB4-8186-54917E5D49DA}" = SpongeBob SquarePants - Lights, Camera, Pants!
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.3.11
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{224821ED-CADA-4A8A-AC8D-3734CC0F0931}" = Amazon Links
"{23170F69-40C1-2701-0921-000001000000}" = 7-Zip 9.21
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{37003C6E-DC86-4233-B5CE-665D82DFA7EB}" = Backyard Skateboarding
"{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}" = LEGO Racers 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{5F87EF36-A373-11D5-AA2E-0008C760B784}" = Monsters Jr
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.12.02
"{88D68A69-D247-466B-90DD-575F6BE16230}_is1" = CardRecovery 6.10
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D410AED-607D-492D-B07D-D3ABD1823011}" = ArcSoft Funhouse
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1}" = Garmin Communicator Plugin
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1983EC1-9919-4D3A-915C-79A3EE94D705}" = Backyard Hockey
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7}" = Garmin POI Loader
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E1E56B8A-1AAF-422A-91DB-625059FB9863}" = TOSHIBA Desktop Links
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F7D739D1-B597-4802-A4CB-E1FBF326C9B0}" = QuickShare
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"avast" = avast! Free Antivirus
"Backyard Football 2002" = Backyard Football 2002
"Bugs Bunny Lost In Time" = Bugs Bunny Lost In Time
"CCleaner" = CCleaner
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"Free Studio_is1" = Free Studio version 5.5.0
"Free YouTube Download_is1" = Free YouTube Download version 3.1.27.508
"Game Booster_is1" = Game Booster
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.8
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"iBackupBot for iTunes" = iBackupBot for iTunes 3.6.5
"ImageBoost v1.1" = ImageBoost v1.1
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{C1983EC1-9919-4D3A-915C-79A3EE94D705}" = Backyard Hockey
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JumpStart Advanced Language Club" = JumpStart Advanced Language Club
"JumpStart Advanced Preschool" = JumpStart Advanced Preschool
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Math Blaster" = Math Blaster
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Rocket" = MP3 Rocket
"NetDevil_LEGO_Universe_is1" = LEGO Universe
"NirSoft ShellExView" = NirSoft ShellExView
"Photags Music Express" = iConcepts Music Express
"Picasa 3" = Picasa 3
"Pokemon PC 2.0_is1" = Pokemon PC 2.0
"PROHYBRIDR" = 2007 Microsoft Office system
"Protected Folder_is1" = Protected Folder
"Putt-Putt Travels Through Time" = Putt-Putt Travels Through Time
"Reader Rabbit Math Ages 6-9" = Reader Rabbit Math Ages 6-9
"RealPlayer 15.0" = RealPlayer
"RollerCoaster Tycoon Setup" = Roll
"SafeMule" = SafeMule
"Scholastic's I SPY Fantasy" = Scholastic's I SPY Fantasy
"Scholastic's I SPY School Days" = Scholastic's I SPY School Days
"Shop for HP Supplies" = Shop for HP Supplies
"Sketchpad" = Sketchpad
"Smart Defrag_is1" = Smart Defrag
"sp6" = Logitech SetPoint 6.52
"SpeedFan" = SpeedFan (remove only)
"SpongeBob SquarePants Typing" = SpongeBob SquarePants Typing
"Spy Muppets" = Spy Muppets
"SpywareBlaster_is1" = SpywareBlaster 5.0
"StarCraft II" = StarCraft II
"Steam App 16450" = F.E.A.R. 2: Project Origin
"Steam App 8930" = Sid Meier's Civilization V
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Warcraft III" = Warcraft III
"Wheel of Fortune Deluxe" = Wheel of Fortune Deluxe (remove only)
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.61
"WT087095" = Big Rig Europe
"WT089127" = Epic Adventures - La Jangada

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/19/2013 3:07:19 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/19/2013 3:07:19 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13706934

Error - 3/19/2013 3:07:19 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13706934

Error - 3/19/2013 3:07:35 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/19/2013 3:07:35 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13722691

Error - 3/19/2013 3:07:35 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13722691

Error - 3/19/2013 8:38:30 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/19/2013 8:38:30 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33578404

Error - 3/19/2013 8:38:30 AM | Computer Name = SummerCamp20-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33578404

Error - 3/19/2013 1:07:35 PM | Computer Name = SummerCamp20-PC | Source = WinMgmt | ID = 10
Description =

[ Spybot - Search and Destroy Events ]
Error - 1/6/2013 5:30:45 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 1/6/2013 5:30:46 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2/21/2013 12:39:58 AM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2/22/2013 6:01:52 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2/24/2013 10:02:00 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 2/25/2013 8:39:23 AM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 3/10/2013 6:13:48 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 3/11/2013 11:24:40 AM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

Error - 3/14/2013 8:42:05 PM | Computer Name = SummerCamp20-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions

[ System Events ]
Error - 3/18/2013 11:26:07 AM | Computer Name = SummerCamp20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 3/18/2013 6:00:50 PM | Computer Name = SummerCamp20-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.59.1.100 for the Network Card with network
address 0024D23EE356 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/18/2013 6:01:19 PM | Computer Name = SummerCamp20-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/18/2013 6:01:42 PM | Computer Name = SummerCamp20-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 3/18/2013 8:12:58 PM | Computer Name = SummerCamp20-PC | Source = DCOM | ID = 10010
Description =

Error - 3/19/2013 3:00:48 AM | Computer Name = SummerCamp20-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 3/19/2013 3:01:03 AM | Computer Name = SummerCamp20-PC | Source = DCOM | ID = 10010
Description =

Error - 3/19/2013 3:05:05 AM | Computer Name = SummerCamp20-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 3/19/2013 1:07:36 PM | Computer Name = SummerCamp20-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/19/2013 1:07:55 PM | Computer Name = SummerCamp20-PC | Source = Service Control Manager | ID = 7023
Description =

< End of report >

#2
Essexboy

Posted 19 March 2013 - 11:58 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi is it just generally slow or at specific times ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ImageBoost v1.1) - {11111111-1111-1111-1111-110111281132} - Reg Error: Value error. File not found
O2 - BHO: (Coupon Companion Plugin) - {11111111-1111-1111-1111-110211181104} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (no name) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - No CLSID value found.
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

#3
Ardant

Posted 19 March 2013 - 02:11 PM

Member

Topic Starter
Member
229 posts

This computer is slow most the time. Quite often when running programs I get messages stating that the program is unresponsive. It does eventually run but it is rather annoying. Here are the requested logs.

A couple of questions.

1) I noticed alot of temporary files being deleted from the report after OTL finished the fix. 2,113 mB to be exact. I run CC Cleaner regularily. Is it not supposed to delete all these files? Do I have it set right? Do I have to do it for each user?
2) Is adwcleaner a program I can run regularily without it causing harm? Due to schooling requirements my daughter needs to download from the school website so completely shutting her download ability off is not possible. I am trying to restrict her website access but I am only able to block the sites as she comes across them and I find out about them. I have explained to her to read all pages during a download and to uncheck the additional content but that doesnt seem to be working.

Please advise.

Thanks Essexboy

OTL logfile created on: 3/19/2013 3:43:03 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daddy\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 36.45% Memory free
3.98 Gb Paging File | 2.74 Gb Available in Paging File | 68.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.20 Gb Total Space | 55.72 Gb Free Space | 24.85% Space Free | Partition Type: NTFS

Computer Name: SUMMERCAMP20-PC | User Name: Daddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/19 13:11:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
PRC - [2013/03/10 20:24:32 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/03/06 19:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 19:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/20 22:44:22 | 002,238,704 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2013/02/08 14:32:00 | 000,150,768 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2013/02/06 04:01:52 | 003,579,024 | ---- | M] () -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 15:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2010/07/11 12:00:30 | 000,028,766 | ---- | M] (IObit) -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe
PRC - [2010/07/09 19:08:04 | 002,712,920 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
PRC - [2009/04/11 02:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/04 17:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
PRC - [2008/07/19 00:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/06/02 17:26:48 | 000,505,720 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008/05/09 15:49:30 | 000,716,800 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008/04/24 16:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/17 03:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/17 03:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/15 21:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 21:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/08 19:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/02/06 17:52:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008/02/06 17:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/12/03 21:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/11/02 08:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/12/28 07:21:37 | 000,270,336 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/10 20:24:29 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/13 15:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 15:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 15:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 15:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/01/12 19:56:14 | 000,071,504 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\taskdll.dll
MOD - [2009/01/12 19:56:00 | 000,059,216 | ---- | M] () -- C:\Program Files\IObit\IObit SmartDefrag\NtfsData.dll
MOD - [2008/03/06 14:14:54 | 005,121,912 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007/12/25 16:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007/12/15 01:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/10/10 14:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 14:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/12/28 07:21:37 | 000,270,336 | ---- | M] () -- C:\Program Files\iConcepts Music Express\MEAutoDetect.exe

========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/03/13 21:20:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/10 20:24:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 19:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/25 08:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/02/08 14:29:56 | 000,295,664 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2013/02/06 04:01:52 | 003,579,024 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/11 07:18:21 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2011/07/06 19:28:00 | 003,980,648 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/07/11 12:00:30 | 000,028,766 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObitBar\toolbar\1.bin\i0barsvc.exe -- (IObitBarService)
SRV - [2010/06/18 21:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/08/04 17:46:22 | 000,046,392 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2008/07/19 00:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 19:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/15 21:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/02/06 17:52:40 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008/01/20 22:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/03 21:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TMPassthru.sys -- (TMPassthruMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - [2013/03/06 19:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 19:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 19:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 19:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 19:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/03/06 19:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 19:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 19:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/01/03 04:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 04:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/04/20 16:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2011/03/18 12:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2011/03/16 19:00:08 | 000,032,672 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2008/07/28 19:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 22:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/04/28 20:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 13:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/18 12:22:00 | 000,009,216 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\sysprep\PEDRV.SYS -- (SVRPEDRV)
DRV - [2007/12/14 15:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/09 18:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 17:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 02:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSHB&bmod=TSHB
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}: "URL" = http://results.myway...r={searchTerms}
IE - HKLM\..\SearchScopes\{5D7ECE36-D93B-4DD9-B3A4-71B183018E6D}: "URL" = http://www.google.co...ng}&rlz=1I7TSHB

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSHB&bmod=TSHB
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@IObitBar.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\IObitBar\toolbar\1.bin [2011/05/01 14:58:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/29 13:40:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/08 22:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/12 23:04:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/26 17:44:20 | 000,000,000 | ---D | M]

[2013/03/16 22:22:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daddy\AppData\Roaming\Mozilla\Extensions
[2013/02/12 22:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/08 22:14:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009/09/04 06:01:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2013/03/10 20:24:32 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/08 17:22:30 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012/10/24 02:15:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/06 16:30:36 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/05 13:58:00 | 000,000,686 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\searchresultstb.xml
[2013/03/10 20:24:26 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2013/03/19 15:17:36 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [ooVoo] C\ooVoo.exe /minimized File not found
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Summer Camp 2009\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-234329832-1625283619-1638487238-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6099CFF0-8952-40D1-9DB5-CBF03C339178}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~1\safemule\safemule.dll) - c:\Program Files\SafeMule\safemule.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/19 15:17:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/19 15:15:54 | 000,000,000 | ---D | C] -- C:\Users\Daddy\Documents\OneNote Notebooks
[2013/03/19 13:11:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
[2013/03/19 12:06:04 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Apple
[2013/03/18 20:14:43 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Wise Registry Cleaner
[2013/03/16 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Macromedia
[2013/03/16 22:23:01 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Macromedia
[2013/03/16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Mozilla
[2013/03/16 22:22:11 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Mozilla
[2013/03/16 21:57:08 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Toshiba
[2013/03/16 09:16:12 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Adobe
[2013/03/16 09:16:05 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Logitech
[2013/03/16 09:16:00 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Apple Computer
[2013/03/16 09:14:56 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Real
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Searches
[2013/03/16 09:14:24 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/16 09:14:15 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\Identities
[2013/03/16 09:14:13 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Contacts
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\Temporary Internet Files
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Templates
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Start Menu
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\SendTo
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Recent
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\PrintHood
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\NetHood
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Videos
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Pictures
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Documents\My Music
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Local Settings
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\History
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Cookies
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\Application Data
[2013/03/16 09:13:53 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\AppData\Local\Application Data
[2013/03/16 09:13:52 | 000,000,000 | --SD | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Videos
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Saved Games
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Pictures
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Music
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Links
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Favorites
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Downloads
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Documents
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\Desktop
[2013/03/16 09:13:52 | 000,000,000 | R--D | C] -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/16 09:13:52 | 000,000,000 | -HSD | C] -- C:\Users\Daddy\My Documents
[2013/03/16 09:13:52 | 000,000,000 | -H-D | C] -- C:\Users\Daddy\AppData
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\temp
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Microsoft Help
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Local\Microsoft
[2013/03/16 09:13:52 | 000,000,000 | ---D | C] -- C:\Users\Daddy\AppData\Roaming\IObit
[2013/03/14 10:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013/03/13 21:16:39 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013/03/11 11:30:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/03/11 11:29:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013/03/10 20:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/03/04 18:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2013/03/04 18:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2013/02/26 17:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/02/26 17:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/02/26 17:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/25 21:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2013/02/25 18:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/02/25 18:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/02/23 23:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/02/22 17:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\SafeMule
[2013/02/22 17:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\ImageBoost v1.1
[2013/02/22 17:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\GoodSync
[2013/02/22 17:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
[2013/02/22 17:45:34 | 000,000,000 | ---D | C] -- C:\Program Files\Siber Systems

========== Files - Modified Within 30 Days ==========

[2013/03/19 15:45:30 | 000,613,520 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/19 15:45:30 | 000,108,446 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/19 15:37:23 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/19 15:37:06 | 000,000,620 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/03/19 15:37:05 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2013/03/19 15:36:47 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 15:36:47 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 15:36:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/19 15:36:38 | 2009,067,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/19 15:29:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/19 15:17:36 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/03/19 15:15:53 | 000,001,082 | ---- | M] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2013/03/19 15:12:31 | 000,609,993 | ---- | M] () -- C:\Users\Daddy\Desktop\adwcleaner.exe
[2013/03/19 15:06:22 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/19 13:11:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daddy\Desktop\OTL.exe
[2013/03/19 13:06:35 | 000,410,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/16 22:06:41 | 000,000,632 | RHS- | M] () -- C:\Users\Daddy\ntuser.pol
[2013/03/16 22:01:03 | 000,000,914 | ---- | M] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/16 09:14:36 | 000,001,966 | ---- | M] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/14 18:33:18 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/14 10:14:52 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/03/13 09:34:30 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/03/13 09:33:30 | 000,445,018 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130314-101947.backup
[2013/03/10 20:30:24 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/10 18:47:38 | 000,001,218 | ---- | M] () -- C:\Windows\WININIT.INI
[2013/03/08 22:15:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/06 19:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/06 19:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/06 19:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/06 19:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/06 19:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/03/06 19:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/06 19:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/06 19:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/06 19:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/06 19:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/02/26 17:52:53 | 000,001,635 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/22 17:45:56 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\GoodSync Explorer.lnk
[2013/02/22 17:45:56 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\GoodSync.lnk
[2013/02/20 23:45:41 | 000,444,292 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130313-093330.backup
[2013/02/20 17:14:35 | 000,444,292 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130220-224541.backup

========== Files Created - No Company Name ==========

[2013/03/19 15:15:53 | 000,001,082 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2013/03/19 15:12:29 | 000,609,993 | ---- | C] () -- C:\Users\Daddy\Desktop\adwcleaner.exe
[2013/03/19 12:53:41 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\AutoSmartDefrag.job
[2013/03/16 22:01:03 | 000,000,914 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/16 09:18:57 | 000,000,632 | RHS- | C] () -- C:\Users\Daddy\ntuser.pol
[2013/03/16 09:14:37 | 000,000,920 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/16 09:14:36 | 000,001,966 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/16 09:14:24 | 000,000,915 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/03/16 09:14:12 | 000,000,886 | ---- | C] () -- C:\Users\Daddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2013/03/16 09:13:52 | 000,000,258 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/16 09:13:52 | 000,000,240 | ---- | C] () -- C:\Users\Daddy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/14 10:14:52 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/03/08 22:15:15 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/08 22:15:15 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/02/26 17:52:53 | 000,001,635 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/02/22 17:45:56 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\GoodSync Explorer.lnk
[2013/02/22 17:45:56 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\GoodSync.lnk
[2012/08/12 18:30:06 | 000,000,295 | ---- | C] () -- C:\Windows\ka.ini
[2012/08/11 15:48:16 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/08/11 15:48:16 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/08/11 15:48:16 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/08/11 15:48:12 | 000,000,305 | ---- | C] () -- C:\Windows\EReg515.dat
[2012/08/11 15:45:49 | 000,000,909 | ---- | C] () -- C:\Windows\disney.ini
[2012/01/14 17:26:14 | 000,022,032 | ---- | C] () -- C:\Windows\DCEBoot.exe
[2011/10/29 13:29:15 | 000,207,226 | ---- | C] () -- C:\Windows\hpwins28.dat
[2011/07/10 18:21:47 | 000,000,075 | ---- | C] () -- C:\Windows\muppets2pc.ini
[2011/07/10 18:21:47 | 000,000,026 | ---- | C] () -- C:\Windows\ESINSTALL.INI
[2010/10/21 20:41:51 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini

========== ZeroAccess Check ==========

[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/19 12:53:40 | 000,000,000 | ---D | M] -- C:\Users\Daddy\AppData\Roaming\IObit
[2013/03/18 20:18:53 | 000,000,000 | ---D | M] -- C:\Users\Daddy\AppData\Roaming\Wise Registry Cleaner
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/03/10 20:34:21 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\BitTorrent
[2012/10/08 12:26:15 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\CrystalIdea Software
[2013/01/20 11:36:38 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DriverCure
[2012/06/03 16:25:43 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\DVDVideoSoft
[2013/01/20 11:36:35 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Foresight Software
[2012/10/24 12:01:22 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Garmin
[2013/02/22 19:45:20 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\GoodSync
[2013/03/04 18:53:27 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\HandBrake
[2012/10/05 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\IObit
[2012/10/08 11:34:32 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Leadertech
[2013/03/18 18:51:44 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\MP3Rocket
[2012/12/02 12:43:08 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\ooVoo Details
[2013/02/21 22:35:28 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\QuickScan
[2012/06/27 07:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Sony
[2013/01/20 22:10:24 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\TOSHIBA
[2013/01/20 11:06:09 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\VOWSoft
[2012/08/22 14:25:48 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\WildTangent
[2013/02/25 21:13:04 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\WindSolutions
[2013/01/06 17:50:39 | 000,000,000 | ---D | M] -- C:\Users\Lindsay\AppData\Roaming\Wise Registry Cleaner
[2011/05/21 08:35:04 | 000,000,000 | ---D | M] -- C:\Users\Nathan\AppData\Roaming\IObit
[2010/10/31 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\AnVi
[2012/05/06 21:50:22 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\DriverCure
[2010/03/28 17:37:47 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\FOG Downloader
[2009/09/25 11:33:55 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\GARMIN
[2011/10/12 19:08:44 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\IObit
[2009/08/16 00:02:46 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Jane s Hotel Family Hero
[2011/01/01 14:16:32 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Kalydo
[2010/06/04 18:59:08 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\LaJangada
[2009/07/09 11:16:17 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Leadertech
[2012/05/22 16:27:28 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\MP3Rocket
[2012/04/18 17:08:10 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Smart PC Cleaner
[2012/10/09 20:41:34 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Smilebox
[2012/05/06 21:50:22 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\SpeedyPC Software
[2012/04/19 13:25:19 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Toshiba
[2010/08/16 21:02:59 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Turbine
[2010/11/20 19:48:35 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\Unity
[2010/06/04 22:02:43 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\VampireSaga
[2011/05/01 16:31:01 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\wargaming.net
[2009/07/07 17:48:49 | 000,000,000 | ---D | M] -- C:\Users\Summer Camp 2009\AppData\Roaming\WildTangent

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

# AdwCleaner v2.115 - Logfile created 03/19/2013 at 15:33:45
# Updated 17/03/2013 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Daddy - SUMMERCAMP20-PC
# Boot Mode : Normal
# Running from : C:\Users\Daddy\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\searchplugins\claro.xml
File Deleted : C:\Users\Public\Desktop\YourFile Downloader.lnk
File Deleted : C:\Users\Summer Camp 2009\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\bprotector_prefs.js
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Coupon Companion Plugin
Folder Deleted : C:\Program Files\yourfiledownloader
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Daddy\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Lindsay\AppData\Local\Conduit
Folder Deleted : C:\Users\Lindsay\AppData\Local\Deals Plugin
Folder Deleted : C:\Users\Lindsay\AppData\Local\Smartbar
Folder Deleted : C:\Users\Lindsay\AppData\LocalLow\Claro LTD
Folder Deleted : C:\Users\Lindsay\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Lindsay\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Lindsay\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\Claro LTD
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\CT3248581
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\extensions\{59194e4d-3567-4836-b58a-274c40717630}
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\Smartbar
Folder Deleted : C:\Users\Lindsay\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Nathan\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\lxk0t9df.default\extensions\[email protected]
Folder Deleted : C:\Users\Summer Camp 2009\AppData\Local\PackageAware
Folder Deleted : C:\Users\Summer Camp 2009\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Summer Camp 2009\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\extensions\[email protected]
Folder Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\extensions\[email protected]
Folder Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\extensions\staged
Folder Deleted : C:\Users\Summer Camp 2009\AppData\Roaming\yourfiledownloader

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\5a53d98cb33be440
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Claro LTD
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0012832.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Summer Camp 2009\AppData\Roaming\Mozilla\Firefox\Profiles\ho0x604r.default\prefs.js

Deleted : user_pref("browser.newtab.url", "hxxp://www.claro-search.com/?affID=120133&babsrc=NT_ss&mntrId=1e7e7[...]
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Claro Search");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.yahoo.com/search?fr=mcafee&p=")[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.active", true);
Deleted : user_pref("extensions.crossriderapp12832.12832.addressbar", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.backgroundjs", "\n\n/********************************[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.backgroundver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp12832.12832.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.InstallationTime.value", "1362354630");
Deleted : user_pref("extensions.crossriderapp12832.12832.description", "FB Image Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.domain", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.group", 0);
Deleted : user_pref("extensions.crossriderapp12832.12832.homepage", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.iframe", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationTime", 1362354630);
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_appVer.value", "74");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_lastVersion.value", "257");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_meta.value", "%7B%22jquery.qtip.[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_nextCheck.expiration", "Mon Mar [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20239.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20239.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20240.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20240.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20241.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20241.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20243.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20243.value", "%22%23im[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20245.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20245.value", "%22%5Ct%[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20246.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20246.value", "%22%5Cn%[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.js", "\n\nvar TRACK_TRAFFIC = true;\r\nvar trackUrl =[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.name", "FB Image Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.newtab", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.opensearch", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.code", "(function(f){var u={};var e[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.ver", 4);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};v[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.name", "notifications");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.name", "hooks");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searc[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.name", "search_engine_hook");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins_lists.plugins_0", "17,14,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins_lists.plugins_1", "17,14,78,13,16,15,64,4,1,2[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.pluginsversion", 21);
Deleted : user_pref("extensions.crossriderapp12832.12832.publisher", "Image-Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp12832.12832.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.thankyou", "hxxp://www.image-boost.com/installThankyo[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp12832.12832.ver", 74);
Deleted : user_pref("extensions.crossriderapp12832.apps", "12832");
Deleted : user_pref("extensions.crossriderapp12832.bic", "13d32a9eee14a19e5e3f30ffd8433dd0");
Deleted : user_pref("extensions.crossriderapp12832.cid", 12832);
Deleted : user_pref("extensions.crossriderapp12832.firstrun", false);
Deleted : user_pref("extensions.crossriderapp12832.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp12832.installationdate", 1362354630);
Deleted : user_pref("extensions.crossriderapp12832.lastcheck", 22705911);
Deleted : user_pref("extensions.crossriderapp12832.lastcheckitem", 22705914);
Deleted : user_pref("extensions.crossriderapp12832.modetype", "production");
Deleted : user_pref("extensions.crossriderapp21804.21804.active", true);
Deleted : user_pref("extensions.crossriderapp21804.21804.addressbar", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundjs", "\n\n//\n");
Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundver", 32);
Deleted : user_pref("extensions.crossriderapp21804.21804.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.value", "1362354630");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.expiration", "Sun Mar 03 2[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.value", "%22%28function%28[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.expiration", "Sun Mar 03 2013 1[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.value", "%22nonexistantdomain.c[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.expiration", "Sun Mar 10 201[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.value", "%22CA%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.value", "1362354675");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.value", "%221361906554%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.expiration", "Fri Feb 01[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.value", "%7B%22source_id[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.value", "%221361906554%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.value", "%2288976%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.value", "1362354857290");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.value", "%221322%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:0[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.value", "%22152056%22");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.value", "1362354665326");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1362354630");
Deleted : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion");
Deleted : user_pref("extensions.crossriderapp21804.21804.domain", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.group", 0);
Deleted : user_pref("extensions.crossriderapp21804.21804.homepage", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.iframe", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1362354630);
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.value", "46");
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.value", "1");
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.expiration", "Mon Mar [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.expiration", "F[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.value", "%7B%22[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin");
Deleted : user_pref("extensions.crossriderapp21804.21804.newtab", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.opensearch", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.ver", 4);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.code", "Array.prototype.indexO[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.ver", 15);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.code", "var a=appAPI.db.getLis[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.ver", 34);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.ver", 5);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_0", "4,14,78,16,64,47,72,100001[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,2[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsversion", 43);
Deleted : user_pref("extensions.crossriderapp21804.21804.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp21804.21804.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.thankyou", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp21804.21804.ver", 46);
Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp21804.apps", "21804");
Deleted : user_pref("extensions.crossriderapp21804.bic", "13d32a9eee14a19e5e3f30ffd8433dd0");
Deleted : user_pref("extensions.crossriderapp21804.cid", 21804);
Deleted : user_pref("extensions.crossriderapp21804.firstrun", false);
Deleted : user_pref("extensions.crossriderapp21804.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1362354630);
Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 22705911);
Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 22705914);
Deleted : user_pref("extensions.crossriderapp21804.modetype", "production");
Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.active", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.addressbar", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.backgroundjs", "\n\n//\n");
Deleted : user_pref("extensions.crossriderapp4637.4637.backgroundver", 37);
Deleted : user_pref("extensions.crossriderapp4637.4637.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp4637.4637.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_aoi.value", "1362354632");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_arbitrary_code.expiration", "Sun Mar 03 201[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_arbitrary_code.value", "%22%28function%28%2[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_blocklist.expiration", "Sun Mar 03 2013 18:[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_country_code.expiration", "Sun Mar 10 2013 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_country_code.value", "%22CA%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_crr.value", "1362354675");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_currenttime.value", "%221361906554%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_installtime.value", "%221361906554%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_pc_20120828.value", "1362354857259");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_product_id.value", "%221180%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie._GPL_zoneid.value", "%22152026%22");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.dbtest.value", "1362354665276");
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.cookie.InstallationTime.value", "1362354632");
Deleted : user_pref("extensions.crossriderapp4637.4637.description", "Deals Plugin");
Deleted : user_pref("extensions.crossriderapp4637.4637.domain", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.group", 0);
Deleted : user_pref("extensions.crossriderapp4637.4637.homepage", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.iframe", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.InstallationTime", 1362354632);
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_appVer.value", "77");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_nextCheck.expiration", "Mon Mar 04[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4637.4637.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.name", "Deals Plugin");
Deleted : user_pref("extensions.crossriderapp4637.4637.newtab", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.opensearch", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1.ver", 4);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000014.ver", 15);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.code", "var a=appAPI.db.getList([...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_1000015.ver", 34);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_16.ver", 5);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jq[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_78.code", "if(typeof jQuery!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015"[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp4637.4637.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp4637.4637.pluginsversion", 58);
Deleted : user_pref("extensions.crossriderapp4637.4637.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp4637.4637.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp4637.4637.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp4637.4637.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.thankyou", "");
Deleted : user_pref("extensions.crossriderapp4637.4637.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp4637.4637.ver", 77);
Deleted : user_pref("extensions.crossriderapp4637.apps", "4637");
Deleted : user_pref("extensions.crossriderapp4637.bic", "13d32a9eee14a19e5e3f30ffd8433dd0");
Deleted : user_pref("extensions.crossriderapp4637.cid", 4637);
Deleted : user_pref("extensions.crossriderapp4637.firstrun", false);
Deleted : user_pref("extensions.crossriderapp4637.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp4637.installationdate", 1362354630);
Deleted : user_pref("extensions.crossriderapp4637.lastcheck", 22705911);
Deleted : user_pref("extensions.crossriderapp4637.lastcheckitem", 22705914);
Deleted : user_pref("extensions.crossriderapp4637.modetype", "production");
Deleted : user_pref("extensions.crossriderapp4637.reportInstall", true);
Deleted : user_pref("extensions.enabledAddons", "crossriderapp12832%40crossrider.com:0.83.40,crossriderapp4637[...]

File : C:\Users\Nathan\AppData\Roaming\Mozilla\Firefox\Profiles\lxk0t9df.default\prefs.js

Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=100000031&loca[...]
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);

File : C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\prefs.js

C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\tchnz5cr.default\user.js ... Deleted !

Deleted : user_pref("CT3248581.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3248581.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3248581.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3248581.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3248581.FF19Solved", "true");
Deleted : user_pref("CT3248581.FirstTime", "true");
Deleted : user_pref("CT3248581.FirstTimeFF3", "true");
Deleted : user_pref("CT3248581.UserID", "UN15790728062283431");
Deleted : user_pref("CT3248581.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3248581.addressUrlXPETakeover", "true");
Deleted : user_pref("CT3248581.autoDisableScopes", 0);
Deleted : user_pref("CT3248581.defaultSearch", "false");
Deleted : user_pref("CT3248581.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax[...]
Deleted : user_pref("CT3248581.enableAlerts", "always");
Deleted : user_pref("CT3248581.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3248581.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3248581.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3248581.fixPageNotFoundError", "true");
Deleted : user_pref("CT3248581.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3248581.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3248581.fixUrls", true);
Deleted : user_pref("CT3248581.installDate", "22/2/2013 16:51:58");
Deleted : user_pref("CT3248581.installId", "5116046773060618");
Deleted : user_pref("CT3248581.installType", "conduitnsisintegration");
Deleted : user_pref("CT3248581.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3248581.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3248581.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3248581.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3248581.keyword", "true");
Deleted : user_pref("CT3248581.lastVersion", "10.14.65.43");
Deleted : user_pref("CT3248581.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3248581.migrateAppsAndComponents", true);
Deleted : user_pref("CT3248581.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"[...]
Deleted : user_pref("CT3248581.openThankYouPage", "false");
Deleted : user_pref("CT3248581.openUninstallPage", "false");
Deleted : user_pref("CT3248581.revertSettingsEnabled", "false");
Deleted : user_pref("CT3248581.search.searchAppId", "10000002");
Deleted : user_pref("CT3248581.search.searchCount", "1");
Deleted : user_pref("CT3248581.searchInNewTabEnabledByUser", "false");
Deleted : user_pref("CT3248581.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3248581.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3248581.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3248581.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3248581.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3248581.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3248581.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3248581.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3248581.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1362936286752");
Deleted : user_pref("CT3248581.serviceLayer_services_appsMetadata_lastUpdate", "1363647158261");
Deleted : user_pref("CT3248581.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1362936289938");
Deleted : user_pref("CT3248581.serviceLayer_services_location_lastUpdate", "1363647273897");
Deleted : user_pref("CT3248581.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363647274010");
Deleted : user_pref("CT3248581.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1362936289883");
Deleted : user_pref("CT3248581.serviceLayer_services_searchAPI_lastUpdate", "1363647274004");
Deleted : user_pref("CT3248581.serviceLayer_services_serviceMap_lastUpdate", "1363647273696");
Deleted : user_pref("CT3248581.serviceLayer_services_setupAPI_lastUpdate", "1363647274108");
Deleted : user_pref("CT3248581.serviceLayer_services_toolbarContextMenu_lastUpdate", "1362936284748");
Deleted : user_pref("CT3248581.serviceLayer_services_toolbarSettings_lastUpdate", "1363647158131");
Deleted : user_pref("CT3248581.serviceLayer_services_translation_lastUpdate", "1363647274188");
Deleted : user_pref("CT3248581.settingsINI", true);
Deleted : user_pref("CT3248581.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3248581.smartbar.CTID", "CT3248581");
Deleted : user_pref("CT3248581.smartbar.Uninstall", "0");
Deleted : user_pref("CT3248581.smartbar.toolbarName", "MyMusicCentral ");
Deleted : user_pref("CT3248581.startPage", "false");
Deleted : user_pref("CT3248581.toolbarBornServerTime", "10-3-2013");
Deleted : user_pref("CT3248581.toolbarCurrentServerTime", "19-3-2013");
Deleted : user_pref("CT3248581_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3268494.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3268494.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3268494.1000234.TWC_TMP_city", "MISSISSAUGA");
Deleted : user_pref("CT3268494.1000234.TWC_TMP_country", "CA");
Deleted : user_pref("CT3268494.1000234.TWC_country", "CANADA");
Deleted : user_pref("CT3268494.1000234.TWC_locId", "CAXX0295");
Deleted : user_pref("CT3268494.1000234.TWC_location", "Mississauga, Canada");
Deleted : user_pref("CT3268494.1000234.TWC_region", "OT");
Deleted : user_pref("CT3268494.1000234.TWC_temp_dis", "c");
Deleted : user_pref("CT3268494.1000234.TWC_wind_dis", "kmh");
Deleted : user_pref("CT3268494.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"-1°C\",\"temperat[...]
Deleted : user_pref("CT3268494.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3268494.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3268494.FirstTime", "true");
Deleted : user_pref("CT3268494.FirstTimeFF3", "true");
Deleted : user_pref("CT3268494.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3268494.PG_ENABLE", "dHJ1ZQ==");
Deleted : user_pref("CT3268494.RevertSettingsEnabled", true);
Deleted : user_pref("CT3268494.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT326[...]
Deleted : user_pref("CT3268494.UserID", "UN50907474448073414");
Deleted : user_pref("CT3268494.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3268494.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3268494.cbfirsttime.enc", "VHVlIEZlYiAxMiAyMDEzIDIxOjA3OjU3IEdNVC0wNTAwIChFYXN0ZXJuIFN0[...]
Deleted : user_pref("CT3268494.embeddedsData", "[{\"appId\":\"129989109966145536\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3268494.enableAlerts", "always");
Deleted : user_pref("CT3268494.enableFix404ByUser", "TRUE");
Deleted : user_pref("CT3268494.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3268494.fixPageNotFoundErrorByUser", "TRUE");
Deleted : user_pref("CT3268494.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3268494.fixUrls", true);
Deleted : user_pref("CT3268494.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3268494.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3268494.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3268494.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3268494.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3268494.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3268494.keyword", true);
Deleted : user_pref("CT3268494.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3268494.lastVersion", "10.14.42.7");
Deleted : user_pref("CT3268494.migrateAppsAndComponents", true);
Deleted : user_pref("CT3268494.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT3268494.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3268494.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"WEATHER\\\"]\"}");
Deleted : user_pref("CT3268494.price-gong.isManagedApp", "true");
Deleted : user_pref("CT3268494.search.searchAppId", "129989109966145536");
Deleted : user_pref("CT3268494.search.searchCount", "0");
Deleted : user_pref("CT3268494.searchInNewTabEnabledByUser", "false");
Deleted : user_pref("CT3268494.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3268494.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3268494.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3268494.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT3268494.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3268494.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3268494.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3268494.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3268494.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1360721379908");
Deleted : user_pref("CT3268494.serviceLayer_services_appsMetadata_lastUpdate", "1360721380735");
Deleted : user_pref("CT3268494.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1360721380582");
Deleted : user_pref("CT3268494.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1360721380438");
Deleted : user_pref("CT3268494.serviceLayer_services_searchAPI_lastUpdate", "1360721385046");
Deleted : user_pref("CT3268494.serviceLayer_services_serviceMap_lastUpdate", "1360721379887");
Deleted : user_pref("CT3268494.serviceLayer_services_toolbarContextMenu_lastUpdate", "1360721380280");
Deleted : user_pref("CT3268494.serviceLayer_services_toolbarSettings_lastUpdate", "1360721379973");
Deleted : user_pref("CT3268494.serviceLayer_services_translation_lastUpdate", "1360721380048");
Deleted : user_pref("CT3268494.settingsINI", true);
Deleted : user_pref("CT3268494.smartbar.CTID", "CT3268494");
Deleted : user_pref("CT3268494.smartbar.Uninstall", "0");
Deleted : user_pref("CT3268494.smartbar.toolbarName", "VisualBee V.1 ");
Deleted : user_pref("CT3268494.toolbarBornServerTime", "20-1-2013");
Deleted : user_pref("CT3268494.toolbarCurrentServerTime", "20-1-2013");
Deleted : user_pref("CT3268494.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Deleted : user_pref("CT3268494_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3284024.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3284024.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3284024.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3284024.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3284024.FirstTime", "true");
Deleted : user_pref("CT3284024.FirstTimeFF3", "true");
Deleted : user_pref("CT3284024.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3284024.PG_ENABLE", "ZmFsc2U=");
Deleted : user_pref("CT3284024.PG_ENABLE.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3284024.RevertSettingsEnabled", true);
Deleted : user_pref("CT3284024.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT328[...]
Deleted : user_pref("CT3284024.UserID", "UN23295440593135728");
Deleted : user_pref("CT3284024.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3284024.autoDisableScopes", 14);
Deleted : user_pref("CT3284024.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3284024.cb_experience_000.enc", "Ng==");
Deleted : user_pref("CT3284024.cb_firstuse0100.enc", "MQ==");
Deleted : user_pref("CT3284024.cb_user_id_000.enc", "Q0I0MjAzMjkwMDg5NzBfMTM2MTUwMDUyODY4Nl9GaXJlZm94");
Deleted : user_pref("CT3284024.cbfirsttime.enc", "VGh1IEZlYiAyMSAyMDEzIDAwOjE2OjQxIEdNVC0wNTAwIChFYXN0ZXJuIFN0[...]
Deleted : user_pref("CT3284024.defaultSearch", "true");
Deleted : user_pref("CT3284024.embeddedsData", "[{\"appId\":\"130044533892771873\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3284024.enableAlerts", "always");
Deleted : user_pref("CT3284024.enableFix404ByUser", "FALSE");
Deleted : user_pref("CT3284024.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3284024.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3284024.fixPageNotFoundError", "true");
Deleted : user_pref("CT3284024.fixPageNotFoundErrorByUser", "true");
Deleted : user_pref("CT3284024.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3284024.fixUrls", true);
Deleted : user_pref("CT3284024.installId", "120122");
Deleted : user_pref("CT3284024.installType", "conduitnsisintegration");
Deleted : user_pref("CT3284024.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3284024.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3284024.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3284024.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3284024.keyword", true);
Deleted : user_pref("CT3284024.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]
Deleted : user_pref("CT3284024.lastVersion", "10.14.42.7");
Deleted : user_pref("CT3284024.mam_gk_CouponBuddy_appState.enc", "b24=");
Deleted : user_pref("CT3284024.mam_gk_PriceGong_appState.enc", "b24=");
Deleted : user_pref("CT3284024.mam_gk_appStateReportTime.enc", "MTM2MzA1MjIzNTAwMw==");
Deleted : user_pref("CT3284024.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...]
Deleted : user_pref("CT3284024.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Deleted : user_pref("CT3284024.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Deleted : user_pref("CT3284024.mam_gk_currentVersion.enc", "MS40LjMuMg==");
Deleted : user_pref("CT3284024.mam_gk_eventsCache.enc", "eyJjOWVhNTFmMC1jMGIyLTQ0MWItOWVmZS01OGQyNWJhNGM3NzAiO[...]
Deleted : user_pref("CT3284024.mam_gk_first_time.enc", "MQ==");
Deleted : user_pref("CT3284024.mam_gk_gadgetOpen.enc", "MA==");
Deleted : user_pref("CT3284024.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Deleted : user_pref("CT3284024.mam_gk_lastLoginTime.enc", "MTM2MzA1MjIzMTA2OQ==");
Deleted : user_pref("CT3284024.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50[...]
Deleted : user_pref("CT3284024.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3284024.mam_gk_settings1.4.2.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Deleted : user_pref("CT3284024.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]
Deleted : user_pref("CT3284024.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Deleted : user_pref("CT3284024.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Deleted : user_pref("CT3284024.mam_gk_userId.enc", "N2MxNmQ5MDctYzUyNy00OWE2LWIzM2EtNmNiNjBjYTRjMGQ4");
Deleted : user_pref("CT3284024.mam_gk_user_apps_selection.enc", "");
Deleted : user_pref("CT3284024.migrateAppsAndComponents", true);
Deleted : user_pref("CT3284024.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Deleted : user_pref("CT3284024.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3284024.openThankYouPage", "false");
Deleted : user_pref("CT3284024.openUninstallPage", "true");
Deleted : user_pref("CT3284024.price-gong.isManagedApp", "true");
Deleted : user_pref("CT3284024.revertSettingsEnabled", "false");
Deleted : user_pref("CT3284024.search.searchAppId", "130044533892771873");
Deleted : user_pref("CT3284024.search.searchCount", "0");
Deleted : user_pref("CT3284024.searchInNewTabEnabledByUser", "true");
Deleted : user_pref("CT3284024.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3284024.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3284024.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3284024.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3284024.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3284024.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3284024.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3284024.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3284024.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1362936362723");
Deleted : user_pref("CT3284024.serviceLayer_services_appsMetadata_lastUpdate", "1363052331743");
Deleted : user_pref("CT3284024.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1362936362976");
Deleted : user_pref("CT3284024.serviceLayer_services_login_10.14.42.7_lastUpdate", "1363052331683");
Deleted : user_pref("CT3284024.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1362936363106");
Deleted : user_pref("CT3284024.serviceLayer_services_searchAPI_lastUpdate", "1363052331476");
Deleted : user_pref("CT3284024.serviceLayer_services_serviceMap_lastUpdate", "1363052330937");
Deleted : user_pref("CT3284024.serviceLayer_services_toolbarContextMenu_lastUpdate", "1362936362921");
Deleted : user_pref("CT3284024.serviceLayer_services_toolbarSettings_lastUpdate", "1363061231369");
Deleted : user_pref("CT3284024.serviceLayer_services_translation_lastUpdate", "1363052332462");
Deleted : user_pref("CT3284024.settingsINI", true);
Deleted : user_pref("CT3284024.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3284024.smartbar.CTID", "CT3284024");
Deleted : user_pref("CT3284024.smartbar.Uninstall", "0");
Deleted : user_pref("CT3284024.smartbar.homepage", true);
Deleted : user_pref("CT3284024.smartbar.toolbarName", "VisualBee V.1 ");
Deleted : user_pref("CT3284024.startPage", "true");
Deleted : user_pref("CT3284024.toolbarBornServerTime", "16-2-2013");
Deleted : user_pref("CT3284024.toolbarCurrentServerTime", "12-3-2013");
Deleted : user_pref("CT3284024.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Deleted : user_pref("CT3284024.url_history0001.enc", "aHR0cDovL3d3dy5nZWVrc3RvZ28uY29tL2ZvcnVtL2ZvcnVtLzMwLWdl[...]
Deleted : user_pref("CT3284024_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntr[...]
Deleted : user_pref("avg.install.userSPSettings", "Claro Search");
Deleted : user_pref("browser.newtab.url", "hxxp://www.claro-search.com/?affID=120133&babsrc=NT_ss&mntrId=1e7e7[...]
Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com Search");
Deleted : user_pref("browser.search.order.1", "Claro Search");
Deleted : user_pref("browser.search.selectedEngine", "VisualBee V.1 Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3284024&SearchSource=13&CUI[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=120133&babsrc[...]
Deleted : user_pref("extensions.claro.admin", false);
Deleted : user_pref("extensions.claro.aflt", "babsst");
Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Deleted : user_pref("extensions.claro.autoRvrt", "false");
Deleted : user_pref("extensions.claro.dfltLng", "en");
Deleted : user_pref("extensions.claro.excTlbr", false);
Deleted : user_pref("extensions.claro.id", "1e7e77810000000000000024d23ee356");
Deleted : user_pref("extensions.claro.instlDay", "15758");
Deleted : user_pref("extensions.claro.instlRef", "sst");
Deleted : user_pref("extensions.claro.prdct", "claro");
Deleted : user_pref("extensions.claro.prtnrId", "claro");
Deleted : user_pref("extensions.claro.rvrt", "false");
Deleted : user_pref("extensions.claro.tlbrId", "base");
Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Deleted : user_pref("extensions.claro.vrsn", "1.8.8.5");
Deleted : user_pref("extensions.claro.vrsni", "1.8.8.5");
Deleted : user_pref("extensions.claro_i.excTlbr", false);
Deleted : user_pref("extensions.claro_i.newTab", false);
Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.8.516:56:12");
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationTime", 1361569582);
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationUserSettings.searchUserConifrmation", fal[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.active", true);
Deleted : user_pref("extensions.crossriderapp12832.12832.addressbar", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.backgroundjs", "\n\n/********************************[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.backgroundver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp12832.12832.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_channels.expiration", "Fri [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_channels.value", "%7B%22app[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_css.expiration", "Tue Mar 1[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_css.value", "%22.%25CSSClas[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_geolocation.expiration", "S[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_geolocation.value", "%22US%[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_metadata.expiration", "Tue [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.CrossriderNotifier_metadata.value", "%7B%22app[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.InstallationTime.value", "1361569582");
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.InstallerParams.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.daysInUse.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.daysInUse.value", "2");
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.lastThankyouOpened.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.lastThankyouOpened.value", "%222013-03-10T17%3[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.thankyou.expiration", "Fri Feb 01 2030 00:00:0[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.thankyou.value", "%22true%22");
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.timetoCheckAgain.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.cookie.timetoCheckAgain.value", "%222013-03-13T01%3A3[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.description", "FB Image Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.domain", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.group", 0);
Deleted : user_pref("extensions.crossriderapp12832.12832.homepage", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.iframe", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.InstallerIdentifiers.expiration", "Fri Feb[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.InstallerIdentifiers.value", "%7B%22instal[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_appVer.value", "74");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_lastVersion.expiration", "Fri Fe[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_lastVersion.value", "257");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_meta.value", "%7B%22jquery.qtip.[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_nextCheck.expiration", "Tue Mar [...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20239.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20239.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20240.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20240.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20241.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20241.value", "%22/*%21[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20243.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20243.value", "%22%23im[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20245.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20245.value", "%22%5Ct%[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20246.expiration", "Sat[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.internaldb.Resources_resource_20246.value", "%22%5Cn%[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.js", "\n\nvar TRACK_TRAFFIC = true;\r\nvar trackUrl =[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.name", "FB Image Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.newtab", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.opensearch", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.code", "(function(a){a.selectedText[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.code", "(function(f){var u={};var e[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.code", "if((typeof isBackground===\[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_16.ver", 4);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.code", "if(typeof window!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.code", "var CrossriderDebugManager=[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.code", "var CrossriderInitializerPl[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.code", "(function(f){f.ui=f.ui||{};v[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.name", "notifications");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_5.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.name", "appApiMessage");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_64.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.code", "appAPI.hooks={$:$jquery_171,[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.name", "hooks");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_7.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.code", "if(appAPI.__should_activate[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.name", "appApiValidation");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_72.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.name", "CrossriderInfo");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_78.ver", 2);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searc[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.name", "search_engine_hook");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins.plugin_9.ver", 1);
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins_lists.plugins_0", "17,14,16,64,47,72");
Deleted : user_pref("extensions.crossriderapp12832.12832.plugins_lists.plugins_1", "17,14,78,13,16,15,64,4,1,2[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.pluginsversion", 21);
Deleted : user_pref("extensions.crossriderapp12832.12832.publisher", "Image-Boost");
Deleted : user_pref("extensions.crossriderapp12832.12832.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp12832.12832.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp12832.12832.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp12832.12832.thankyou", "hxxp://www.image-boost.com/installThankyo[...]
Deleted : user_pref("extensions.crossriderapp12832.12832.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp12832.12832.ver", 74);
Deleted : user_pref("extensions.crossriderapp12832.adsOldValue", 14);
Deleted : user_pref("extensions.crossriderapp12832.apps", "12832");
Deleted : user_pref("extensions.crossriderapp12832.bic", "13be90e56c7ed1e370c73b339ab7b5ba");
Deleted : user_pref("extensions.crossriderapp12832.cid", 12832);
Deleted : user_pref("extensions.crossriderapp12832.firstrun", false);
Deleted : user_pref("extensions.crossriderapp12832.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp12832.installationdate", 1362936206);
Deleted : user_pref("extensions.crossriderapp12832.lastcheck", 22717537);
Deleted : user_pref("extensions.crossriderapp12832.lastcheckitem", 22717687);
Deleted : user_pref("extensions.crossriderapp12832.modetype", "production");
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1360889857);
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.searchUserConifrmation", fal[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.active", true);
Deleted : user_pref("extensions.crossriderapp21804.21804.addressbar", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1360889857");
Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallerParams.expiration", "Fri Feb 01 2030 [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion");
Deleted : user_pref("extensions.crossriderapp21804.21804.domain", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.group", 0);
Deleted : user_pref("extensions.crossriderapp21804.21804.homepage", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.iframe", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.expiration", "Fri Feb[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.value", "%7B%22instal[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.value", "%7B%22AnySoftwar[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin");
Deleted : user_pref("extensions.crossriderapp21804.21804.newtab", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.opensearch", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...]
Deleted : user_pref("extensions.crossriderapp21804.21804.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp21804.21804.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp21804.21804.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.thankyou", "");
Deleted : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp21804.21804.ver", 0);
Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", 10);
Deleted : user_pref("extensions.crossriderapp21804.bic", "13be90e56c7ed1e370c73b339ab7b5ba");
Deleted : user_pref("extensions.crossriderapp21804.firstrun", false);
Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1360967534);
Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 22717537);
Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 22717687);
Deleted : user_pref("extensions.crossriderapp21804.modetype", "production");
Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true);
Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Deleted : user_pref("extentions.y2layers.installId", "989c72ce-7200-4664-a514-863ed7a461b5");
Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3284024&SearchSource=13[...]
Deleted : user_pref("smartbar.machineId", "L7ISTUEZ9OJTECD4ES+FNXVHK9GDPIT15S6TPBHDWSDJAGZ/9XFNHB5GW+RYRONFUKD[...]
Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrI[...]
Deleted : user_pref("smartbar.originalSearchEngine", "Claro Search");

File : C:\Users\Daddy\AppData\Roaming\Mozilla\Firefox\Profiles\7thrzaia.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [89890 octets] - [19/03/2013 15:33:45]

########## EOF - C:\AdwCleaner[S2].txt - [89951 octets] ##########

#4
Essexboy

Posted 19 March 2013 - 02:38 PM

GeekU Moderator

Retired Staff
69,964 posts

1) I noticed alot of temporary files being deleted from the report after OTL finished the fix. 2,113 mB to be exact. I run CC Cleaner regularily. Is it not supposed to delete all these files? Do I have it set right? Do I have to do it for each user?

You will find that OT's tools dig deeper than almost any other temp file cleaner. So I would recommend that you use TFC as opposed to CCleaner, I will link that later

2) Is adwcleaner a program I can run regularily without it causing harm? Due to schooling requirements my daughter needs to download from the school website so completely shutting her download ability off is not possible. I am trying to restrict her website access but I am only able to block the sites as she comes across them and I find out about them. I have explained to her to read all pages during a download and to uncheck the additional content but that doesnt seem to be working.

AdwCleaner is regularly updated so uninstall it after use and get a fresh download every time. Also does she use a USB to transfer data around ? If so I will give the instructions for a protection programme

There is one further element I need to check out before we look at the speed

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

#5
Ardant

Posted 19 March 2013 - 09:07 PM

Member

Topic Starter
Member
229 posts

I ran the program as requested. It found 14 suspicious files but cure was not an option. I tried to copy the report but it would not let me. Any thoughts?

#6
Essexboy

Posted 20 March 2013 - 08:17 AM

GeekU Moderator

Retired Staff
69,964 posts

The log will be located at C:\TDSSKiller date time I wasn't overly sure that it would find anything but there was an unknown I needed to check out

How is the computer behaving at the moment ? I would suggest a disc defragment to try and alleviate some of the speed problem

#7
Ardant

Posted 23 March 2013 - 07:07 AM

Member

Topic Starter
Member
229 posts

Sorry Essexboy Ive been a little busy. I will try and get you that log a little later today. The computer seems to be working a little better.

#8
Ardant

Posted 23 March 2013 - 03:01 PM

Member

Topic Starter
Member
229 posts

TDSSKiller report as requested

22:50:11.0161 2256 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:50:13.0174 2256 ============================================================
22:50:13.0174 2256 Current date / time: 2013/03/19 22:50:13.0174
22:50:13.0174 2256 SystemInfo:
22:50:13.0174 2256
22:50:13.0174 2256 OS Version: 6.0.6002 ServicePack: 2.0
22:50:13.0174 2256 Product type: Workstation
22:50:13.0174 2256 ComputerName: SUMMERCAMP20-PC
22:50:13.0174 2256 UserName: Daddy
22:50:13.0174 2256 Windows directory: C:\Windows
22:50:13.0174 2256 System windows directory: C:\Windows
22:50:13.0174 2256 Processor architecture: Intel x86
22:50:13.0174 2256 Number of processors: 2
22:50:13.0174 2256 Page size: 0x1000
22:50:13.0174 2256 Boot type: Normal boot
22:50:13.0174 2256 ============================================================
22:50:15.0561 2256 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:50:15.0576 2256 ============================================================
22:50:15.0576 2256 \Device\Harddisk0\DR0:
22:50:15.0576 2256 MBR partitions:
22:50:15.0576 2256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1C068800
22:50:15.0576 2256 ============================================================
22:50:15.0685 2256 C: <-> \Device\Harddisk0\DR0\Partition1
22:50:15.0685 2256 ============================================================
22:50:15.0685 2256 Initialize success
22:50:15.0685 2256 ============================================================
22:51:40.0409 2540 ============================================================
22:51:40.0409 2540 Scan started
22:51:40.0409 2540 Mode: Manual; SigCheck; TDLFS;
22:51:40.0409 2540 ============================================================
22:51:42.0000 2540 ================ Scan system memory ========================
22:51:42.0000 2540 System memory - ok
22:51:42.0000 2540 ================ Scan services =============================
22:51:42.0219 2540 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:51:42.0390 2540 ACPI - ok
22:51:42.0515 2540 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:51:42.0531 2540 AdobeARMservice - ok
22:51:42.0640 2540 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:51:42.0655 2540 AdobeFlashPlayerUpdateSvc - ok
22:51:42.0765 2540 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:51:42.0796 2540 adp94xx - ok
22:51:42.0843 2540 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:51:42.0858 2540 adpahci - ok
22:51:42.0921 2540 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:51:42.0936 2540 adpu160m - ok
22:51:42.0967 2540 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:51:42.0983 2540 adpu320 - ok
22:51:43.0045 2540 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:51:43.0170 2540 AeLookupSvc - ok
22:51:43.0233 2540 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:51:43.0279 2540 AFD - ok
22:51:43.0326 2540 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
22:51:43.0357 2540 AgereModemAudio - ok
22:51:43.0435 2540 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:51:43.0560 2540 AgereSoftModem - ok
22:51:43.0607 2540 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:51:43.0623 2540 agp440 - ok
22:51:43.0654 2540 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:51:43.0685 2540 aic78xx - ok
22:51:43.0903 2540 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
22:51:43.0903 2540 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:51:43.0919 2540 Akamai ( HiddenFile.Multi.Generic ) - warning
22:51:43.0919 2540 Akamai - detected HiddenFile.Multi.Generic (1)
22:51:43.0950 2540 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:51:43.0997 2540 ALG - ok
22:51:44.0044 2540 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:51:44.0059 2540 aliide - ok
22:51:44.0075 2540 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:51:44.0091 2540 amdagp - ok
22:51:44.0091 2540 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:51:44.0106 2540 amdide - ok
22:51:44.0169 2540 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:51:44.0215 2540 AmdK7 - ok
22:51:44.0247 2540 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:51:44.0278 2540 AmdK8 - ok
22:51:44.0340 2540 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:51:44.0387 2540 Appinfo - ok
22:51:44.0481 2540 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:51:44.0496 2540 Apple Mobile Device - ok
22:51:44.0559 2540 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:51:44.0574 2540 arc - ok
22:51:44.0605 2540 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:51:44.0621 2540 arcsas - ok
22:51:44.0761 2540 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:51:44.0777 2540 aspnet_state - ok
22:51:44.0839 2540 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:51:44.0871 2540 aswFsBlk - ok
22:51:44.0995 2540 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:51:45.0027 2540 aswMonFlt - ok
22:51:45.0058 2540 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
22:51:45.0089 2540 AswRdr - ok
22:51:45.0183 2540 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:51:45.0198 2540 aswRvrt - ok
22:51:45.0261 2540 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:51:45.0323 2540 aswSnx - ok
22:51:45.0417 2540 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:51:45.0479 2540 aswSP - ok
22:51:45.0573 2540 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:51:45.0588 2540 aswTdi - ok
22:51:45.0651 2540 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:51:45.0682 2540 aswVmm - ok
22:51:45.0713 2540 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:51:45.0760 2540 AsyncMac - ok
22:51:45.0791 2540 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
22:51:45.0807 2540 atapi - ok
22:51:45.0900 2540 [ 8BE56F8300E1C37B578DA23C71816B7A ] athr C:\Windows\system32\DRIVERS\athr.sys
22:51:45.0994 2540 athr - ok
22:51:46.0072 2540 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:51:46.0150 2540 AudioEndpointBuilder - ok
22:51:46.0181 2540 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:51:46.0197 2540 Audiosrv - ok
22:51:46.0290 2540 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:51:46.0306 2540 avast! Antivirus - ok
22:51:46.0368 2540 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:51:46.0415 2540 Beep - ok
22:51:46.0493 2540 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:51:46.0587 2540 BFE - ok
22:51:46.0649 2540 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:51:46.0789 2540 BITS - ok
22:51:46.0836 2540 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:51:46.0883 2540 blbdrive - ok
22:51:46.0992 2540 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:51:47.0023 2540 Bonjour Service - ok
22:51:47.0055 2540 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:51:47.0101 2540 bowser - ok
22:51:47.0133 2540 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:51:47.0164 2540 BrFiltLo - ok
22:51:47.0179 2540 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:51:47.0257 2540 BrFiltUp - ok
22:51:47.0289 2540 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:51:47.0351 2540 Browser - ok
22:51:47.0398 2540 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:51:47.0476 2540 Brserid - ok
22:51:47.0491 2540 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:51:47.0538 2540 BrSerWdm - ok
22:51:47.0569 2540 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:51:47.0632 2540 BrUsbMdm - ok
22:51:47.0647 2540 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:51:47.0741 2540 BrUsbSer - ok
22:51:47.0772 2540 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:51:47.0850 2540 BTHMODEM - ok
22:51:47.0881 2540 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:51:47.0959 2540 cdfs - ok
22:51:48.0022 2540 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:51:48.0069 2540 cdrom - ok
22:51:48.0147 2540 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:51:48.0178 2540 CertPropSvc - ok
22:51:48.0225 2540 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:51:48.0287 2540 circlass - ok
22:51:48.0365 2540 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:51:48.0381 2540 CLFS - ok
22:51:48.0427 2540 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:51:48.0459 2540 clr_optimization_v2.0.50727_32 - ok
22:51:48.0568 2540 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:51:48.0630 2540 clr_optimization_v4.0.30319_32 - ok
22:51:48.0677 2540 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:51:48.0724 2540 CmBatt - ok
22:51:48.0755 2540 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:51:48.0771 2540 cmdide - ok
22:51:48.0771 2540 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:51:48.0786 2540 Compbatt - ok
22:51:48.0802 2540 COMSysApp - ok
22:51:48.0911 2540 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
22:51:48.0927 2540 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
22:51:48.0927 2540 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
22:51:48.0927 2540 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:51:48.0973 2540 crcdisk - ok
22:51:49.0005 2540 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:51:49.0083 2540 Crusoe - ok
22:51:49.0114 2540 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:51:49.0145 2540 CryptSvc - ok
22:51:49.0223 2540 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:51:49.0301 2540 DcomLaunch - ok
22:51:49.0348 2540 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:51:49.0379 2540 DfsC - ok
22:51:49.0488 2540 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:51:49.0707 2540 DFSR - ok
22:51:49.0785 2540 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:51:49.0800 2540 Dhcp - ok
22:51:49.0847 2540 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:51:49.0863 2540 disk - ok
22:51:49.0941 2540 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:51:49.0972 2540 Dnscache - ok
22:51:50.0034 2540 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:51:50.0081 2540 dot3svc - ok
22:51:50.0112 2540 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
22:51:50.0175 2540 Dot4 - ok
22:51:50.0221 2540 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:51:50.0268 2540 Dot4Print - ok
22:51:50.0315 2540 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
22:51:50.0377 2540 dot4usb - ok
22:51:50.0409 2540 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:51:50.0455 2540 DPS - ok
22:51:50.0518 2540 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:51:50.0580 2540 drmkaud - ok
22:51:50.0627 2540 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:51:50.0674 2540 DXGKrnl - ok
22:51:50.0689 2540 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:51:50.0752 2540 E1G60 - ok
22:51:50.0783 2540 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:51:50.0830 2540 EapHost - ok
22:51:50.0892 2540 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:51:50.0908 2540 Ecache - ok
22:51:50.0970 2540 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:51:51.0033 2540 elxstor - ok
22:51:51.0126 2540 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:51:51.0235 2540 EMDMgmt - ok
22:51:51.0267 2540 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:51:51.0376 2540 ErrDev - ok
22:51:51.0423 2540 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:51:51.0469 2540 EventSystem - ok
22:51:51.0547 2540 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:51:51.0563 2540 exfat - ok
22:51:51.0610 2540 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:51:51.0641 2540 fastfat - ok
22:51:51.0703 2540 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:51:51.0750 2540 fdc - ok
22:51:51.0781 2540 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:51:51.0813 2540 fdPHost - ok
22:51:51.0828 2540 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:51:51.0906 2540 FDResPub - ok
22:51:51.0922 2540 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:51:51.0937 2540 FileInfo - ok
22:51:51.0969 2540 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:51:52.0015 2540 Filetrace - ok
22:51:52.0031 2540 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:51:52.0078 2540 flpydisk - ok
22:51:52.0109 2540 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:51:52.0125 2540 FltMgr - ok
22:51:52.0218 2540 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:51:52.0312 2540 FontCache - ok
22:51:52.0405 2540 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:51:52.0421 2540 FontCache3.0.0.0 - ok
22:51:52.0468 2540 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:51:52.0530 2540 Fs_Rec - ok
22:51:52.0593 2540 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
22:51:52.0624 2540 FwLnk - ok
22:51:52.0639 2540 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:51:52.0655 2540 gagp30kx - ok
22:51:52.0749 2540 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
22:51:52.0780 2540 GameConsoleService - ok
22:51:52.0811 2540 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:51:52.0842 2540 GEARAspiWDM - ok
22:51:52.0889 2540 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
22:51:52.0936 2540 giveio ( UnsignedFile.Multi.Generic ) - warning
22:51:52.0936 2540 giveio - detected UnsignedFile.Multi.Generic (1)
22:51:52.0998 2540 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:51:53.0107 2540 gpsvc - ok
22:51:53.0310 2540 [ B4EA57054EFE2F75269F613839B138CF ] GsServer C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
22:51:53.0591 2540 GsServer - ok
22:51:53.0716 2540 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:51:53.0731 2540 gupdate - ok
22:51:53.0747 2540 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:51:53.0763 2540 gupdatem - ok
22:51:53.0825 2540 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:51:53.0841 2540 gusvc - ok
22:51:53.0903 2540 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:51:53.0981 2540 HdAudAddService - ok
22:51:54.0043 2540 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:51:54.0168 2540 HDAudBus - ok
22:51:54.0199 2540 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:51:54.0262 2540 HidBth - ok
22:51:54.0293 2540 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:51:54.0387 2540 HidIr - ok
22:51:54.0418 2540 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
22:51:54.0449 2540 hidserv - ok
22:51:54.0496 2540 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:51:54.0527 2540 HidUsb - ok
22:51:54.0605 2540 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:51:54.0621 2540 HipShieldK - ok
22:51:54.0667 2540 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:51:54.0714 2540 hkmsvc - ok
22:51:54.0730 2540 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:51:54.0745 2540 HpCISSs - ok
22:51:54.0855 2540 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:51:54.0886 2540 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:51:54.0886 2540 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:51:54.0917 2540 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:51:54.0933 2540 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
22:51:54.0933 2540 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
22:51:54.0948 2540 [ 568E44F6DCFA173F3670172B69379891 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:51:55.0042 2540 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
22:51:55.0042 2540 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
22:51:55.0104 2540 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:51:55.0229 2540 HTTP - ok
22:51:55.0276 2540 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:51:55.0276 2540 i2omp - ok
22:51:55.0338 2540 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:51:55.0401 2540 i8042prt - ok
22:51:55.0525 2540 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:51:55.0557 2540 IAANTMON - ok
22:51:55.0666 2540 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:51:55.0681 2540 iaStor - ok
22:51:55.0744 2540 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:51:55.0759 2540 iaStorV - ok
22:51:55.0837 2540 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:51:55.0869 2540 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:51:55.0869 2540 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:51:55.0962 2540 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:51:56.0071 2540 idsvc - ok
22:51:56.0165 2540 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:51:56.0461 2540 igfx - ok
22:51:56.0602 2540 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:51:56.0617 2540 iirsp - ok
22:51:56.0649 2540 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:51:56.0773 2540 IKEEXT - ok
22:51:56.0898 2540 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:51:57.0163 2540 IntcAzAudAddService - ok
22:51:57.0257 2540 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:51:57.0273 2540 intelide - ok
22:51:57.0288 2540 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:51:57.0351 2540 intelppm - ok
22:51:57.0460 2540 [ A7230C095E646FD97C52D094BE07467B ] IObitBarService C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe
22:51:57.0460 2540 IObitBarService ( UnsignedFile.Multi.Generic ) - warning
22:51:57.0460 2540 IObitBarService - detected UnsignedFile.Multi.Generic (1)
22:51:57.0491 2540 IO_Memory - ok
22:51:57.0569 2540 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:51:57.0616 2540 IPBusEnum - ok
22:51:57.0647 2540 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:51:57.0694 2540 IpFilterDriver - ok
22:51:57.0725 2540 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:51:57.0756 2540 iphlpsvc - ok
22:51:57.0772 2540 IpInIp - ok
22:51:57.0819 2540 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:51:57.0865 2540 IPMIDRV - ok
22:51:57.0881 2540 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:51:57.0943 2540 IPNAT - ok
22:51:58.0037 2540 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:51:58.0068 2540 iPod Service - ok
22:51:58.0099 2540 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:51:58.0131 2540 IRENUM - ok
22:51:58.0146 2540 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:51:58.0162 2540 isapnp - ok
22:51:58.0209 2540 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:51:58.0224 2540 iScsiPrt - ok
22:51:58.0240 2540 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:51:58.0255 2540 iteatapi - ok
22:51:58.0287 2540 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:51:58.0302 2540 iteraid - ok
22:51:58.0380 2540 [ 957135960E7533EA5C7EA0BFB34F8EFD ] jswpsapi C:\Program Files\Jumpstart\jswpsapi.exe
22:51:58.0458 2540 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
22:51:58.0458 2540 jswpsapi - detected UnsignedFile.Multi.Generic (1)
22:51:58.0521 2540 [ 11AD410F41AF42BA12E63187E3EC141A ] jswpslwf C:\Windows\system32\DRIVERS\jswpslwf.sys
22:51:58.0599 2540 jswpslwf - ok
22:51:58.0645 2540 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:51:58.0661 2540 kbdclass - ok
22:51:58.0723 2540 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:51:58.0770 2540 kbdhid - ok
22:51:58.0786 2540 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:51:58.0817 2540 KeyIso - ok
22:51:58.0848 2540 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
22:51:58.0895 2540 KR10I - ok
22:51:58.0911 2540 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
22:51:58.0942 2540 KR10N - ok
22:51:58.0989 2540 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:51:59.0035 2540 KSecDD - ok
22:51:59.0113 2540 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:51:59.0176 2540 KtmRm - ok
22:51:59.0223 2540 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
22:51:59.0285 2540 LanmanServer - ok
22:51:59.0332 2540 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:51:59.0379 2540 LanmanWorkstation - ok
22:51:59.0488 2540 [ 7AC2D769C4C29D0C8D58C0FB8528FD82 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:51:59.0519 2540 LBTServ - ok
22:51:59.0581 2540 [ 006540C9CDC7E72ADD1435CF778EC674 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:51:59.0597 2540 LHidFilt - ok
22:51:59.0644 2540 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:51:59.0675 2540 lltdio - ok
22:51:59.0722 2540 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:51:59.0769 2540 lltdsvc - ok
22:51:59.0784 2540 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:51:59.0847 2540 lmhosts - ok
22:51:59.0862 2540 [ 3C5BA4B2E4D1180BF9810963A494799A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:51:59.0878 2540 LMouFilt - ok
22:51:59.0909 2540 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:51:59.0925 2540 LSI_FC - ok
22:51:59.0940 2540 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:51:59.0971 2540 LSI_SAS - ok
22:52:00.0003 2540 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:52:00.0034 2540 LSI_SCSI - ok
22:52:00.0065 2540 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:52:00.0112 2540 luafv - ok
22:52:00.0159 2540 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:52:00.0174 2540 megasas - ok
22:52:00.0237 2540 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:52:00.0283 2540 MegaSR - ok
22:52:00.0346 2540 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:52:00.0408 2540 MMCSS - ok
22:52:00.0455 2540 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:52:00.0502 2540 Modem - ok
22:52:00.0517 2540 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:52:00.0580 2540 monitor - ok
22:52:00.0611 2540 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:52:00.0627 2540 mouclass - ok
22:52:00.0658 2540 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:52:00.0705 2540 mouhid - ok
22:52:00.0736 2540 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:52:00.0751 2540 MountMgr - ok
22:52:00.0845 2540 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:52:00.0861 2540 MozillaMaintenance - ok
22:52:00.0892 2540 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:52:00.0907 2540 mpio - ok
22:52:00.0923 2540 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:52:00.0970 2540 mpsdrv - ok
22:52:01.0017 2540 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:52:01.0126 2540 MpsSvc - ok
22:52:01.0188 2540 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:52:01.0204 2540 Mraid35x - ok
22:52:01.0235 2540 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:52:01.0266 2540 MRxDAV - ok
22:52:01.0297 2540 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:52:01.0329 2540 mrxsmb - ok
22:52:01.0360 2540 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:52:01.0407 2540 mrxsmb10 - ok
22:52:01.0422 2540 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:52:01.0438 2540 mrxsmb20 - ok
22:52:01.0469 2540 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
22:52:01.0485 2540 msahci - ok
22:52:01.0500 2540 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:52:01.0516 2540 msdsm - ok
22:52:01.0531 2540 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:52:01.0578 2540 MSDTC - ok
22:52:01.0594 2540 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:52:01.0656 2540 Msfs - ok
22:52:01.0703 2540 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:52:01.0719 2540 msisadrv - ok
22:52:01.0765 2540 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:52:01.0812 2540 MSiSCSI - ok
22:52:01.0812 2540 msiserver - ok
22:52:01.0843 2540 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:52:01.0875 2540 MSKSSRV - ok
22:52:01.0921 2540 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:52:01.0968 2540 MSPCLOCK - ok
22:52:01.0999 2540 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:52:02.0031 2540 MSPQM - ok
22:52:02.0046 2540 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:52:02.0062 2540 MsRPC - ok
22:52:02.0077 2540 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:52:02.0093 2540 mssmbios - ok
22:52:02.0124 2540 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:52:02.0171 2540 MSTEE - ok
22:52:02.0187 2540 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:52:02.0202 2540 Mup - ok
22:52:02.0233 2540 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:52:02.0280 2540 napagent - ok
22:52:02.0327 2540 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:52:02.0374 2540 NativeWifiP - ok
22:52:02.0421 2540 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:52:02.0452 2540 NDIS - ok
22:52:02.0467 2540 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:52:02.0514 2540 NdisTapi - ok
22:52:02.0530 2540 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:52:02.0577 2540 Ndisuio - ok
22:52:02.0608 2540 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:52:02.0655 2540 NdisWan - ok
22:52:02.0686 2540 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:52:02.0717 2540 NDProxy - ok
22:52:02.0779 2540 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:52:02.0811 2540 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:52:02.0811 2540 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:52:02.0826 2540 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:52:02.0857 2540 NetBIOS - ok
22:52:02.0889 2540 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:52:02.0935 2540 netbt - ok
22:52:02.0951 2540 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:52:02.0982 2540 Netlogon - ok
22:52:03.0013 2540 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:52:03.0076 2540 Netman - ok
22:52:03.0091 2540 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:52:03.0169 2540 netprofm - ok
22:52:03.0201 2540 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:52:03.0232 2540 NetTcpPortSharing - ok
22:52:03.0263 2540 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:52:03.0279 2540 nfrd960 - ok
22:52:03.0310 2540 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:52:03.0341 2540 NlaSvc - ok
22:52:03.0372 2540 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:52:03.0419 2540 Npfs - ok
22:52:03.0419 2540 npggsvc - ok
22:52:03.0450 2540 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:52:03.0481 2540 nsi - ok
22:52:03.0497 2540 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:52:03.0513 2540 nsiproxy - ok
22:52:03.0575 2540 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:52:03.0669 2540 Ntfs - ok
22:52:03.0684 2540 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:52:03.0762 2540 ntrigdigi - ok
22:52:03.0762 2540 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:52:03.0809 2540 Null - ok
22:52:03.0825 2540 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:52:03.0871 2540 nvraid - ok
22:52:03.0887 2540 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:52:03.0903 2540 nvstor - ok
22:52:03.0934 2540 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:52:03.0949 2540 nv_agp - ok
22:52:03.0949 2540 NwlnkFlt - ok
22:52:03.0965 2540 NwlnkFwd - ok
22:52:04.0090 2540 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:52:04.0105 2540 odserv - ok
22:52:04.0168 2540 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:52:04.0230 2540 ohci1394 - ok
22:52:04.0277 2540 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:52:04.0293 2540 ose - ok
22:52:04.0339 2540 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:52:04.0480 2540 p2pimsvc - ok
22:52:04.0495 2540 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:52:04.0573 2540 p2psvc - ok
22:52:04.0651 2540 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:52:04.0714 2540 Parport - ok
22:52:04.0761 2540 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:52:04.0776 2540 partmgr - ok
22:52:04.0792 2540 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:52:04.0854 2540 Parvdm - ok
22:52:04.0901 2540 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:52:04.0917 2540 PcaSvc - ok
22:52:04.0948 2540 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:52:04.0963 2540 pci - ok
22:52:04.0979 2540 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:52:04.0995 2540 pciide - ok
22:52:05.0026 2540 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:52:05.0041 2540 pcmcia - ok
22:52:05.0088 2540 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:52:05.0244 2540 PEAUTH - ok
22:52:05.0416 2540 [ 56652AF63296E1B0304162C5E7DB5FAF ] PfFilter C:\Program Files\IObit\Protected Folder\pffilter.sys
22:52:05.0431 2540 PfFilter - ok
22:52:05.0556 2540 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:52:05.0759 2540 pla - ok
22:52:05.0790 2540 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:52:05.0821 2540 PlugPlay - ok
22:52:05.0868 2540 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:52:05.0884 2540 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:52:05.0884 2540 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:52:05.0915 2540 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:52:05.0993 2540 PNRPAutoReg - ok
22:52:06.0055 2540 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:52:06.0118 2540 PNRPsvc - ok
22:52:06.0180 2540 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:52:06.0258 2540 PolicyAgent - ok
22:52:06.0321 2540 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:52:06.0367 2540 PptpMiniport - ok
22:52:06.0383 2540 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:52:06.0414 2540 Processor - ok
22:52:06.0445 2540 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:52:06.0508 2540 ProfSvc - ok
22:52:06.0523 2540 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:52:06.0539 2540 ProtectedStorage - ok
22:52:06.0570 2540 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:52:06.0601 2540 PSched - ok
22:52:06.0664 2540 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:52:06.0679 2540 PxHelp20 - ok
22:52:06.0789 2540 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:52:06.0882 2540 ql2300 - ok
22:52:06.0913 2540 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:52:06.0945 2540 ql40xx - ok
22:52:06.0991 2540 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:52:07.0054 2540 QWAVE - ok
22:52:07.0085 2540 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:52:07.0101 2540 QWAVEdrv - ok
22:52:07.0101 2540 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:52:07.0132 2540 RasAcd - ok
22:52:07.0147 2540 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:52:07.0194 2540 RasAuto - ok
22:52:07.0241 2540 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:52:07.0272 2540 Rasl2tp - ok
22:52:07.0303 2540 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:52:07.0366 2540 RasMan - ok
22:52:07.0397 2540 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:52:07.0428 2540 RasPppoe - ok
22:52:07.0459 2540 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:52:07.0475 2540 RasSstp - ok
22:52:07.0491 2540 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:52:07.0522 2540 rdbss - ok
22:52:07.0537 2540 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:52:07.0600 2540 RDPCDD - ok
22:52:07.0631 2540 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:52:07.0662 2540 rdpdr - ok
22:52:07.0662 2540 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:52:07.0693 2540 RDPENCDD - ok
22:52:07.0740 2540 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:52:07.0771 2540 RDPWD - ok
22:52:07.0865 2540 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:52:07.0896 2540 RemoteAccess - ok
22:52:07.0927 2540 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:52:07.0974 2540 RemoteRegistry - ok
22:52:08.0021 2540 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:52:08.0037 2540 RpcLocator - ok
22:52:08.0068 2540 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
22:52:08.0099 2540 RpcSs - ok
22:52:08.0130 2540 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:52:08.0193 2540 rspndr - ok
22:52:08.0239 2540 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:52:08.0286 2540 RTL8169 - ok
22:52:08.0333 2540 [ 9FF7D9CF3A5F296613588B0E8DB83AFE ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
22:52:08.0380 2540 RTSTOR - ok
22:52:08.0395 2540 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:52:08.0411 2540 SamSs - ok
22:52:08.0427 2540 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:52:08.0458 2540 sbp2port - ok
22:52:08.0489 2540 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:52:08.0551 2540 SCardSvr - ok
22:52:08.0598 2540 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:52:08.0645 2540 Schedule - ok
22:52:08.0692 2540 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:52:08.0723 2540 SCPolicySvc - ok
22:52:08.0754 2540 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:52:08.0801 2540 SDRSVC - ok
22:52:08.0910 2540 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
22:52:09.0019 2540 SDScannerService - ok
22:52:09.0113 2540 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:52:09.0222 2540 SDUpdateService - ok
22:52:09.0238 2540 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:52:09.0253 2540 SDWSCService - ok
22:52:09.0300 2540 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:52:09.0347 2540 secdrv - ok
22:52:09.0394 2540 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:52:09.0441 2540 seclogon - ok
22:52:09.0472 2540 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
22:52:09.0519 2540 SENS - ok
22:52:09.0550 2540 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:52:09.0612 2540 Serenum - ok
22:52:09.0643 2540 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:52:09.0690 2540 Serial - ok
22:52:09.0706 2540 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:52:09.0737 2540 sermouse - ok
22:52:09.0768 2540 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:52:09.0815 2540 SessionEnv - ok
22:52:09.0831 2540 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:52:09.0862 2540 sffdisk - ok
22:52:09.0862 2540 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:52:09.0924 2540 sffp_mmc - ok
22:52:09.0940 2540 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:52:09.0987 2540 sffp_sd - ok
22:52:10.0018 2540 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:52:10.0096 2540 sfloppy - ok
22:52:10.0143 2540 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:52:10.0189 2540 SharedAccess - ok
22:52:10.0221 2540 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:52:10.0252 2540 ShellHWDetection - ok
22:52:10.0267 2540 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:52:10.0283 2540 sisagp - ok
22:52:10.0299 2540 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:52:10.0314 2540 SiSRaid2 - ok
22:52:10.0345 2540 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:52:10.0377 2540 SiSRaid4 - ok
22:52:10.0408 2540 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:52:10.0423 2540 SkypeUpdate - ok
22:52:10.0564 2540 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:52:10.0798 2540 slsvc - ok
22:52:10.0876 2540 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:52:10.0923 2540 SLUINotify - ok
22:52:10.0954 2540 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:52:10.0969 2540 Smb - ok
22:52:11.0016 2540 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:52:11.0032 2540 SNMPTRAP - ok
22:52:11.0063 2540 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys
22:52:11.0079 2540 speedfan - ok
22:52:11.0125 2540 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:52:11.0141 2540 spldr - ok
22:52:11.0188 2540 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:52:11.0266 2540 Spooler - ok
22:52:11.0313 2540 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:52:11.0391 2540 srv - ok
22:52:11.0437 2540 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:52:11.0469 2540 srv2 - ok
22:52:11.0515 2540 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:52:11.0531 2540 srvnet - ok
22:52:11.0578 2540 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:52:11.0625 2540 SSDPSRV - ok
22:52:11.0703 2540 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:52:11.0765 2540 SstpSvc - ok
22:52:11.0812 2540 Steam Client Service - ok
22:52:11.0843 2540 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:52:11.0937 2540 stisvc - ok
22:52:11.0999 2540 [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV C:\Windows\System32\sysprep\PEDrv.sys
22:52:12.0030 2540 SVRPEDRV ( UnsignedFile.Multi.Generic ) - warning
22:52:12.0030 2540 SVRPEDRV - detected UnsignedFile.Multi.Generic (1)
22:52:12.0077 2540 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:52:12.0108 2540 swenum - ok
22:52:12.0139 2540 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:52:12.0202 2540 swprv - ok
22:52:12.0233 2540 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:52:12.0249 2540 Symc8xx - ok
22:52:12.0280 2540 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:52:12.0295 2540 Sym_hi - ok
22:52:12.0311 2540 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:52:12.0327 2540 Sym_u3 - ok
22:52:12.0373 2540 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:52:12.0405 2540 SynTP - ok
22:52:12.0451 2540 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:52:12.0498 2540 SysMain - ok
22:52:12.0545 2540 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:52:12.0576 2540 TabletInputService - ok
22:52:12.0623 2540 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:52:12.0654 2540 TapiSrv - ok
22:52:12.0654 2540 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:52:12.0717 2540 TBS - ok
22:52:12.0763 2540 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:52:12.0841 2540 Tcpip - ok
22:52:12.0873 2540 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:52:12.0919 2540 Tcpip6 - ok
22:52:12.0951 2540 [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:52:12.0997 2540 tcpipreg - ok
22:52:13.0029 2540 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:52:13.0044 2540 tdcmdpst - ok
22:52:13.0075 2540 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:52:13.0122 2540 TDPIPE - ok
22:52:13.0153 2540 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:52:13.0200 2540 TDTCP - ok
22:52:13.0231 2540 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:52:13.0278 2540 tdx - ok
22:52:13.0309 2540 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:52:13.0325 2540 TermDD - ok
22:52:13.0356 2540 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:52:13.0419 2540 TermService - ok
22:52:13.0481 2540 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:52:13.0512 2540 Themes - ok
22:52:13.0528 2540 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:52:13.0559 2540 THREADORDER - ok
22:52:13.0637 2540 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:52:13.0653 2540 TMachInfo - ok
22:52:13.0684 2540 TMPassthruMP - ok
22:52:13.0746 2540 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
22:52:13.0762 2540 TNaviSrv - ok
22:52:13.0809 2540 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
22:52:13.0840 2540 TODDSrv - ok
22:52:13.0871 2540 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
22:52:13.0902 2540 TosCoSrv - ok
22:52:13.0980 2540 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
22:52:14.0011 2540 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
22:52:14.0011 2540 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
22:52:14.0058 2540 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
22:52:14.0074 2540 tos_sps32 - ok
22:52:14.0089 2540 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:52:14.0167 2540 TrkWks - ok
22:52:14.0230 2540 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:52:14.0277 2540 TrustedInstaller - ok
22:52:14.0323 2540 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:52:14.0355 2540 tssecsrv - ok
22:52:14.0401 2540 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:52:14.0433 2540 tunmp - ok
22:52:14.0495 2540 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:52:14.0511 2540 tunnel - ok
22:52:14.0542 2540 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:52:14.0557 2540 TVALZ - ok
22:52:14.0573 2540 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:52:14.0589 2540 uagp35 - ok
22:52:14.0635 2540 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:52:14.0682 2540 udfs - ok
22:52:14.0745 2540 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:52:14.0776 2540 UI0Detect - ok
22:52:14.0885 2540 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
22:52:14.0932 2540 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
22:52:14.0932 2540 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
22:52:14.0963 2540 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:52:14.0979 2540 uliagpkx - ok
22:52:14.0994 2540 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:52:15.0010 2540 uliahci - ok
22:52:15.0041 2540 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:52:15.0057 2540 UlSata - ok
22:52:15.0072 2540 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:52:15.0103 2540 ulsata2 - ok
22:52:15.0119 2540 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:52:15.0166 2540 umbus - ok
22:52:15.0228 2540 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:52:15.0259 2540 upnphost - ok
22:52:15.0306 2540 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:52:15.0322 2540 USBAAPL - ok
22:52:15.0384 2540 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:52:15.0431 2540 usbaudio - ok
22:52:15.0447 2540 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:52:15.0478 2540 usbccgp - ok
22:52:15.0493 2540 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:52:15.0556 2540 usbcir - ok
22:52:15.0603 2540 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:52:15.0649 2540 usbehci - ok
22:52:15.0681 2540 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:52:15.0727 2540 usbhub - ok
22:52:15.0759 2540 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:52:15.0821 2540 usbohci - ok
22:52:15.0852 2540 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:52:15.0883 2540 usbprint - ok
22:52:15.0961 2540 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:52:15.0977 2540 usbscan - ok
22:52:16.0008 2540 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:52:16.0024 2540 USBSTOR - ok
22:52:16.0055 2540 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:52:16.0102 2540 usbuhci - ok
22:52:16.0164 2540 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:52:16.0211 2540 usbvideo - ok
22:52:16.0242 2540 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:52:16.0273 2540 UxSms - ok
22:52:16.0320 2540 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:52:16.0367 2540 vds - ok
22:52:16.0383 2540 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:52:16.0414 2540 vga - ok
22:52:16.0429 2540 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:52:16.0461 2540 VgaSave - ok
22:52:16.0476 2540 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:52:16.0492 2540 viaagp - ok
22:52:16.0507 2540 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:52:16.0539 2540 ViaC7 - ok
22:52:16.0554 2540 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:52:16.0570 2540 viaide - ok
22:52:16.0601 2540 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:52:16.0617 2540 volmgr - ok
22:52:16.0648 2540 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:52:16.0679 2540 volmgrx - ok
22:52:16.0726 2540 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:52:16.0773 2540 volsnap - ok
22:52:16.0804 2540 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:52:16.0819 2540 vsmraid - ok
22:52:16.0882 2540 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:52:16.0975 2540 VSS - ok
22:52:17.0022 2540 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:52:17.0069 2540 W32Time - ok
22:52:17.0085 2540 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:52:17.0163 2540 WacomPen - ok
22:52:17.0178 2540 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:52:17.0225 2540 Wanarp - ok
22:52:17.0225 2540 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:52:17.0272 2540 Wanarpv6 - ok
22:52:17.0303 2540 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:52:17.0350 2540 wcncsvc - ok
22:52:17.0428 2540 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:52:17.0443 2540 WcsPlugInService - ok
22:52:17.0459 2540 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:52:17.0490 2540 Wd - ok
22:52:17.0521 2540 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:52:17.0584 2540 Wdf01000 - ok
22:52:17.0599 2540 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:52:17.0662 2540 WdiServiceHost - ok
22:52:17.0677 2540 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:52:17.0709 2540 WdiSystemHost - ok
22:52:17.0740 2540 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:52:17.0818 2540 WebClient - ok
22:52:17.0849 2540 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:52:17.0911 2540 Wecsvc - ok
22:52:17.0958 2540 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:52:17.0974 2540 wercplsupport - ok
22:52:18.0005 2540 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:52:18.0036 2540 WerSvc - ok
22:52:18.0114 2540 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:52:18.0145 2540 WinDefend - ok
22:52:18.0145 2540 WinHttpAutoProxySvc - ok
22:52:18.0192 2540 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:52:18.0255 2540 Winmgmt - ok
22:52:18.0333 2540 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:52:18.0442 2540 WinRM - ok
22:52:18.0504 2540 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:52:18.0582 2540 Wlansvc - ok
22:52:18.0645 2540 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:52:18.0754 2540 wlidsvc - ok
22:52:18.0769 2540 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:52:18.0816 2540 WmiAcpi - ok
22:52:18.0863 2540 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:52:18.0879 2540 wmiApSrv - ok
22:52:18.0957 2540 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:52:19.0097 2540 WMPNetworkSvc - ok
22:52:19.0159 2540 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:52:19.0206 2540 WPCSvc - ok
22:52:19.0237 2540 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:52:19.0300 2540 WPDBusEnum - ok
22:52:19.0362 2540 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:52:19.0378 2540 WpdUsb - ok
22:52:19.0503 2540 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:52:19.0549 2540 WPFFontCache_v0400 - ok
22:52:19.0612 2540 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:52:19.0659 2540 ws2ifsl - ok
22:52:19.0690 2540 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
22:52:19.0721 2540 wscsvc - ok
22:52:19.0737 2540 WSearch - ok
22:52:19.0815 2540 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:52:20.0002 2540 wuauserv - ok
22:52:20.0095 2540 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:52:20.0111 2540 WudfPf - ok
22:52:20.0142 2540 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:52:20.0173 2540 WUDFRd - ok
22:52:20.0205 2540 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:52:20.0236 2540 wudfsvc - ok
22:52:20.0267 2540 ================ Scan global ===============================
22:52:20.0298 2540 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:52:20.0345 2540 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:52:20.0392 2540 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:52:20.0439 2540 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:52:20.0439 2540 [Global] - ok
22:52:20.0454 2540 ================ Scan MBR ==================================
22:52:20.0470 2540 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
22:52:20.0891 2540 \Device\Harddisk0\DR0 - ok
22:52:20.0891 2540 ================ Scan VBR ==================================
22:52:20.0891 2540 [ A8C49A574ADE113EEF46FB98D0D2FFB5 ] \Device\Harddisk0\DR0\Partition1
22:52:20.0891 2540 \Device\Harddisk0\DR0\Partition1 - ok
22:52:20.0907 2540 ============================================================
22:52:20.0907 2540 Scan finished
22:52:20.0907 2540 ============================================================
22:52:20.0907 3988 Detected object count: 14
22:52:20.0922 3988 Actual detected object count: 14
22:53:30.0576 3988 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0576 3988 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0576 3988 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0592 3988 IObitBarService ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0592 3988 IObitBarService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0592 3988 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0592 3988 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0592 3988 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0592 3988 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0592 3988 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0592 3988 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0592 3988 SVRPEDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0592 3988 SVRPEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0607 3988 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0607 3988 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:30.0607 3988 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:53:30.0607 3988 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:53:53.0071 2176 ============================================================
22:53:53.0071 2176 Scan started
22:53:53.0071 2176 Mode: Manual; SigCheck; TDLFS;
22:53:53.0071 2176 ============================================================
22:53:53.0243 2176 ================ Scan system memory ========================
22:53:53.0243 2176 System memory - ok
22:53:53.0243 2176 ================ Scan services =============================
22:53:53.0415 2176 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:53:53.0446 2176 ACPI - ok
22:53:53.0586 2176 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:53:53.0602 2176 AdobeARMservice - ok
22:53:53.0680 2176 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:53.0695 2176 AdobeFlashPlayerUpdateSvc - ok
22:53:53.0758 2176 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:53:53.0789 2176 adp94xx - ok
22:53:53.0836 2176 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:53:53.0851 2176 adpahci - ok
22:53:53.0883 2176 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:53:53.0898 2176 adpu160m - ok
22:53:53.0929 2176 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:53:53.0945 2176 adpu320 - ok
22:53:53.0976 2176 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:53:54.0007 2176 AeLookupSvc - ok
22:53:54.0054 2176 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:53:54.0070 2176 AFD - ok
22:53:54.0085 2176 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
22:53:54.0101 2176 AgereModemAudio - ok
22:53:54.0163 2176 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
22:53:54.0210 2176 AgereSoftModem - ok
22:53:54.0241 2176 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:53:54.0257 2176 agp440 - ok
22:53:54.0273 2176 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:53:54.0288 2176 aic78xx - ok
22:53:54.0507 2176 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
22:53:54.0507 2176 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:53:54.0522 2176 Akamai ( HiddenFile.Multi.Generic ) - warning
22:53:54.0522 2176 Akamai - detected HiddenFile.Multi.Generic (1)
22:53:54.0553 2176 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:53:54.0585 2176 ALG - ok
22:53:54.0600 2176 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:53:54.0616 2176 aliide - ok
22:53:54.0647 2176 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:53:54.0663 2176 amdagp - ok
22:53:54.0663 2176 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:53:54.0678 2176 amdide - ok
22:53:54.0694 2176 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:53:54.0725 2176 AmdK7 - ok
22:53:54.0756 2176 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:53:54.0772 2176 AmdK8 - ok
22:53:54.0803 2176 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:53:54.0819 2176 Appinfo - ok
22:53:54.0881 2176 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:53:54.0897 2176 Apple Mobile Device - ok
22:53:54.0943 2176 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:53:54.0959 2176 arc - ok
22:53:54.0975 2176 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:53:54.0990 2176 arcsas - ok
22:53:55.0099 2176 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:53:55.0099 2176 aspnet_state - ok
22:53:55.0146 2176 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:53:55.0162 2176 aswFsBlk - ok
22:53:55.0209 2176 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:53:55.0224 2176 aswMonFlt - ok
22:53:55.0255 2176 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
22:53:55.0271 2176 AswRdr - ok
22:53:55.0302 2176 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
22:53:55.0318 2176 aswRvrt - ok
22:53:55.0365 2176 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:53:55.0443 2176 aswSnx - ok
22:53:55.0552 2176 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:53:55.0599 2176 aswSP - ok
22:53:55.0677 2176 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:53:55.0692 2176 aswTdi - ok
22:53:55.0723 2176 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
22:53:55.0739 2176 aswVmm - ok
22:53:55.0770 2176 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:55.0801 2176 AsyncMac - ok
22:53:55.0833 2176 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
22:53:55.0848 2176 atapi - ok
22:53:55.0895 2176 [ 8BE56F8300E1C37B578DA23C71816B7A ] athr C:\Windows\system32\DRIVERS\athr.sys
22:53:55.0989 2176 athr - ok
22:53:56.0051 2176 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:56.0067 2176 AudioEndpointBuilder - ok
22:53:56.0129 2176 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:53:56.0145 2176 Audiosrv - ok
22:53:56.0207 2176 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:53:56.0223 2176 avast! Antivirus - ok
22:53:56.0238 2176 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:53:56.0269 2176 Beep - ok
22:53:56.0301 2176 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:53:56.0379 2176 BFE - ok
22:53:56.0441 2176 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:53:56.0472 2176 BITS - ok
22:53:56.0503 2176 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:53:56.0535 2176 blbdrive - ok
22:53:56.0597 2176 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:53:56.0628 2176 Bonjour Service - ok
22:53:56.0659 2176 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:53:56.0675 2176 bowser - ok
22:53:56.0706 2176 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:53:56.0722 2176 BrFiltLo - ok
22:53:56.0737 2176 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:53:56.0769 2176 BrFiltUp - ok
22:53:56.0815 2176 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:53:56.0847 2176 Browser - ok
22:53:56.0862 2176 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:53:56.0909 2176 Brserid - ok
22:53:56.0940 2176 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:53:56.0987 2176 BrSerWdm - ok
22:53:57.0003 2176 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:53:57.0065 2176 BrUsbMdm - ok
22:53:57.0065 2176 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:53:57.0112 2176 BrUsbSer - ok
22:53:57.0143 2176 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:53:57.0190 2176 BTHMODEM - ok
22:53:57.0190 2176 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:53:57.0221 2176 cdfs - ok
22:53:57.0252 2176 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:53:57.0283 2176 cdrom - ok
22:53:57.0299 2176 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:53:57.0330 2176 CertPropSvc - ok
22:53:57.0346 2176 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:53:57.0377 2176 circlass - ok
22:53:57.0424 2176 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:53:57.0439 2176 CLFS - ok
22:53:57.0486 2176 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:57.0486 2176 clr_optimization_v2.0.50727_32 - ok
22:53:57.0549 2176 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:57.0564 2176 clr_optimization_v4.0.30319_32 - ok
22:53:57.0580 2176 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:53:57.0595 2176 CmBatt - ok
22:53:57.0627 2176 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:53:57.0627 2176 cmdide - ok
22:53:57.0642 2176 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:53:57.0658 2176 Compbatt - ok
22:53:57.0658 2176 COMSysApp - ok
22:53:57.0751 2176 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
22:53:57.0751 2176 ConfigFree Service ( UnsignedFile.Multi.Generic ) - warning
22:53:57.0751 2176 ConfigFree Service - detected UnsignedFile.Multi.Generic (1)
22:53:57.0751 2176 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:53:57.0767 2176 crcdisk - ok
22:53:57.0798 2176 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:53:57.0829 2176 Crusoe - ok
22:53:57.0861 2176 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:53:57.0876 2176 CryptSvc - ok
22:53:57.0923 2176 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:53:57.0970 2176 DcomLaunch - ok
22:53:58.0001 2176 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:53:58.0017 2176 DfsC - ok
22:53:58.0110 2176 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:53:58.0204 2176 DFSR - ok
22:53:58.0251 2176 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:53:58.0266 2176 Dhcp - ok
22:53:58.0297 2176 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:53:58.0313 2176 disk - ok
22:53:58.0329 2176 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:53:58.0344 2176 Dnscache - ok
22:53:58.0375 2176 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:53:58.0407 2176 dot3svc - ok
22:53:58.0438 2176 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
22:53:58.0469 2176 Dot4 - ok
22:53:58.0500 2176 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:53:58.0531 2176 Dot4Print - ok
22:53:58.0563 2176 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
22:53:58.0594 2176 dot4usb - ok
22:53:58.0625 2176 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:53:58.0656 2176 DPS - ok
22:53:58.0687 2176 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:53:58.0719 2176 drmkaud - ok
22:53:58.0765 2176 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:53:58.0797 2176 DXGKrnl - ok
22:53:58.0812 2176 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:53:58.0843 2176 E1G60 - ok
22:53:58.0875 2176 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:53:58.0890 2176 EapHost - ok
22:53:58.0937 2176 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:53:58.0953 2176 Ecache - ok
22:53:58.0999 2176 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:53:59.0015 2176 elxstor - ok
22:53:59.0077 2176 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:53:59.0109 2176 EMDMgmt - ok
22:53:59.0124 2176 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:53:59.0155 2176 ErrDev - ok
22:53:59.0202 2176 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:53:59.0218 2176 EventSystem - ok
22:53:59.0265 2176 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:53:59.0280 2176 exfat - ok
22:53:59.0311 2176 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:53:59.0343 2176 fastfat - ok
22:53:59.0358 2176 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:53:59.0389 2176 fdc - ok
22:53:59.0436 2176 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:53:59.0452 2176 fdPHost - ok
22:53:59.0467 2176 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:53:59.0514 2176 FDResPub - ok
22:53:59.0530 2176 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:53:59.0545 2176 FileInfo - ok
22:53:59.0577 2176 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:53:59.0592 2176 Filetrace - ok
22:53:59.0623 2176 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:53:59.0639 2176 flpydisk - ok
22:53:59.0670 2176 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:53:59.0701 2176 FltMgr - ok
22:53:59.0748 2176 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:53:59.0795 2176 FontCache - ok
22:53:59.0842 2176 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:53:59.0857 2176 FontCache3.0.0.0 - ok
22:53:59.0904 2176 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:53:59.0920 2176 Fs_Rec - ok
22:53:59.0951 2176 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
22:53:59.0967 2176 FwLnk - ok
22:53:59.0982 2176 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:53:59.0998 2176 gagp30kx - ok
22:54:00.0091 2176 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
22:54:00.0107 2176 GameConsoleService - ok
22:54:00.0154 2176 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:54:00.0154 2176 GEARAspiWDM - ok
22:54:00.0185 2176 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
22:54:00.0201 2176 giveio ( UnsignedFile.Multi.Generic ) - warning
22:54:00.0201 2176 giveio - detected UnsignedFile.Multi.Generic (1)
22:54:00.0232 2176 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:54:00.0279 2176 gpsvc - ok
22:54:00.0466 2176 [ B4EA57054EFE2F75269F613839B138CF ] GsServer C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
22:54:00.0591 2176 GsServer - ok
22:54:00.0684 2176 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:54:00.0684 2176 gupdate - ok
22:54:00.0715 2176 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:54:00.0715 2176 gupdatem - ok
22:54:00.0762 2176 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:54:00.0778 2176 gusvc - ok
22:54:00.0809 2176 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:54:00.0856 2176 HdAudAddService - ok
22:54:00.0918 2176 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:00.0965 2176 HDAudBus - ok
22:54:01.0012 2176 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:54:01.0059 2176 HidBth - ok
22:54:01.0090 2176 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:54:01.0121 2176 HidIr - ok
22:54:01.0168 2176 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
22:54:01.0183 2176 hidserv - ok
22:54:01.0215 2176 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:54:01.0246 2176 HidUsb - ok
22:54:01.0277 2176 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:54:01.0293 2176 HipShieldK - ok
22:54:01.0339 2176 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:54:01.0371 2176 hkmsvc - ok
22:54:01.0402 2176 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:54:01.0417 2176 HpCISSs - ok
22:54:01.0480 2176 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:54:01.0480 2176 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
22:54:01.0480 2176 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
22:54:01.0511 2176 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:54:01.0511 2176 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
22:54:01.0511 2176 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
22:54:01.0542 2176 [ 568E44F6DCFA173F3670172B69379891 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:54:01.0573 2176 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
22:54:01.0573 2176 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
22:54:01.0651 2176 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:54:01.0698 2176 HTTP - ok
22:54:01.0745 2176 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:54:01.0745 2176 i2omp - ok
22:54:01.0776 2176 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:01.0792 2176 i8042prt - ok
22:54:01.0854 2176 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:54:01.0870 2176 IAANTMON - ok
22:54:01.0917 2176 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:54:01.0932 2176 iaStor - ok
22:54:01.0963 2176 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:54:01.0995 2176 iaStorV - ok
22:54:02.0041 2176 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:54:02.0057 2176 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:54:02.0057 2176 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:54:02.0119 2176 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:54:02.0151 2176 idsvc - ok
22:54:02.0244 2176 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
22:54:02.0431 2176 igfx - ok
22:54:02.0494 2176 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:54:02.0509 2176 iirsp - ok
22:54:02.0603 2176 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:54:02.0634 2176 IKEEXT - ok
22:54:02.0743 2176 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:54:02.0899 2176 IntcAzAudAddService - ok
22:54:02.0931 2176 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:54:02.0946 2176 intelide - ok
22:54:03.0009 2176 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:54:03.0040 2176 intelppm - ok
22:54:03.0102 2176 [ A7230C095E646FD97C52D094BE07467B ] IObitBarService C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe
22:54:03.0118 2176 IObitBarService ( UnsignedFile.Multi.Generic ) - warning
22:54:03.0118 2176 IObitBarService - detected UnsignedFile.Multi.Generic (1)
22:54:03.0133 2176 IO_Memory - ok
22:54:03.0180 2176 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:54:03.0211 2176 IPBusEnum - ok
22:54:03.0227 2176 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:03.0258 2176 IpFilterDriver - ok
22:54:03.0289 2176 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:54:03.0321 2176 iphlpsvc - ok
22:54:03.0321 2176 IpInIp - ok
22:54:03.0352 2176 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:54:03.0383 2176 IPMIDRV - ok
22:54:03.0414 2176 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:54:03.0445 2176 IPNAT - ok
22:54:03.0508 2176 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:54:03.0539 2176 iPod Service - ok
22:54:03.0586 2176 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:54:03.0617 2176 IRENUM - ok
22:54:03.0633 2176 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:54:03.0648 2176 isapnp - ok
22:54:03.0695 2176 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:03.0711 2176 iScsiPrt - ok
22:54:03.0742 2176 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:54:03.0742 2176 iteatapi - ok
22:54:03.0773 2176 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:54:03.0789 2176 iteraid - ok
22:54:03.0882 2176 [ 957135960E7533EA5C7EA0BFB34F8EFD ] jswpsapi C:\Program Files\Jumpstart\jswpsapi.exe
22:54:03.0960 2176 jswpsapi ( UnsignedFile.Multi.Generic ) - warning
22:54:03.0960 2176 jswpsapi - detected UnsignedFile.Multi.Generic (1)
22:54:03.0976 2176 [ 11AD410F41AF42BA12E63187E3EC141A ] jswpslwf C:\Windows\system32\DRIVERS\jswpslwf.sys
22:54:03.0991 2176 jswpslwf - ok
22:54:04.0007 2176 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:04.0023 2176 kbdclass - ok
22:54:04.0054 2176 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:04.0069 2176 kbdhid - ok
22:54:04.0101 2176 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:54:04.0116 2176 KeyIso - ok
22:54:04.0147 2176 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
22:54:04.0163 2176 KR10I - ok
22:54:04.0210 2176 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
22:54:04.0225 2176 KR10N - ok
22:54:04.0272 2176 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:54:04.0303 2176 KSecDD - ok
22:54:04.0335 2176 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:54:04.0366 2176 KtmRm - ok
22:54:04.0413 2176 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
22:54:04.0428 2176 LanmanServer - ok
22:54:04.0475 2176 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:54:04.0491 2176 LanmanWorkstation - ok
22:54:04.0600 2176 [ 7AC2D769C4C29D0C8D58C0FB8528FD82 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:54:04.0615 2176 LBTServ - ok
22:54:04.0678 2176 [ 006540C9CDC7E72ADD1435CF778EC674 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:54:04.0678 2176 LHidFilt - ok
22:54:04.0709 2176 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:54:04.0740 2176 lltdio - ok
22:54:04.0771 2176 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:54:04.0803 2176 lltdsvc - ok
22:54:04.0818 2176 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:54:04.0865 2176 lmhosts - ok
22:54:04.0896 2176 [ 3C5BA4B2E4D1180BF9810963A494799A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:54:04.0912 2176 LMouFilt - ok
22:54:04.0927 2176 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:54:04.0943 2176 LSI_FC - ok
22:54:04.0959 2176 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:54:04.0990 2176 LSI_SAS - ok
22:54:05.0005 2176 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:54:05.0021 2176 LSI_SCSI - ok
22:54:05.0037 2176 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:54:05.0068 2176 luafv - ok
22:54:05.0099 2176 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:54:05.0115 2176 megasas - ok
22:54:05.0146 2176 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:54:05.0208 2176 MegaSR - ok
22:54:05.0286 2176 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:54:05.0317 2176 MMCSS - ok
22:54:05.0333 2176 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:54:05.0364 2176 Modem - ok
22:54:05.0395 2176 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:54:05.0427 2176 monitor - ok
22:54:05.0442 2176 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:54:05.0458 2176 mouclass - ok
22:54:05.0473 2176 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:54:05.0505 2176 mouhid - ok
22:54:05.0536 2176 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:54:05.0551 2176 MountMgr - ok
22:54:05.0629 2176 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:54:05.0645 2176 MozillaMaintenance - ok
22:54:05.0676 2176 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:54:05.0692 2176 mpio - ok
22:54:05.0707 2176 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:54:05.0723 2176 mpsdrv - ok
22:54:05.0770 2176 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:54:05.0832 2176 MpsSvc - ok
22:54:05.0879 2176 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:54:05.0879 2176 Mraid35x - ok
22:54:05.0926 2176 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:54:05.0941 2176 MRxDAV - ok
22:54:05.0988 2176 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:06.0004 2176 mrxsmb - ok
22:54:06.0035 2176 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:06.0051 2176 mrxsmb10 - ok
22:54:06.0066 2176 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:06.0082 2176 mrxsmb20 - ok
22:54:06.0097 2176 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
22:54:06.0113 2176 msahci - ok
22:54:06.0129 2176 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:54:06.0144 2176 msdsm - ok
22:54:06.0175 2176 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:54:06.0207 2176 MSDTC - ok
22:54:06.0238 2176 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:54:06.0269 2176 Msfs - ok
22:54:06.0300 2176 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:54:06.0316 2176 msisadrv - ok
22:54:06.0347 2176 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:54:06.0378 2176 MSiSCSI - ok
22:54:06.0378 2176 msiserver - ok
22:54:06.0409 2176 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:54:06.0441 2176 MSKSSRV - ok
22:54:06.0456 2176 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:06.0472 2176 MSPCLOCK - ok
22:54:06.0503 2176 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:54:06.0519 2176 MSPQM - ok
22:54:06.0550 2176 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:54:06.0565 2176 MsRPC - ok
22:54:06.0581 2176 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:06.0597 2176 mssmbios - ok
22:54:06.0628 2176 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:54:06.0643 2176 MSTEE - ok
22:54:06.0675 2176 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:54:06.0690 2176 Mup - ok
22:54:06.0721 2176 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:54:06.0753 2176 napagent - ok
22:54:06.0784 2176 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:54:06.0799 2176 NativeWifiP - ok
22:54:06.0831 2176 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:54:06.0862 2176 NDIS - ok
22:54:06.0893 2176 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:06.0924 2176 NdisTapi - ok
22:54:06.0940 2176 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:06.0971 2176 Ndisuio - ok
22:54:07.0002 2176 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:07.0033 2176 NdisWan - ok
22:54:07.0049 2176 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:54:07.0065 2176 NDProxy - ok
22:54:07.0080 2176 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:54:07.0096 2176 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:54:07.0096 2176 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:54:07.0111 2176 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:54:07.0143 2176 NetBIOS - ok
22:54:07.0174 2176 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:54:07.0205 2176 netbt - ok
22:54:07.0221 2176 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:54:07.0236 2176 Netlogon - ok
22:54:07.0267 2176 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:54:07.0299 2176 Netman - ok
22:54:07.0330 2176 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:54:07.0361 2176 netprofm - ok
22:54:07.0392 2176 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:07.0408 2176 NetTcpPortSharing - ok
22:54:07.0423 2176 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:54:07.0439 2176 nfrd960 - ok
22:54:07.0455 2176 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:54:07.0486 2176 NlaSvc - ok
22:54:07.0533 2176 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:54:07.0548 2176 Npfs - ok
22:54:07.0564 2176 npggsvc - ok
22:54:07.0564 2176 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:54:07.0595 2176 nsi - ok
22:54:07.0611 2176 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:54:07.0642 2176 nsiproxy - ok
22:54:07.0704 2176 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:54:07.0767 2176 Ntfs - ok
22:54:07.0782 2176 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:54:07.0829 2176 ntrigdigi - ok
22:54:07.0829 2176 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:54:07.0860 2176 Null - ok
22:54:07.0891 2176 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:54:07.0907 2176 nvraid - ok
22:54:07.0923 2176 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:54:07.0938 2176 nvstor - ok
22:54:07.0969 2176 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:54:07.0985 2176 nv_agp - ok
22:54:07.0985 2176 NwlnkFlt - ok
22:54:08.0001 2176 NwlnkFwd - ok
22:54:08.0110 2176 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:54:08.0125 2176 odserv - ok
22:54:08.0157 2176 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:54:08.0203 2176 ohci1394 - ok
22:54:08.0250 2176 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:08.0266 2176 ose - ok
22:54:08.0313 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:54:08.0344 2176 p2pimsvc - ok
22:54:08.0375 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:54:08.0422 2176 p2psvc - ok
22:54:08.0469 2176 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:54:08.0515 2176 Parport - ok
22:54:08.0547 2176 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:54:08.0562 2176 partmgr - ok
22:54:08.0578 2176 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:54:08.0625 2176 Parvdm - ok
22:54:08.0671 2176 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:54:08.0687 2176 PcaSvc - ok
22:54:08.0718 2176 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:54:08.0734 2176 pci - ok
22:54:08.0749 2176 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:54:08.0765 2176 pciide - ok
22:54:08.0781 2176 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:54:08.0796 2176 pcmcia - ok
22:54:08.0843 2176 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:54:08.0937 2176 PEAUTH - ok
22:54:09.0046 2176 [ 56652AF63296E1B0304162C5E7DB5FAF ] PfFilter C:\Program Files\IObit\Protected Folder\pffilter.sys
22:54:09.0046 2176 PfFilter - ok
22:54:09.0108 2176 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:54:09.0186 2176 pla - ok
22:54:09.0217 2176 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:54:09.0249 2176 PlugPlay - ok
22:54:09.0264 2176 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:54:09.0280 2176 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:54:09.0280 2176 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:54:09.0295 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:54:09.0373 2176 PNRPAutoReg - ok
22:54:09.0436 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:54:09.0514 2176 PNRPsvc - ok
22:54:09.0576 2176 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:54:09.0639 2176 PolicyAgent - ok
22:54:09.0701 2176 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:54:09.0732 2176 PptpMiniport - ok
22:54:09.0763 2176 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:54:09.0795 2176 Processor - ok
22:54:09.0826 2176 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:54:09.0857 2176 ProfSvc - ok
22:54:09.0873 2176 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:54:09.0888 2176 ProtectedStorage - ok
22:54:09.0919 2176 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:54:09.0951 2176 PSched - ok
22:54:09.0951 2176 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
22:54:09.0966 2176 PxHelp20 - ok
22:54:10.0029 2176 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:54:10.0091 2176 ql2300 - ok
22:54:10.0122 2176 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:54:10.0138 2176 ql40xx - ok
22:54:10.0169 2176 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:54:10.0185 2176 QWAVE - ok
22:54:10.0200 2176 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:54:10.0216 2176 QWAVEdrv - ok
22:54:10.0231 2176 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:54:10.0263 2176 RasAcd - ok
22:54:10.0278 2176 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:54:10.0309 2176 RasAuto - ok
22:54:10.0341 2176 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:10.0356 2176 Rasl2tp - ok
22:54:10.0387 2176 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:54:10.0419 2176 RasMan - ok
22:54:10.0450 2176 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:10.0465 2176 RasPppoe - ok
22:54:10.0512 2176 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:54:10.0528 2176 RasSstp - ok
22:54:10.0559 2176 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:54:10.0575 2176 rdbss - ok
22:54:10.0621 2176 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:10.0653 2176 RDPCDD - ok
22:54:10.0684 2176 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:54:10.0715 2176 rdpdr - ok
22:54:10.0715 2176 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:54:10.0746 2176 RDPENCDD - ok
22:54:10.0777 2176 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:54:10.0809 2176 RDPWD - ok
22:54:10.0840 2176 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:54:10.0871 2176 RemoteAccess - ok
22:54:10.0902 2176 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:54:10.0933 2176 RemoteRegistry - ok
22:54:10.0980 2176 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:54:10.0996 2176 RpcLocator - ok
22:54:11.0011 2176 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
22:54:11.0058 2176 RpcSs - ok
22:54:11.0074 2176 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:54:11.0105 2176 rspndr - ok
22:54:11.0121 2176 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:54:11.0152 2176 RTL8169 - ok
22:54:11.0167 2176 [ 9FF7D9CF3A5F296613588B0E8DB83AFE ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
22:54:11.0183 2176 RTSTOR - ok
22:54:11.0199 2176 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:54:11.0214 2176 SamSs - ok
22:54:11.0245 2176 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:54:11.0261 2176 sbp2port - ok
22:54:11.0292 2176 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:54:11.0308 2176 SCardSvr - ok
22:54:11.0355 2176 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:54:11.0386 2176 Schedule - ok
22:54:11.0417 2176 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:54:11.0433 2176 SCPolicySvc - ok
22:54:11.0464 2176 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:54:11.0495 2176 SDRSVC - ok
22:54:11.0589 2176 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
22:54:11.0635 2176 SDScannerService - ok
22:54:11.0698 2176 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:54:11.0760 2176 SDUpdateService - ok
22:54:11.0791 2176 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:54:11.0807 2176 SDWSCService - ok
22:54:11.0854 2176 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:54:11.0901 2176 secdrv - ok
22:54:11.0916 2176 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:54:11.0947 2176 seclogon - ok
22:54:11.0963 2176 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
22:54:11.0994 2176 SENS - ok
22:54:12.0025 2176 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:54:12.0057 2176 Serenum - ok
22:54:12.0088 2176 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:54:12.0135 2176 Serial - ok
22:54:12.0150 2176 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:54:12.0181 2176 sermouse - ok
22:54:12.0213 2176 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:54:12.0244 2176 SessionEnv - ok
22:54:12.0291 2176 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:54:12.0306 2176 sffdisk - ok
22:54:12.0322 2176 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:54:12.0353 2176 sffp_mmc - ok
22:54:12.0369 2176 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:54:12.0400 2176 sffp_sd - ok
22:54:12.0415 2176 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:54:12.0462 2176 sfloppy - ok
22:54:12.0509 2176 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:54:12.0540 2176 SharedAccess - ok
22:54:12.0571 2176 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:54:12.0587 2176 ShellHWDetection - ok
22:54:12.0618 2176 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:54:12.0634 2176 sisagp - ok
22:54:12.0649 2176 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:54:12.0665 2176 SiSRaid2 - ok
22:54:12.0681 2176 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:54:12.0696 2176 SiSRaid4 - ok
22:54:12.0727 2176 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:54:12.0743 2176 SkypeUpdate - ok
22:54:12.0852 2176 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:54:13.0102 2176 slsvc - ok
22:54:13.0164 2176 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:54:13.0180 2176 SLUINotify - ok
22:54:13.0242 2176 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:54:13.0258 2176 Smb - ok
22:54:13.0305 2176 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:54:13.0336 2176 SNMPTRAP - ok
22:54:13.0367 2176 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys
22:54:13.0383 2176 speedfan - ok
22:54:13.0429 2176 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:54:13.0445 2176 spldr - ok
22:54:13.0476 2176 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:54:13.0492 2176 Spooler - ok
22:54:13.0539 2176 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:54:13.0554 2176 srv - ok
22:54:13.0585 2176 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:54:13.0617 2176 srv2 - ok
22:54:13.0648 2176 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:54:13.0663 2176 srvnet - ok
22:54:13.0695 2176 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:54:13.0726 2176 SSDPSRV - ok
22:54:13.0757 2176 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:54:13.0773 2176 SstpSvc - ok
22:54:13.0788 2176 Steam Client Service - ok
22:54:13.0819 2176 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:54:13.0851 2176 stisvc - ok
22:54:13.0882 2176 [ 3E4239B92139F7174A0DA7D53FE5E1AB ] SVRPEDRV C:\Windows\System32\sysprep\PEDrv.sys
22:54:13.0882 2176 SVRPEDRV ( UnsignedFile.Multi.Generic ) - warning
22:54:13.0882 2176 SVRPEDRV - detected UnsignedFile.Multi.Generic (1)
22:54:13.0913 2176 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:54:13.0929 2176 swenum - ok
22:54:13.0975 2176 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:54:14.0007 2176 swprv - ok
22:54:14.0038 2176 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:54:14.0053 2176 Symc8xx - ok
22:54:14.0069 2176 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:54:14.0085 2176 Sym_hi - ok
22:54:14.0116 2176 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:54:14.0116 2176 Sym_u3 - ok
22:54:14.0163 2176 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:54:14.0178 2176 SynTP - ok
22:54:14.0209 2176 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:54:14.0256 2176 SysMain - ok
22:54:14.0287 2176 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:54:14.0319 2176 TabletInputService - ok
22:54:14.0365 2176 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:54:14.0397 2176 TapiSrv - ok
22:54:14.0397 2176 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:54:14.0443 2176 TBS - ok
22:54:14.0490 2176 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:54:14.0537 2176 Tcpip - ok
22:54:14.0584 2176 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:54:14.0631 2176 Tcpip6 - ok
22:54:14.0693 2176 [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:54:14.0709 2176 tcpipreg - ok
22:54:14.0740 2176 [ 6FDFBA25002CE4BAC463AC866AE71405 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:54:14.0755 2176 tdcmdpst - ok
22:54:14.0802 2176 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:54:14.0833 2176 TDPIPE - ok
22:54:14.0865 2176 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:54:14.0880 2176 TDTCP - ok
22:54:14.0927 2176 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:54:14.0943 2176 tdx - ok
22:54:14.0974 2176 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:54:14.0989 2176 TermDD - ok
22:54:15.0021 2176 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:54:15.0067 2176 TermService - ok
22:54:15.0130 2176 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:54:15.0145 2176 Themes - ok
22:54:15.0161 2176 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:54:15.0192 2176 THREADORDER - ok
22:54:15.0270 2176 [ E09CAAFB2B323A6FF120CEFB96DA0A44 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:54:15.0286 2176 TMachInfo - ok
22:54:15.0286 2176 TMPassthruMP - ok
22:54:15.0333 2176 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
22:54:15.0348 2176 TNaviSrv - ok
22:54:15.0364 2176 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe
22:54:15.0379 2176 TODDSrv - ok
22:54:15.0426 2176 [ 44DBAC611B11646683B5B066A049B8E4 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
22:54:15.0473 2176 TosCoSrv - ok
22:54:15.0535 2176 [ 22690DFFC7F2A18279A7A0489AA02BAC ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
22:54:15.0551 2176 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
22:54:15.0551 2176 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
22:54:15.0582 2176 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
22:54:15.0598 2176 tos_sps32 - ok
22:54:15.0629 2176 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:54:15.0660 2176 TrkWks - ok
22:54:15.0723 2176 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:54:15.0738 2176 TrustedInstaller - ok
22:54:15.0785 2176 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:15.0801 2176 tssecsrv - ok
22:54:15.0816 2176 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:54:15.0847 2176 tunmp - ok
22:54:15.0879 2176 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:54:15.0894 2176 tunnel - ok
22:54:15.0925 2176 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
22:54:15.0941 2176 TVALZ - ok
22:54:15.0957 2176 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:54:15.0972 2176 uagp35 - ok
22:54:16.0019 2176 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:54:16.0050 2176 udfs - ok
22:54:16.0081 2176 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:54:16.0128 2176 UI0Detect - ok
22:54:16.0206 2176 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
22:54:16.0206 2176 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
22:54:16.0206 2176 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
22:54:16.0222 2176 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:54:16.0237 2176 uliagpkx - ok
22:54:16.0269 2176 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:54:16.0284 2176 uliahci - ok
22:54:16.0300 2176 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:54:16.0315 2176 UlSata - ok
22:54:16.0331 2176 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:54:16.0347 2176 ulsata2 - ok
22:54:16.0362 2176 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:54:16.0393 2176 umbus - ok
22:54:16.0425 2176 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:54:16.0456 2176 upnphost - ok
22:54:16.0503 2176 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:54:16.0518 2176 USBAAPL - ok
22:54:16.0549 2176 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:54:16.0581 2176 usbaudio - ok
22:54:16.0596 2176 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:16.0627 2176 usbccgp - ok
22:54:16.0643 2176 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:54:16.0690 2176 usbcir - ok
22:54:16.0705 2176 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:54:16.0737 2176 usbehci - ok
22:54:16.0768 2176 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:54:16.0783 2176 usbhub - ok
22:54:16.0815 2176 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:54:16.0846 2176 usbohci - ok
22:54:16.0893 2176 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:54:16.0924 2176 usbprint - ok
22:54:16.0955 2176 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:54:16.0986 2176 usbscan - ok
22:54:17.0002 2176 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:17.0017 2176 USBSTOR - ok
22:54:17.0049 2176 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:54:17.0064 2176 usbuhci - ok
22:54:17.0095 2176 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:54:17.0127 2176 usbvideo - ok
22:54:17.0142 2176 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:54:17.0173 2176 UxSms - ok
22:54:17.0220 2176 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:54:17.0283 2176 vds - ok
22:54:17.0329 2176 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:17.0361 2176 vga - ok
22:54:17.0376 2176 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:54:17.0407 2176 VgaSave - ok
22:54:17.0423 2176 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:54:17.0439 2176 viaagp - ok
22:54:17.0470 2176 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:54:17.0485 2176 ViaC7 - ok
22:54:17.0517 2176 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:54:17.0532 2176 viaide - ok
22:54:17.0548 2176 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:54:17.0563 2176 volmgr - ok
22:54:17.0610 2176 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:54:17.0626 2176 volmgrx - ok
22:54:17.0673 2176 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:54:17.0688 2176 volsnap - ok
22:54:17.0719 2176 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:54:17.0735 2176 vsmraid - ok
22:54:17.0797 2176 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:54:17.0844 2176 VSS - ok
22:54:17.0891 2176 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:54:17.0922 2176 W32Time - ok
22:54:17.0938 2176 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:54:17.0985 2176 WacomPen - ok
22:54:18.0000 2176 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0031 2176 Wanarp - ok
22:54:18.0031 2176 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0047 2176 Wanarpv6 - ok
22:54:18.0078 2176 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:54:18.0141 2176 wcncsvc - ok
22:54:18.0203 2176 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:54:18.0234 2176 WcsPlugInService - ok
22:54:18.0250 2176 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:54:18.0265 2176 Wd - ok
22:54:18.0297 2176 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:54:18.0328 2176 Wdf01000 - ok
22:54:18.0343 2176 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:54:18.0375 2176 WdiServiceHost - ok
22:54:18.0390 2176 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:54:18.0421 2176 WdiSystemHost - ok
22:54:18.0437 2176 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:54:18.0468 2176 WebClient - ok
22:54:18.0499 2176 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:54:18.0515 2176 Wecsvc - ok
22:54:18.0546 2176 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:54:18.0562 2176 wercplsupport - ok
22:54:18.0593 2176 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:54:18.0624 2176 WerSvc - ok
22:54:18.0702 2176 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:54:18.0718 2176 WinDefend - ok
22:54:18.0733 2176 WinHttpAutoProxySvc - ok
22:54:18.0796 2176 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:54:18.0811 2176 Winmgmt - ok
22:54:18.0874 2176 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:54:18.0952 2176 WinRM - ok
22:54:18.0999 2176 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:54:19.0030 2176 Wlansvc - ok
22:54:19.0108 2176 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:54:19.0186 2176 wlidsvc - ok
22:54:19.0201 2176 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:54:19.0233 2176 WmiAcpi - ok
22:54:19.0264 2176 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:54:19.0295 2176 wmiApSrv - ok
22:54:19.0373 2176 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:54:19.0420 2176 WMPNetworkSvc - ok
22:54:19.0467 2176 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:54:19.0498 2176 WPCSvc - ok
22:54:19.0529 2176 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:54:19.0545 2176 WPDBusEnum - ok
22:54:19.0576 2176 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:54:19.0607 2176 WpdUsb - ok
22:54:19.0716 2176 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:54:19.0763 2176 WPFFontCache_v0400 - ok
22:54:19.0810 2176 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:54:19.0841 2176 ws2ifsl - ok
22:54:19.0872 2176 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
22:54:19.0903 2176 wscsvc - ok
22:54:19.0903 2176 WSearch - ok
22:54:19.0981 2176 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:54:20.0106 2176 wuauserv - ok
22:54:20.0153 2176 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:54:20.0169 2176 WudfPf - ok
22:54:20.0184 2176 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:20.0215 2176 WUDFRd - ok
22:54:20.0247 2176 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:54:20.0278 2176 wudfsvc - ok
22:54:20.0278 2176 ================ Scan global ===============================
22:54:20.0309 2176 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:54:20.0356 2176 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:54:20.0387 2176 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:54:20.0418 2176 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:54:20.0434 2176 [Global] - ok
22:54:20.0434 2176 ================ Scan MBR ==================================
22:54:20.0449 2176 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
22:54:20.0855 2176 \Device\Harddisk0\DR0 - ok
22:54:20.0855 2176 ================ Scan VBR ==================================
22:54:20.0855 2176 [ A8C49A574ADE113EEF46FB98D0D2FFB5 ] \Device\Harddisk0\DR0\Partition1
22:54:20.0871 2176 \Device\Harddisk0\DR0\Partition1 - ok
22:54:20.0871 2176 ============================================================
22:54:20.0871 2176 Scan finished
22:54:20.0871 2176 ============================================================
22:54:20.0871 4148 Detected object count: 14
22:54:20.0871 4148 Actual detected object count: 14
22:55:17.0577 4148 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:55:17.0577 4148 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:55:17.0577 4148 ConfigFree Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0577 4148 ConfigFree Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0577 4148 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0577 4148 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0577 4148 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0577 4148 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0592 4148 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0592 4148 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0592 4148 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0592 4148 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0592 4148 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0592 4148 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0592 4148 IObitBarService ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0592 4148 IObitBarService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0592 4148 jswpsapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0592 4148 jswpsapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0608 4148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0608 4148 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0608 4148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0608 4148 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0608 4148 SVRPEDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0608 4148 SVRPEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0608 4148 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0608 4148 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:55:17.0608 4148 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:55:17.0608 4148 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:56:46.0044 5052 Deinitialize success

#9
Essexboy

Posted 23 March 2013 - 03:14 PM

GeekU Moderator

Retired Staff
69,964 posts

OK that is clean how is the computer behaving now ?

#10
Ardant

Posted 23 March 2013 - 03:43 PM

Member

Topic Starter
Member
229 posts

I have performed the disk defrag. The computer is running a bit better. I does not seem to have the blue circle or messages any more.
It isn't the most powerful computer and seeing as it isn't a virus then I can only assume she is running too many programs.
I will continue to monitor her usage and block more of the sites she goes to.

#11
Essexboy

Posted 23 March 2013 - 04:05 PM

GeekU Moderator

Retired Staff
69,964 posts

What you could do is use Autoruns to reduce the number of start up items.. The only one that must start is the antivirus : If you need assistance just ask

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
Posted Image

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:

#12
Ardant

Posted 23 March 2013 - 04:46 PM

Member

Topic Starter
Member
229 posts

Thanks Essexboy. I will look into your suggestions.

#13
Essexboy

Posted 23 March 2013 - 04:51 PM

GeekU Moderator

Retired Staff
69,964 posts

This is the tab to use just untick those that are not needed
[attachment=63920:Capture.JPG]

#14
Essexboy

Posted 26 March 2013 - 12:37 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.