Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Many Errors, Please Help [Closed]


  • This topic is locked This topic is locked

#1
Krinkle

Krinkle

    Member

  • Member
  • PipPip
  • 18 posts
There are a few when I start up and it is slower than it should be I feel. Also there is a few programs which I hear are virus. Please look at log and help me Thank You :D.

OTL logfile created on: 4/19/2013 1:38:04 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Owner\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 60.79% Memory free
6.21 Gb Paging File | 4.35 Gb Available in Paging File | 70.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 55.28 Gb Free Space | 18.54% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive J: | 2.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/17 23:02:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\Owner\Downloads\OTL.exe
PRC - [2013/04/09 01:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/03/29 12:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2013/03/29 12:53:56 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2013/03/06 15:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/02/12 19:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2011/11/10 03:11:52 | 000,417,792 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/11/10 03:11:22 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/08/19 02:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/08/12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/08/12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/06/01 11:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2009/09/10 23:30:59 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/06 17:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 01:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 01:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 01:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 01:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 01:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/03/29 12:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/03/26 17:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2013/03/25 15:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2013/02/12 19:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/12 19:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/12/11 10:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 10:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/12/11 10:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2011/11/10 02:11:08 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2011/08/22 15:47:44 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/08/12 12:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/06/20 01:46:50 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9e40949744b36534fe62cd64ddccb6a1\WindowsFormsIntegration.ni.dll
MOD - [2011/06/20 01:39:11 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll
MOD - [2011/06/20 01:39:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
MOD - [2011/06/20 01:38:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2011/06/19 23:58:40 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011/06/19 23:58:27 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011/06/19 23:58:20 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011/06/19 23:58:04 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f4767076b1a225e440db402bbabf5a14\System.Core.ni.dll
MOD - [2011/06/19 23:57:59 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0799da41c4928a0e6c029ef2deb5994f\PresentationFramework.Classic.ni.dll
MOD - [2011/06/19 23:57:57 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\415ef2ec8cbd9f3368da6ade10beae26\PresentationFramework.ni.dll
MOD - [2011/06/19 23:57:42 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c1498ba4652483d5adddd4c5d3927170\PresentationCore.ni.dll
MOD - [2011/06/19 23:57:30 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\29d729043903b7b4b2ea695db220d866\WindowsBase.ni.dll
MOD - [2011/06/19 23:57:26 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011/06/19 23:57:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2010/11/25 22:46:58 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/11/25 00:58:29 | 000,139,264 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/06/01 11:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2008/11/24 16:34:49 | 001,736,528 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll


========== Services (SafeList) ==========

SRV - [2013/04/14 17:37:23 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/29 12:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/03/12 21:10:02 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Disabled | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/11/10 03:11:22 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/08/19 02:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/25 13:21:24 | 000,120,232 | ---- | M] (stumbleupon.com) [Disabled | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2009/08/24 05:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 00:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/06 17:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/11/02 02:45:07 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fc.exe -- (Iast349ieo)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\yeddef.sys -- (yeddef)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva359.sys -- (XDva359)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva358.sys -- (XDva358)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva352.sys -- (XDva352)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva351.sys -- (XDva351)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva349.sys -- (XDva349)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/03/17 19:58:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/03/06 15:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 15:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 15:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 15:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 15:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/03/06 15:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 15:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 15:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/10 03:44:14 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/11/10 03:44:14 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/11/10 02:12:22 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/08/19 02:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011/08/19 02:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 02:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/07/01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/01/18 22:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2007/05/06 17:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/13 13:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 00:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2002/02/22 04:10:48 | 000,026,505 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8150.SYS -- (USB-100)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internet-home-page.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.tattoodle...D-30271827212A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\HyperCam Toolbar\tbhelper.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{14BBBB87-8DB4-41F4-B3E2-3FB0790100A5}: "URL" = http://www.internet-...q={searchTerms}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...6B-E097A9DF1E0C
IE - HKCU\..\SearchScopes\{186AD512-1585-4020-B728-3447BE9D832E}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{3621BF73-ECA6-408D-B1EC-47908EDF784C}: "URL" = http://www.internet-...q={searchTerms}
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{5C481304-34FD-4906-841F-BE4260F34C10}: "URL" = http://www.internet-...{inputEncoding}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKCU\..\SearchScopes\{9C45E6B7-A147-445A-85DD-A7A51072D53E}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{C6DB40E1-B2BD-43ED-A7A3-343D91540293}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{CF7C1251-F2BA-4DF0-A2E3-E18D2381AA55}: "URL" = http://www.fastbrows...D-30271827212A}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://gamebox.bings...g=2-149-0-1sxjK
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.sweetpa...-001C26DD53D7}"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100005
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "http://start.sweetpa...1C26DD53D7}&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask...VIN001WTUS&&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Owner\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/20 13:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/03/12 20:07:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/17 19:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/03/17 20:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/12 20:16:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/14 15:22:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Owner\Program Files\DNA [2010/07/22 21:48:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\WeCareReminder\[email protected] [2010/08/31 08:33:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]

[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/03/17 20:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions
[2010/10/05 19:38:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/12 20:02:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/08 10:59:47 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2013/03/12 20:02:50 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2013/03/12 20:02:51 | 000,000,000 | ---D | M] (ShopToWin13) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{b9dbe2c0-031f-4cad-911a-f4a7381d79c0}
[2010/05/15 23:53:22 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2012/04/22 18:05:19 | 000,000,000 | ---D | M] (LimeWire Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2013/03/12 20:02:38 | 000,021,485 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2013/03/17 20:03:09 | 000,195,574 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/04/20 16:38:35 | 000,002,573 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\askcom.xml
[2010/07/03 11:36:30 | 000,001,953 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\bing-zugo.xml
[2011/02/08 19:15:48 | 000,002,374 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\search.xml
[2013/03/17 20:02:50 | 000,000,514 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\sweetim.xml
[2012/04/20 16:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/10 14:28:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/09/04 20:30:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/04/20 16:38:12 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/04/20 16:38:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/03 11:51:44 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/04/20 16:38:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2010/08/30 19:37:23 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober48751513.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Updater By SweetPacks = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48AC2D47-C59A-4B3C-A574-72DEAF92E882}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA0CF0F0-2B99-4066-A28D-91DB6313C1BB}: DhcpNameServer = 192.168.123.5 192.168.123.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/17 22:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2013/04/17 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013/04/17 17:11:36 | 000,000,000 | RH-D | C] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2013/04/16 09:14:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Skyrim
[2013/04/15 14:14:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/04/15 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Logitech® Webcam Software
[2013/04/15 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2013/04/15 12:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013/04/15 12:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/04/15 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/04/14 17:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/04/14 17:43:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\All
[2013/03/22 18:09:28 | 000,354,656 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/19 01:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/19 01:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/19 00:23:29 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/19 00:23:29 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/18 20:25:48 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0C0B907C-F7EB-492D-B642-BC27AB42D1A1}.job
[2013/04/18 20:09:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/17 14:22:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/17 08:00:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/04/15 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2013/04/14 17:44:40 | 000,336,600 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/14 17:44:40 | 000,108,834 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/14 17:44:36 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/22 18:09:28 | 000,354,656 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/19 23:39:06 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
[2013/03/13 11:07:50 | 000,000,040 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2013/03/12 20:07:42 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/12 20:07:42 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/01/18 06:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/11/10 02:11:08 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/10/21 19:30:16 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/12 23:06:18 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/08/19 02:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 02:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 02:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/09/04 20:31:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/10 15:17:01 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2009/12/06 16:50:32 | 000,018,944 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/16 20:20:52 | 000,000,069 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2009/10/16 20:20:08 | 000,000,041 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2009/09/10 03:58:03 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/09/10 23:24:56 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 00:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/18 16:38:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2010/08/21 21:29:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alien Skin
[2009/11/04 20:48:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/17 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/07/22 21:58:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2011/08/02 22:25:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EpicBot
[2009/11/04 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2011/08/29 21:17:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Imprudence
[2013/04/15 12:10:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2011/01/21 02:57:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2013/03/17 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\local
[2011/06/28 22:54:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient
[2010/12/08 10:00:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2011/08/10 01:35:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Registry Mechanic
[2011/08/03 22:11:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2011/03/09 13:00:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SecondLife
[2010/10/09 20:33:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2011/09/25 15:01:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Trillian
[2010/08/10 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Turbine
[2013/04/17 18:24:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
  • 0

Advertisements


#2
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Bump
  • 0

#3
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello Krinkle, :wave: Welcome to the forums!
:welcome:. My name is godawgs and I will be assisting you with your Virus / Malware issues.
We apologize for the delay in responding to your request for help. Here at GeeksToGo we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

For future reference, when we look for topics to respond to we look for topics with no replies. Because you bumped your topic is showed that it had been replied to and got over looked.

I will start working on your Malware issues. This may, or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine!

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
If you have not, please adhere to the guidelines below and then carefully follow all future instructions:

You must reply to posts within four days. If you haven't replied within that time, the topic will be closed! If you need additional time to complete things, just let me know.
If you're not sure, or if something unexpected happens, Do NOT continue! Stop and ask!

This board can notify you when a new reply is added to a topic. Please read this topic to find out how to do that.

Please do not run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask, nothing extra. Do Not run things twice unless instructed.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • If I ask a Question just answer it, don't run anything unless directed to.
Please read every post completely before doing anything.
  • Pay special attention to the NOTE: lines, or anything in red. These entries identify an individual issue or important step in the cleanup process.
  • Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. Some of the steps I will be asking you to do may require you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
Logs from malware diagnostic or removal programs (OTL is one of them) can take some time to analyze.
  • I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes :lol: )
  • Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

When OTL runs the first time it creates a file named Extras.txt. It should be in the same directory you ran OTL from. Please post the contents of that file.

Your Windows Vista is out of date. The current Service Pack is SP2 and you only have SP1. We will get to that once the system is clean. I do see some malicious toolbars and adware.

OTL needs to be run from the desktop. Since it has been several days since you got the OTL scan we are gonna remove it from the Downloads folder and download a fresh copy to the desktop and get some fresh scans.

Please open OTL and click the Posted Image button. This will remove the files that OTL created and then remove OTL from the Downloads folder.


Step-1.

Download OTL to the Desktop. It is important that it is download to the Desktop. (FireFox users should right click the download link and click "Save File As". On the window that comes up, make sure the download location is the Desktop and click the Save button.)

Posted Image OTL Custom Scan

1. Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
  • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

createrestorepoint
netsvcs
baseservices
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
services.*
/md5stop
DRIVES
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
del c:\commands.txt^|y /hide /c
/wait
del c:\diskreport.txt^|y /hide /c


2. Re-open Posted Imageon the desktop. To do that:
  • Vista / 7 Users: Right click on the icon and click Run as Administrator)
Make sure all other windows are closed.
  • You will see a console like the one below:

    Posted Image
  • Click the box beside Scan All Users at the top of the console<---Very Important
  • Do Not click the box beside Include 64bit Scans at the top of the console.
  • Make sure the Output box at the top is set to Standard Output.
  • In the Extra Registry section click the radio button beside Use Safelist<---Very Important
  • Check the boxes beside LOP Check and Purity Check.
  • Place the mouse pointer inside thePosted Image box, right click and click Paste. This will put the above script inside OTL
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the Taskbar. These files are also saved in the same location as OTL (it should be on your desktop).
  • Please copy the contents of this file and paste it into your reply. To do that:
  • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste.This will paste the contents of the OTL.txt file in the in the post window.
  • Repeat for the Extras.txt file.

Step-2.

Run aswMBR
  • Download aswMBR.exe to your desktop.
  • Windows /7 users: Right click the file and click Run as Administrator. If you get a UAC window, allow the file to run.
  • If it asks you if you want to download the latest virus definitions, click "No"
    Posted Image
  • Click the "Scan" button to start the scan
    Posted Image
  • On completion of the scan click save log. Save it to your desktop and post in your next reply.
    Posted Image
NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.


Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The new OTL.txt log
2. The Extras.txt log
3. The aswMBR log
  • 0

#4
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Doing that now also my screen all the sudden started flickering like crazy and I have to run everything in safemode or I can't see anything. Get back to you guys soon
  • 0

#5
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Alrite here are the logs, sorry other one coming soon.

Attached Files


Edited by Krinkle, 24 April 2013 - 04:11 PM.

  • 0

#6
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Here is the other log

Attached Files


Edited by Krinkle, 24 April 2013 - 09:38 PM.

  • 0

#7
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi Krinkle,

I have copied/pasted the logs into this post. In the future please do not attach a log or file unless I request it. Simply copy and paste them into your reply. It make them much easier to research. Once I have analyzed them I will be back with some additional instrucions.


OTL logfile created on: 4/24/2013 2:48:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 78.51% Memory free
6.19 Gb Paging File | 5.71 Gb Available in Paging File | 92.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 108.28 Gb Free Space | 36.33% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/24 14:45:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2013/04/09 01:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009/09/10 23:30:59 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 01:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 01:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 01:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2010/11/25 00:58:29 | 000,139,264 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2013/04/22 14:48:53 | 000,217,600 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/04/19 14:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/14 17:37:23 | 004,561,152 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013/03/12 21:10:02 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/19 02:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/25 13:21:24 | 000,120,232 | ---- | M] (stumbleupon.com) [Disabled | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 00:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/06 17:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/11/02 02:45:07 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fc.exe -- (Iast349ieo)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\yeddef.sys -- (yeddef)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva359.sys -- (XDva359)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva358.sys -- (XDva358)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva352.sys -- (XDva352)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva351.sys -- (XDva351)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva349.sys -- (XDva349)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/22 14:49:17 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013/04/22 14:49:17 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013/04/22 14:48:47 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013/03/17 19:58:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/03/06 15:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 15:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 15:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 15:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 15:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/03/06 15:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 15:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 15:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/19 02:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011/08/19 02:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 02:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/07/01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/01/18 22:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2007/05/06 17:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/13 13:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 00:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2002/02/22 04:10:48 | 000,026,505 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8150.SYS -- (USB-100)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577



IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internet-home-page.com
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.tattoodle...D-30271827212A}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\HyperCam Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{14BBBB87-8DB4-41F4-B3E2-3FB0790100A5}: "URL" = http://www.internet-...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...6B-E097A9DF1E0C
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{186AD512-1585-4020-B728-3447BE9D832E}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{3621BF73-ECA6-408D-B1EC-47908EDF784C}: "URL" = http://www.internet-...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.c...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{5C481304-34FD-4906-841F-BE4260F34C10}: "URL" = http://www.internet-...{inputEncoding}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{9C45E6B7-A147-445A-85DD-A7A51072D53E}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{C6DB40E1-B2BD-43ED-A7A3-343D91540293}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{CF7C1251-F2BA-4DF0-A2E3-E18D2381AA55}: "URL" = http://www.fastbrows...D-30271827212A}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://gamebox.bings...g=2-149-0-1sxjK
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.sweetpa...-001C26DD53D7}"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100005
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..keyword.URL: "http://start.sweetpa...1C26DD53D7}&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask...VIN001WTUS&&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Owner\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/20 13:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/04/24 14:28:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/17 19:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/03/17 20:05:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/12 20:16:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/14 15:22:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Owner\Program Files\DNA [2010/07/22 21:48:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\WeCareReminder\[email protected] [2010/08/31 08:33:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]

[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/03/17 20:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions
[2010/10/05 19:38:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/12 20:02:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/08 10:59:47 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2013/03/12 20:02:50 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2013/03/12 20:02:51 | 000,000,000 | ---D | M] (ShopToWin13) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{b9dbe2c0-031f-4cad-911a-f4a7381d79c0}
[2010/05/15 23:53:22 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2012/04/22 18:05:19 | 000,000,000 | ---D | M] (LimeWire Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2013/03/12 20:02:38 | 000,021,485 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2013/03/17 20:03:09 | 000,195,574 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/04/20 16:38:35 | 000,002,573 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\askcom.xml
[2010/07/03 11:36:30 | 000,001,953 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\bing-zugo.xml
[2011/02/08 19:15:48 | 000,002,374 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\search.xml
[2013/03/17 20:02:50 | 000,000,514 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\sweetim.xml
[2012/04/20 16:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/10 14:28:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/09/04 20:30:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/04/20 16:38:12 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/04/20 16:38:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/03 11:51:44 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/04/20 16:38:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2010/08/30 19:37:23 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober48751513.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Updater By SweetPacks = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\
CHR - Extension: Updater By SweetPacks = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4030240409-390429592-89810060-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4030240409-390429592-89810060-1000..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-4030240409-390429592-89810060-1000..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48AC2D47-C59A-4B3C-A574-72DEAF92E882}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA0CF0F0-2B99-4066-A28D-91DB6313C1BB}: DhcpNameServer = 192.168.123.5 192.168.123.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2013/04/24 14:45:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/04/22 16:31:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Desktop
[2013/04/22 15:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/04/22 15:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/04/22 14:49:28 | 000,041,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2013/04/22 14:49:17 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2013/04/22 14:49:17 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2013/04/22 14:49:03 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2013/04/22 14:48:55 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2013/04/22 14:48:53 | 000,217,600 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2013/04/22 14:48:53 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2013/04/22 14:48:52 | 000,451,072 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2013/04/22 14:48:47 | 000,275,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2013/04/22 14:48:42 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2013/04/22 14:48:40 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2013/04/22 14:48:39 | 000,360,448 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2013/04/22 14:48:38 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2013/04/22 14:48:37 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2013/04/22 14:48:27 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2013/04/22 14:48:19 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2013/04/22 14:46:29 | 019,753,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2013/04/22 14:46:29 | 013,764,096 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2013/04/22 14:46:29 | 009,334,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2013/04/22 14:46:29 | 006,800,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2013/04/22 14:46:29 | 001,831,424 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2013/04/22 14:46:29 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2013/04/17 22:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2013/04/17 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013/04/17 17:11:36 | 000,000,000 | RH-D | C] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2013/04/16 09:14:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Skyrim
[2013/04/15 14:14:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/04/15 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Logitech® Webcam Software
[2013/04/15 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2013/04/15 12:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013/04/15 12:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/04/15 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/04/14 17:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/04/02 07:09:52 | 004,550,656 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/24 14:45:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/04/24 14:38:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/24 14:37:35 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/24 14:37:35 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/24 14:37:21 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/24 14:31:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/04/24 14:31:42 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0C0B907C-F7EB-492D-B642-BC27AB42D1A1}.job
[2013/04/24 14:28:46 | 000,001,796 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/04/24 14:28:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/04/24 12:59:38 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2013/04/23 10:35:49 | 1312,103,775 | ---- | M] () -- C:\Users\Owner\Desktop\Desktop.rar
[2013/04/22 23:41:00 | 000,335,852 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 23:41:00 | 000,108,456 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/22 23:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/22 23:06:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/22 14:49:29 | 004,795,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2013/04/22 14:49:28 | 000,041,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2013/04/22 14:49:27 | 002,664,704 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2013/04/22 14:49:27 | 000,052,736 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2013/04/22 14:49:22 | 019,753,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2013/04/22 14:49:22 | 000,032,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2013/04/22 14:49:20 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
[2013/04/22 14:49:19 | 001,831,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2013/04/22 14:49:17 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2013/04/22 14:49:17 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2013/04/22 14:49:17 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2013/04/22 14:49:17 | 000,038,159 | ---- | M] () -- C:\Windows\atiogl.xml
[2013/04/22 14:49:13 | 006,203,392 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2013/04/22 14:49:09 | 006,800,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2013/04/22 14:49:05 | 013,764,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2013/04/22 14:49:05 | 000,601,728 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2013/04/22 14:49:03 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2013/04/22 14:48:55 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2013/04/22 14:48:53 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2013/04/22 14:48:53 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2013/04/22 14:48:52 | 000,451,072 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2013/04/22 14:48:51 | 000,909,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2013/04/22 14:48:47 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2013/04/22 14:48:42 | 000,033,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2013/04/22 14:48:41 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2013/04/22 14:48:40 | 000,245,896 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2013/04/22 14:48:40 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2013/04/22 14:48:39 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2013/04/22 14:48:38 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2013/04/22 14:48:37 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2013/04/22 14:48:27 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2013/04/22 14:48:19 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2013/04/15 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2013/04/02 07:09:52 | 004,550,656 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/24 14:28:46 | 000,001,796 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/04/23 08:31:52 | 1312,103,775 | ---- | C] () -- C:\Users\Owner\Desktop\Desktop.rar
[2013/04/22 14:49:17 | 000,038,159 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/04/22 14:49:05 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/04/22 14:48:40 | 000,245,896 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2013/04/22 14:46:29 | 002,664,704 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2013/03/19 23:39:06 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
[2013/03/13 11:07:50 | 000,000,040 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2013/03/12 20:07:42 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/12 20:07:42 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/04/05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/01/18 06:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/11/10 02:11:08 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/09/12 23:06:18 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/08/19 02:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 02:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 02:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/09/04 20:31:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/10 15:17:01 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2009/12/06 16:50:32 | 000,018,944 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/16 20:20:52 | 000,000,069 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2009/10/16 20:20:08 | 000,000,041 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2009/09/10 03:58:03 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/09/10 23:24:56 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 00:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/22 16:14:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2010/08/21 21:29:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alien Skin
[2009/11/04 20:48:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/17 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/07/22 21:58:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2011/08/02 22:25:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EpicBot
[2009/11/04 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2011/08/29 21:17:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Imprudence
[2013/04/15 12:10:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2011/01/21 02:57:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2013/03/17 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\local
[2011/06/28 22:54:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient
[2010/12/08 10:00:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2011/08/10 01:35:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Registry Mechanic
[2011/08/03 22:11:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2011/03/09 13:00:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SecondLife
[2010/10/09 20:33:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2011/09/25 15:01:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Trillian
[2010/08/10 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Turbine
[2013/04/17 18:24:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/11/02 02:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/19 00:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/19 00:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008/01/19 00:36:13 | 000,758,272 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2008/01/19 00:33:47 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/09/10 23:29:09 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/09/10 21:23:27 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/19 00:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/19 00:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/09/10 23:24:57 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2008/01/19 00:34:03 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 07:49:43 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/19 00:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2006/11/02 02:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/19 00:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/09/10 23:49:08 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2008/01/19 00:36:37 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/19 00:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 00:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 00:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 00:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/19 00:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/19 00:36:45 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 06:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2009/09/10 23:29:09 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2008/06/25 20:29:02 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/19 00:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/19 00:36:15 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/09/10 23:24:57 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/19 00:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/09/10 23:29:09 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2008/01/19 00:37:10 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 09:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 05:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/19 00:33:22 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/06 04:09:57 | 000,603,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2008/01/19 00:36:39 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 05:21:29 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/19 00:36:11 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/19 00:33:34 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/19 00:33:45 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/19 00:33:45 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/19 00:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:36:53 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/19 00:34:53 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/19 00:36:53 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/19 00:33:16 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/19 00:36:59 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/08/06 19:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2008/01/19 00:34:05 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/09/10 23:44:38 | 000,513,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/09/10 23:37:16 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2009/09/10 23:31:00 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/09/10 23:30:59 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2009/09/10 23:30:59 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/09/10 23:30:59 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/09/10 23:45:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009/09/10 23:45:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/09/10 23:30:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 02:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 00:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.EXE >
[2008/01/19 00:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008/01/19 00:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006/11/02 02:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/09/14 15:36:16 | 000,001,644 | ---- | M] () MD5=B0C91FDC0BAF26F7449624DD552355AE -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/09/14 15:36:16 | 000,001,644 | ---- | M] () MD5=B0C91FDC0BAF26F7449624DD552355AE -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6000.16386_none_cd2d20a848cfd40f\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2006/11/02 02:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 00:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 00:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 00:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 00:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 02:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 02:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 00:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/19 00:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2006/11/02 00:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2006/11/02 00:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSOCK.DLL
[2006/11/02 00:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL
[2006/11/02 00:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSOCK.DLL

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: WDC WD3200AAKS-75VYA0
Partitions: 1
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: DELL USB HS-CF Card USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: DELL USB HS-xD/SM USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: DELL USB HS-MS Card USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: DELL USB HS-SD Card USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 298.00GB
Starting Offset: 32256
Hidden sectors: 0


< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6001
Copyright © 1999-2007 Microsoft Corporation.
On computer: OWNER-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D HALO_LEGEND UDF DVD-ROM 5929 MB Healthy
Volume 1 J DVD-ROM 0 B No Media
Volume 2 C NTFS Partition 298 GB Healthy System
Volume 3 F Removable 0 B No Media
Volume 4 G Removable 0 B No Media
Volume 5 H Removable 0 B No Media
Volume 6 I Removable 0 B No Media

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >



OTL Extras logfile created on: 4/24/2013 2:48:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 78.51% Memory free
6.19 Gb Paging File | 5.71 Gb Available in Paging File | 92.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 108.28 Gb Free Space | 36.33% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14AACB22-DE8F-40B6-9226-BD0BAAE62432}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{1AD69D76-744C-473D-BE56-B887873EAA0F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2543FC3C-E4F2-4B1C-8359-2272E5687956}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{350C5063-6DC2-4358-9A53-DCBF8802DC40}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CB0B7B0-3F29-4D58-83CD-4960D4AC361E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4DC2D285-1625-405C-9380-DC6C974A2DF8}" = lport=52362 | protocol=6 | dir=in | name=akamai netsession interface |
"{5A2E88FD-D4EC-4F51-AF3B-1A29AAA57F39}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9F4E11C5-617E-4CAA-B947-1B5B4386F0E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{CDFF8CD1-11D7-437D-BDD3-E5C55B10A96B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D30F6B0F-E21A-4431-BC9C-C81224CDA467}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D31E2D59-0442-4829-8CFD-26C4B3674002}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9486AF0-7A6C-443A-9426-B8F24A5BB517}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EBA6F7BA-B7D1-4F3E-8AF4-77640625C818}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F319977B-007D-48B2-B2D9-230DA240F4D2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FAC4EB1E-006E-4850-B588-BE409809D0EA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FB2E99DE-F4E9-4B25-AD1A-4DA7A38482A4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C3E2DD-A688-48BF-A974-0796F847687A}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{079907B0-010F-460F-A386-D7BE047402E4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{085B8CE6-243A-407D-A550-2F6E7B04E931}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{08EC4F97-222A-4474-B8B0-016ECD7BAFBA}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{0961BAD2-67F8-42A8-9527-41E192F41B9C}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{0A21C8E7-EAA8-4D7E-90D8-3E729F1C881D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0ED3BE5B-DDD9-46ED-8022-E4F51D25191B}" = protocol=58 | dir=out | [email protected],-203 |
"{115877FD-14AB-4A0A-86F5-B03118FF6418}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{15856149-D4E0-4F6D-88E0-FCDDE2F802F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{15ED89FA-27A0-4721-BD73-A6E4AF55F6A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{209FA23D-8FCC-4B81-AA44-75D7E2B6BDE8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{21342B44-B56C-4BA2-9D20-F95512D7A3B9}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{217188AF-1303-40D4-AD17-22C5D7EE6216}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{297552FF-4C89-43DD-BB2C-87610E6393FE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{29D0809D-66FD-4F9D-934B-D72C8572069B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{2AF5237A-EE1B-40D8-A641-82784D671D60}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2C35199C-E08B-46B6-9271-2DF7EFE35812}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{3083DD0D-FC7A-48AF-99A3-68E1584D9E86}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{32EB8379-0815-4EAB-B185-D825E246C781}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{44775D2E-7345-443C-99D2-7AFAAD32105B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{4CB0BA37-B828-47A6-AE95-F6C439F52DE6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4EA1B81A-3074-4AEA-98A1-26BA5B17D3E5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{54A6EF93-F3A1-464A-A23D-64600627BB75}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{55A094EB-EDFE-49F9-BACF-654969CD6103}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{580203B2-6F7D-4997-8ACF-136872B6CB72}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5CB28A88-89B6-4189-9E1B-49EE88BC9CE1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{5D54DBF2-F7EF-45EB-B62D-36DF64161FAF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5E28E5C5-EF6E-40C1-BBC8-F99DA6077874}" = protocol=58 | dir=in | app=system |
"{67C45BE8-620A-47C5-91E6-87F69871AB07}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{6E3639B4-09A6-438D-B123-47C3D593858F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{712D4CE3-ED0E-4F35-A8A8-492D4550845A}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"{78DB2201-AD61-472B-9BCA-E5FD89DCBF6A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{78EF9FDF-43B7-4901-A26E-63986A8F13F3}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{815CFFA6-49B9-4607-B9F4-7B1A3E41D8D0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{8385D6ED-1D04-437C-B1B3-F9F1DC940DA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{876FF536-07D8-491D-970A-3A6EF1095773}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trauma\trauma.exe |
"{8DC5443A-A2F6-4335-BBDC-EC31CF5CAB62}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8E90525D-B402-49CC-83BC-710E91A23B4C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{8E9DCEFC-F1B6-4170-8BA0-DA82D09F1473}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{906FDBC9-5CA5-45B7-B638-4797E94E7339}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\warincbattlezone\rsupdate.exe |
"{9490CB35-150B-45FE-B731-682EA44EC859}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{95277849-B963-4D64-9506-B04273FE99ED}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{99FFF4A6-76AD-4F22-8DA0-4663540B4B22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B34DFD9-ACD6-432A-9C14-F7A6A1F77AAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E6A660F-3678-4459-B274-76E9988D67E4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trauma\trauma.exe |
"{A15C01B3-23B7-44F2-B8B4-0600F9594016}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A245E3B2-0E6A-4569-8A4A-62F66EA2D61F}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"{A418C184-9F04-42CE-B268-EAB4E215E2DE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A737DD3B-49FE-41AA-8A60-C2AE3657030C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{A9F4677B-CCB7-4AA5-A721-B284F6F08AAD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{B25DBCDF-7C63-4A66-B254-C76819D6CA19}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{B8172181-EFEC-4376-AA46-C201B9253E77}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{BA96D7B4-6072-47AB-9E05-3899161FCB70}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{C3B5625C-289D-485D-BD13-D1830F35A648}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{C48A9FBF-0063-4085-AEC7-FAE18EC9651D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC6E198A-B7AB-45BE-87A5-D57D535FED82}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{CCEF2F97-189E-4D8B-B4FE-F374824E0D41}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{CDE6A103-9B5C-4CC2-84A7-DDAE171A4849}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{CF6F80B2-E44E-4468-A291-DCB0027F3228}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0B520DE-2F24-4C13-A503-4E48F75675E4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D29161F7-C0D6-4C59-8590-0473FCCA685F}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D2991429-9624-46A9-A2F2-C682FBCBD14F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe |
"{D7240114-F534-40DF-B623-4A82959AF239}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9939863-8AD7-47BE-AE71-B99C71670AC0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{D993A17E-2C8F-441E-829A-EE16C5DAD212}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E1D67DBE-A04A-4F9B-9C18-CCD15F2F5DE9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E53EFBD3-EB65-440D-83A4-224A07069A38}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{EABB1FCD-2749-4F24-90C6-1AC6C93EA26B}" = protocol=6 | dir=out | app=system |
"{EB320D87-70AD-4ED8-A775-7475B2E997AB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{ED14B32B-5F2F-4348-BCC7-014479DC2BD5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{F146CC1A-EFFF-4F32-8C07-CA1A0ACF8802}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{F5BFF3F9-1DF7-4B92-AB26-6595D87CB44B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{F68EE5B1-4D89-4E02-A2FA-CB5A92737676}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{F8A08473-69AB-4CDC-AE66-929BECA36C15}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F9E2897C-6ED8-4C96-954B-9CB150350913}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD0E3050-3227-46AE-85EE-8B51D26E6B1C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{FE1A7D8E-CD3E-4041-AD31-730C54FEBD51}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warincbattlezone\rsupdate.exe |
"{FE6F6355-7393-4690-ADF2-A7CAA35A9EB6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FEC07871-BD69-47D1-95A3-50FFDBC21BD2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"TCP Query User{22D56A71-7E97-45BE-9FF8-49B6D9D0984B}C:\program files\steam\steamapps\1337deathbringer\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\1337deathbringer\team fortress 2\hl2.exe |
"TCP Query User{2D30BD6B-C741-4DC9-9089-992D9E76ECAA}C:\program files\imprudence\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\imprudence\slvoice.exe |
"TCP Query User{39F15482-16D4-4574-B690-8ABCCB78DD09}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{3A6BD6FF-CEED-45AF-B45B-B8A1938F7CFC}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{3FDCD064-742C-47DC-A8A9-8B54FDAE74D2}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{6CD1A2F8-6E52-4964-8A14-8A8ED5728C8C}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"TCP Query User{73D2AC16-3B87-42E4-9A1F-34C25CD9BDEE}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{904CF297-0A8E-4CD7-8F2D-FC246D81A633}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{A2FE95B6-F8CB-4976-9365-DA00CD7E90AA}C:\users\owner\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"TCP Query User{B3348F3F-F3C1-4961-90A4-76D061D82212}C:\program files\secondlife\secondlife.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"TCP Query User{B8C2B0D4-B8FC-4DA0-88B8-4111A64A7BE5}C:\program files\phoenix viewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
"TCP Query User{C9990D41-1AB7-4FDC-A6FE-BDF4549090DD}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{CB7FDA13-9858-4C37-8C37-A1CF8F2B9D01}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{CDC05CE3-CC47-4756-B654-A961402DE60E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{D5E23499-640F-4A8A-9801-082DDF760F0B}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E1A21421-EF49-4D2C-A1AF-7BE1BDF9BA61}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{EAC705B5-C524-480F-8175-006DE991E6E5}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{07EBDF90-0031-449F-B0FD-296E8D943896}C:\users\owner\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1001141A-505B-4262-9D05-3F9403ABEF6D}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1F559D88-FDB2-4BB1-869B-6EE2451D0C54}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{293B7690-E099-4133-9A95-29696A00237B}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{34E73358-E35C-4E9F-9D94-00604A2FF8E0}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{4C603E41-33D5-4853-A2CB-751C2076EB1E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{4FDAE01C-9D4E-4324-84FB-B1EE1F924F22}C:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\temp\wow-4.2.0.2506-enus-tools-downloader.exe |
"UDP Query User{609687A9-21F4-4558-8720-6E658B59777B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{9813ABE1-9B5B-404A-BAA1-A010DA2167AF}C:\program files\steam\steamapps\1337deathbringer\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\1337deathbringer\team fortress 2\hl2.exe |
"UDP Query User{ABF0CA1F-21F6-496B-BA59-733224E0EB40}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{B5550F5B-C4E5-41C0-8E77-BD64EB2845D7}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{BC891400-269D-4587-9F92-D0270310CB40}C:\users\owner\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\owner\program files\dna\btdna.exe |
"UDP Query User{C3A2D8BB-33A9-47CA-B106-A396EC5E3275}C:\program files\phoenix viewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\phoenix viewer\slvoice.exe |
"UDP Query User{C698B640-3F9A-43C9-B82E-CC056024058C}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{E31C5C7D-2235-408D-B669-421CEFCA38E1}C:\program files\imprudence\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\imprudence\slvoice.exe |
"UDP Query User{F10E59BA-83D6-4D2A-98A3-9D57F78E6C4B}C:\program files\secondlife\secondlife.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\secondlife.exe |
"UDP Query User{FC94CB31-7619-4BE0-8F3B-2EFAC124284E}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4900
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}" = Catalyst Control Center InstallProxy
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DDDFDF2-4A92-4E77-959F-59D196B99C0C}" = C410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{219ED5A0-9CBF-4F3A-B927-37C9E5C5F14F}_is1" = Fallout New Vegas
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24C898EC-4181-7812-5644-4E348533B532}" = ccc-utility
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.5.2.908
"{28142407-ACAD-4ECD-A6B6-9FA8471F6062}" = Scarface: The World is Yours
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3671991B-E558-8A57-BBBF-D9C56B6F6AE4}" = CCC Help English
"{3BB4634D-CEE5-7AB0-D78D-EA263389A8AB}" = Catalyst Control Center
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{488405CF-0BD3-D35E-13BD-4D71ADE5E401}" = ATI Problem Report Wizard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{50D9C7D1-86C4-4982-A47E-D490C70A1C7D}_is1" = Shop To Win
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{574D97AB-0B76-458E-B321-510FE2A7D0FC}" = ASPCA Reminder XPV7-SF by We-Care.com
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{656C0E21-331E-11DF-81CE-005056806466}" = Google Earth
"{67D7D7EB-9330-2884-6EC2-4AB32CC981B5}" = ATI AVIVO Codecs
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758799AB-2DAD-4BBB-83C3-D69A60D12363}_is1" = Emergence Viewer 1.5.2.549
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{80F3F10B-A177-4494-93CE-98090D819093}" = Internet Explorer Toolbar 4.7 by SweetPacks
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}" = TSP_CODEC
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B9BA9CC8-B0A2-00C8-780E-B82A066E48C6}" = AMD Catalyst Install Manager
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}" = HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C41E46F9-0F37-8379-E792-B323021FA4BB}" = Catalyst Control Center Localization All
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1" = Updater By SweetPacks 2.0.0.566
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D8A8894A-B875-8206-E820-B27BCD72C5A0}" = HydraVision
"{E12ABE6F-830C-AE8F-29EA-76FEC5F2D376}" = Catalyst Control Center Graphics Previews Common
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F217D8AF-965B-4D3E-8F14-AC47B9CA535B}" = PS_AIO_07_C410_SW_Min
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires II Trial" = Microsoft Age of Empires II Trial Version
"Akamai" = Akamai NetSession Interface Service
"avast" = avast! Free Antivirus
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"EpicBot" = EpicBot
"Eye Candy 4000" = Eye Candy 4000
"EyeCandy5Impact" = Alien Skin Eye Candy 5 Impact
"EyeCandy5Nature" = Alien Skin Eye Candy 5 Nature
"EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"HyperCam 2" = HyperCam 2
"HyperCam Toolbar" = HyperCam Toolbar
"InstallShield_{28142407-ACAD-4ECD-A6B6-9FA8471F6062}" = Scarface: The World is Yours
"Kaos Logger X 1.00" = Kaos Logger X 1.00
"LimeWire" = LimeWire 5.5.8
"Magicka_is1" = Magicka
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Picasa 3" = Picasa 3
"PROSet" = Intel® PRO Network Connections Drivers
"Realms of Kaos" = Realms of Kaos
"RealPlayer 12.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"Steam App 107900" = War Inc. Battlezone
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 440" = Team Fortress 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8980" = Borderlands
"Steam App 98100" = TRAUMA
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"Switch" = Switch Sound File Converter
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
"uTorrent" = µTorrent
"VideoPad" = VideoPad Video Editor
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 beta 1 (32-bit)
"World of Warcraft" = World of Warcraft
"Xenofex 1.0" = Xenofex 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = LimeWire Toolbar Updater
"Akamai" = Akamai NetSession Interface
"BitTorrent DNA" = DNA
"f031ef6ac137efc5" = Dell Driver Download Manager
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/23/2013 3:26:12 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 4/23/2013 3:26:17 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 4/23/2013 3:26:17 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 4/23/2013 3:26:17 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 4/23/2013 3:30:27 PM | Computer Name = Owner-PC | Source = EventSystem | ID = 4609
Description =

Error - 4/23/2013 3:41:29 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application ie3sh.exe, version 1.0.0.3, time stamp 0x4afc79b4,
faulting module BHO.DLL, version 6.0.6001.18538, time stamp 0x4cb733dc, exception
code 0xc0000135, fault offset 0x00009cfc, process id 0x664, application start time
0x01ce405a2bbc9f60.

Error - 4/23/2013 3:46:42 PM | Computer Name = Owner-PC | Source = EventSystem | ID = 4609
Description =

Error - 4/24/2013 3:36:56 PM | Computer Name = Owner-PC | Source = EventSystem | ID = 4609
Description =

Error - 4/24/2013 3:49:02 PM | Computer Name = Owner-PC | Source = EventSystem | ID = 4609
Description =

Error - 4/24/2013 5:39:03 PM | Computer Name = Owner-PC | Source = EventSystem | ID = 4609
Description =

[ Media Center Events ]
Error - 11/1/2010 8:26:07 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/24/2013 5:27:48 PM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:33:01 PM on 4/24/2013 was unexpected.

Error - 4/24/2013 5:27:49 PM | Computer Name = Owner-PC | Source = HTTP | ID = 15016
Description =

Error - 4/24/2013 5:37:19 PM | Computer Name = Owner-PC | Source = HTTP | ID = 15016
Description =

Error - 4/24/2013 5:38:57 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =

Error - 4/24/2013 5:39:03 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =

Error - 4/24/2013 5:39:04 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =

Error - 4/24/2013 5:39:06 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =

Error - 4/24/2013 5:39:08 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 4/24/2013 5:39:08 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/24/2013 5:59:08 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10005
Description =


< End of report >



aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-24 15:58:34
-----------------------------
15:58:34.238 OS Version: Windows 6.0.6001 Service Pack 1
15:58:34.238 Number of processors: 4 586 0xF0B
15:58:34.238 ComputerName: OWNER-PC UserName: Owner
15:58:35.845 Initialize success
15:58:35.923 AVAST engine defs: 13042400
15:58:40.041 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:58:40.041 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
15:58:40.572 Disk 0 MBR read successfully
15:58:40.572 Disk 0 MBR scan
15:58:40.587 Disk 0 Windows VISTA default MBR code
15:58:40.603 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
15:58:40.634 Disk 0 scanning sectors +625137345
15:58:40.915 Disk 0 scanning C:\Windows\system32\drivers
15:59:13.614 Service scanning
15:59:27.374 Modules scanning
16:00:03.720 Disk 0 trace - called modules:
16:00:03.767 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastorv.sys hal.dll
16:00:03.767 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864a4030]
16:00:03.782 3 CLASSPNP.SYS[8b19e745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85fa4030]
16:00:05.389 AVAST engine scan C:\Windows
16:01:06.749 AVAST engine scan C:\Windows\system32
16:11:43.126 AVAST engine scan C:\Windows\system32\drivers
16:13:13.491 AVAST engine scan C:\Users\Owner
18:39:31.524 AVAST engine scan C:\ProgramData
18:44:17.986 Scan finished successfully
18:46:38.432 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
18:46:38.432 The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"
  • 0

#8
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi,

You have some nasty toolbars and adware that we will uninstall and remove. There are a couple of networking programs that really don't work as advertised and I would recommend that they be uninstalled. There are also a coulpe of peer-to-peer programs that you should consider uninstalling. The information on them is listed below. There is a good bit to do here so you may want to print these instructions or save them to a text file so you will have them when you start.

Akamai NetSession Interface Service <-- This software apart from being dubious is actually always connected whether or not you are actively using it or not, hence it is a bandwidth hog . Plus installs all kinds of Adware, bloatware for example.

Pando Media Booster <-- Another dire application that does not perform as stated and can be a bandwidth hog also.

Note: Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into keeping the program.


You have the following Peer-to-Peer program(s) installed:

uTorrent
LimeWire 5.5.8


GeeksToGo does not recommend using such programs, but you should read the description of Peer-to-Peer programs below before deciding for yourself.

Description of Peer-to-Peer (P2P) software.
P2P(Peer-to-Peer) may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. The program(s) may be safe, but there's no way to tell if the file being shared is infected. P2P programs, more often than not, install adware and/or spyware and worse still, some worms spread via P2P networks, infecting you as well.
Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing. We advise removing any P2P programs you have now and avoiding this type of software application. Whether you remove them or not is your decision. But if you decide to keep and use Peer-to-Peer programs I can guarantee that you will be coming back to this forum or another malware forum. If you do choose to keep the program(s), please do not use it / them until the computer is clean and I give the all clear.

All programs, folders and files listed below in this color are optional removals, but if you uninstall the program(s) you must delete the folders and files in the corresponding colors. All programs in black are malware or viruses and must be deleted, along with the corresponding folders and files in red.


Step-1.

Malicious program uninstalls and Optional Removals


1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs and Features heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

Fast Browser Search (My Web Tattoo)
Shop To Win
Yontoo Layers Runtime 1.10.01
Updater By SweetPacks 2.0.0.566
Coupon Printer for Windows
Akamai NetSession Interface Service
Pando Media Booster
uTorrent
LimeWire 5.5.8


3. Vista/7 users: right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Program Files\Fast Browser Search
C:\Program Files\Yontoo Layers Runtime
C:\Program Files\Updater By SweetPacks
C:\Program Files\SweetIM
C:\Program Files\Common Files\akamai
C:\Users\Owner\Appdata\local\akamai
C:\Program Files\Pando Networks
C:\Program Files\limewire
C:\Users\Owner\AppData\Roaming\LimeWire
C:\Program Files\uTorrent
C:\Users\Owner\AppData\Roaming\uTorrent


2. Close Windows Explorer.


Step-2.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
SRV - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva359.sys -- (XDva359)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva358.sys -- (XDva358)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva352.sys -- (XDva352)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva351.sys -- (XDva351)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva349.sys -- (XDva349)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C26DD53D7}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.tattoodle...D-30271827212A}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\HyperCam Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.c...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{CF7C1251-F2BA-4DF0-A2E3-E18D2381AA55}: "URL" = http://www.fastbrows...D-30271827212A}
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://gamebox.bings...g=2-149-0-1sxjK
IE - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C26DD53D7}
FF - prefs.js..browser.startup.homepage: "http://start.sweetpa...-001C26DD53D7}"
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:4.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://start.sweetpa...1C26DD53D7}&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Ask.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://websearch.ask...VIN001WTUS&&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/03/17 20:05:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\WeCareReminder\[email protected] [2010/08/31 08:33:25 | 000,000,000 | ---D | M]
[2013/03/12 20:02:50 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2013/03/12 20:02:51 | 000,000,000 | ---D | M] (ShopToWin13) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{b9dbe2c0-031f-4cad-911a-f4a7381d79c0}
[2013/03/12 20:02:38 | 000,021,485 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2013/03/17 20:03:09 | 000,195,574 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013/03/17 20:02:50 | 000,000,514 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\sweetim.xml
[2009/11/06 09:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/06 09:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/08/30 19:37:23 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober48751513.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (no name) - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No CLSID value found.
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll File not found
O3 - HKU\S-1-5-21-4030240409-390429592-89810060-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

:FILES
ipconfig /flushdns /c

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.


Step-3.

AdwCleaner by Xplode

Download AdwCleaner from here to your desktop.
Close all open windows and browsers.

  • (Vista and 7 users) right click The adwcleaner.exe, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    Posted Image
  • Click the Search button and wait for the scan to finish.
  • Once done it may ask to reboot, allow this.
  • On reboot a log will be produced please copy/paste that in your next reply. This report is also saved to C:\AdwCleaner[R1].txt

Step-4.

Run RogueKiller

  • Download RogueKiller.
  • Click the English Webpage link.
  • Click the 32bits (x86) download link and save the RogueKiller.exe file to the desktop.

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs and close all browsers.
  • Right click the RogueKiller icon and click Run as Administrator to run the program.
  • Wait until Prescan has finished ...
  • Click on Scan

    Posted Image
  • Wait for the end of the scan.
  • DO NOT delete anything at this time.
  • The report has been created on the desktop.
Please post:
All RKreport.txt text files located on your desktop.
NOTE: If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again


Step-5.

Run Farbar Service Scanner

Please download Farbar Service Scanner to the desktop.
(Vista and 7 users may need to right click the file and click Run as Administrator)
  • Posted Image
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Step-6.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. Let me know how the program uninstalls went.
2. The OTL Fixes log
3. The new OTL.txt log
4. The AdwCleaner[R1].txt log
5. The RKreports.txt log
6. The FSS.txt log
7. How is the computer running now?
  • 0

#9
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
The uninstalls went fine, I couldn't find a lot of the folders you talked about like they just weren't there or something I guess? Also I couldn't delete 2 of the Limewire files the toolbar and the toolbar updater.

Here is the OTL files

All processes killed
========== COMMANDS ==========
Unable to start System Restore Service. Error code 1084
========== OTL ==========
Error: No service named Updater By SweetPacks was found to stop!
Service\Driver key Updater By SweetPacks not found.
File C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe not found.
Service XDva359 stopped successfully!
Service XDva359 deleted successfully!
File C:\Windows\system32\XDva359.sys not found.
Service XDva358 stopped successfully!
Service XDva358 deleted successfully!
File C:\Windows\system32\XDva358.sys not found.
Service XDva352 stopped successfully!
Service XDva352 deleted successfully!
File C:\Windows\system32\XDva352.sys not found.
Service XDva351 stopped successfully!
Service XDva351 deleted successfully!
File C:\Windows\system32\XDva351.sys not found.
Service XDva349 stopped successfully!
Service XDva349 deleted successfully!
File C:\Windows\system32\XDva349.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-4030240409-390429592-89810060-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ deleted successfully.
C:\Program Files\HyperCam Toolbar\tbhelper.dll moved successfully.
HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ not found.
Registry key HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF7C1251-F2BA-4DF0-A2E3-E18D2381AA55}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF7C1251-F2BA-4DF0-A2E3-E18D2381AA55}\ not found.
Registry key HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5F5D888-2587-E012-A817-7038F5690F26}\ not found.
Registry key HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "http://start.sweetpa...-001C26DD53D7}" removed from browser.startup.homepage
Prefs.js: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: [email protected]:4.0.0 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: "http://start.sweetpa...1C26DD53D7}&q=" removed from keyword.URL
Prefs.js: "Ask.com" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "Ask.com" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://websearch.ask...VIN001WTUS&&q=" removed from sweetim.toolbar.previous.keyword.URL
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Firefox not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\ProgramData\WeCareReminder\[email protected]\META-INF folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected]\defaults\preferences folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected]\defaults folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected]\components folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected]\chrome\logo folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected]\chrome folder moved successfully.
C:\ProgramData\WeCareReminder\[email protected] folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\Plugins folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\modules folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully.
Folder C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{b9dbe2c0-031f-4cad-911a-f4a7381d79c0}\ not found.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected] moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi moved successfully.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\WebSearchober48751513.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
C:\Program Files\SGPSA\SearchAssistant.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}\ not found.
File C:\Program Files\Updater By SweetPacks\Extension32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
Registry value HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FBSSA deleted successfully.
C:\Program Files\SGPSA\ie3sh.exe moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7f6ccd5-f9cf-11df-b270-806e6f6e6963}\ not found.
File E:\LaunchU3.exe -a not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Desktop\cmd.bat deleted successfully.
C:\Users\Owner\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temporary Internet Files folder emptied: 33109 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 308132007 bytes
->Temporary Internet Files folder emptied: 39604162 bytes
->Java cache emptied: 4516354 bytes
->FireFox cache emptied: 499142291 bytes
->Google Chrome cache emptied: 125426574 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 59332 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 461089643 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 14348943576 bytes

Total Files Cleaned = 15,056.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04252013_114959

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Here is the other OTL file

OTL logfile created on: 4/25/2013 12:09:47 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 79.79% Memory free
6.19 Gb Paging File | 5.75 Gb Available in Paging File | 92.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 122.36 Gb Free Space | 41.05% Space Free | Partition Type: NTFS
Drive D: | 5.79 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/25 11:48:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2013/04/09 01:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009/09/10 23:30:59 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 01:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 01:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 01:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2010/11/25 00:58:29 | 000,139,264 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2013/04/22 14:48:53 | 000,217,600 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/04/19 14:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/03/12 21:10:02 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 15:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/19 02:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/25 13:21:24 | 000,120,232 | ---- | M] (stumbleupon.com) [Disabled | Stopped] -- C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 00:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 00:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/06 17:11:36 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2006/11/02 02:45:07 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fc.exe -- (Iast349ieo)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\yeddef.sys -- (yeddef)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/22 14:49:17 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2013/04/22 14:49:17 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013/04/22 14:48:47 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013/03/17 19:58:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/03/06 15:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 15:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 15:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 15:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 15:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/03/06 15:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 15:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 15:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/19 02:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011/08/19 02:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 02:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/07/01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/04/30 22:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/01/18 22:53:22 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2007/05/06 17:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/04/13 13:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 00:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2002/02/22 04:10:48 | 000,026,505 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8150.SYS -- (USB-100)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internet-home-page.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{14BBBB87-8DB4-41F4-B3E2-3FB0790100A5}: "URL" = http://www.internet-...q={searchTerms}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...6B-E097A9DF1E0C
IE - HKCU\..\SearchScopes\{186AD512-1585-4020-B728-3447BE9D832E}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{3621BF73-ECA6-408D-B1EC-47908EDF784C}: "URL" = http://www.internet-...q={searchTerms}
IE - HKCU\..\SearchScopes\{5C481304-34FD-4906-841F-BE4260F34C10}: "URL" = http://www.internet-...{inputEncoding}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...p={SearchTerms}
IE - HKCU\..\SearchScopes\{9C45E6B7-A147-445A-85DD-A7A51072D53E}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{C6DB40E1-B2BD-43ED-A7A3-343D91540293}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: [email protected]:3.12.2.100005
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.search.defaulturl: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Owner\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/20 13:40:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/04/24 14:28:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/03/17 19:44:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/12 20:16:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/25 11:50:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Owner\Program Files\DNA [2010/07/22 21:48:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/11/29 12:59:24 | 000,000,000 | ---D | M]

[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/04/14 15:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/04/25 11:50:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions
[2010/10/05 19:38:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/03/12 20:02:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/08 10:59:47 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010/05/15 23:53:22 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2012/04/22 18:05:19 | 000,000,000 | ---D | M] (LimeWire Toolbar) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
[2012/04/20 16:38:35 | 000,002,573 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\askcom.xml
[2010/07/03 11:36:30 | 000,001,953 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\bing-zugo.xml
[2011/02/08 19:15:48 | 000,002,374 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\search.xml
[2012/04/20 16:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/10 14:28:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/09/04 20:30:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/04/20 16:38:12 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/20 16:38:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/07/03 11:51:44 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/04/20 16:38:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\Owner\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.4_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\
CHR - Extension: FLCL = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oibfgafhdjgelpjcojncpghdmmchngck\1_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48AC2D47-C59A-4B3C-A574-72DEAF92E882}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA0CF0F0-2B99-4066-A28D-91DB6313C1BB}: DhcpNameServer = 192.168.123.5 192.168.123.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/25 11:49:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/04/25 11:48:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/04/24 15:08:29 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/04/22 16:31:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Desktop
[2013/04/22 15:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/04/22 15:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/04/22 14:49:03 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2013/04/22 14:48:53 | 000,217,600 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2013/04/22 14:48:52 | 000,451,072 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2013/04/22 14:48:38 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2013/04/17 22:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2013/04/17 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013/04/17 17:11:36 | 000,000,000 | RH-D | C] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2013/04/16 09:14:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Skyrim
[2013/04/15 14:14:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/04/15 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Logitech® Webcam Software
[2013/04/15 12:10:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2013/04/15 12:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013/04/15 12:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2013/04/15 12:03:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/04/14 17:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 30 Days ==========

[2013/04/25 12:07:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/25 12:06:25 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/04/25 12:06:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/25 12:03:43 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/25 12:03:43 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/25 12:03:25 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/25 11:48:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/04/25 11:42:38 | 000,372,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/24 19:00:19 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2013/04/24 15:10:02 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/04/24 14:31:42 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0C0B907C-F7EB-492D-B642-BC27AB42D1A1}.job
[2013/04/24 14:28:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/04/23 10:35:49 | 1312,103,775 | ---- | M] () -- C:\Users\Owner\Desktop\Desktop.rar
[2013/04/22 23:41:00 | 000,335,852 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 23:41:00 | 000,108,456 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/22 23:09:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/22 14:49:27 | 002,664,704 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2013/04/22 14:49:27 | 000,052,736 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2013/04/22 14:49:20 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
[2013/04/22 14:49:17 | 000,038,159 | ---- | M] () -- C:\Windows\atiogl.xml
[2013/04/22 14:49:05 | 000,601,728 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2013/04/22 14:49:03 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2013/04/22 14:48:53 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2013/04/22 14:48:52 | 000,451,072 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2013/04/22 14:48:40 | 000,245,896 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2013/04/22 14:48:38 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2013/04/15 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job

========== Files Created - No Company Name ==========

[2013/04/23 08:31:52 | 1312,103,775 | ---- | C] () -- C:\Users\Owner\Desktop\Desktop.rar
[2013/04/22 14:49:17 | 000,038,159 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/04/22 14:49:05 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2013/04/22 14:48:40 | 000,245,896 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2013/04/22 14:46:29 | 002,664,704 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2013/03/19 23:39:06 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
[2013/03/13 11:07:50 | 000,000,040 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2013/03/12 20:07:42 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/12 20:07:42 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/04/05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/01/18 06:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/11/10 02:11:08 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/09/12 23:06:18 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/08/19 02:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 02:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 02:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/09/04 20:31:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/10 15:17:01 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2009/12/06 16:50:32 | 000,018,944 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/16 20:20:52 | 000,000,069 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2009/10/16 20:20:08 | 000,000,041 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2009/09/10 03:58:03 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 08:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/09/10 23:24:56 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 00:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/22 16:14:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2010/08/21 21:29:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alien Skin
[2009/11/04 20:48:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/17 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Lite
[2010/07/22 21:58:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2011/08/02 22:25:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EpicBot
[2009/11/04 23:57:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2011/08/29 21:17:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Imprudence
[2013/04/15 12:10:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Leadertech
[2013/03/17 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\local
[2011/06/28 22:54:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient
[2010/12/08 10:00:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy
[2011/08/10 01:35:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Registry Mechanic
[2011/08/03 22:11:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2011/03/09 13:00:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SecondLife
[2010/10/09 20:33:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Thinstall
[2011/09/25 15:01:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Trillian
[2010/08/10 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Turbine
[2013/04/17 18:24:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Here is the ADW File

# AdwCleaner v2.202 - Logfile created 04/25/2013 at 12:22:12
# Updated 23/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 1 (32 bits)
# User : Owner - OWNER-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\Askcom.xml
File Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\search.xml
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\HyperCam Toolbar
Folder Found : C:\Program Files\SGPSA
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Owner\AppData\Local\AskToolbar
Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Found : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Users\Owner\AppData\Local\OpenCandy
Folder Found : C:\Users\Owner\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Owner\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Owner\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\Conduit
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\ConduitCommon
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\FCTB
Folder Found : C:\Users\Owner\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Owner\Documents\DealRunner
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\SMTTB2009
Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKCU\Software\wecarereminder
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\BHO.PSHelper
Key Found : HKLM\SOFTWARE\Classes\BHO.PSHelper.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BE990A32-C2EC-4654-8FD0-26FECEA81998}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183
Key Found : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07183.TBSB07183Toolbar
Key Found : HKLM\Software\TENCENT
Key Found : HKU\S-1-5-21-4030240409-390429592-89810060-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\prefs.js

Found : user_pref("CT2438727..clientLogIsEnabled", false);
Found : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2438727.CTID", "CT2438727");
Found : user_pref("CT2438727.CurrentServerDate", "21-4-2012");
Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Found : user_pref("CT2438727.DialogsGetterLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Daylig[...]
Found : user_pref("CT2438727.DownloadReferralCookieData", "");
Found : user_pref("CT2438727.FirstServerDate", "24-2-2010");
Found : user_pref("CT2438727.FirstTime", true);
Found : user_pref("CT2438727.FirstTimeFF3", true);
Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2438727.HasUserGlobalKeys", true);
Found : user_pref("CT2438727.Initialize", true);
Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Found : user_pref("CT2438727.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2438727.InstallationType", "Unknown");
Found : user_pref("CT2438727.InstalledDate", "Tue Feb 23 2010 13:51:16 GMT-0800 (Pacific Standard Time)");
Found : user_pref("CT2438727.IsGrouping", false);
Found : user_pref("CT2438727.IsMulticommunity", false);
Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Dayligh[...]
Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2438727.LastLogin_2.5.7.3", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific Daylight Time)"[...]
Found : user_pref("CT2438727.LastLogin_3.12.0.7", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Daylight Time)[...]
Found : user_pref("CT2438727.LatestVersion", "3.12.0.7");
Found : user_pref("CT2438727.Locale", "en");
Found : user_pref("CT2438727.LoginCache", 4);
Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Found : user_pref("CT2438727.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Dayli[...]
Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2438727.ServiceMapLastCheckTime", "Fri Apr 20 2012 16:38:40 GMT-0700 (Pacific Daylight [...]
Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2438727.SettingsLastCheckTime", "Fri Apr 20 2012 16:38:40 GMT-0700 (Pacific Daylight Ti[...]
Found : user_pref("CT2438727.SettingsLastUpdate", "1326723880");
Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific Day[...]
Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Found : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2438727.UserID", "UN56881065670034351");
Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Found : user_pref("CT2438727.alertChannelId", "832836");
Found : user_pref("CT2438727.clientLogIsEnabled", true);
Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2438727.initDone", true);
Found : user_pref("CT2438727.myStuffEnabled", true);
Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2438727.revertSettingsEnabled", false);
Found : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Found : user_pref("CT2438727.testingCtid", "");
Found : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific D[...]
Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477175123412[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477178459350[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"0bc[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacif[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific D[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "{0f36c807-4b71-4a66-adc7-b941609439f9}");
Found : user_pref("CommunityToolbar.globalUserId", "e760328a-222e-45c6-b8b2-66ca61b5f853");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Found : user_pref("extensions.asktb.cbid", "OE");
Found : user_pref("extensions.asktb.config-updated", true);
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Found : user_pref("extensions.asktb.dtid", "VIN001WTUS");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&s[...]
Found : user_pref("extensions.asktb.first-launch-url", "hxxp://wiki.teamfortress.com/wiki/Killer_Exclusive")[...]
Found : user_pref("extensions.asktb.guid", "63110195-B5FB-498D-9DC2-3356F5D6FFD7");
Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Found : user_pref("extensions.asktb.if", "su");
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1334965115597");
Found : user_pref("extensions.asktb.last-v", "3.13.1.100007");
Found : user_pref("extensions.asktb.locale", "en_US");
Found : user_pref("extensions.asktb.o", "16046");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.sa", "YES");
Found : user_pref("extensions.asktb.saguid", "AD8A0622-C4A3-44DB-BA6B-E097A9DF1E0C");
Found : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Found : user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li[...]
Found : user_pref("extensions.asktb.silent-upgrade", true);
Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Found : user_pref("extensions.asktb.themeid", "");
Found : user_pref("extensions.asktb.to", "16104");
Found : user_pref("extentions.y2layers.lastDnsTest", 370821);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.DNSCatch", false);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.FirstLaunchShown", true);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.LastDate", 20);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.customNewTab", false);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.processAddrBar", false);
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.session", "1BF72597AD6A4A482009208BCDDA43A9F8FC[...]
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.tb_lang", "en");
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.user_id", "41219551");
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.vars.disablecuidinject", "1");
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.vars.lastcheck", "Fri%20Apr%2020%202012%2014%3A[...]
Found : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.yahooSearch", false);
Found : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/hypercam/{9AC4BBA4-78C2-44EC-[...]
Found : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/hypercam/{9AC4BBA4-78C2-44EC-BA67-7EBF6A1B0F[...]
Found : user_pref("somoto.old_dnscatch", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16046[...]
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com/");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [36085 octets] - [25/04/2013 12:22:12]

########## EOF - C:\AdwCleaner[R1].txt - [36146 octets] ##########

Here is the RK file

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Started in : Safe mode with network support
User : Owner [Admin rights]
Mode : Scan -- Date : 04/25/2013 12:26:18
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-75VYA0 +++++
--- User ---
[MBR] 0a60d8337f86f024fc5ccfc39737f8b2
[BSP] 597689f9fd584ba824a36be87199a262 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04252013_02d1226.txt >>
RKreport[1]_S_04252013_02d1226.txt

Here is the FSS file

Farbar Service Scanner Version: 14-04-2013
Ran by Owner (administrator) on 25-04-2013 at 12:28:43
Running from "C:\Users\Owner\Desktop"
Windows Vista ™ Home Premium Service Pack 1 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-15 20:29] - [2011-04-21 06:16] - 0273408 ____A (Microsoft Corporation) 48EB99503533C27AC6135648E5474457

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-08-15 13:51] - [2010-06-16 08:59] - 0898952 ____A (Microsoft Corporation) 782568AB6A43160A159B6215B70BCCE9

C:\Windows\system32\dnsrslvr.dll
[2011-06-03 19:10] - [2011-03-02 07:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D

C:\Windows\system32\mpssvc.dll
[2009-09-12 21:47] - [2008-01-19 00:34] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B

C:\Windows\system32\bfe.dll
[2009-09-12 21:46] - [2008-01-19 00:33] - 0328704 ____A (Microsoft Corporation) 8582E233C346AEFE759833E8A30DD697

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2009-09-12 21:47] - [2008-01-19 00:33] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23

C:\Windows\system32\wscsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:37] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C

C:\Windows\system32\wbem\WMIsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:36] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5

C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-09-12 21:47] - [2008-01-19 00:36] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D

C:\Windows\system32\es.dll
[2009-09-10 21:23] - [2009-09-10 21:23] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465

C:\Windows\system32\cryptsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:34] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-04-13 13:50] - [2010-02-18 07:11] - 0190464 ____A (Microsoft Corporation) 6A35D233693EDC29A12742049BC5E37F

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-09-10 23:24] - [2009-09-10 23:24] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830



**** End of log ****

Screen still flickers but it runs faster definitely :3 thanks for that at least.

Edited by Krinkle, 25 April 2013 - 01:42 PM.

  • 0

#10
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Screen still flickers but it runs faster definitely :3 thanks for that at least.

Acknowledged and you're welcome. The screen flicker may be caused by a video driver that needs updating, or when the Windows service pack is updated that may take care of it. You have a lot of Windows services that aren't running. Some of them are missing needed Registry keys so we will have to fix that.
We still have a good bit to do as AdwCleaner found a lot of stuff and there are some additional tools we need to run.


Step-1.

Re-run AdwCleaner

Close all open windows and browsers.

Re-open AdwCleaner
  • (Vista and 7 users)right click the adwcleaner.exe file and click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Delete button and wait for the scan.
    Posted Image
  • Everything that was found will be deleted.
  • When the scan ends, a report appears.
  • Once done it will ask to reboot, allow this

    Posted Image
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner[S1].txt

Before completing Step 2 we need to make sure that the Avast Antivirus is disabled. To do that:

  • Right- click on the avast! icon in system tray:
    Select avast! shields control. There will be options to disable avast for 10 minutes, 1 hour, until the computer is restarted or permanently.
  • Select the Permanently option.

Step-2.

Posted Image Run ComboFix
***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***

If you have a previous version of Combofix.exe, delete it and download a fresh copy.

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications before downloading ComboFix. This is usually done via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

Download ComboFix from one of the following locations:

Link 1
Link 2

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Don't forget to reenable your Anti-Virus


Step-3.

Virustotal File Upload:

We need to check a file.

To use Virustotal go Here
Posted Image
  • Click the Choose File button in the middle of the screen. This will open a File Upload window.
  • On the File Upload window, in the File name box, type, or copy and paste the following and click Open (NOTE.. Only one file per scan):

    C:\Windows\system32\Drivers\afd.sys
  • This will put the file in the box on the Virustotal page.
  • Click the Scan it! button.
  • IF you get a message that the file has already been analyzed click the Reanalyze button and the file will be scanned.
  • Please be patient while the file is scanned. It may take several minutes.
  • Once the scan results appear copy and paste the Virustotal link(s) (URL) in your next reply

Step-4.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The AdwCleaner[S1].txt log
2. The ComboFix log
3. The URL link to the VirusTotal results.
  • 0

Advertisements


#11
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi again, thanks for the help again, the ComboFix said my virus protection was still up even though I turned it off like you said. Everything else went fine and I await your next instructions :3.

Here's the AdwCleaner

# AdwCleaner v2.202 - Logfile created 04/26/2013 at 14:29:54
# Updated 23/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 1 (32 bits)
# User : Owner - OWNER-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\search.xml
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\SGPSA
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Users\Owner\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\Owner\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Owner\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\Conduit
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\ConduitCommon
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\extensions\[email protected]
Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\FCTB
Folder Deleted : C:\Users\Owner\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Owner\Documents\DealRunner
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BHO.PSHelper
Key Deleted : HKLM\SOFTWARE\Classes\BHO.PSHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BE990A32-C2EC-4654-8FD0-26FECEA81998}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07183.TBSB07183Toolbar
Key Deleted : HKLM\Software\TENCENT
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\prefs.js

C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\user.js ... Deleted !

Deleted : user_pref("CT2438727..clientLogIsEnabled", false);
Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2438727.CTID", "CT2438727");
Deleted : user_pref("CT2438727.CurrentServerDate", "21-4-2012");
Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Daylig[...]
Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Deleted : user_pref("CT2438727.FirstServerDate", "24-2-2010");
Deleted : user_pref("CT2438727.FirstTime", true);
Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2438727.HasUserGlobalKeys", true);
Deleted : user_pref("CT2438727.Initialize", true);
Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2438727.InstallationType", "Unknown");
Deleted : user_pref("CT2438727.InstalledDate", "Tue Feb 23 2010 13:51:16 GMT-0800 (Pacific Standard Time)");
Deleted : user_pref("CT2438727.IsGrouping", false);
Deleted : user_pref("CT2438727.IsMulticommunity", false);
Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Dayligh[...]
Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2438727.LastLogin_2.5.7.3", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific Daylight Time)"[...]
Deleted : user_pref("CT2438727.LastLogin_3.12.0.7", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Daylight Time)[...]
Deleted : user_pref("CT2438727.LatestVersion", "3.12.0.7");
Deleted : user_pref("CT2438727.Locale", "en");
Deleted : user_pref("CT2438727.LoginCache", 4);
Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2438727.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific Dayli[...]
Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Fri Apr 20 2012 16:38:40 GMT-0700 (Pacific Daylight [...]
Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Fri Apr 20 2012 16:38:40 GMT-0700 (Pacific Daylight Ti[...]
Deleted : user_pref("CT2438727.SettingsLastUpdate", "1326723880");
Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific Day[...]
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Deleted : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2438727.UserID", "UN56881065670034351");
Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2438727.alertChannelId", "832836");
Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2438727.initDone", true);
Deleted : user_pref("CT2438727.myStuffEnabled", true);
Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2438727.revertSettingsEnabled", false);
Deleted : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2438727.testingCtid", "");
Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Fri Apr 20 2012 16:38:42 GMT-0700 (Pacific D[...]
Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477175123412[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/6340477178459350[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"0bc[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacif[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Apr 15 2010 14:51:33 GMT-0700 (Pacific D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{0f36c807-4b71-4a66-adc7-b941609439f9}");
Deleted : user_pref("CommunityToolbar.globalUserId", "e760328a-222e-45c6-b8b2-66ca61b5f853");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Deleted : user_pref("extensions.asktb.cbid", "OE");
Deleted : user_pref("extensions.asktb.config-updated", true);
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.dtid", "VIN001WTUS");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://websearch.ask.com/redirect?client=ff&s[...]
Deleted : user_pref("extensions.asktb.first-launch-url", "hxxp://wiki.teamfortress.com/wiki/Killer_Exclusive")[...]
Deleted : user_pref("extensions.asktb.guid", "63110195-B5FB-498D-9DC2-3356F5D6FFD7");
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.if", "su");
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1334965115597");
Deleted : user_pref("extensions.asktb.last-v", "3.13.1.100007");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "16046");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.sa", "YES");
Deleted : user_pref("extensions.asktb.saguid", "AD8A0622-C4A3-44DB-BA6B-E097A9DF1E0C");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li[...]
Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Deleted : user_pref("extensions.asktb.themeid", "");
Deleted : user_pref("extensions.asktb.to", "16104");
Deleted : user_pref("extentions.y2layers.lastDnsTest", 370821);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.DNSCatch", false);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.FirstLaunchShown", true);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.LastDate", 20);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.customNewTab", false);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.processAddrBar", false);
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.session", "1BF72597AD6A4A482009208BCDDA43A9F8FC[...]
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.tb_lang", "en");
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.user_id", "41219551");
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.vars.disablecuidinject", "1");
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.vars.lastcheck", "Fri%20Apr%2020%202012%2014%3A[...]
Deleted : user_pref("freecauseb9dbe2c0031f4cad911af4a7381d79c0.yahooSearch", false);
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com/");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [33857 octets] - [26/04/2013 14:29:54]

########## EOF - C:\AdwCleaner[S1].txt - [33918 octets] ##########

Here's the ComboFix

ComboFix 13-04-26.01 - Owner 04/26/2013 14:53:21.1.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3069.2302 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Owner\AppData\Roaming\Local
c:\users\Owner\AppData\Roaming\Local\FalloutNV\Fallout.ini
c:\users\Owner\AppData\Roaming\Local\FalloutNV\FalloutPrefs.ini
c:\users\Owner\AppData\Roaming\Local\FalloutNV\NVDLCList.txt
c:\users\Owner\AppData\Roaming\Local\FalloutNV\plugins.txt
c:\users\Owner\AppData\Roaming\Local\FalloutNV\RendererInfo.txt
c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\searchplugins\bing-zugo.xml
c:\users\Public\RemoveSGP0.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2013-03-26 to 2013-04-26 )))))))))))))))))))))))))))))))
.
.
2013-04-26 21:59 . 2013-04-26 21:59 -------- d-----w- c:\users\Owner\AppData\Local\temp
2013-04-25 18:49 . 2013-04-25 18:49 -------- d-----w- C:\_OTL
2013-04-22 22:49 . 2013-04-22 22:49 -------- d-----w- c:\programdata\ATI
2013-04-22 21:49 . 2013-04-22 21:49 41984 ----a-w- c:\windows\system32\atiuxpag.dll
2013-04-22 21:49 . 2013-04-22 21:49 53760 ----a-w- c:\windows\system32\atimpc32.dll
2013-04-22 21:49 . 2013-04-22 21:49 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2013-04-22 21:49 . 2013-04-22 21:49 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2013-04-22 21:48 . 2013-04-22 21:48 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2013-04-22 21:48 . 2013-04-22 21:48 217600 ----a-w- c:\windows\system32\atiesrxx.exe
2013-04-22 21:48 . 2013-04-22 21:48 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-04-22 21:48 . 2013-04-22 21:48 451072 ----a-w- c:\windows\system32\atieclxx.exe
2013-04-22 21:48 . 2013-04-22 21:48 275968 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-04-19 09:00 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2AF3AE9-A5A7-4644-8501-8F3E06128A73}\mpengine.dll
2013-04-18 05:50 . 2013-04-18 05:50 -------- d-----w- c:\program files\Defraggler
2013-04-18 00:11 . 2013-04-18 00:11 -------- d--h--r- c:\users\Owner\AppData\Roaming\SecuROM
2013-04-16 16:14 . 2013-04-16 16:35 -------- d-----w- c:\users\Owner\AppData\Local\Skyrim
2013-04-15 21:14 . 2013-04-15 21:14 -------- d-sh--w- c:\programdata\SecuROM
2013-04-15 19:14 . 2013-04-15 19:14 -------- d-----w- c:\users\Owner\AppData\Local\Logitech® Webcam Software
2013-04-15 19:10 . 2013-04-15 19:10 -------- d-----w- c:\users\Owner\AppData\Roaming\Leadertech
2013-04-15 19:10 . 2013-04-15 19:10 53248 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-04-15 19:09 . 2013-04-15 19:09 -------- d-----w- c:\programdata\Logitech
2013-04-15 19:09 . 2013-04-15 19:09 -------- d-----w- c:\program files\Common Files\LWS
2013-04-15 19:03 . 2013-04-15 19:03 -------- d-----w- c:\program files\Common Files\Skype
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\system32\GPhotos.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-22 21:49 . 2009-04-29 08:37 4795904 ----a-w- c:\windows\system32\atiumdva.dll
2013-04-22 21:49 . 2010-11-26 02:24 52736 ----a-w- c:\windows\system32\coinst.dll
2013-04-22 21:49 . 2010-11-26 02:15 32256 ----a-w- c:\windows\system32\atiu9pag.dll
2013-04-22 21:49 . 2011-11-10 09:11 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2013-04-22 21:49 . 2009-04-29 08:52 6203392 ----a-w- c:\windows\system32\atiumdag.dll
2013-04-22 21:48 . 2010-11-26 02:58 909312 ----a-w- c:\windows\system32\aticfx32.dll
2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2013-03-18 02:58 . 2013-03-18 02:58 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-03-13 06:34 . 2013-03-13 06:34 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-13 06:34 . 2013-03-13 06:35 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-13 06:34 . 2010-07-13 13:57 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-13 04:10 . 2012-04-23 00:26 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 04:10 . 2011-06-16 15:15 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-12 08:10 . 2010-11-22 18:44 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-06 22:33 . 2013-03-13 03:07 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 22:33 . 2013-03-13 03:07 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 22:33 . 2011-06-04 02:05 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 22:33 . 2010-10-10 02:31 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 22:33 . 2010-10-10 02:31 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 22:33 . 2010-10-10 02:31 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 22:33 . 2010-10-10 02:31 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 22:33 . 2010-10-10 02:31 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 22:32 . 2010-10-10 05:03 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 22:32 . 2010-10-10 02:30 228600 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-20 23:38 . 2011-06-21 00:57 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn1\yt.dll" [2013-04-01 1500440]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2012-02-10 18:28 1307928 ----a-w- c:\program files\Microsoft\BingBar\7.1.361.0\BingExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-03-01 18642024]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-19 49664]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2010-11-26 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-02 946352]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-03-28 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk]
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
backup=c:\windows\pss\Trillian.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-04-20 19:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 14:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-12-23 16:51 323392 ----a-w- c:\users\Owner\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-05-10 09:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-08-19 08:07 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2009-06-02 15:59 5451536 ----a-w- c:\program files\Logitech\Logitech Vid\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2010-06-01 18:17 5252408 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 06:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 10:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2007-05-07 00:10 405504 ----a-w- c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-03-01 01:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-04-19 21:10 1631144 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 16:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-06-20 20:39 273544 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2013-03-13 08:56 1051984 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-15 00:43 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 04:10]
.
2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 05:21]
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-29 05:21]
.
2013-04-24 c:\windows\Tasks\User_Feed_Synchronization-{0C0B907C-F7EB-492D-B642-BC27AB42D1A1}.job
- c:\windows\system32\msfeedssync.exe [2011-06-16 04:32]
.
.
------- Supplementary Scan -------
.
uStart Page =
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page =
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\mwrpt34a.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: 2013-03-12 20:07; [email protected]; c:\program files\Alwil Software\Avast5\WebRep\FF
FF - ExtSQL: !HIDDEN! 2009-09-13 15:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-04-10 14:28; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\program files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: !HIDDEN! 2010-11-29 11:59; [email protected]; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Akamai NetSession Interface - c:\users\Owner\AppData\Local\Akamai\netsession_win.exe
MSConfigStartUp-LogitechQuickCamRibbon - c:\program files\Logitech\Logitech WebCam Software\LWS.exe
MSConfigStartUp-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe
MSConfigStartUp-McENUI - c:\progra~1\McAfee\MHN\McENUI.exe
MSConfigStartUp-Microsoft Default Manager - c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
MSConfigStartUp-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
MSConfigStartUp-YSearchProtection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
AddRemove-Cheat Engine 5.6.1_is1 - c:\program files\Cheat Engine\unins000.exe
AddRemove-{758799AB-2DAD-4BBB-83C3-D69A60D12363}_is1 - c:\program files\Emergence Viewer\unins000.exe
AddRemove-{A90C03D6-08E1-4C59-B93B-6919A6C0AC19} - c:\program files\Bytescribe\TSP_CODEC\Uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-26 14:59
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4030240409-390429592-89810060-1000\Software\SecuROM\License information*]
"datasecu"=hex:12,83,a2,2d,bb,55,b4,a0,31,f3,a0,77,ca,77,24,2c,2c,65,a0,1b,48,
f5,8f,2a,48,2f,95,05,46,7c,cf,b2,3e,8f,73,6a,cb,6c,cd,f6,66,85,9f,74,df,6d,\
"rkeysecu"=hex:e6,0b,cf,9d,d3,83,e9,01,cc,63,28,ed,52,3a,aa,95
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-04-26 15:01:37
ComboFix-quarantined-files.txt 2013-04-26 22:01
.
Pre-Run: 134,225,010,688 bytes free
Post-Run: 134,117,580,800 bytes free
.
- - End Of File - - 3C687AE76CBA2A656D86961547D37082


Here's the link to the antivirus scan

https://www.virustot...sis/1367013881/

Edited by Krinkle, 26 April 2013 - 04:17 PM.

  • 0

#12
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Thanks,

Adwcleaner and ComboFix removed some more things and the afd.sys file is clean. On we go.

Please let me know if you uninstalled LimeWire, BitTorrent and uTorrent. Thanks.


Step-1.

Posted Image TDSSKiller

Please read carefully and follow these steps.
Download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters. (See the image below)

    Posted Image
  • Make sure the boxes under Objects to scan are checked like the image below.
  • In the Additionak options section, check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system. (See the image below)

    Posted Image
  • Click OK
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip. DO NOT change the default action, click on Continue. (See the image below)

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by clicking Report

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step-2.

Run Farbar Service Scanner

Please download Farbar Service Scanner to the desktop.
Doubleclick the FSS.exe file to run it. (Vista and 7 users may need to right click the file and click Run as Administrator)
  • Posted Image
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The TDSSKiller log
2. The FSS.txt log
  • 0

#13
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I got rid of LimeWire best I could as I said the toolbar said it was not able to delete in safe mode and neither was its updater. I literally can't leave safe mode sice I can't see the screen unless I'm in safe mode and I didn't think I had BitTorrent but I will look and reply with that next time. UTorrent I kept.

Here's the TDSSKiller log

16:29:09.0528 0664 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:29:10.0079 0664 ============================================================
16:29:10.0079 0664 Current date / time: 2013/04/27 16:29:10.0079
16:29:10.0079 0664 SystemInfo:
16:29:10.0079 0664
16:29:10.0080 0664 OS Version: 6.0.6001 ServicePack: 1.0
16:29:10.0080 0664 Product type: Workstation
16:29:10.0080 0664 ComputerName: OWNER-PC
16:29:10.0080 0664 UserName: Owner
16:29:10.0080 0664 Windows directory: C:\Windows
16:29:10.0080 0664 System windows directory: C:\Windows
16:29:10.0080 0664 Processor architecture: Intel x86
16:29:10.0080 0664 Number of processors: 4
16:29:10.0080 0664 Page size: 0x1000
16:29:10.0080 0664 Boot type: Safe boot with network
16:29:10.0080 0664 ============================================================
16:29:10.0378 0664 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:29:10.0415 0664 Drive \Device\Harddisk5\DR5 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:29:10.0416 0664 ============================================================
16:29:10.0416 0664 \Device\Harddisk0\DR0:
16:29:10.0416 0664 MBR partitions:
16:29:10.0416 0664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
16:29:10.0416 0664 \Device\Harddisk5\DR5:
16:29:10.0417 0664 MBR partitions:
16:29:10.0417 0664 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE6BE0
16:29:10.0417 0664 ============================================================
16:29:10.0435 0664 C: <-> \Device\Harddisk0\DR0\Partition1
16:29:10.0435 0664 ============================================================
16:29:10.0435 0664 Initialize success
16:29:10.0435 0664 ============================================================
16:29:58.0325 1868 ============================================================
16:29:58.0325 1868 Scan started
16:29:58.0325 1868 Mode: Manual; SigCheck; TDLFS;
16:29:58.0325 1868 ============================================================
16:29:58.0406 1868 ================ Scan system memory ========================
16:29:58.0406 1868 System memory - ok
16:29:58.0407 1868 ================ Scan services =============================
16:29:58.0550 1868 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
16:29:58.0623 1868 ACPI - ok
16:29:58.0686 1868 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:29:58.0699 1868 AdobeFlashPlayerUpdateSvc - ok
16:29:58.0749 1868 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:29:58.0786 1868 adp94xx - ok
16:29:58.0817 1868 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:29:58.0830 1868 adpahci - ok
16:29:58.0865 1868 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:29:58.0874 1868 adpu160m - ok
16:29:58.0886 1868 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:29:58.0895 1868 adpu320 - ok
16:29:58.0944 1868 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:29:58.0992 1868 AeLookupSvc - ok
16:29:59.0045 1868 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
16:29:59.0086 1868 AFD - ok
16:29:59.0109 1868 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:29:59.0117 1868 agp440 - ok
16:29:59.0154 1868 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:29:59.0161 1868 aic78xx - ok
16:29:59.0219 1868 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:29:59.0259 1868 ALG - ok
16:29:59.0280 1868 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
16:29:59.0287 1868 aliide - ok
16:29:59.0317 1868 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:29:59.0377 1868 AMD External Events Utility - ok
16:29:59.0412 1868 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:29:59.0420 1868 amdagp - ok
16:29:59.0444 1868 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
16:29:59.0451 1868 amdide - ok
16:29:59.0475 1868 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:29:59.0629 1868 AmdK7 - ok
16:29:59.0664 1868 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:29:59.0722 1868 AmdK8 - ok
16:29:59.0992 1868 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:30:00.0997 1868 amdkmdag - ok
16:30:01.0033 1868 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:30:01.0061 1868 amdkmdap - ok
16:30:01.0100 1868 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
16:30:01.0132 1868 Appinfo - ok
16:30:01.0190 1868 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:30:01.0199 1868 Apple Mobile Device - ok
16:30:01.0250 1868 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:30:01.0258 1868 arc - ok
16:30:01.0304 1868 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:30:01.0312 1868 arcsas - ok
16:30:01.0400 1868 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:30:01.0422 1868 aspnet_state - ok
16:30:01.0508 1868 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:30:01.0528 1868 aswFsBlk - ok
16:30:01.0623 1868 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:30:01.0630 1868 aswMonFlt - ok
16:30:01.0743 1868 [ C1A411B7CCD604554D96EFDAC2F83617 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:30:01.0748 1868 aswRdr - ok
16:30:01.0770 1868 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:30:01.0776 1868 aswRvrt - ok
16:30:01.0835 1868 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:30:01.0897 1868 aswSnx - ok
16:30:01.0938 1868 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:30:01.0976 1868 aswSP - ok
16:30:02.0015 1868 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:30:02.0022 1868 aswTdi - ok
16:30:02.0033 1868 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:30:02.0042 1868 aswVmm - ok
16:30:02.0058 1868 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:30:02.0098 1868 AsyncMac - ok
16:30:02.0217 1868 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
16:30:02.0223 1868 atapi - ok
16:30:02.0457 1868 [ 70EB74785AB7FC603FEF19D87B7A7946 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:30:02.0665 1868 atikmdag - ok
16:30:02.0705 1868 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:30:02.0729 1868 AudioEndpointBuilder - ok
16:30:02.0746 1868 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:30:02.0768 1868 Audiosrv - ok
16:30:02.0812 1868 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:30:02.0819 1868 avast! Antivirus - ok
16:30:02.0912 1868 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:30:02.0925 1868 BBSvc - ok
16:30:02.0956 1868 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:30:02.0969 1868 BBUpdate - ok
16:30:03.0000 1868 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
16:30:03.0039 1868 Beep - ok
16:30:03.0062 1868 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
16:30:03.0125 1868 BFE - ok
16:30:03.0195 1868 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\system32\qmgr.dll
16:30:03.0414 1868 BITS - ok
16:30:03.0418 1868 blbdrive - ok
16:30:03.0518 1868 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:30:03.0548 1868 Bonjour Service - ok
16:30:03.0600 1868 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:30:03.0615 1868 bowser - ok
16:30:03.0654 1868 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:30:03.0676 1868 BrFiltLo - ok
16:30:03.0697 1868 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:30:03.0725 1868 BrFiltUp - ok
16:30:03.0771 1868 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
16:30:03.0808 1868 Browser - ok
16:30:03.0844 1868 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:30:03.0908 1868 Brserid - ok
16:30:03.0933 1868 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:30:03.0969 1868 BrSerWdm - ok
16:30:03.0995 1868 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:30:04.0042 1868 BrUsbMdm - ok
16:30:04.0065 1868 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:30:04.0115 1868 BrUsbSer - ok
16:30:04.0155 1868 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:30:04.0170 1868 BthEnum - ok
16:30:04.0206 1868 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:30:04.0262 1868 BTHMODEM - ok
16:30:04.0289 1868 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:30:04.0321 1868 BthPan - ok
16:30:04.0370 1868 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:30:04.0400 1868 BTHPORT - ok
16:30:04.0431 1868 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
16:30:04.0472 1868 BthServ - ok
16:30:04.0486 1868 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:30:04.0511 1868 BTHUSB - ok
16:30:04.0553 1868 [ 636F45A8500C1438CFA7DEE15FC5C184 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:30:04.0560 1868 btwaudio - ok
16:30:04.0587 1868 [ BF9256FF01B093A5D90BB7A35EC90410 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:30:04.0593 1868 btwavdt - ok
16:30:04.0644 1868 [ 491A7DA841149C934E4C2145758F251D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:30:04.0686 1868 btwdins - ok
16:30:04.0726 1868 [ 0AB8C1AC177AFB27309E1072FAF34A37 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:30:04.0732 1868 btwrchid - ok
16:30:04.0782 1868 catchme - ok
16:30:04.0812 1868 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:30:04.0833 1868 cdfs - ok
16:30:04.0888 1868 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:30:04.0956 1868 cdrom - ok
16:30:05.0006 1868 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
16:30:05.0041 1868 CertPropSvc - ok
16:30:05.0076 1868 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
16:30:05.0131 1868 circlass - ok
16:30:05.0154 1868 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
16:30:05.0166 1868 CLFS - ok
16:30:05.0192 1868 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:05.0222 1868 clr_optimization_v2.0.50727_32 - ok
16:30:05.0249 1868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:30:05.0259 1868 clr_optimization_v4.0.30319_32 - ok
16:30:05.0271 1868 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:30:05.0278 1868 cmdide - ok
16:30:05.0284 1868 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:30:05.0291 1868 Compbatt - ok
16:30:05.0326 1868 [ BC6B87086FF0D99F87FE8AF9A919A1E7 ] CompFilter C:\Windows\system32\DRIVERS\lvbusflt.sys
16:30:05.0331 1868 CompFilter - ok
16:30:05.0335 1868 COMSysApp - ok
16:30:05.0345 1868 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:30:05.0352 1868 crcdisk - ok
16:30:05.0380 1868 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:30:05.0433 1868 Crusoe - ok
16:30:05.0454 1868 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:30:05.0493 1868 CryptSvc - ok
16:30:05.0530 1868 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:30:05.0589 1868 DcomLaunch - ok
16:30:05.0618 1868 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:30:05.0637 1868 DfsC - ok
16:30:05.0711 1868 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
16:30:05.0828 1868 DFSR - ok
16:30:05.0859 1868 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:30:05.0882 1868 Dhcp - ok
16:30:05.0906 1868 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
16:30:05.0914 1868 disk - ok
16:30:05.0937 1868 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:30:05.0971 1868 Dnscache - ok
16:30:05.0992 1868 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
16:30:06.0015 1868 dot3svc - ok
16:30:06.0063 1868 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:30:06.0088 1868 Dot4 - ok
16:30:06.0124 1868 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:30:06.0143 1868 Dot4Print - ok
16:30:06.0216 1868 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:30:06.0255 1868 dot4usb - ok
16:30:06.0277 1868 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:30:06.0299 1868 DPS - ok
16:30:06.0310 1868 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:30:06.0327 1868 drmkaud - ok
16:30:06.0353 1868 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:30:06.0361 1868 dtsoftbus01 - ok
16:30:06.0385 1868 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:30:06.0476 1868 DXGKrnl - ok
16:30:06.0513 1868 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
16:30:06.0520 1868 e1express - ok
16:30:06.0550 1868 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:30:06.0586 1868 E1G60 - ok
16:30:06.0604 1868 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
16:30:06.0632 1868 EapHost - ok
16:30:06.0668 1868 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
16:30:06.0678 1868 Ecache - ok
16:30:06.0718 1868 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:30:06.0743 1868 ehRecvr - ok
16:30:06.0764 1868 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
16:30:06.0801 1868 ehSched - ok
16:30:06.0804 1868 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
16:30:06.0826 1868 ehstart - ok
16:30:06.0870 1868 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:30:06.0883 1868 elxstor - ok
16:30:06.0933 1868 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:30:06.0995 1868 EMDMgmt - ok
16:30:07.0018 1868 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
16:30:07.0057 1868 EventSystem - ok
16:30:07.0109 1868 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
16:30:07.0152 1868 exfat - ok
16:30:07.0193 1868 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:30:07.0226 1868 fastfat - ok
16:30:07.0260 1868 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:30:07.0305 1868 fdc - ok
16:30:07.0325 1868 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
16:30:07.0357 1868 fdPHost - ok
16:30:07.0376 1868 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:30:07.0424 1868 FDResPub - ok
16:30:07.0448 1868 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:30:07.0456 1868 FileInfo - ok
16:30:07.0490 1868 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:30:07.0526 1868 Filetrace - ok
16:30:07.0541 1868 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:30:07.0576 1868 flpydisk - ok
16:30:07.0630 1868 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:30:07.0640 1868 FltMgr - ok
16:30:07.0722 1868 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:30:07.0729 1868 FontCache3.0.0.0 - ok
16:30:07.0751 1868 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:30:07.0766 1868 Fs_Rec - ok
16:30:07.0788 1868 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:30:07.0795 1868 gagp30kx - ok
16:30:07.0830 1868 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:30:07.0834 1868 GEARAspiWDM - ok
16:30:07.0871 1868 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
16:30:07.0908 1868 gpsvc - ok
16:30:07.0957 1868 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:30:07.0965 1868 gupdate - ok
16:30:07.0982 1868 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:30:07.0988 1868 gupdatem - ok
16:30:08.0023 1868 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:30:08.0032 1868 gusvc - ok
16:30:08.0090 1868 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:30:08.0151 1868 HdAudAddService - ok
16:30:08.0174 1868 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:08.0207 1868 HDAudBus - ok
16:30:08.0233 1868 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:30:08.0289 1868 HidBth - ok
16:30:08.0299 1868 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:30:08.0341 1868 HidIr - ok
16:30:08.0359 1868 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
16:30:08.0407 1868 hidserv - ok
16:30:08.0410 1868 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:30:08.0429 1868 HidUsb - ok
16:30:08.0455 1868 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:30:08.0487 1868 hkmsvc - ok
16:30:08.0508 1868 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:30:08.0515 1868 HpCISSs - ok
16:30:08.0591 1868 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:30:08.0862 1868 hpqcxs08 - ok
16:30:08.0872 1868 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:30:08.0881 1868 hpqddsvc - ok
16:30:08.0913 1868 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:30:08.0941 1868 HPSLPSVC - ok
16:30:08.0999 1868 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:30:09.0049 1868 HTTP - ok
16:30:09.0085 1868 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:30:09.0093 1868 i2omp - ok
16:30:09.0155 1868 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:30:09.0189 1868 i8042prt - ok
16:30:09.0252 1868 [ CD448F83DC4A338CAC0C63B44CE085C1 ] Iast349ieo C:\Windows\system32\fc.exe
16:30:09.0279 1868 Iast349ieo - ok
16:30:09.0294 1868 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:30:09.0304 1868 iaStorV - ok
16:30:09.0370 1868 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:30:09.0375 1868 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:30:09.0375 1868 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:30:09.0460 1868 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:30:09.0535 1868 idsvc - ok
16:30:09.0579 1868 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:30:09.0586 1868 iirsp - ok
16:30:09.0624 1868 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
16:30:09.0663 1868 IKEEXT - ok
16:30:09.0719 1868 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
16:30:09.0726 1868 intelide - ok
16:30:09.0749 1868 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:30:09.0778 1868 intelppm - ok
16:30:09.0802 1868 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:30:09.0834 1868 IPBusEnum - ok
16:30:09.0873 1868 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:30:09.0907 1868 IpFilterDriver - ok
16:30:09.0938 1868 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:30:09.0958 1868 iphlpsvc - ok
16:30:09.0961 1868 IpInIp - ok
16:30:09.0987 1868 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:30:10.0041 1868 IPMIDRV - ok
16:30:10.0085 1868 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:30:10.0106 1868 IPNAT - ok
16:30:10.0173 1868 [ F62C69376A95795FE7CDB1C778EDACA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:30:10.0243 1868 iPod Service - ok
16:30:10.0295 1868 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:30:10.0314 1868 IRENUM - ok
16:30:10.0343 1868 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:30:10.0350 1868 isapnp - ok
16:30:10.0377 1868 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:30:10.0385 1868 iScsiPrt - ok
16:30:10.0411 1868 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:30:10.0417 1868 iteatapi - ok
16:30:10.0475 1868 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:30:10.0482 1868 iteraid - ok
16:30:10.0506 1868 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:10.0513 1868 kbdclass - ok
16:30:10.0524 1868 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:10.0543 1868 kbdhid - ok
16:30:10.0567 1868 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
16:30:10.0604 1868 KeyIso - ok
16:30:10.0641 1868 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
16:30:10.0677 1868 KMWDFILTER - ok
16:30:10.0696 1868 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:30:10.0746 1868 KSecDD - ok
16:30:10.0811 1868 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:30:10.0848 1868 KtmRm - ok
16:30:10.0899 1868 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:30:10.0944 1868 LanmanServer - ok
16:30:10.0970 1868 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:30:10.0987 1868 LanmanWorkstation - ok
16:30:11.0013 1868 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:30:11.0033 1868 lltdio - ok
16:30:11.0057 1868 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:30:11.0106 1868 lltdsvc - ok
16:30:11.0121 1868 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:30:11.0168 1868 lmhosts - ok
16:30:11.0199 1868 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:30:11.0199 1868 LSI_FC - ok
16:30:11.0215 1868 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:30:11.0231 1868 LSI_SAS - ok
16:30:11.0277 1868 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:30:11.0277 1868 LSI_SCSI - ok
16:30:11.0309 1868 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
16:30:11.0324 1868 luafv - ok
16:30:11.0371 1868 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
16:30:11.0387 1868 LVRS - ok
16:30:11.0480 1868 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
16:30:11.0652 1868 LVUVC - ok
16:30:11.0699 1868 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:30:11.0714 1868 Mcx2Svc - ok
16:30:11.0761 1868 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:30:11.0761 1868 megasas - ok
16:30:11.0808 1868 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
16:30:11.0839 1868 MMCSS - ok
16:30:11.0855 1868 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
16:30:11.0886 1868 Modem - ok
16:30:11.0901 1868 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:30:11.0933 1868 monitor - ok
16:30:11.0964 1868 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:30:11.0964 1868 mouclass - ok
16:30:11.0979 1868 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:30:11.0995 1868 mouhid - ok
16:30:12.0011 1868 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:30:12.0026 1868 MountMgr - ok
16:30:12.0057 1868 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:30:12.0057 1868 mpio - ok
16:30:12.0104 1868 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:30:12.0120 1868 mpsdrv - ok
16:30:12.0151 1868 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
16:30:12.0182 1868 MpsSvc - ok
16:30:12.0213 1868 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:30:12.0213 1868 Mraid35x - ok
16:30:12.0245 1868 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:30:12.0291 1868 MRxDAV - ok
16:30:12.0307 1868 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:12.0323 1868 mrxsmb - ok
16:30:12.0338 1868 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:12.0369 1868 mrxsmb10 - ok
16:30:12.0385 1868 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:12.0401 1868 mrxsmb20 - ok
16:30:12.0416 1868 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
16:30:12.0432 1868 msahci - ok
16:30:12.0447 1868 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:30:12.0463 1868 msdsm - ok
16:30:12.0494 1868 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
16:30:12.0525 1868 MSDTC - ok
16:30:12.0557 1868 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:30:12.0588 1868 Msfs - ok
16:30:12.0619 1868 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:30:12.0619 1868 msisadrv - ok
16:30:12.0650 1868 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:30:12.0681 1868 MSiSCSI - ok
16:30:12.0697 1868 msiserver - ok
16:30:12.0728 1868 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:30:12.0775 1868 MSKSSRV - ok
16:30:12.0837 1868 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:12.0853 1868 MSPCLOCK - ok
16:30:12.0900 1868 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:30:12.0915 1868 MSPQM - ok
16:30:12.0947 1868 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:30:12.0962 1868 MsRPC - ok
16:30:12.0962 1868 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:12.0962 1868 mssmbios - ok
16:30:12.0993 1868 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:30:13.0009 1868 MSTEE - ok
16:30:13.0025 1868 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
16:30:13.0040 1868 Mup - ok
16:30:13.0056 1868 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
16:30:13.0087 1868 napagent - ok
16:30:13.0134 1868 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:30:13.0165 1868 NativeWifiP - ok
16:30:13.0196 1868 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:30:13.0212 1868 NDIS - ok
16:30:13.0227 1868 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:13.0259 1868 NdisTapi - ok
16:30:13.0290 1868 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:13.0305 1868 Ndisuio - ok
16:30:13.0321 1868 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:13.0337 1868 NdisWan - ok
16:30:13.0368 1868 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:30:13.0383 1868 NDProxy - ok
16:30:13.0399 1868 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:30:13.0430 1868 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:30:13.0430 1868 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:30:13.0446 1868 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:30:13.0477 1868 NetBIOS - ok
16:30:13.0508 1868 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:30:13.0539 1868 netbt - ok
16:30:13.0555 1868 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
16:30:13.0555 1868 Netlogon - ok
16:30:13.0571 1868 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
16:30:13.0617 1868 Netman - ok
16:30:13.0649 1868 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
16:30:13.0695 1868 netprofm - ok
16:30:13.0773 1868 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:30:13.0773 1868 NetTcpPortSharing - ok
16:30:13.0820 1868 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:30:13.0820 1868 nfrd960 - ok
16:30:13.0836 1868 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:30:13.0867 1868 NlaSvc - ok
16:30:13.0883 1868 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:30:13.0914 1868 Npfs - ok
16:30:13.0945 1868 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
16:30:13.0992 1868 nsi - ok
16:30:14.0007 1868 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:30:14.0023 1868 nsiproxy - ok
16:30:14.0070 1868 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:30:14.0195 1868 Ntfs - ok
16:30:14.0241 1868 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:30:14.0273 1868 ntrigdigi - ok
16:30:14.0319 1868 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
16:30:14.0335 1868 NuidFltr - ok
16:30:14.0335 1868 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
16:30:14.0366 1868 Null - ok
16:30:14.0397 1868 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:30:14.0397 1868 nvraid - ok
16:30:14.0413 1868 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:30:14.0429 1868 nvstor - ok
16:30:14.0444 1868 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:30:14.0444 1868 nv_agp - ok
16:30:14.0460 1868 NwlnkFlt - ok
16:30:14.0460 1868 NwlnkFwd - ok
16:30:14.0491 1868 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:30:14.0507 1868 ohci1394 - ok
16:30:14.0569 1868 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:30:14.0569 1868 ose - ok
16:30:14.0741 1868 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:30:14.0959 1868 osppsvc - ok
16:30:15.0006 1868 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:30:15.0131 1868 p2pimsvc - ok
16:30:15.0146 1868 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
16:30:15.0162 1868 p2psvc - ok
16:30:15.0177 1868 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:30:15.0240 1868 Parport - ok
16:30:15.0287 1868 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:30:15.0302 1868 partmgr - ok
16:30:15.0318 1868 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:30:15.0349 1868 Parvdm - ok
16:30:15.0380 1868 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
16:30:15.0396 1868 PcaSvc - ok
16:30:15.0411 1868 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
16:30:15.0427 1868 pci - ok
16:30:15.0458 1868 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
16:30:15.0458 1868 pciide - ok
16:30:15.0489 1868 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:30:15.0505 1868 pcmcia - ok
16:30:15.0536 1868 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:30:15.0645 1868 PEAUTH - ok
16:30:15.0786 1868 [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS
16:30:16.0004 1868 PID_PEPI - ok
16:30:16.0067 1868 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:30:16.0285 1868 pla - ok
16:30:16.0363 1868 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:30:16.0379 1868 PlugPlay - ok
16:30:16.0441 1868 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:30:16.0441 1868 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:30:16.0441 1868 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:30:16.0457 1868 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:30:16.0488 1868 PNRPAutoReg - ok
16:30:16.0519 1868 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:30:16.0535 1868 PNRPsvc - ok
16:30:16.0581 1868 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:30:16.0597 1868 PolicyAgent - ok
16:30:16.0613 1868 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:30:16.0644 1868 PptpMiniport - ok
16:30:16.0706 1868 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:30:16.0737 1868 Processor - ok
16:30:16.0769 1868 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
16:30:16.0800 1868 ProfSvc - ok
16:30:16.0815 1868 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:30:16.0831 1868 ProtectedStorage - ok
16:30:16.0847 1868 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:30:16.0893 1868 PSched - ok
16:30:16.0940 1868 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:30:16.0987 1868 ql2300 - ok
16:30:17.0034 1868 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:30:17.0034 1868 ql40xx - ok
16:30:17.0065 1868 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
16:30:17.0081 1868 QWAVE - ok
16:30:17.0096 1868 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:30:17.0127 1868 QWAVEdrv - ok
16:30:17.0174 1868 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:30:17.0205 1868 RapiMgr - ok
16:30:17.0237 1868 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:30:17.0268 1868 RasAcd - ok
16:30:17.0283 1868 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
16:30:17.0315 1868 RasAuto - ok
16:30:17.0346 1868 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:30:17.0361 1868 Rasl2tp - ok
16:30:17.0377 1868 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
16:30:17.0408 1868 RasMan - ok
16:30:17.0424 1868 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:30:17.0455 1868 RasPppoe - ok
16:30:17.0471 1868 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:30:17.0502 1868 RasSstp - ok
16:30:17.0533 1868 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:30:17.0564 1868 rdbss - ok
16:30:17.0595 1868 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:30:17.0627 1868 RDPCDD - ok
16:30:17.0658 1868 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:30:17.0705 1868 rdpdr - ok
16:30:17.0720 1868 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:30:17.0736 1868 RDPENCDD - ok
16:30:17.0751 1868 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:30:17.0783 1868 RDPWD - ok
16:30:17.0814 1868 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:30:17.0829 1868 RemoteAccess - ok
16:30:17.0861 1868 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:30:17.0892 1868 RemoteRegistry - ok
16:30:17.0907 1868 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\drivers\RFCOMM.sys
16:30:17.0939 1868 RFCOMM - ok
16:30:17.0954 1868 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:30:17.0970 1868 RpcLocator - ok
16:30:18.0001 1868 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\System32\rpcss.dll
16:30:18.0017 1868 RpcSs - ok
16:30:18.0032 1868 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:30:18.0063 1868 rspndr - ok
16:30:18.0095 1868 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
16:30:18.0110 1868 SamSs - ok
16:30:18.0141 1868 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:30:18.0141 1868 sbp2port - ok
16:30:18.0173 1868 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:30:18.0204 1868 SCardSvr - ok
16:30:18.0251 1868 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
16:30:18.0329 1868 Schedule - ok
16:30:18.0329 1868 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
16:30:18.0344 1868 SCPolicySvc - ok
16:30:18.0391 1868 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
16:30:18.0391 1868 SCREAMINGBDRIVER - ok
16:30:18.0422 1868 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:30:18.0438 1868 SDRSVC - ok
16:30:18.0453 1868 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:30:18.0500 1868 secdrv - ok
16:30:18.0516 1868 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
16:30:18.0531 1868 seclogon - ok
16:30:18.0547 1868 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
16:30:18.0578 1868 SENS - ok
16:30:18.0594 1868 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:30:18.0641 1868 Serenum - ok
16:30:18.0641 1868 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:30:18.0687 1868 Serial - ok
16:30:18.0719 1868 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:30:18.0734 1868 sermouse - ok
16:30:18.0765 1868 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
16:30:18.0797 1868 SessionEnv - ok
16:30:18.0828 1868 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:30:18.0859 1868 sffdisk - ok
16:30:18.0875 1868 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:30:18.0906 1868 sffp_mmc - ok
16:30:18.0937 1868 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:30:18.0984 1868 sffp_sd - ok
16:30:18.0984 1868 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:30:19.0031 1868 sfloppy - ok
16:30:19.0046 1868 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:30:19.0093 1868 SharedAccess - ok
16:30:19.0124 1868 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:30:19.0171 1868 ShellHWDetection - ok
16:30:19.0187 1868 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:30:19.0187 1868 sisagp - ok
16:30:19.0218 1868 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:30:19.0218 1868 SiSRaid2 - ok
16:30:19.0233 1868 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:30:19.0249 1868 SiSRaid4 - ok
16:30:19.0311 1868 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:30:19.0311 1868 SkypeUpdate - ok
16:30:19.0389 1868 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
16:30:19.0623 1868 slsvc - ok
16:30:19.0686 1868 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:30:19.0717 1868 SLUINotify - ok
16:30:19.0795 1868 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:30:19.0826 1868 Smb - ok
16:30:19.0857 1868 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:30:19.0873 1868 SNMPTRAP - ok
16:30:19.0889 1868 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
16:30:19.0889 1868 spldr - ok
16:30:19.0920 1868 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
16:30:19.0967 1868 Spooler - ok
16:30:19.0982 1868 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:30:20.0013 1868 srv - ok
16:30:20.0029 1868 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:30:20.0076 1868 srv2 - ok
16:30:20.0091 1868 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:30:20.0107 1868 srvnet - ok
16:30:20.0123 1868 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:30:20.0169 1868 SSDPSRV - ok
16:30:20.0216 1868 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:30:20.0232 1868 SstpSvc - ok
16:30:20.0247 1868 [ B218068EBA6F46F102B4218BDB81BE0B ] STacSV C:\Windows\system32\STacSV.exe
16:30:20.0294 1868 STacSV - ok
16:30:20.0310 1868 Steam Client Service - ok
16:30:20.0325 1868 [ 167909A1C36AA3E8F2582962F0CCC748 ] STHDA C:\Windows\system32\drivers\stwrt.sys
16:30:20.0357 1868 STHDA - ok
16:30:20.0403 1868 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
16:30:20.0450 1868 stisvc - ok
16:30:20.0513 1868 [ 9A3D67D3488FB898BDB604AE5C7A67D4 ] StumbleUponUpdateService C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe
16:30:20.0528 1868 StumbleUponUpdateService - ok
16:30:20.0544 1868 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:30:20.0544 1868 swenum - ok
16:30:20.0575 1868 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
16:30:20.0606 1868 swprv - ok
16:30:20.0653 1868 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:30:20.0669 1868 Symc8xx - ok
16:30:20.0669 1868 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:30:20.0684 1868 Sym_hi - ok
16:30:20.0700 1868 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:30:20.0715 1868 Sym_u3 - ok
16:30:20.0747 1868 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
16:30:20.0809 1868 SysMain - ok
16:30:20.0856 1868 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:30:20.0903 1868 TabletInputService - ok
16:30:20.0934 1868 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:30:20.0949 1868 TapiSrv - ok
16:30:20.0981 1868 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
16:30:21.0012 1868 TBS - ok
16:30:21.0059 1868 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:30:21.0137 1868 Tcpip - ok
16:30:21.0199 1868 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:30:21.0215 1868 Tcpip6 - ok
16:30:21.0246 1868 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:30:21.0277 1868 tcpipreg - ok
16:30:21.0324 1868 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:30:21.0355 1868 TDPIPE - ok
16:30:21.0386 1868 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:30:21.0402 1868 TDTCP - ok
16:30:21.0433 1868 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:30:21.0464 1868 tdx - ok
16:30:21.0480 1868 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:30:21.0480 1868 TermDD - ok
16:30:21.0511 1868 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
16:30:21.0558 1868 TermService - ok
16:30:21.0605 1868 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
16:30:21.0620 1868 Themes - ok
16:30:21.0620 1868 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
16:30:21.0651 1868 THREADORDER - ok
16:30:21.0667 1868 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
16:30:21.0698 1868 TrkWks - ok
16:30:21.0729 1868 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:30:21.0761 1868 TrustedInstaller - ok
16:30:21.0792 1868 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:30:21.0823 1868 tssecsrv - ok
16:30:21.0870 1868 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:30:21.0885 1868 tunmp - ok
16:30:21.0901 1868 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:30:21.0901 1868 tunnel - ok
16:30:21.0932 1868 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:30:21.0948 1868 uagp35 - ok
16:30:21.0963 1868 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:30:21.0979 1868 udfs - ok
16:30:21.0995 1868 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:30:22.0026 1868 UI0Detect - ok
16:30:22.0041 1868 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:30:22.0041 1868 uliagpkx - ok
16:30:22.0073 1868 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:30:22.0073 1868 uliahci - ok
16:30:22.0088 1868 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:30:22.0104 1868 UlSata - ok
16:30:22.0119 1868 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:30:22.0135 1868 ulsata2 - ok
16:30:22.0151 1868 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:30:22.0182 1868 umbus - ok
16:30:22.0260 1868 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:30:22.0291 1868 UMVPFSrv - ok
16:30:22.0338 1868 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
16:30:22.0369 1868 upnphost - ok
16:30:22.0400 1868 [ 2A3FA9FF6EC8485C98C179131E8A41A7 ] USB-100 C:\Windows\system32\DRIVERS\RTL8150.SYS
16:30:22.0416 1868 USB-100 - ok
16:30:22.0447 1868 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:30:22.0447 1868 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
16:30:22.0447 1868 USBAAPL - detected UnsignedFile.Multi.Generic (1)
16:30:22.0478 1868 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:30:22.0494 1868 usbaudio - ok
16:30:22.0509 1868 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:30:22.0525 1868 usbccgp - ok
16:30:22.0541 1868 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:30:22.0572 1868 usbcir - ok
16:30:22.0603 1868 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:30:22.0619 1868 usbehci - ok
16:30:22.0650 1868 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:30:22.0665 1868 usbhub - ok
16:30:22.0681 1868 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:30:22.0728 1868 usbohci - ok
16:30:22.0743 1868 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:30:22.0775 1868 usbprint - ok
16:30:22.0806 1868 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:30:22.0821 1868 usbscan - ok
16:30:22.0853 1868 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:30:22.0868 1868 USBSTOR - ok
16:30:22.0884 1868 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:30:22.0915 1868 usbuhci - ok
16:30:22.0946 1868 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:30:22.0977 1868 usbvideo - ok
16:30:23.0009 1868 [ EE181A08E09DB23CF4A49B46A1E66BB8 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:30:23.0024 1868 usb_rndisx - ok
16:30:23.0055 1868 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
16:30:23.0087 1868 UxSms - ok
16:30:23.0102 1868 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
16:30:23.0149 1868 vds - ok
16:30:23.0211 1868 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:30:23.0243 1868 vga - ok
16:30:23.0274 1868 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:30:23.0321 1868 VgaSave - ok
16:30:23.0336 1868 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:30:23.0336 1868 viaagp - ok
16:30:23.0352 1868 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:30:23.0383 1868 ViaC7 - ok
16:30:23.0383 1868 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
16:30:23.0399 1868 viaide - ok
16:30:23.0414 1868 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:30:23.0430 1868 volmgr - ok
16:30:23.0445 1868 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:30:23.0461 1868 volmgrx - ok
16:30:23.0477 1868 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:30:23.0492 1868 volsnap - ok
16:30:23.0523 1868 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:30:23.0523 1868 vsmraid - ok
16:30:23.0570 1868 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
16:30:23.0711 1868 VSS - ok
16:30:23.0789 1868 [ C466021D31FF6C0A6069D12299D80C0B ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
16:30:23.0804 1868 VSTHWBS2 - ok
16:30:23.0835 1868 [ EC36F1D542ED4252390D446BF6D4DFD0 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:30:23.0929 1868 VST_DPV - ok
16:30:23.0991 1868 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
16:30:24.0023 1868 W32Time - ok
16:30:24.0054 1868 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:30:24.0085 1868 WacomPen - ok
16:30:24.0116 1868 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:30:24.0132 1868 Wanarp - ok
16:30:24.0132 1868 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:30:24.0147 1868 Wanarpv6 - ok
16:30:24.0179 1868 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
16:30:24.0257 1868 WcesComm - ok
16:30:24.0319 1868 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:30:24.0350 1868 wcncsvc - ok
16:30:24.0413 1868 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:30:24.0444 1868 WcsPlugInService - ok
16:30:24.0459 1868 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:30:24.0459 1868 Wd - ok
16:30:24.0506 1868 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:30:24.0522 1868 Wdf01000 - ok
16:30:24.0569 1868 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:30:24.0600 1868 WdiServiceHost - ok
16:30:24.0615 1868 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:30:24.0631 1868 WdiSystemHost - ok
16:30:24.0647 1868 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
16:30:24.0678 1868 WebClient - ok
16:30:24.0693 1868 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:30:24.0709 1868 Wecsvc - ok
16:30:24.0740 1868 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:30:24.0756 1868 wercplsupport - ok
16:30:24.0771 1868 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
16:30:24.0787 1868 WerSvc - ok
16:30:24.0818 1868 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:30:24.0881 1868 winachsf - ok
16:30:24.0927 1868 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:30:24.0943 1868 WinDefend - ok
16:30:24.0943 1868 WinHttpAutoProxySvc - ok
16:30:24.0990 1868 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:30:25.0021 1868 Winmgmt - ok
16:30:25.0083 1868 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
16:30:25.0177 1868 WinRM - ok
16:30:25.0239 1868 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
16:30:25.0255 1868 WinUsb - ok
16:30:25.0317 1868 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:30:25.0349 1868 Wlansvc - ok
16:30:25.0427 1868 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:30:25.0473 1868 wlidsvc - ok
16:30:25.0520 1868 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:30:25.0551 1868 WmiAcpi - ok
16:30:25.0598 1868 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:30:25.0629 1868 wmiApSrv - ok
16:30:25.0692 1868 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:30:25.0832 1868 WMPNetworkSvc - ok
16:30:25.0848 1868 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:30:25.0879 1868 WPCSvc - ok
16:30:25.0895 1868 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:30:25.0941 1868 WPDBusEnum - ok
16:30:25.0957 1868 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:30:25.0973 1868 WpdUsb - ok
16:30:26.0066 1868 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:30:26.0097 1868 WPFFontCache_v0400 - ok
16:30:26.0129 1868 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:30:26.0144 1868 ws2ifsl - ok
16:30:26.0175 1868 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\system32\wscsvc.dll
16:30:26.0175 1868 wscsvc - ok
16:30:26.0191 1868 WSearch - ok
16:30:26.0238 1868 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
16:30:26.0316 1868 wuauserv - ok
16:30:26.0378 1868 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:30:26.0394 1868 WUDFRd - ok
16:30:26.0409 1868 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:30:26.0456 1868 wudfsvc - ok
16:30:26.0534 1868 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:30:26.0597 1868 YahooAUService - ok
16:30:26.0597 1868 yeddef - ok
16:30:26.0659 1868 ================ Scan global ===============================
16:30:26.0659 1868 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:30:26.0690 1868 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
16:30:26.0706 1868 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
16:30:26.0753 1868 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
16:30:26.0753 1868 [Global] - ok
16:30:26.0753 1868 ================ Scan MBR ==================================
16:30:26.0768 1868 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:30:27.0174 1868 \Device\Harddisk0\DR0 - ok
16:30:27.0174 1868 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
16:30:27.0330 1868 \Device\Harddisk5\DR5 - ok
16:30:27.0330 1868 ================ Scan VBR ==================================
16:30:27.0330 1868 [ 53A7AF61C7DAEF856735B82B71CB64A6 ] \Device\Harddisk0\DR0\Partition1
16:30:27.0330 1868 \Device\Harddisk0\DR0\Partition1 - ok
16:30:27.0330 1868 [ A28DA599A4535E1DEDBA51D368BB9CE4 ] \Device\Harddisk5\DR5\Partition1
16:30:27.0330 1868 \Device\Harddisk5\DR5\Partition1 - ok
16:30:27.0330 1868 ============================================================
16:30:27.0330 1868 Scan finished
16:30:27.0330 1868 ============================================================
16:30:27.0330 1924 Detected object count: 4
16:30:27.0330 1924 Actual detected object count: 4
16:30:45.0898 1924 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:45.0898 1924 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:45.0898 1924 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:45.0898 1924 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:45.0906 1924 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:45.0906 1924 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:45.0907 1924 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:45.0907 1924 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0955 0664 ============================================================
16:31:09.0955 0664 Scan started
16:31:09.0955 0664 Mode: Manual; SigCheck; TDLFS;
16:31:09.0955 0664 ============================================================
16:31:10.0018 0664 ================ Scan system memory ========================
16:31:10.0018 0664 System memory - ok
16:31:10.0018 0664 ================ Scan services =============================
16:31:10.0158 0664 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys
16:31:10.0174 0664 ACPI - ok
16:31:10.0236 0664 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:31:10.0252 0664 AdobeFlashPlayerUpdateSvc - ok
16:31:10.0283 0664 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:31:10.0314 0664 adp94xx - ok
16:31:10.0361 0664 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:31:10.0376 0664 adpahci - ok
16:31:10.0392 0664 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:31:10.0408 0664 adpu160m - ok
16:31:10.0423 0664 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:31:10.0423 0664 adpu320 - ok
16:31:10.0470 0664 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:31:10.0486 0664 AeLookupSvc - ok
16:31:10.0517 0664 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys
16:31:10.0532 0664 AFD - ok
16:31:10.0579 0664 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:31:10.0595 0664 agp440 - ok
16:31:10.0610 0664 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:31:10.0610 0664 aic78xx - ok
16:31:10.0642 0664 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:31:10.0657 0664 ALG - ok
16:31:10.0673 0664 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
16:31:10.0688 0664 aliide - ok
16:31:10.0720 0664 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:31:10.0735 0664 AMD External Events Utility - ok
16:31:10.0751 0664 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:31:10.0766 0664 amdagp - ok
16:31:10.0798 0664 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
16:31:10.0798 0664 amdide - ok
16:31:10.0829 0664 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:31:10.0860 0664 AmdK7 - ok
16:31:10.0876 0664 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:31:10.0907 0664 AmdK8 - ok
16:31:11.0141 0664 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:31:11.0344 0664 amdkmdag - ok
16:31:11.0375 0664 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:31:11.0390 0664 amdkmdap - ok
16:31:11.0406 0664 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
16:31:11.0422 0664 Appinfo - ok
16:31:11.0484 0664 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:31:11.0484 0664 Apple Mobile Device - ok
16:31:11.0515 0664 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:31:11.0515 0664 arc - ok
16:31:11.0531 0664 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:31:11.0546 0664 arcsas - ok
16:31:11.0609 0664 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:31:11.0624 0664 aspnet_state - ok
16:31:11.0640 0664 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:31:11.0640 0664 aswFsBlk - ok
16:31:11.0656 0664 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:31:11.0671 0664 aswMonFlt - ok
16:31:11.0671 0664 [ C1A411B7CCD604554D96EFDAC2F83617 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:31:11.0671 0664 aswRdr - ok
16:31:11.0687 0664 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
16:31:11.0702 0664 aswRvrt - ok
16:31:11.0734 0664 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:31:11.0796 0664 aswSnx - ok
16:31:11.0827 0664 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:31:11.0874 0664 aswSP - ok
16:31:11.0905 0664 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:31:11.0921 0664 aswTdi - ok
16:31:11.0936 0664 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
16:31:11.0936 0664 aswVmm - ok
16:31:11.0952 0664 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:31:11.0968 0664 AsyncMac - ok
16:31:12.0014 0664 [ 4F4FCB8B6EA06784FB6D475B7EC7300F ] atapi C:\Windows\system32\drivers\atapi.sys
16:31:12.0014 0664 atapi - ok
16:31:12.0217 0664 [ 70EB74785AB7FC603FEF19D87B7A7946 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:31:12.0857 0664 atikmdag - ok
16:31:12.0904 0664 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:31:12.0935 0664 AudioEndpointBuilder - ok
16:31:13.0013 0664 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:31:13.0044 0664 Audiosrv - ok
16:31:13.0153 0664 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:31:13.0169 0664 avast! Antivirus - ok
16:31:13.0231 0664 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:31:13.0247 0664 BBSvc - ok
16:31:13.0340 0664 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:31:13.0356 0664 BBUpdate - ok
16:31:13.0372 0664 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
16:31:13.0403 0664 Beep - ok
16:31:13.0403 0664 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll
16:31:13.0434 0664 BFE - ok
16:31:13.0481 0664 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\system32\qmgr.dll
16:31:13.0512 0664 BITS - ok
16:31:13.0512 0664 blbdrive - ok
16:31:13.0574 0664 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:31:13.0590 0664 Bonjour Service - ok
16:31:13.0637 0664 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:31:13.0637 0664 bowser - ok
16:31:13.0668 0664 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:31:13.0684 0664 BrFiltLo - ok
16:31:13.0699 0664 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:31:13.0715 0664 BrFiltUp - ok
16:31:13.0730 0664 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
16:31:13.0762 0664 Browser - ok
16:31:13.0793 0664 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:31:13.0824 0664 Brserid - ok
16:31:13.0840 0664 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:31:13.0886 0664 BrSerWdm - ok
16:31:13.0902 0664 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:31:13.0949 0664 BrUsbMdm - ok
16:31:13.0949 0664 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:31:13.0996 0664 BrUsbSer - ok
16:31:14.0011 0664 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:31:14.0027 0664 BthEnum - ok
16:31:14.0042 0664 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:31:14.0074 0664 BTHMODEM - ok
16:31:14.0105 0664 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:31:14.0136 0664 BthPan - ok
16:31:14.0167 0664 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:31:14.0167 0664 BTHPORT - ok
16:31:14.0198 0664 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
16:31:14.0214 0664 BthServ - ok
16:31:14.0230 0664 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:31:14.0230 0664 BTHUSB - ok
16:31:14.0276 0664 [ 636F45A8500C1438CFA7DEE15FC5C184 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:31:14.0276 0664 btwaudio - ok
16:31:14.0292 0664 [ BF9256FF01B093A5D90BB7A35EC90410 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:31:14.0292 0664 btwavdt - ok
16:31:14.0354 0664 [ 491A7DA841149C934E4C2145758F251D ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:31:14.0370 0664 btwdins - ok
16:31:14.0417 0664 [ 0AB8C1AC177AFB27309E1072FAF34A37 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:31:14.0432 0664 btwrchid - ok
16:31:14.0479 0664 catchme - ok
16:31:14.0495 0664 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:31:14.0526 0664 cdfs - ok
16:31:14.0542 0664 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:31:14.0557 0664 cdrom - ok
16:31:14.0588 0664 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll
16:31:14.0604 0664 CertPropSvc - ok
16:31:14.0635 0664 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
16:31:14.0666 0664 circlass - ok
16:31:14.0698 0664 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys
16:31:14.0713 0664 CLFS - ok
16:31:14.0744 0664 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:31:14.0744 0664 clr_optimization_v2.0.50727_32 - ok
16:31:14.0776 0664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:31:14.0791 0664 clr_optimization_v4.0.30319_32 - ok
16:31:14.0807 0664 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:31:14.0807 0664 cmdide - ok
16:31:14.0822 0664 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:31:14.0822 0664 Compbatt - ok
16:31:14.0838 0664 [ BC6B87086FF0D99F87FE8AF9A919A1E7 ] CompFilter C:\Windows\system32\DRIVERS\lvbusflt.sys
16:31:14.0854 0664 CompFilter - ok
16:31:14.0854 0664 COMSysApp - ok
16:31:14.0854 0664 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:31:14.0869 0664 crcdisk - ok
16:31:14.0900 0664 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:31:14.0932 0664 Crusoe - ok
16:31:14.0963 0664 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:31:14.0978 0664 CryptSvc - ok
16:31:15.0010 0664 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:31:15.0025 0664 DcomLaunch - ok
16:31:15.0041 0664 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:31:15.0056 0664 DfsC - ok
16:31:15.0103 0664 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe
16:31:15.0150 0664 DFSR - ok
16:31:15.0197 0664 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:31:15.0228 0664 Dhcp - ok
16:31:15.0259 0664 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys
16:31:15.0259 0664 disk - ok
16:31:15.0306 0664 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:31:15.0322 0664 Dnscache - ok
16:31:15.0337 0664 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll
16:31:15.0368 0664 dot3svc - ok
16:31:15.0400 0664 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:31:15.0431 0664 Dot4 - ok
16:31:15.0462 0664 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:31:15.0478 0664 Dot4Print - ok
16:31:15.0509 0664 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:31:15.0540 0664 dot4usb - ok
16:31:15.0556 0664 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:31:15.0587 0664 DPS - ok
16:31:15.0587 0664 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:31:15.0602 0664 drmkaud - ok
16:31:15.0634 0664 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:31:15.0649 0664 dtsoftbus01 - ok
16:31:15.0665 0664 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:31:15.0680 0664 DXGKrnl - ok
16:31:15.0743 0664 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
16:31:15.0758 0664 e1express - ok
16:31:15.0790 0664 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:31:15.0821 0664 E1G60 - ok
16:31:15.0836 0664 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
16:31:15.0852 0664 EapHost - ok
16:31:15.0852 0664 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys
16:31:15.0868 0664 Ecache - ok
16:31:15.0899 0664 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:31:15.0914 0664 ehRecvr - ok
16:31:15.0930 0664 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
16:31:15.0946 0664 ehSched - ok
16:31:15.0946 0664 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
16:31:15.0961 0664 ehstart - ok
16:31:15.0992 0664 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:31:15.0992 0664 elxstor - ok
16:31:16.0039 0664 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:31:16.0055 0664 EMDMgmt - ok
16:31:16.0117 0664 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll
16:31:16.0117 0664 EventSystem - ok
16:31:16.0164 0664 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys
16:31:16.0180 0664 exfat - ok
16:31:16.0226 0664 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:31:16.0242 0664 fastfat - ok
16:31:16.0258 0664 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:31:16.0289 0664 fdc - ok
16:31:16.0304 0664 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
16:31:16.0336 0664 fdPHost - ok
16:31:16.0351 0664 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:31:16.0382 0664 FDResPub - ok
16:31:16.0382 0664 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:31:16.0398 0664 FileInfo - ok
16:31:16.0429 0664 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:31:16.0460 0664 Filetrace - ok
16:31:16.0476 0664 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:31:16.0507 0664 flpydisk - ok
16:31:16.0538 0664 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:31:16.0538 0664 FltMgr - ok
16:31:16.0601 0664 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:31:16.0616 0664 FontCache3.0.0.0 - ok
16:31:16.0632 0664 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:31:16.0648 0664 Fs_Rec - ok
16:31:16.0679 0664 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:31:16.0694 0664 gagp30kx - ok
16:31:16.0726 0664 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:31:16.0726 0664 GEARAspiWDM - ok
16:31:16.0757 0664 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll
16:31:16.0788 0664 gpsvc - ok
16:31:16.0819 0664 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:31:16.0835 0664 gupdate - ok
16:31:16.0835 0664 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:31:16.0850 0664 gupdatem - ok
16:31:16.0882 0664 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:31:16.0897 0664 gusvc - ok
16:31:16.0944 0664 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:31:16.0975 0664 HdAudAddService - ok
16:31:17.0022 0664 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:31:17.0038 0664 HDAudBus - ok
16:31:17.0053 0664 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:31:17.0100 0664 HidBth - ok
16:31:17.0116 0664 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:31:17.0147 0664 HidIr - ok
16:31:17.0162 0664 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
16:31:17.0209 0664 hidserv - ok
16:31:17.0209 0664 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:31:17.0225 0664 HidUsb - ok
16:31:17.0256 0664 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:31:17.0272 0664 hkmsvc - ok
16:31:17.0287 0664 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:31:17.0303 0664 HpCISSs - ok
16:31:17.0365 0664 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:31:17.0381 0664 hpqcxs08 - ok
16:31:17.0381 0664 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:31:17.0396 0664 hpqddsvc - ok
16:31:17.0412 0664 [ A04F4AC48895774A2CF9D1C9EAAACEF0 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:31:17.0459 0664 HPSLPSVC - ok
16:31:17.0521 0664 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:31:17.0537 0664 HTTP - ok
16:31:17.0584 0664 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:31:17.0584 0664 i2omp - ok
16:31:17.0599 0664 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:31:17.0615 0664 i8042prt - ok
16:31:17.0662 0664 [ CD448F83DC4A338CAC0C63B44CE085C1 ] Iast349ieo C:\Windows\system32\fc.exe
16:31:17.0662 0664 Iast349ieo - ok
16:31:17.0693 0664 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:31:17.0693 0664 iaStorV - ok
16:31:17.0755 0664 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:31:17.0755 0664 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:31:17.0755 0664 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:31:17.0833 0664 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:31:17.0896 0664 idsvc - ok
16:31:17.0958 0664 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:31:17.0958 0664 iirsp - ok
16:31:17.0989 0664 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll
16:31:18.0020 0664 IKEEXT - ok
16:31:18.0067 0664 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
16:31:18.0083 0664 intelide - ok
16:31:18.0098 0664 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:31:18.0130 0664 intelppm - ok
16:31:18.0145 0664 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:31:18.0161 0664 IPBusEnum - ok
16:31:18.0192 0664 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:31:18.0208 0664 IpFilterDriver - ok
16:31:18.0239 0664 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:31:18.0239 0664 iphlpsvc - ok
16:31:18.0254 0664 IpInIp - ok
16:31:18.0270 0664 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:31:18.0317 0664 IPMIDRV - ok
16:31:18.0364 0664 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:31:18.0379 0664 IPNAT - ok
16:31:18.0442 0664 [ F62C69376A95795FE7CDB1C778EDACA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:31:18.0504 0664 iPod Service - ok
16:31:18.0535 0664 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:31:18.0566 0664 IRENUM - ok
16:31:18.0598 0664 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:31:18.0598 0664 isapnp - ok
16:31:18.0629 0664 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:31:18.0644 0664 iScsiPrt - ok
16:31:18.0660 0664 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:31:18.0676 0664 iteatapi - ok
16:31:18.0722 0664 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:31:18.0722 0664 iteraid - ok
16:31:18.0754 0664 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:31:18.0754 0664 kbdclass - ok
16:31:18.0769 0664 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:31:18.0785 0664 kbdhid - ok
16:31:18.0816 0664 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe
16:31:18.0832 0664 KeyIso - ok
16:31:18.0847 0664 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
16:31:18.0847 0664 KMWDFILTER - ok
16:31:18.0910 0664 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:31:18.0956 0664 KSecDD - ok
16:31:19.0019 0664 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:31:19.0050 0664 KtmRm - ok
16:31:19.0081 0664 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:31:19.0097 0664 LanmanServer - ok
16:31:19.0112 0664 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:31:19.0128 0664 LanmanWorkstation - ok
16:31:19.0190 0664 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:31:19.0206 0664 lltdio - ok
16:31:19.0222 0664 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:31:19.0253 0664 lltdsvc - ok
16:31:19.0268 0664 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:31:19.0300 0664 lmhosts - ok
16:31:19.0331 0664 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:31:19.0331 0664 LSI_FC - ok
16:31:19.0346 0664 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:31:19.0362 0664 LSI_SAS - ok
16:31:19.0378 0664 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:31:19.0378 0664 LSI_SCSI - ok
16:31:19.0409 0664 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
16:31:19.0424 0664 luafv - ok
16:31:19.0456 0664 [ 7521C0C58EE91BE90B6CC33E792D10C7 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
16:31:19.0471 0664 LVRS - ok
16:31:19.0565 0664 [ 37E57C48AF530DF01CDD4E8A2AD77B51 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
16:31:19.0705 0664 LVUVC - ok
16:31:19.0736 0664 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:31:19.0752 0664 Mcx2Svc - ok
16:31:19.0768 0664 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:31:19.0783 0664 megasas - ok
16:31:19.0814 0664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
16:31:19.0830 0664 MMCSS - ok
16:31:19.0861 0664 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
16:31:19.0877 0664 Modem - ok
16:31:19.0877 0664 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:31:19.0908 0664 monitor - ok
16:31:19.0924 0664 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:31:19.0924 0664 mouclass - ok
16:31:19.0955 0664 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:31:19.0970 0664 mouhid - ok
16:31:19.0986 0664 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:31:19.0986 0664 MountMgr - ok
16:31:20.0017 0664 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:31:20.0033 0664 mpio - ok
16:31:20.0064 0664 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:31:20.0080 0664 mpsdrv - ok
16:31:20.0111 0664 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll
16:31:20.0142 0664 MpsSvc - ok
16:31:20.0158 0664 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:31:20.0173 0664 Mraid35x - ok
16:31:20.0173 0664 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:31:20.0189 0664 MRxDAV - ok
16:31:20.0236 0664 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:31:20.0251 0664 mrxsmb - ok
16:31:20.0267 0664 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:31:20.0282 0664 mrxsmb10 - ok
16:31:20.0282 0664 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:31:20.0298 0664 mrxsmb20 - ok
16:31:20.0329 0664 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
16:31:20.0329 0664 msahci - ok
16:31:20.0345 0664 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:31:20.0360 0664 msdsm - ok
16:31:20.0392 0664 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
16:31:20.0423 0664 MSDTC - ok
16:31:20.0438 0664 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:31:20.0470 0664 Msfs - ok
16:31:20.0470 0664 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:31:20.0485 0664 msisadrv - ok
16:31:20.0516 0664 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:31:20.0532 0664 MSiSCSI - ok
16:31:20.0532 0664 msiserver - ok
16:31:20.0579 0664 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:31:20.0594 0664 MSKSSRV - ok
16:31:20.0641 0664 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:31:20.0672 0664 MSPCLOCK - ok
16:31:20.0719 0664 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:31:20.0735 0664 MSPQM - ok
16:31:20.0750 0664 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:31:20.0766 0664 MsRPC - ok
16:31:20.0766 0664 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:31:20.0782 0664 mssmbios - ok
16:31:20.0797 0664 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:31:20.0813 0664 MSTEE - ok
16:31:20.0828 0664 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys
16:31:20.0844 0664 Mup - ok
16:31:20.0860 0664 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll
16:31:20.0875 0664 napagent - ok
16:31:20.0922 0664 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:31:20.0922 0664 NativeWifiP - ok
16:31:20.0969 0664 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:31:20.0984 0664 NDIS - ok
16:31:21.0000 0664 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:31:21.0016 0664 NdisTapi - ok
16:31:21.0047 0664 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:31:21.0062 0664 Ndisuio - ok
16:31:21.0078 0664 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:31:21.0109 0664 NdisWan - ok
16:31:21.0125 0664 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:31:21.0140 0664 NDProxy - ok
16:31:21.0156 0664 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:31:21.0156 0664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:31:21.0156 0664 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:31:21.0172 0664 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:31:21.0187 0664 NetBIOS - ok
16:31:21.0218 0664 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:31:21.0234 0664 netbt - ok
16:31:21.0250 0664 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe
16:31:21.0250 0664 Netlogon - ok
16:31:21.0265 0664 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
16:31:21.0296 0664 Netman - ok
16:31:21.0312 0664 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
16:31:21.0343 0664 netprofm - ok
16:31:21.0374 0664 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:31:21.0374 0664 NetTcpPortSharing - ok
16:31:21.0421 0664 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:31:21.0421 0664 nfrd960 - ok
16:31:21.0452 0664 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:31:21.0468 0664 NlaSvc - ok
16:31:21.0484 0664 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:31:21.0499 0664 Npfs - ok
16:31:21.0530 0664 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
16:31:21.0546 0664 nsi - ok
16:31:21.0562 0664 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:31:21.0577 0664 nsiproxy - ok
16:31:21.0608 0664 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:31:21.0671 0664 Ntfs - ok
16:31:21.0733 0664 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:31:21.0764 0664 ntrigdigi - ok
16:31:21.0827 0664 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
16:31:21.0827 0664 NuidFltr - ok
16:31:21.0842 0664 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
16:31:21.0858 0664 Null - ok
16:31:21.0889 0664 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:31:21.0889 0664 nvraid - ok
16:31:21.0920 0664 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:31:21.0920 0664 nvstor - ok
16:31:21.0936 0664 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:31:21.0952 0664 nv_agp - ok
16:31:21.0952 0664 NwlnkFlt - ok
16:31:21.0952 0664 NwlnkFwd - ok
16:31:21.0983 0664 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:31:21.0998 0664 ohci1394 - ok
16:31:22.0045 0664 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:31:22.0045 0664 ose - ok
16:31:22.0217 0664 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:31:22.0342 0664 osppsvc - ok
16:31:22.0388 0664 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:31:22.0404 0664 p2pimsvc - ok
16:31:22.0466 0664 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll
16:31:22.0498 0664 p2psvc - ok
16:31:22.0513 0664 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:31:22.0560 0664 Parport - ok
16:31:22.0576 0664 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:31:22.0591 0664 partmgr - ok
16:31:22.0607 0664 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:31:22.0638 0664 Parvdm - ok
16:31:22.0654 0664 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
16:31:22.0654 0664 PcaSvc - ok
16:31:22.0654 0664 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys
16:31:22.0669 0664 pci - ok
16:31:22.0700 0664 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
16:31:22.0700 0664 pciide - ok
16:31:22.0732 0664 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:31:22.0732 0664 pcmcia - ok
16:31:22.0763 0664 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:31:22.0856 0664 PEAUTH - ok
16:31:22.0981 0664 [ DD184D9ADFE2A8A21741DBDFE9E22F5C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS
16:31:23.0137 0664 PID_PEPI - ok
16:31:23.0215 0664 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:31:23.0371 0664 pla - ok
16:31:23.0418 0664 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:31:23.0434 0664 PlugPlay - ok
16:31:23.0480 0664 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:31:23.0496 0664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:31:23.0496 0664 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:31:23.0496 0664 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:31:23.0512 0664 PNRPAutoReg - ok
16:31:23.0527 0664 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:31:23.0590 0664 PNRPsvc - ok
16:31:23.0636 0664 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:31:23.0652 0664 PolicyAgent - ok
16:31:23.0652 0664 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:31:23.0668 0664 PptpMiniport - ok
16:31:23.0714 0664 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:31:23.0746 0664 Processor - ok
16:31:23.0777 0664 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll
16:31:23.0792 0664 ProfSvc - ok
16:31:23.0808 0664 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:31:23.0824 0664 ProtectedStorage - ok
16:31:23.0839 0664 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:31:23.0855 0664 PSched - ok
16:31:23.0886 0664 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:31:23.0902 0664 ql2300 - ok
16:31:23.0948 0664 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:31:23.0948 0664 ql40xx - ok
16:31:23.0964 0664 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
16:31:23.0980 0664 QWAVE - ok
16:31:23.0995 0664 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:31:24.0011 0664 QWAVEdrv - ok
16:31:24.0042 0664 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:31:24.0073 0664 RapiMgr - ok
16:31:24.0073 0664 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:31:24.0104 0664 RasAcd - ok
16:31:24.0120 0664 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
16:31:24.0136 0664 RasAuto - ok
16:31:24.0167 0664 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:31:24.0182 0664 Rasl2tp - ok
16:31:24.0245 0664 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll
16:31:24.0260 0664 RasMan - ok
16:31:24.0292 0664 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:31:24.0307 0664 RasPppoe - ok
16:31:24.0323 0664 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:31:24.0338 0664 RasSstp - ok
16:31:24.0354 0664 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:31:24.0370 0664 rdbss - ok
16:31:24.0370 0664 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:31:24.0385 0664 RDPCDD - ok
16:31:24.0432 0664 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:31:24.0463 0664 rdpdr - ok
16:31:24.0463 0664 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:31:24.0479 0664 RDPENCDD - ok
16:31:24.0494 0664 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:31:24.0495 0664 RDPWD - ok
16:31:24.0524 0664 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:31:24.0544 0664 RemoteAccess - ok
16:31:24.0556 0664 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:31:24.0577 0664 RemoteRegistry - ok
16:31:24.0596 0664 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\drivers\RFCOMM.sys
16:31:24.0615 0664 RFCOMM - ok
16:31:24.0637 0664 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:31:24.0646 0664 RpcLocator - ok
16:31:24.0666 0664 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\System32\rpcss.dll
16:31:24.0683 0664 RpcSs - ok
16:31:24.0706 0664 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:31:24.0726 0664 rspndr - ok
16:31:24.0729 0664 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe
16:31:24.0739 0664 SamSs - ok
16:31:24.0762 0664 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:31:24.0769 0664 sbp2port - ok
16:31:24.0801 0664 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:31:24.0822 0664 SCardSvr - ok
16:31:24.0865 0664 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll
16:31:24.0884 0664 Schedule - ok
16:31:24.0938 0664 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll
16:31:24.0957 0664 SCPolicySvc - ok
16:31:24.0984 0664 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
16:31:24.0990 0664 SCREAMINGBDRIVER - ok
16:31:25.0013 0664 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:31:25.0025 0664 SDRSVC - ok
16:31:25.0032 0664 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:31:25.0067 0664 secdrv - ok
16:31:25.0090 0664 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
16:31:25.0110 0664 seclogon - ok
16:31:25.0119 0664 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
16:31:25.0140 0664 SENS - ok
16:31:25.0161 0664 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:31:25.0196 0664 Serenum - ok
16:31:25.0206 0664 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:31:25.0242 0664 Serial - ok
16:31:25.0269 0664 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:31:25.0288 0664 sermouse - ok
16:31:25.0322 0664 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
16:31:25.0343 0664 SessionEnv - ok
16:31:25.0397 0664 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:31:25.0431 0664 sffdisk - ok
16:31:25.0442 0664 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:31:25.0477 0664 sffp_mmc - ok
16:31:25.0487 0664 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:31:25.0521 0664 sffp_sd - ok
16:31:25.0538 0664 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:31:25.0572 0664 sfloppy - ok
16:31:25.0595 0664 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:31:25.0617 0664 SharedAccess - ok
16:31:25.0647 0664 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:31:25.0686 0664 ShellHWDetection - ok
16:31:25.0701 0664 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:31:25.0701 0664 sisagp - ok
16:31:25.0708 0664 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:31:25.0714 0664 SiSRaid2 - ok
16:31:25.0730 0664 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:31:25.0737 0664 SiSRaid4 - ok
16:31:25.0786 0664 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:31:25.0793 0664 SkypeUpdate - ok
16:31:25.0860 0664 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe
16:31:25.0938 0664 slsvc - ok
16:31:25.0964 0664 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:31:25.0984 0664 SLUINotify - ok
16:31:25.0998 0664 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:31:26.0018 0664 Smb - ok
16:31:26.0053 0664 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:31:26.0064 0664 SNMPTRAP - ok
16:31:26.0090 0664 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
16:31:26.0097 0664 spldr - ok
16:31:26.0120 0664 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe
16:31:26.0131 0664 Spooler - ok
16:31:26.0157 0664 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:31:26.0169 0664 srv - ok
16:31:26.0187 0664 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:31:26.0198 0664 srv2 - ok
16:31:26.0212 0664 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:31:26.0222 0664 srvnet - ok
16:31:26.0233 0664 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:31:26.0255 0664 SSDPSRV - ok
16:31:26.0270 0664 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:31:26.0282 0664 SstpSvc - ok
16:31:26.0298 0664 [ B218068EBA6F46F102B4218BDB81BE0B ] STacSV C:\Windows\system32\STacSV.exe
16:31:26.0308 0664 STacSV - ok
16:31:26.0318 0664 Steam Client Service - ok
16:31:26.0342 0664 [ 167909A1C36AA3E8F2582962F0CCC748 ] STHDA C:\Windows\system32\drivers\stwrt.sys
16:31:26.0352 0664 STHDA - ok
16:31:26.0369 0664 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll
16:31:26.0385 0664 stisvc - ok
16:31:26.0463 0664 [ 9A3D67D3488FB898BDB604AE5C7A67D4 ] StumbleUponUpdateService C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe
16:31:26.0468 0664 StumbleUponUpdateService - ok
16:31:26.0488 0664 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:31:26.0495 0664 swenum - ok
16:31:26.0518 0664 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll
16:31:26.0540 0664 swprv - ok
16:31:26.0569 0664 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:31:26.0575 0664 Symc8xx - ok
16:31:26.0585 0664 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:31:26.0591 0664 Sym_hi - ok
16:31:26.0616 0664 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:31:26.0623 0664 Sym_u3 - ok
16:31:26.0656 0664 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll
16:31:26.0684 0664 SysMain - ok
16:31:26.0721 0664 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:31:26.0732 0664 TabletInputService - ok
16:31:26.0742 0664 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:31:26.0765 0664 TapiSrv - ok
16:31:26.0783 0664 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
16:31:26.0804 0664 TBS - ok
16:31:26.0839 0664 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:31:26.0862 0664 Tcpip - ok
16:31:26.0889 0664 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:31:26.0953 0664 Tcpip6 - ok
16:31:27.0010 0664 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:31:27.0030 0664 tcpipreg - ok
16:31:27.0078 0664 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:31:27.0097 0664 TDPIPE - ok
16:31:27.0126 0664 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:31:27.0145 0664 TDTCP - ok
16:31:27.0169 0664 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:31:27.0189 0664 tdx - ok
16:31:27.0200 0664 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:31:27.0206 0664 TermDD - ok
16:31:27.0221 0664 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll
16:31:27.0249 0664 TermService - ok
16:31:27.0282 0664 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll
16:31:27.0295 0664 Themes - ok
16:31:27.0305 0664 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
16:31:27.0325 0664 THREADORDER - ok
16:31:27.0350 0664 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
16:31:27.0371 0664 TrkWks - ok
16:31:27.0394 0664 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:31:27.0413 0664 TrustedInstaller - ok
16:31:27.0443 0664 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:31:27.0461 0664 tssecsrv - ok
16:31:27.0488 0664 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:31:27.0497 0664 tunmp - ok
16:31:27.0527 0664 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:31:27.0537 0664 tunnel - ok
16:31:27.0563 0664 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:31:27.0570 0664 uagp35 - ok
16:31:27.0591 0664 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:31:27.0612 0664 udfs - ok
16:31:27.0625 0664 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:31:27.0645 0664 UI0Detect - ok
16:31:27.0671 0664 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:31:27.0678 0664 uliagpkx - ok
16:31:27.0697 0664 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:31:27.0706 0664 uliahci - ok
16:31:27.0720 0664 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:31:27.0727 0664 UlSata - ok
16:31:27.0744 0664 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:31:27.0751 0664 ulsata2 - ok
16:31:27.0777 0664 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:31:27.0796 0664 umbus - ok
16:31:27.0847 0664 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:31:27.0859 0664 UMVPFSrv - ok
16:31:27.0916 0664 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
16:31:27.0939 0664 upnphost - ok
16:31:27.0961 0664 [ 2A3FA9FF6EC8485C98C179131E8A41A7 ] USB-100 C:\Windows\system32\DRIVERS\RTL8150.SYS
16:31:27.0968 0664 USB-100 - ok
16:31:27.0989 0664 [ 4B8A9C16B6D9258ED99C512AECB8C555 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:31:27.0992 0664 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
16:31:27.0992 0664 USBAAPL - detected UnsignedFile.Multi.Generic (1)
16:31:28.0016 0664 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:31:28.0036 0664 usbaudio - ok
16:31:28.0046 0664 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:31:28.0061 0664 usbccgp - ok
16:31:28.0079 0664 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:31:28.0114 0664 usbcir - ok
16:31:28.0140 0664 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:31:28.0160 0664 usbehci - ok
16:31:28.0183 0664 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:31:28.0203 0664 usbhub - ok
16:31:28.0229 0664 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:31:28.0264 0664 usbohci - ok
16:31:28.0279 0664 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:31:28.0298 0664 usbprint - ok
16:31:28.0332 0664 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:31:28.0347 0664 usbscan - ok
16:31:28.0359 0664 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:31:28.0379 0664 USBSTOR - ok
16:31:28.0391 0664 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:31:28.0406 0664 usbuhci - ok
16:31:28.0431 0664 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:31:28.0451 0664 usbvideo - ok
16:31:28.0483 0664 [ EE181A08E09DB23CF4A49B46A1E66BB8 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:31:28.0502 0664 usb_rndisx - ok
16:31:28.0529 0664 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll
16:31:28.0550 0664 UxSms - ok
16:31:28.0576 0664 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe
16:31:28.0623 0664 vds - ok
16:31:28.0649 0664 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:31:28.0684 0664 vga - ok
16:31:28.0717 0664 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:31:28.0737 0664 VgaSave - ok
16:31:28.0754 0664 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:31:28.0761 0664 viaagp - ok
16:31:28.0767 0664 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:31:28.0802 0664 ViaC7 - ok
16:31:28.0809 0664 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
16:31:28.0815 0664 viaide - ok
16:31:28.0837 0664 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:31:28.0844 0664 volmgr - ok
16:31:28.0868 0664 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:31:28.0878 0664 volmgrx - ok
16:31:28.0885 0664 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:31:28.0893 0664 volsnap - ok
16:31:28.0922 0664 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:31:28.0929 0664 vsmraid - ok
16:31:28.0973 0664 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe
16:31:29.0008 0664 VSS - ok
16:31:29.0035 0664 [ C466021D31FF6C0A6069D12299D80C0B ] VSTHWBS2 C:\Windows\system32\DRIVERS\VSTBS23.SYS
16:31:29.0056 0664 VSTHWBS2 - ok
16:31:29.0081 0664 [ EC36F1D542ED4252390D446BF6D4DFD0 ] VST_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:31:29.0167 0664 VST_DPV - ok
16:31:29.0219 0664 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll
16:31:29.0244 0664 W32Time - ok
16:31:29.0287 0664 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:31:29.0322 0664 WacomPen - ok
16:31:29.0349 0664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:31:29.0365 0664 Wanarp - ok
16:31:29.0368 0664 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:31:29.0383 0664 Wanarpv6 - ok
16:31:29.0394 0664 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
16:31:29.0449 0664 WcesComm - ok
16:31:29.0498 0664 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:31:29.0515 0664 wcncsvc - ok
16:31:29.0542 0664 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:31:29.0558 0664 WcsPlugInService - ok
16:31:29.0574 0664 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:31:29.0580 0664 Wd - ok
16:31:29.0607 0664 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:31:29.0622 0664 Wdf01000 - ok
16:31:29.0677 0664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:31:29.0698 0664 WdiServiceHost - ok
16:31:29.0701 0664 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:31:29.0722 0664 WdiSystemHost - ok
16:31:29.0728 0664 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll
16:31:29.0740 0664 WebClient - ok
16:31:29.0755 0664 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:31:29.0767 0664 Wecsvc - ok
16:31:29.0793 0664 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:31:29.0810 0664 wercplsupport - ok
16:31:29.0835 0664 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll
16:31:29.0845 0664 WerSvc - ok
16:31:29.0862 0664 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:31:29.0891 0664 winachsf - ok
16:31:29.0918 0664 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:31:29.0927 0664 WinDefend - ok
16:31:29.0932 0664 WinHttpAutoProxySvc - ok
16:31:29.0984 0664 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:31:30.0004 0664 Winmgmt - ok
16:31:30.0046 0664 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
16:31:30.0120 0664 WinRM - ok
16:31:30.0165 0664 [ F03110711B17AD31271CB2BAF0DBB2B1 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.SYS
16:31:30.0184 0664 WinUsb - ok
16:31:30.0239 0664 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:31:30.0256 0664 Wlansvc - ok
16:31:30.0353 0664 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:31:30.0384 0664 wlidsvc - ok
16:31:30.0447 0664 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:31:30.0481 0664 WmiAcpi - ok
16:31:30.0505 0664 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:31:30.0525 0664 wmiApSrv - ok
16:31:30.0560 0664 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:31:30.0581 0664 WMPNetworkSvc - ok
16:31:30.0648 0664 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:31:30.0658 0664 WPCSvc - ok
16:31:30.0681 0664 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:31:30.0691 0664 WPDBusEnum - ok
16:31:30.0720 0664 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:31:30.0735 0664 WpdUsb - ok
16:31:30.0791 0664 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:31:30.0809 0664 WPFFontCache_v0400 - ok
16:31:30.0843 0664 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:31:30.0863 0664 ws2ifsl - ok
16:31:30.0880 0664 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\system32\wscsvc.dll
16:31:30.0891 0664 wscsvc - ok
16:31:30.0898 0664 WSearch - ok
16:31:30.0948 0664 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
16:31:31.0016 0664 wuauserv - ok
16:31:31.0055 0664 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:31:31.0074 0664 WUDFRd - ok
16:31:31.0096 0664 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:31:31.0117 0664 wudfsvc - ok
16:31:31.0159 0664 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
16:31:31.0175 0664 YahooAUService - ok
16:31:31.0179 0664 yeddef - ok
16:31:31.0186 0664 ================ Scan global ===============================
16:31:31.0189 0664 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:31:31.0224 0664 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
16:31:31.0241 0664 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll
16:31:31.0259 0664 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe
16:31:31.0262 0664 [Global] - ok
16:31:31.0263 0664 ================ Scan MBR ==================================
16:31:31.0274 0664 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:31:31.0692 0664 \Device\Harddisk0\DR0 - ok
16:31:31.0698 0664 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
16:31:31.0839 0664 \Device\Harddisk5\DR5 - ok
16:31:31.0839 0664 ================ Scan VBR ==================================
16:31:31.0841 0664 [ 53A7AF61C7DAEF856735B82B71CB64A6 ] \Device\Harddisk0\DR0\Partition1
16:31:31.0843 0664 \Device\Harddisk0\DR0\Partition1 - ok
16:31:31.0846 0664 [ A28DA599A4535E1DEDBA51D368BB9CE4 ] \Device\Harddisk5\DR5\Partition1
16:31:31.0848 0664 \Device\Harddisk5\DR5\Partition1 - ok
16:31:31.0848 0664 ============================================================
16:31:31.0848 0664 Scan finished
16:31:31.0848 0664 ============================================================
16:31:31.0853 1272 Detected object count: 4
16:31:31.0853 1272 Actual detected object count: 4
16:31:43.0749 1272 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:43.0749 1272 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:43.0750 1272 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:43.0750 1272 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:43.0751 1272 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:43.0751 1272 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:43.0752 1272 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:43.0752 1272 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:32:09.0952 1396 Deinitialize success

Here's the FSS log

Farbar Service Scanner Version: 14-04-2013
Ran by Owner (administrator) on 27-04-2013 at 16:32:39
Running from "C:\Users\Owner\Desktop"
Windows Vista ™ Home Premium Service Pack 1 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-15 20:29] - [2011-04-21 06:16] - 0273408 ____A (Microsoft Corporation) 48EB99503533C27AC6135648E5474457

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-08-15 13:51] - [2010-06-16 08:59] - 0898952 ____A (Microsoft Corporation) 782568AB6A43160A159B6215B70BCCE9

C:\Windows\system32\dnsrslvr.dll
[2011-06-03 19:10] - [2011-03-02 07:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D

C:\Windows\system32\mpssvc.dll
[2009-09-12 21:47] - [2008-01-19 00:34] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B

C:\Windows\system32\bfe.dll
[2009-09-12 21:46] - [2008-01-19 00:33] - 0328704 ____A (Microsoft Corporation) 8582E233C346AEFE759833E8A30DD697

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2009-09-12 21:47] - [2008-01-19 00:33] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23

C:\Windows\system32\wscsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:37] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C

C:\Windows\system32\wbem\WMIsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:36] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5

C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-09-12 21:47] - [2008-01-19 00:36] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D

C:\Windows\system32\es.dll
[2009-09-10 21:23] - [2009-09-10 21:23] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465

C:\Windows\system32\cryptsvc.dll
[2009-09-12 21:46] - [2008-01-19 00:34] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-04-13 13:50] - [2010-02-18 07:11] - 0190464 ____A (Microsoft Corporation) 6A35D233693EDC29A12742049BC5E37F

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-09-10 23:24] - [2009-09-10 23:24] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830



**** End of log ****

Thank you again for your help :3
  • 0

#14
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I literally can't leave safe mode sice I can't see the screen unless I'm in safe mode

When did this happen? You can't log into regular mode? How far do you get?
  • 0

#15
Krinkle

Krinkle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
I can, I just get to the final screen and it flickers so uncontrollably... that I can't see to click or anything. :( Also it has been happening since the day before I posted the log.

Edited by Krinkle, 29 April 2013 - 02:04 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP