Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pup.gameplaylab


  • Please log in to reply
7 replies to this topic

#1 Gundown64

Gundown64

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 11 October 2012 - 08:21 PM

Found this on a Malwarebytes scan. Found a post on this forum and ran the recommended programs (TDSSkiller, aswMBR, and ESET).

All the scans found threats so I removed them via each program, restarted my PC and ran again. These are the logs.

Malwarebytes:
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Colby :: COLBY-PC [administrator]

Protection: Enabled

10/11/2012 4:55:05 PM
mbam-log-2012-10-11 (19-52-30).txt

Scan type: Full scan (C:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 525289
Time elapsed: 2 hour(s), 57 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings (PUP.GamePlayLabs) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Program Files (x86)\Giant Savings\Giant Savings.exe (PUP.GamePlayLabs) -> No action taken.
C:\Program Files (x86)\Giant Savings\Giant SavingsGui.exe (PUP.GamePlayLabs) -> No action taken.
C:\Program Files (x86)\Giant Savings\Uninstall.exe (PUP.GamePlayLabs) -> No action taken.

(end)

TDSSkiller:

21:12:03.0810 7404 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:12:04.0336 7404 ============================================================
21:12:04.0336 7404 Current date / time: 2012/10/11 21:12:04.0336
21:12:04.0336 7404 SystemInfo:
21:12:04.0336 7404
21:12:04.0336 7404 OS Version: 6.1.7601 ServicePack: 1.0
21:12:04.0336 7404 Product type: Workstation
21:12:04.0336 7404 ComputerName: COLBY-PC
21:12:04.0336 7404 UserName: Colby
21:12:04.0336 7404 Windows directory: C:\Windows
21:12:04.0336 7404 System windows directory: C:\Windows
21:12:04.0336 7404 Running under WOW64
21:12:04.0336 7404 Processor architecture: Intel x64
21:12:04.0336 7404 Number of processors: 6
21:12:04.0336 7404 Page size: 0x1000
21:12:04.0336 7404 Boot type: Normal boot
21:12:04.0336 7404 ============================================================
21:12:05.0378 7404 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:05.0380 7404 Drive \Device\Harddisk1\DR1 - Size: 0x7745D6000 (29.82 Gb), SectorSize: 0x200, Cylinders: 0xF34, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:05.0385 7404 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:12:05.0563 7404 ============================================================
21:12:05.0563 7404 \Device\Harddisk2\DR2:
21:12:05.0563 7404 MBR partitions:
21:12:05.0563 7404 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:12:05.0563 7404 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
21:12:05.0563 7404 \Device\Harddisk1\DR1:
21:12:05.0563 7404 MBR partitions:
21:12:05.0563 7404 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x32800, BlocksNum 0x3B6F800
21:12:05.0563 7404 \Device\Harddisk0\DR0:
21:12:05.0564 7404 MBR partitions:
21:12:05.0564 7404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:12:05.0564 7404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
21:12:05.0564 7404 ============================================================
21:12:05.0593 7404 C: <-> \Device\Harddisk0\DR0\Partition2
21:12:05.0602 7404 H: <-> \Device\Harddisk2\DR2\Partition2
21:12:05.0614 7404 G: <-> \Device\Harddisk2\DR2\Partition1
21:12:05.0615 7404 F: <-> \Device\Harddisk1\DR1\Partition1
21:12:05.0615 7404 ============================================================
21:12:05.0615 7404 Initialize success
21:12:05.0615 7404 ============================================================
21:12:09.0068 6464 ============================================================
21:12:09.0068 6464 Scan started
21:12:09.0068 6464 Mode: Manual; TDLFS;
21:12:09.0068 6464 ============================================================
21:12:09.0737 6464 ================ Scan system memory ========================
21:12:09.0737 6464 System memory - ok
21:12:09.0738 6464 ================ Scan services =============================
21:12:09.0888 6464 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:12:09.0891 6464 1394ohci - ok
21:12:09.0912 6464 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:12:09.0915 6464 ACPI - ok
21:12:09.0930 6464 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:12:09.0931 6464 AcpiPmi - ok
21:12:10.0022 6464 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:12:10.0023 6464 AdobeARMservice - ok
21:12:10.0137 6464 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:12:10.0138 6464 AdobeFlashPlayerUpdateSvc - ok
21:12:10.0178 6464 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:12:10.0182 6464 adp94xx - ok
21:12:10.0205 6464 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:12:10.0231 6464 adpahci - ok
21:12:10.0272 6464 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:12:10.0275 6464 adpu320 - ok
21:12:10.0332 6464 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:12:10.0333 6464 AeLookupSvc - ok
21:12:10.0359 6464 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:12:10.0363 6464 AFD - ok
21:12:10.0384 6464 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:12:10.0385 6464 agp440 - ok
21:12:10.0501 6464 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai C:/Program Files (x86)/Common Files/Akamai/netsession_win_5891ae0.dll
21:12:10.0539 6464 Akamai - ok
21:12:10.0563 6464 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:12:10.0565 6464 ALG - ok
21:12:10.0591 6464 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:12:10.0593 6464 aliide - ok
21:12:10.0626 6464 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:12:10.0629 6464 AMD External Events Utility - ok
21:12:10.0697 6464 AMD FUEL Service - ok
21:12:10.0718 6464 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:12:10.0718 6464 amdide - ok
21:12:10.0741 6464 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:12:10.0741 6464 amdiox64 - ok
21:12:10.0795 6464 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:12:10.0796 6464 AmdK8 - ok
21:12:11.0107 6464 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:12:11.0245 6464 amdkmdag - ok
21:12:11.0293 6464 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:12:11.0296 6464 amdkmdap - ok
21:12:11.0308 6464 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:12:11.0310 6464 AmdPPM - ok
21:12:11.0339 6464 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:12:11.0340 6464 amdsata - ok
21:12:11.0363 6464 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:12:11.0365 6464 amdsbs - ok
21:12:11.0378 6464 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:12:11.0379 6464 amdxata - ok
21:12:11.0404 6464 [ F312FAD7DBD49ED21A194AC71B497832 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:12:11.0405 6464 AODDriver4.01 - ok
21:12:11.0442 6464 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:12:11.0443 6464 AppID - ok
21:12:11.0459 6464 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:12:11.0460 6464 AppIDSvc - ok
21:12:11.0483 6464 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:12:11.0484 6464 Appinfo - ok
21:12:11.0550 6464 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:12:11.0551 6464 Apple Mobile Device - ok
21:12:11.0585 6464 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:12:11.0586 6464 arc - ok
21:12:11.0590 6464 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:12:11.0591 6464 arcsas - ok
21:12:11.0688 6464 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:12:11.0689 6464 aspnet_state - ok
21:12:11.0715 6464 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:12:11.0716 6464 AsyncMac - ok
21:12:11.0737 6464 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:12:11.0737 6464 atapi - ok
21:12:11.0771 6464 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:12:11.0772 6464 AtiHDAudioService - ok
21:12:11.0792 6464 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:12:11.0793 6464 AtiPcie - ok
21:12:11.0823 6464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:12:11.0829 6464 AudioEndpointBuilder - ok
21:12:11.0837 6464 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:12:11.0840 6464 AudioSrv - ok
21:12:11.0880 6464 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
21:12:11.0882 6464 Autodesk Content Service - ok
21:12:11.0908 6464 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:12:11.0909 6464 AxInstSV - ok
21:12:11.0947 6464 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:12:11.0951 6464 b06bdrv - ok
21:12:11.0975 6464 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:12:11.0978 6464 b57nd60a - ok
21:12:12.0014 6464 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:12:12.0015 6464 BDESVC - ok
21:12:12.0025 6464 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:12:12.0026 6464 Beep - ok
21:12:12.0065 6464 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:12:12.0071 6464 BFE - ok
21:12:12.0089 6464 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:12:12.0109 6464 BITS - ok
21:12:12.0140 6464 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:12:12.0141 6464 blbdrive - ok
21:12:12.0194 6464 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:12:12.0198 6464 Bonjour Service - ok
21:12:12.0239 6464 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:12:12.0240 6464 bowser - ok
21:12:12.0265 6464 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:12:12.0266 6464 BrFiltLo - ok
21:12:12.0279 6464 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:12:12.0280 6464 BrFiltUp - ok
21:12:12.0298 6464 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:12:12.0299 6464 Browser - ok
21:12:12.0311 6464 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:12:12.0314 6464 Brserid - ok
21:12:12.0341 6464 [ 80E52EF092F3DAD03E0EE15E64F97245 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
21:12:12.0342 6464 BrSerIf - ok
21:12:12.0367 6464 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:12:12.0368 6464 BrSerWdm - ok
21:12:12.0384 6464 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:12:12.0384 6464 BrUsbMdm - ok
21:12:12.0388 6464 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
21:12:12.0389 6464 BrUsbSer - ok
21:12:12.0420 6464 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
21:12:12.0421 6464 BTCFilterService - ok
21:12:12.0430 6464 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:12:12.0431 6464 BTHMODEM - ok
21:12:12.0455 6464 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:12:12.0460 6464 bthserv - ok
21:12:12.0494 6464 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:12:12.0495 6464 cdfs - ok
21:12:12.0536 6464 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:12:12.0538 6464 cdrom - ok
21:12:12.0564 6464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:12:12.0565 6464 CertPropSvc - ok
21:12:12.0595 6464 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:12:12.0596 6464 circlass - ok
21:12:12.0619 6464 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:12:12.0622 6464 CLFS - ok
21:12:12.0670 6464 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:12:12.0670 6464 clr_optimization_v2.0.50727_32 - ok
21:12:12.0703 6464 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:12:12.0704 6464 clr_optimization_v2.0.50727_64 - ok
21:12:12.0751 6464 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:12:12.0753 6464 clr_optimization_v4.0.30319_32 - ok
21:12:12.0761 6464 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:12:12.0763 6464 clr_optimization_v4.0.30319_64 - ok
21:12:12.0796 6464 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:12:12.0797 6464 CmBatt - ok
21:12:12.0807 6464 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:12:12.0807 6464 cmdide - ok
21:12:12.0834 6464 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:12:12.0838 6464 CNG - ok
21:12:12.0850 6464 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:12:12.0851 6464 Compbatt - ok
21:12:12.0885 6464 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
21:12:12.0886 6464 CompFilter64 - ok
21:12:12.0916 6464 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:12:12.0916 6464 CompositeBus - ok
21:12:12.0922 6464 COMSysApp - ok
21:12:13.0003 6464 [ 048BAF86AD03160F677A612C3B32F3F1 ] Conveyor C:\Program Files (x86)\MakerBot\FireDaemon\FireDaemon.exe
21:12:13.0004 6464 Conveyor - ok
21:12:13.0047 6464 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:12:13.0048 6464 crcdisk - ok
21:12:13.0086 6464 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:12:13.0088 6464 CryptSvc - ok
21:12:13.0159 6464 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:12:13.0166 6464 cvhsvc - ok
21:12:13.0207 6464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:12:13.0216 6464 DcomLaunch - ok
21:12:13.0232 6464 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:12:13.0235 6464 defragsvc - ok
21:12:13.0260 6464 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:12:13.0261 6464 DfsC - ok
21:12:13.0292 6464 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:12:13.0295 6464 Dhcp - ok
21:12:13.0315 6464 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:12:13.0316 6464 discache - ok
21:12:13.0347 6464 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:12:13.0348 6464 Disk - ok
21:12:13.0371 6464 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:12:13.0373 6464 Dnscache - ok
21:12:13.0400 6464 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:12:13.0403 6464 dot3svc - ok
21:12:13.0424 6464 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:12:13.0426 6464 DPS - ok
21:12:13.0451 6464 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:12:13.0452 6464 drmkaud - ok
21:12:13.0480 6464 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:12:13.0488 6464 DXGKrnl - ok
21:12:13.0517 6464 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:12:13.0518 6464 EapHost - ok
21:12:13.0560 6464 [ 64585B1D85FF7566B99CED303A02F357 ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
21:12:13.0560 6464 EaseUS Agent - ok
21:12:13.0572 6464 easytether - ok
21:12:13.0636 6464 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:12:13.0663 6464 ebdrv - ok
21:12:13.0690 6464 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:12:13.0691 6464 EFS - ok
21:12:13.0728 6464 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:12:13.0733 6464 ehRecvr - ok
21:12:13.0753 6464 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:12:13.0754 6464 ehSched - ok
21:12:13.0791 6464 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:12:13.0796 6464 elxstor - ok
21:12:13.0816 6464 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:12:13.0817 6464 ErrDev - ok
21:12:13.0865 6464 [ BF217BE3DB6907579C13438C6EFE002D ] EUBAKUP C:\Windows\system32\drivers\eubakup.sys
21:12:13.0866 6464 EUBAKUP - ok
21:12:13.0876 6464 [ 92E3BD1F7D6D29A10929C1F9F7660FC3 ] EUBKMON C:\Windows\system32\drivers\EUBKMON.sys
21:12:13.0877 6464 EUBKMON - ok
21:12:13.0890 6464 [ D17446353E4FEE5B7D710610E8B18AC4 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
21:12:13.0890 6464 EUDSKACS - ok
21:12:13.0895 6464 [ 8AD925DA2E4BCD1A6E657A7248CCDED2 ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
21:12:13.0897 6464 EUFDDISK - ok
21:12:13.0920 6464 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:12:13.0924 6464 EventSystem - ok
21:12:13.0941 6464 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:12:13.0944 6464 exfat - ok
21:12:13.0967 6464 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:12:13.0970 6464 fastfat - ok
21:12:13.0996 6464 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:12:14.0002 6464 Fax - ok
21:12:14.0017 6464 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:12:14.0018 6464 fdc - ok
21:12:14.0038 6464 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:12:14.0039 6464 fdPHost - ok
21:12:14.0053 6464 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:12:14.0054 6464 FDResPub - ok
21:12:14.0076 6464 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:12:14.0077 6464 FileInfo - ok
21:12:14.0085 6464 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:12:14.0086 6464 Filetrace - ok
21:12:14.0147 6464 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
21:12:14.0154 6464 FLEXnet Licensing Service 64 - ok
21:12:14.0167 6464 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:12:14.0168 6464 flpydisk - ok
21:12:14.0205 6464 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:12:14.0230 6464 FltMgr - ok
21:12:14.0301 6464 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:12:14.0311 6464 FontCache - ok
21:12:14.0363 6464 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:12:14.0364 6464 FontCache3.0.0.0 - ok
21:12:14.0413 6464 [ 76FCBFD0C78DE110468B356F85EC6DB3 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
21:12:14.0418 6464 ForceWare Intelligent Application Manager (IAM) - ok
21:12:14.0463 6464 [ 565619F1B6DA86E3C7BA75A1E60ECFCD ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
21:12:14.0464 6464 Freemake Improver - ok
21:12:14.0477 6464 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:12:14.0478 6464 FsDepends - ok
21:12:14.0500 6464 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:12:14.0501 6464 Fs_Rec - ok
21:12:14.0531 6464 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:12:14.0533 6464 fvevol - ok
21:12:14.0557 6464 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:12:14.0558 6464 gagp30kx - ok
21:12:14.0587 6464 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:12:14.0588 6464 GEARAspiWDM - ok
21:12:14.0614 6464 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:12:14.0621 6464 gpsvc - ok
21:12:14.0639 6464 [ A6A4223573CFCF87843CFCB3A9C237C7 ] Guard Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
21:12:14.0640 6464 Guard Agent - ok
21:12:14.0663 6464 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:12:14.0664 6464 hcw85cir - ok
21:12:14.0695 6464 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:12:14.0698 6464 HdAudAddService - ok
21:12:14.0721 6464 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:12:14.0722 6464 HDAudBus - ok
21:12:14.0734 6464 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:12:14.0735 6464 HidBatt - ok
21:12:14.0746 6464 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:12:14.0747 6464 HidBth - ok
21:12:14.0761 6464 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:12:14.0762 6464 HidIr - ok
21:12:14.0788 6464 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:12:14.0789 6464 hidserv - ok
21:12:14.0812 6464 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:12:14.0813 6464 HidUsb - ok
21:12:14.0835 6464 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:12:14.0836 6464 hkmsvc - ok
21:12:14.0857 6464 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:12:14.0860 6464 HomeGroupListener - ok
21:12:14.0877 6464 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:12:14.0879 6464 HomeGroupProvider - ok
21:12:14.0901 6464 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:12:14.0902 6464 HpSAMD - ok
21:12:14.0942 6464 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:12:14.0948 6464 HTTP - ok
21:12:14.0964 6464 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:12:14.0964 6464 hwpolicy - ok
21:12:14.0985 6464 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:12:14.0987 6464 i8042prt - ok
21:12:15.0025 6464 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:12:15.0029 6464 iaStorV - ok
21:12:15.0080 6464 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:12:15.0087 6464 idsvc - ok
21:12:15.0113 6464 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:12:15.0114 6464 iirsp - ok
21:12:15.0140 6464 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:12:15.0148 6464 IKEEXT - ok
21:12:15.0179 6464 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:12:15.0179 6464 intelide - ok
21:12:15.0207 6464 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:12:15.0223 6464 intelppm - ok
21:12:15.0272 6464 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:12:15.0273 6464 IPBusEnum - ok
21:12:15.0301 6464 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:15.0302 6464 IpFilterDriver - ok
21:12:15.0330 6464 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:12:15.0335 6464 iphlpsvc - ok
21:12:15.0358 6464 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:12:15.0359 6464 IPMIDRV - ok
21:12:15.0385 6464 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:12:15.0386 6464 IPNAT - ok
21:12:15.0442 6464 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:12:15.0451 6464 iPod Service - ok
21:12:15.0480 6464 [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv C:\Windows\system32\drivers\iPodDrv.sys
21:12:15.0481 6464 iPodDrv - ok
21:12:15.0500 6464 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:12:15.0500 6464 IRENUM - ok
21:12:15.0524 6464 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:12:15.0525 6464 isapnp - ok
21:12:15.0549 6464 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:12:15.0552 6464 iScsiPrt - ok
21:12:15.0571 6464 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:15.0572 6464 kbdclass - ok
21:12:15.0583 6464 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:15.0584 6464 kbdhid - ok
21:12:15.0590 6464 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:12:15.0591 6464 KeyIso - ok
21:12:15.0611 6464 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:12:15.0612 6464 KSecDD - ok
21:12:15.0632 6464 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:12:15.0634 6464 KSecPkg - ok
21:12:15.0656 6464 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:12:15.0657 6464 ksthunk - ok
21:12:15.0685 6464 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:12:15.0689 6464 KtmRm - ok
21:12:15.0725 6464 [ 86F06574763A0E7CDCD57DD85632E44F ] LADF_BakerCOnly C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
21:12:15.0729 6464 LADF_BakerCOnly - ok
21:12:15.0747 6464 [ 89B4981F949A14148365DE8D98A310B5 ] LADF_BakerROnly C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
21:12:15.0750 6464 LADF_BakerROnly - ok
21:12:15.0769 6464 [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
21:12:15.0773 6464 LADF_CaptureOnly - ok
21:12:15.0783 6464 [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
21:12:15.0786 6464 LADF_RenderOnly - ok
21:12:15.0830 6464 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:12:15.0833 6464 LanmanServer - ok
21:12:15.0859 6464 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:12:15.0861 6464 LanmanWorkstation - ok
21:12:15.0907 6464 [ 19EFF704CD16DD0429E128431F1DD631 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:12:15.0911 6464 LBTServ - ok
21:12:15.0938 6464 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:12:15.0938 6464 LGBusEnum - ok
21:12:15.0962 6464 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:12:15.0962 6464 LGVirHid - ok
21:12:15.0989 6464 [ 1074C77A47835E03C15BF92452F9A750 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:12:15.0990 6464 LHidFilt - ok
21:12:16.0026 6464 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:12:16.0026 6464 lltdio - ok
21:12:16.0050 6464 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:12:16.0054 6464 lltdsvc - ok
21:12:16.0057 6464 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:12:16.0058 6464 lmhosts - ok
21:12:16.0080 6464 [ 96999C364C649E2866A268F7420A304A ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:12:16.0081 6464 LMouFilt - ok
21:12:16.0104 6464 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:12:16.0105 6464 LSI_FC - ok
21:12:16.0132 6464 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:12:16.0133 6464 LSI_SAS - ok
21:12:16.0143 6464 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:12:16.0144 6464 LSI_SAS2 - ok
21:12:16.0156 6464 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:12:16.0157 6464 LSI_SCSI - ok
21:12:16.0174 6464 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:12:16.0175 6464 luafv - ok
21:12:16.0204 6464 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:12:16.0224 6464 LVRS64 - ok
21:12:16.0364 6464 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:12:16.0404 6464 LVUVC64 - ok
21:12:16.0442 6464 lxcr_device - ok
21:12:16.0472 6464 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:12:16.0473 6464 MBAMProtector - ok
21:12:16.0521 6464 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:12:16.0525 6464 MBAMScheduler - ok
21:12:16.0541 6464 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:12:16.0546 6464 MBAMService - ok
21:12:16.0571 6464 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:12:16.0572 6464 Mcx2Svc - ok
21:12:16.0600 6464 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:12:16.0601 6464 megasas - ok
21:12:16.0620 6464 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:12:16.0623 6464 MegaSR - ok
21:12:16.0687 6464 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:12:16.0688 6464 Microsoft Office Groove Audit Service - ok
21:12:16.0708 6464 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:12:16.0709 6464 MMCSS - ok
21:12:16.0720 6464 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:12:16.0721 6464 Modem - ok
21:12:16.0748 6464 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:12:16.0748 6464 monitor - ok
21:12:16.0782 6464 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys
21:12:16.0783 6464 motandroidusb - ok
21:12:16.0820 6464 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
21:12:16.0821 6464 motccgp - ok
21:12:16.0831 6464 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
21:12:16.0832 6464 motccgpfl - ok
21:12:16.0859 6464 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
21:12:16.0860 6464 MotDev - ok
21:12:16.0889 6464 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
21:12:16.0890 6464 motmodem - ok
21:12:16.0898 6464 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
21:12:16.0899 6464 MotoSwitchService - ok
21:12:16.0951 6464 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
21:12:16.0952 6464 Motousbnet - ok
21:12:16.0963 6464 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:12:16.0964 6464 mouclass - ok
21:12:16.0987 6464 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:12:16.0988 6464 mouhid - ok
21:12:17.0008 6464 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:12:17.0009 6464 mountmgr - ok
21:12:17.0048 6464 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:12:17.0049 6464 MozillaMaintenance - ok
21:12:17.0102 6464 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:12:17.0104 6464 MpFilter - ok
21:12:17.0133 6464 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:12:17.0134 6464 mpio - ok
21:12:17.0156 6464 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:12:17.0157 6464 mpsdrv - ok
21:12:17.0193 6464 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:12:17.0201 6464 MpsSvc - ok
21:12:17.0220 6464 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:12:17.0225 6464 MRxDAV - ok
21:12:17.0253 6464 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:17.0255 6464 mrxsmb - ok
21:12:17.0276 6464 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:17.0279 6464 mrxsmb10 - ok
21:12:17.0283 6464 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:17.0284 6464 mrxsmb20 - ok
21:12:17.0296 6464 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:12:17.0297 6464 msahci - ok
21:12:17.0310 6464 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:12:17.0312 6464 msdsm - ok
21:12:17.0334 6464 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:12:17.0336 6464 MSDTC - ok
21:12:17.0357 6464 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:12:17.0358 6464 Msfs - ok
21:12:17.0371 6464 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:12:17.0371 6464 mshidkmdf - ok
21:12:17.0377 6464 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:12:17.0378 6464 msisadrv - ok
21:12:17.0408 6464 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:12:17.0410 6464 MSiSCSI - ok
21:12:17.0413 6464 msiserver - ok
21:12:17.0437 6464 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:12:17.0438 6464 MSKSSRV - ok
21:12:17.0497 6464 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:12:17.0497 6464 MsMpSvc - ok
21:12:17.0513 6464 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:17.0514 6464 MSPCLOCK - ok
21:12:17.0522 6464 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:12:17.0523 6464 MSPQM - ok
21:12:17.0547 6464 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:12:17.0550 6464 MsRPC - ok
21:12:17.0570 6464 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:12:17.0571 6464 mssmbios - ok
21:12:17.0600 6464 MSSQL$SQLEXPRESS - ok
21:12:17.0630 6464 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:12:17.0631 6464 MSSQLServerADHelper100 - ok
21:12:17.0665 6464 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:12:17.0666 6464 MSTEE - ok
21:12:17.0678 6464 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:12:17.0679 6464 MTConfig - ok
21:12:17.0721 6464 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:12:17.0722 6464 MTsensor - ok
21:12:17.0735 6464 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:12:17.0736 6464 Mup - ok
21:12:17.0763 6464 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:12:17.0767 6464 napagent - ok
21:12:17.0803 6464 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:12:17.0806 6464 NativeWifiP - ok
21:12:17.0855 6464 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:12:17.0863 6464 NDIS - ok
21:12:17.0877 6464 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:17.0878 6464 NdisCap - ok
21:12:17.0907 6464 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:17.0908 6464 NdisTapi - ok
21:12:17.0926 6464 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:17.0927 6464 Ndisuio - ok
21:12:17.0941 6464 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:17.0943 6464 NdisWan - ok
21:12:17.0968 6464 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:12:17.0969 6464 NDProxy - ok
21:12:17.0986 6464 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:12:17.0987 6464 NetBIOS - ok
21:12:18.0009 6464 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:12:18.0011 6464 NetBT - ok
21:12:18.0023 6464 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:12:18.0024 6464 Netlogon - ok
21:12:18.0063 6464 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:12:18.0067 6464 Netman - ok
21:12:18.0116 6464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:18.0117 6464 NetMsmqActivator - ok
21:12:18.0121 6464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:18.0122 6464 NetPipeActivator - ok
21:12:18.0141 6464 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:12:18.0145 6464 netprofm - ok
21:12:18.0150 6464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:18.0150 6464 NetTcpActivator - ok
21:12:18.0154 6464 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:18.0155 6464 NetTcpPortSharing - ok
21:12:18.0174 6464 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:12:18.0175 6464 nfrd960 - ok
21:12:18.0227 6464 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:12:18.0229 6464 NisDrv - ok
21:12:18.0263 6464 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:12:18.0266 6464 NisSrv - ok
21:12:18.0298 6464 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:12:18.0301 6464 NlaSvc - ok
21:12:18.0322 6464 [ C31FA031335EFF434B2D94278E74BCCE ] npf C:\Windows\system32\drivers\npf.sys
21:12:18.0323 6464 npf - ok
21:12:18.0336 6464 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:12:18.0337 6464 Npfs - ok
21:12:18.0357 6464 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:12:18.0358 6464 nsi - ok
21:12:18.0370 6464 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:12:18.0370 6464 nsiproxy - ok
21:12:18.0418 6464 [ 13C0D9CBA38FFA6D0C9E721B5E7212A0 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
21:12:18.0420 6464 nSvcIp - ok
21:12:18.0459 6464 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:12:18.0473 6464 Ntfs - ok
21:12:18.0491 6464 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:12:18.0492 6464 Null - ok
21:12:18.0522 6464 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
21:12:18.0526 6464 NVENETFD - ok
21:12:18.0702 6464 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:12:18.0849 6464 nvlddmkm - ok
21:12:18.0878 6464 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
21:12:18.0881 6464 NVNET - ok
21:12:18.0916 6464 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:12:18.0917 6464 nvraid - ok
21:12:18.0943 6464 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:12:18.0945 6464 nvstor - ok
21:12:18.0969 6464 [ 71B6ECD3C56FBF12FB1968DA3953B703 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
21:12:18.0971 6464 nvstor64 - ok
21:12:18.0994 6464 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:12:18.0995 6464 nv_agp - ok
21:12:19.0068 6464 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:12:19.0072 6464 odserv - ok
21:12:19.0097 6464 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:12:19.0098 6464 ohci1394 - ok
21:12:19.0134 6464 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:12:19.0136 6464 ose - ok
21:12:19.0234 6464 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:12:19.0275 6464 osppsvc - ok
21:12:19.0307 6464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:12:19.0311 6464 p2pimsvc - ok
21:12:19.0328 6464 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:12:19.0333 6464 p2psvc - ok
21:12:19.0355 6464 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:12:19.0356 6464 Parport - ok
21:12:19.0378 6464 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:12:19.0379 6464 partmgr - ok
21:12:19.0402 6464 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:12:19.0405 6464 PcaSvc - ok
21:12:19.0422 6464 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:12:19.0423 6464 pci - ok
21:12:19.0427 6464 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:12:19.0428 6464 pciide - ok
21:12:19.0440 6464 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:12:19.0442 6464 pcmcia - ok
21:12:19.0446 6464 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:12:19.0447 6464 pcw - ok
21:12:19.0466 6464 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:12:19.0472 6464 PEAUTH - ok
21:12:19.0549 6464 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:12:19.0551 6464 PerfHost - ok
21:12:19.0593 6464 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:12:19.0606 6464 pla - ok
21:12:19.0628 6464 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:12:19.0632 6464 PlugPlay - ok
21:12:19.0645 6464 PnkBstrA - ok
21:12:19.0671 6464 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:12:19.0672 6464 PNRPAutoReg - ok
21:12:19.0690 6464 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:12:19.0693 6464 PNRPsvc - ok
21:12:19.0716 6464 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:12:19.0721 6464 PolicyAgent - ok
21:12:19.0775 6464 postgresql-x64-9.1 - ok
21:12:19.0801 6464 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:12:19.0804 6464 Power - ok
21:12:19.0828 6464 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:12:19.0829 6464 PptpMiniport - ok
21:12:19.0846 6464 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:12:19.0847 6464 Processor - ok
21:12:19.0870 6464 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:12:19.0873 6464 ProfSvc - ok
21:12:19.0881 6464 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:12:19.0882 6464 ProtectedStorage - ok
21:12:19.0909 6464 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:12:19.0911 6464 Psched - ok
21:12:19.0942 6464 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:12:19.0955 6464 ql2300 - ok
21:12:19.0971 6464 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:12:19.0972 6464 ql40xx - ok
21:12:19.0999 6464 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:12:20.0002 6464 QWAVE - ok
21:12:20.0024 6464 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:12:20.0025 6464 QWAVEdrv - ok
21:12:20.0036 6464 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:12:20.0036 6464 RasAcd - ok
21:12:20.0074 6464 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:12:20.0075 6464 RasAgileVpn - ok
21:12:20.0082 6464 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:12:20.0084 6464 RasAuto - ok
21:12:20.0099 6464 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:12:20.0100 6464 Rasl2tp - ok
21:12:20.0127 6464 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:12:20.0131 6464 RasMan - ok
21:12:20.0141 6464 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:12:20.0142 6464 RasPppoe - ok
21:12:20.0153 6464 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:12:20.0162 6464 RasSstp - ok
21:12:20.0181 6464 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:12:20.0184 6464 rdbss - ok
21:12:20.0196 6464 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:12:20.0197 6464 rdpbus - ok
21:12:20.0209 6464 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:12:20.0211 6464 RDPCDD - ok
21:12:20.0235 6464 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:12:20.0236 6464 RDPENCDD - ok
21:12:20.0242 6464 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:12:20.0243 6464 RDPREFMP - ok
21:12:20.0267 6464 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:12:20.0269 6464 RDPWD - ok
21:12:20.0307 6464 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:12:20.0309 6464 rdyboost - ok
21:12:20.0331 6464 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:12:20.0333 6464 RemoteAccess - ok
21:12:20.0356 6464 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:12:20.0359 6464 RemoteRegistry - ok
21:12:20.0388 6464 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:12:20.0389 6464 RimUsb - ok
21:12:20.0421 6464 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:12:20.0422 6464 RimVSerPort - ok
21:12:20.0448 6464 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
21:12:20.0448 6464 ROOTMODEM - ok
21:12:20.0465 6464 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:12:20.0467 6464 RpcEptMapper - ok
21:12:20.0487 6464 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:12:20.0488 6464 RpcLocator - ok
21:12:20.0515 6464 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:12:20.0518 6464 RpcSs - ok
21:12:20.0546 6464 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
21:12:20.0549 6464 RsFx0103 - ok
21:12:20.0580 6464 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:12:20.0580 6464 rspndr - ok
21:12:20.0611 6464 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:12:20.0616 6464 RTL8167 - ok
21:12:20.0623 6464 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:12:20.0624 6464 SamSs - ok
21:12:20.0657 6464 [ 152EE68830FFB13F0B1FEC6C9B99644F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:12:20.0659 6464 SbieDrv - ok
21:12:20.0666 6464 [ FD0287131D91352F225EBB5CD3527952 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:12:20.0667 6464 SbieSvc - ok
21:12:20.0691 6464 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:12:20.0692 6464 sbp2port - ok
21:12:20.0720 6464 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:12:20.0723 6464 SCardSvr - ok
21:12:20.0753 6464 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
21:12:20.0754 6464 SCDEmu - ok
21:12:20.0778 6464 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:12:20.0779 6464 scfilter - ok
21:12:20.0814 6464 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:12:20.0824 6464 Schedule - ok
21:12:20.0847 6464 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:12:20.0848 6464 SCPolicySvc - ok
21:12:20.0858 6464 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:12:20.0860 6464 SDRSVC - ok
21:12:20.0884 6464 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:12:20.0884 6464 secdrv - ok
21:12:20.0895 6464 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:12:20.0897 6464 seclogon - ok
21:12:20.0921 6464 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:12:20.0922 6464 SENS - ok
21:12:20.0934 6464 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:12:20.0936 6464 SensrSvc - ok
21:12:20.0946 6464 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:12:20.0947 6464 Serenum - ok
21:12:20.0968 6464 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:12:20.0969 6464 Serial - ok
21:12:20.0985 6464 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:12:20.0986 6464 sermouse - ok
21:12:21.0011 6464 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:12:21.0013 6464 SessionEnv - ok
21:12:21.0028 6464 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:12:21.0029 6464 sffdisk - ok
21:12:21.0037 6464 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:12:21.0038 6464 sffp_mmc - ok
21:12:21.0042 6464 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:12:21.0042 6464 sffp_sd - ok
21:12:21.0061 6464 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:12:21.0062 6464 sfloppy - ok
21:12:21.0097 6464 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:12:21.0103 6464 Sftfs - ok
21:12:21.0145 6464 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:12:21.0150 6464 sftlist - ok
21:12:21.0173 6464 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:12:21.0175 6464 Sftplay - ok
21:12:21.0198 6464 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:12:21.0199 6464 Sftredir - ok
21:12:21.0210 6464 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:12:21.0212 6464 Sftvol - ok
21:12:21.0236 6464 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:12:21.0238 6464 sftvsa - ok
21:12:21.0267 6464 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:12:21.0271 6464 SharedAccess - ok
21:12:21.0295 6464 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:12:21.0300 6464 ShellHWDetection - ok
21:12:21.0324 6464 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:12:21.0325 6464 SiSRaid2 - ok
21:12:21.0342 6464 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:12:21.0343 6464 SiSRaid4 - ok
21:12:21.0382 6464 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:12:21.0384 6464 SkypeUpdate - ok
21:12:21.0408 6464 [ 2DDE5BC0631EC4FC3706757D65BB60B9 ] slsusb C:\Windows\system32\Drivers\slsusb.sys
21:12:21.0409 6464 slsusb - ok
21:12:21.0433 6464 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:12:21.0434 6464 Smb - ok
21:12:21.0467 6464 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:12:21.0468 6464 SNMPTRAP - ok
21:12:21.0492 6464 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
21:12:21.0493 6464 speedfan - ok
21:12:21.0506 6464 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:12:21.0507 6464 spldr - ok
21:12:21.0534 6464 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:12:21.0540 6464 Spooler - ok
21:12:21.0602 6464 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:12:21.0633 6464 sppsvc - ok
21:12:21.0656 6464 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:12:21.0658 6464 sppuinotify - ok
21:12:21.0690 6464 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
21:12:21.0691 6464 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
21:12:21.0692 6464 sptd ( LockedFile.Multi.Generic ) - warning
21:12:21.0692 6464 sptd - detected LockedFile.Multi.Generic (1)
21:12:21.0734 6464 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:12:21.0738 6464 SQLAgent$SQLEXPRESS - ok
21:12:21.0774 6464 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:12:21.0776 6464 SQLBrowser - ok
21:12:21.0818 6464 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:12:21.0820 6464 SQLWriter - ok
21:12:21.0844 6464 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:12:21.0848 6464 srv - ok
21:12:21.0867 6464 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:12:21.0871 6464 srv2 - ok
21:12:21.0875 6464 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:12:21.0877 6464 srvnet - ok
21:12:21.0903 6464 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:12:21.0906 6464 SSDPSRV - ok
21:12:21.0918 6464 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:12:21.0920 6464 SstpSvc - ok
21:12:21.0948 6464 Steam Client Service - ok
21:12:21.0965 6464 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:12:21.0966 6464 stexstor - ok
21:12:22.0004 6464 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:12:22.0010 6464 stisvc - ok
21:12:22.0030 6464 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:12:22.0031 6464 swenum - ok
21:12:22.0089 6464 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:12:22.0094 6464 SwitchBoard - ok
21:12:22.0133 6464 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:12:22.0138 6464 swprv - ok
21:12:22.0181 6464 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:12:22.0196 6464 SysMain - ok
21:12:22.0221 6464 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:12:22.0223 6464 TabletInputService - ok
21:12:22.0263 6464 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:12:22.0263 6464 tap0901 - ok
21:12:22.0279 6464 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:12:22.0283 6464 TapiSrv - ok
21:12:22.0297 6464 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:12:22.0299 6464 TBS - ok
21:12:22.0346 6464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:12:22.0361 6464 Tcpip - ok
21:12:22.0387 6464 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:12:22.0395 6464 TCPIP6 - ok
21:12:22.0415 6464 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:12:22.0416 6464 tcpipreg - ok
21:12:22.0440 6464 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:12:22.0441 6464 TDPIPE - ok
21:12:22.0466 6464 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:12:22.0467 6464 TDTCP - ok
21:12:22.0494 6464 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:12:22.0495 6464 tdx - ok
21:12:22.0559 6464 [ 839E88DB24D2D8F05B72E12B175951CA ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
21:12:22.0578 6464 TeamViewer6 - ok
21:12:22.0595 6464 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:12:22.0596 6464 TermDD - ok
21:12:22.0622 6464 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:12:22.0629 6464 TermService - ok
21:12:22.0653 6464 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:12:22.0654 6464 Themes - ok
21:12:22.0675 6464 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:12:22.0676 6464 THREADORDER - ok
21:12:22.0691 6464 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:12:22.0693 6464 TrkWks - ok
21:12:22.0733 6464 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:12:22.0736 6464 TrustedInstaller - ok
21:12:22.0760 6464 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:22.0761 6464 tssecsrv - ok
21:12:22.0789 6464 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:12:22.0790 6464 TsUsbFlt - ok
21:12:22.0884 6464 [ 535A376629A37E03F993D769490E8EED ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
21:12:22.0901 6464 TuneUp.UtilitiesSvc - ok
21:12:22.0930 6464 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
21:12:22.0930 6464 TuneUpUtilitiesDrv - ok
21:12:22.0967 6464 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:12:22.0968 6464 tunnel - ok
21:12:22.0994 6464 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:12:22.0995 6464 uagp35 - ok
21:12:23.0018 6464 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:12:23.0021 6464 udfs - ok
21:12:23.0046 6464 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:12:23.0048 6464 UI0Detect - ok
21:12:23.0064 6464 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:12:23.0065 6464 uliagpkx - ok
21:12:23.0099 6464 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:12:23.0100 6464 umbus - ok
21:12:23.0116 6464 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:12:23.0116 6464 UmPass - ok
21:12:23.0160 6464 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:12:23.0164 6464 UMVPFSrv - ok
21:12:23.0181 6464 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:12:23.0185 6464 upnphost - ok
21:12:23.0204 6464 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:12:23.0205 6464 USBAAPL64 - ok
21:12:23.0246 6464 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:12:23.0247 6464 usbaudio - ok
21:12:23.0270 6464 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:23.0271 6464 usbccgp - ok
21:12:23.0310 6464 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:12:23.0311 6464 usbcir - ok
21:12:23.0329 6464 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:12:23.0330 6464 usbehci - ok
21:12:23.0361 6464 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:12:23.0364 6464 usbhub - ok
21:12:23.0385 6464 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:12:23.0385 6464 usbohci - ok
21:12:23.0406 6464 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:12:23.0407 6464 usbprint - ok
21:12:23.0426 6464 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:12:23.0427 6464 usbscan - ok
21:12:23.0436 6464 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:23.0437 6464 USBSTOR - ok
21:12:23.0448 6464 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:12:23.0449 6464 usbuhci - ok
21:12:23.0469 6464 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:12:23.0471 6464 UxSms - ok
21:12:23.0518 6464 [ 6F10C7FF1F1E3F45D7E20DD6E398682E ] UxTuneUp C:\Windows\System32\uxtuneup.dll
21:12:23.0519 6464 UxTuneUp - ok
21:12:23.0532 6464 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:12:23.0533 6464 VaultSvc - ok
21:12:23.0564 6464 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:12:23.0565 6464 vdrvroot - ok
21:12:23.0599 6464 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:12:23.0605 6464 vds - ok
21:12:23.0625 6464 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:23.0626 6464 vga - ok
21:12:23.0642 6464 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:12:23.0643 6464 VgaSave - ok
21:12:23.0660 6464 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:12:23.0662 6464 vhdmp - ok
21:12:23.0713 6464 [ BA1DA5CD689E9473D99731A2E1FF2FB5 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
21:12:23.0725 6464 VIAHdAudAddService - ok
21:12:23.0748 6464 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:12:23.0749 6464 viaide - ok
21:12:23.0765 6464 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:12:23.0766 6464 volmgr - ok
21:12:23.0782 6464 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:12:23.0785 6464 volmgrx - ok
21:12:23.0791 6464 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:12:23.0794 6464 volsnap - ok
21:12:23.0822 6464 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:12:23.0824 6464 vsmraid - ok
21:12:23.0855 6464 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:12:23.0869 6464 VSS - ok
21:12:23.0880 6464 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:12:23.0881 6464 vwifibus - ok
21:12:23.0905 6464 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:12:23.0909 6464 W32Time - ok
21:12:23.0934 6464 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:12:23.0935 6464 WacomPen - ok
21:12:23.0961 6464 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:12:23.0962 6464 WANARP - ok
21:12:23.0966 6464 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:12:23.0966 6464 Wanarpv6 - ok
21:12:24.0013 6464 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:12:24.0024 6464 WatAdminSvc - ok
21:12:24.0063 6464 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:12:24.0077 6464 wbengine - ok
21:12:24.0099 6464 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:12:24.0102 6464 WbioSrvc - ok
21:12:24.0129 6464 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:12:24.0134 6464 wcncsvc - ok
21:12:24.0145 6464 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:12:24.0147 6464 WcsPlugInService - ok
21:12:24.0168 6464 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:12:24.0169 6464 Wd - ok
21:12:24.0185 6464 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:12:24.0191 6464 Wdf01000 - ok
21:12:24.0210 6464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:12:24.0218 6464 WdiServiceHost - ok
21:12:24.0222 6464 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:12:24.0224 6464 WdiSystemHost - ok
21:12:24.0299 6464 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:12:24.0302 6464 WebClient - ok
21:12:24.0317 6464 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:12:24.0320 6464 Wecsvc - ok
21:12:24.0332 6464 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:12:24.0334 6464 wercplsupport - ok
21:12:24.0360 6464 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:12:24.0362 6464 WerSvc - ok
21:12:24.0392 6464 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:24.0393 6464 WfpLwf - ok
21:12:24.0402 6464 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:12:24.0403 6464 WIMMount - ok
21:12:24.0413 6464 WinDefend - ok
21:12:24.0419 6464 WinHttpAutoProxySvc - ok
21:12:24.0447 6464 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:12:24.0450 6464 Winmgmt - ok
21:12:24.0494 6464 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:12:24.0512 6464 WinRM - ok
21:12:24.0545 6464 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:12:24.0546 6464 WinUsb - ok
21:12:24.0581 6464 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:12:24.0589 6464 Wlansvc - ok
21:12:24.0654 6464 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:12:24.0673 6464 wlidsvc - ok
21:12:24.0699 6464 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:12:24.0699 6464 WmiAcpi - ok
21:12:24.0724 6464 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:12:24.0726 6464 wmiApSrv - ok
21:12:24.0750 6464 WMPNetworkSvc - ok
21:12:24.0771 6464 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:12:24.0773 6464 WPCSvc - ok
21:12:24.0791 6464 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:12:24.0793 6464 WPDBusEnum - ok
21:12:24.0818 6464 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:12:24.0818 6464 ws2ifsl - ok
21:12:24.0855 6464 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:12:24.0857 6464 wscsvc - ok
21:12:24.0864 6464 WSearch - ok
21:12:24.0908 6464 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:12:24.0930 6464 wuauserv - ok
21:12:24.0949 6464 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:12:24.0950 6464 WudfPf - ok
21:12:24.0970 6464 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:24.0972 6464 WUDFRd - ok
21:12:24.0988 6464 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:12:24.0990 6464 wudfsvc - ok
21:12:25.0015 6464 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:12:25.0018 6464 WwanSvc - ok
21:12:25.0044 6464 ================ Scan global ===============================
21:12:25.0060 6464 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:12:25.0092 6464 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:12:25.0099 6464 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:12:25.0124 6464 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:12:25.0149 6464 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:12:25.0153 6464 [Global] - ok
21:12:25.0153 6464 ================ Scan MBR ==================================
21:12:25.0156 6464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:12:25.0199 6464 \Device\Harddisk2\DR2 ( TDSS File System ) - warning
21:12:25.0199 6464 \Device\Harddisk2\DR2 - detected TDSS File System (1)
21:12:25.0203 6464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:12:25.0223 6464 \Device\Harddisk1\DR1 - ok
21:12:25.0234 6464 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:12:25.0576 6464 \Device\Harddisk0\DR0 - ok
21:12:25.0576 6464 ================ Scan VBR ==================================
21:12:25.0579 6464 [ B3402FA770B8EB57ACDC48FF64A475B6 ] \Device\Harddisk2\DR2\Partition1
21:12:25.0580 6464 \Device\Harddisk2\DR2\Partition1 - ok
21:12:25.0583 6464 [ 37E66708265448E12C4D35EFF8BD2F18 ] \Device\Harddisk2\DR2\Partition2
21:12:25.0584 6464 \Device\Harddisk2\DR2\Partition2 - ok
21:12:25.0588 6464 [ 0DA413C706F131A3B39C223F85412BE3 ] \Device\Harddisk1\DR1\Partition1
21:12:25.0589 6464 \Device\Harddisk1\DR1\Partition1 - ok
21:12:25.0591 6464 [ F1FC289C24B8690791F7D47C3B984A4C ] \Device\Harddisk0\DR0\Partition1
21:12:25.0592 6464 \Device\Harddisk0\DR0\Partition1 - ok
21:12:25.0606 6464 [ 045378F4B38A7E48E4771DBD311F7568 ] \Device\Harddisk0\DR0\Partition2
21:12:25.0607 6464 \Device\Harddisk0\DR0\Partition2 - ok
21:12:25.0607 6464 ============================================================
21:12:25.0607 6464 Scan finished
21:12:25.0607 6464 ============================================================
21:12:25.0616 5544 Detected object count: 2
21:12:25.0616 5544 Actual detected object count: 2
21:12:31.0381 5544 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:12:31.0381 5544 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:12:31.0383 5544 \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
21:12:31.0383 5544 \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-11 18:01:09
-----------------------------
18:01:09.957 OS Version: Windows x64 6.1.7601 Service Pack 1
18:01:09.958 Number of processors: 6 586 0xA00
18:01:09.959 ComputerName: COLBY-PC UserName: Colby
18:01:13.711 Initialize success
18:01:25.460 AVAST engine defs: 12101001
18:01:51.380 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-5
18:01:51.382 Disk 0 Vendor: Hitachi_HDS721050CLA362 JP2OA3EA Size: 476940MB BusType: 3
18:01:51.384 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
18:01:51.386 Disk 1 Vendor: Patriot_Torqx_2_32GB_SSD S5FAM014 Size: 30533MB BusType: 3
18:01:51.388 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP0T1L0-7
18:01:51.390 Disk 2 Vendor: SAMSUNG_HD160JJ WU100-41 Size: 152627MB BusType: 3
18:01:51.436 Disk 0 MBR read successfully
18:01:51.438 Disk 0 MBR scan
18:01:51.487 Disk 0 Windows 7 default MBR code
18:01:51.656 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:01:51.695 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
18:01:51.809 Disk 0 scanning C:\Windows\system32\drivers
18:02:49.336 Service scanning
18:04:12.117 Modules scanning
18:04:12.125 Disk 0 trace - called modules:
18:04:12.170 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006afe2c0]<<spjg.sys ataport.SYS pciide.sys
18:04:12.174 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007b9e790]
18:04:12.178 3 CLASSPNP.SYS[fffff88001a6043f] -> nt!IofCallDriver -> [0xfffffa80079b19b0]
18:04:12.181 5 ACPI.sys[fffff8800103a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-5[0xfffffa8007aeb060]
18:04:12.185 \Driver\atapi[0xfffffa800780a2a0] -> IRP_MJ_CREATE -> 0xfffffa8006afe2c0
18:04:31.946 AVAST engine scan C:\Windows
18:04:50.685 AVAST engine scan C:\Windows\system32
18:27:09.268 AVAST engine scan C:\Windows\system32\drivers
18:28:51.036 AVAST engine scan C:\Users\Colby
19:48:22.872 AVAST engine scan C:\ProgramData
19:58:24.356 Scan finished successfully


ESET came back clean.


What do I need to do from here?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:54 PM

Posted 11 October 2012 - 08:25 PM

Update MBAM and run a scan again and post the log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#3 Gundown64

Gundown64
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 12 October 2012 - 09:22 AM

Updated MBAM. Did a quick scan (don't have time for a full right now) and report came back clean. Here are the others.

Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Colby (administrator) on 12-10-2012 at 09:41:37
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: :80

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
# End of entries inserted by Spybot - Search & Destroy
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com

There are 15029 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 4 (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 5 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Colby-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : kyn.rr.com

Ethernet adapter Local Area Connection 5:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-EA-1F-32-0A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 4:

Connection-specific DNS Suffix . : kyn.rr.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-3D-AB-F0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a820:8f09:cd3c:e6a2%17(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, October 11, 2012 8:38:16 AM
Lease Expires . . . . . . . . . . : Friday, October 19, 2012 9:26:37 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 401894660
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-48-85-57-20-CF-30-C8-AB-B3
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-BE-6D-A9-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
1.0.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial = 1
refresh = 600 (10 mins)
retry = 1200 (20 mins)
expire = 604800 (7 days)
default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.0.1

Name: google.com.kyn.rr.com
Address: 208.69.32.145


Pinging google.com [74.125.225.73] with 32 bytes of data:
Reply from 74.125.225.73: bytes=32 time=163ms TTL=46
Reply from 74.125.225.73: bytes=32 time=60ms TTL=46

Ping statistics for 74.125.225.73:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 163ms, Average = 111ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com.kyn.rr.com
Address: 208.69.32.145


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=420ms TTL=45
Reply from 72.30.38.140: bytes=32 time=483ms TTL=45

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 420ms, Maximum = 483ms, Average = 451ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com.kyn.rr.com
Address: 208.69.32.145


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 5ms, Average = 3ms
===========================================================================
Interface List
18...00 ff ea 1f 32 0a ......TAP-Win32 Adapter V9
17...f4 6d 04 3d ab f0 ......Realtek PCIe GBE Family Controller
13...00 ff be 6d a9 06 ......TAP-Win32 Adapter V9
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 266
192.168.0.100 255.255.255.255 On-link 192.168.0.100 266
192.168.0.255 255.255.255.255 On-link 192.168.0.100 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
17 266 fe80::/64 On-link
17 266 fe80::a820:8f09:cd3c:e6a2/128
On-link
1 306 ff00::/8 On-link
17 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/12/2012 09:26:44 AM) (Source: Conveyor) (User: )
Description: Subprocess monitoring failed due to cannot get status of subprocess.
The subprocess is probably dead. Restarting the process.
Error detail: N/A

Error: (10/11/2012 11:23:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (10/11/2012 11:23:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (10/11/2012 11:23:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/11/2012 09:11:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/11/2012 09:11:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/11/2012 09:11:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/11/2012 06:02:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/11/2012 06:01:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/11/2012 06:01:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/11/2012 06:01:25 PM) (Source: Service Control Manager) (User: )
Description: The Conveyor Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (10/11/2012 08:39:08 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004

Error: (10/11/2012 08:37:43 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/11/2012 08:37:37 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/11/2012 08:37:37 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/11/2012 08:36:31 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/11/2012 08:36:18 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (10/06/2012 08:40:31 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{1ABBC317-AFD7-49CD-BB82-08C70128E3FB}.
The backup browser is stopping.

Error: (10/06/2012 10:37:34 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer LAPTOP-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1ABBC317-AFD7-49CD-BB82-08C70128E3FB}.
The master browser is stopping or an election is being forced.

Error: (10/02/2012 09:53:07 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Flash Professional CS5.5 (Version: 11.5)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Akamai NetSession Interface
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2011.1205.2215.39827)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
AMD VISION Engine Control Center (Version: 2011.1205.2215.39827)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Registration (Version: 3.00.0000)
Audacity 1.2.6
Audacity 1.3.12 (Unicode)
Audio Video Synchronizer version 1.0.2.1
Auslogics Disk Defrag (Version: version 3.1)
AutoCAD 2013 - English (Version: 19.0.55.0)
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0)
Autodesk Content Service (Version: 3.0.84.0)
Autodesk Content Service Language Pack (Version: 3.0.84.0)
Autodesk Design Review 2013 (Version: 13.0.0.82)
Autodesk Material Library 2013 (Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (Version: 3.0.13)
Autodesk Sync (Version: 3.5.24.0)
Battlelog Web Plugins (Version: 0.80.0)
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (Version: 13.50.854.0)
Camtasia Studio 7 (Version: 7.1.1)
Canon Digital Camera Solution Disk 40-46 Software Starter Guide (Version: 1.1.0.1)
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.0.1)
Canon MOV Decoder (Version: 1.7.0.6)
Canon MOV Encoder (Version: 1.5.0.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.6.0.5)
Canon Personal Printing Guide (Version: 1.0.0.1)
Canon Utilities CameraWindow DC (Version: 7.4.0.9)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.5.0.3)
Canon Utilities MyCamera DC (Version: 7.2.0.5)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.8.0.1)
Canon Utilities ZoomBrowser EX (Version: 6.6.0.23)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
CCleaner (Version: 3.20)
Cheat Engine 6.1
CNET TechTracker (Version: 2.0.1)
Counter-Strike: Source
Counter-Strike: Source Beta
CPUID CPU-Z 1.61.5
CPUID HWMonitor 1.18
D3DX10 (Version: 15.4.2368.0902)
DisplayFusion 4.1 (Version: 4.1.0.0)
DivX Setup (Version: 2.6.1.9)
doubleTwist (Version: 3.2.1.14961)
Dropbox (Version: 1.4.7)
DWG TrueView 2013 (Version: 19.0.55.0)
EaseUS Todo Backup Free 4.0 (Version: 4.0.0.1)
Email Extractor
Email Extractor (Version: 5.0)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.0)
EVEREST Home Edition v2.20 (Version: 2.20)
F.lux
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Fallout: New Vegas
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FAT Sorter (Version: 1.0.4)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FFmpeg for Audacity on Windows
FileZilla Client 3.5.3 (Version: 3.5.3)
foobar2000 v1.1.5 (Version: 1.1.5)
Free RAR Extract Frog (Version: 2.50)
Freemake Video Converter version 3.0.2 (Version: 3.0.2)
FreeOCR 3.0 (Version: 3.0)
Fusion (Version: 1.0.53)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 22.0.1229.94)
iExporter (Version: 2.6.2.0)
iMacros V6.88 (Version: 6.88)
InstallIQ Updater (Version: 1.4.3.0)
iTunes (Version: 10.6.3.25)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 22 (Version: 1.6.0.220)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
JDownloader 2.0 (Version: 2.0)
Junk Mail filter update (Version: 15.4.3502.0922)
LAME v3.98.3 for Audacity
LastPass (uninstall only)
Lexmark 2400 Series
Logitech Gaming Software (Version: 8.30.86)
Logitech Gaming Software 8.30 (Version: 8.30.86)
Logitech Harmony Remote Software (Version: 1.0.110307)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech SetPoint 6.30 (Version: 6.30.43)
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 2.31)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
MakerWare_Bundle_of_Awesome_1.0.0.59_BETA (Version: 1.0.0.59)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mathematica Extras 8.0 (2609412) (Version: 8.0.4)
MaxBulk Mailer 8.3.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C# 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.2.0 (Version: 5.2.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
Mozilla Thunderbird 15.0.1 (x86 en-US) (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
Nexus Mod Manager (Version: 0.18.9)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7325.0)
OCRTools OCRImageToASCII (Version: 5.0.0)
OCRTools OCRImageToASCII 5.0 Suite (Version: 5.0.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
Paragon Migrate OS to SSD™ (Version: 90.00.0003)
PCX Viewer
PDF Settings CS5 (Version: 10.0)
PearlMountain JPG to PDF Converter 1.2.2
Platform (Version: 1.34)
Portal
PostgreSQL 9.1 (Version: 9.1)
PowerISO (Version: 4.7)
Project64 1.6 (Version: 1.6)
proXPN 2.4.6 (Version: 2.4.6)
PunkBuster Services (Version: 0.990)
Python 2.6.6 (64-bit) (Version: 2.6.6150)
Python 2.7.3 (Version: 2.7.3150)
QuickTime (Version: 7.71.80.42)
RDesc 2.17
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Remote Control USB Driver (Version: 2.3.2.317)
ReNamer (Version: 5.60)
Riva FLV Player (Version: 1.0.0000)
Roblox for Colby
Roll
RollerCoaster Tycoon® 3 (Version: 1.00.000)
RPG MAKER VX Ace RTP (Version: 1.00)
RSDLite (Version: 5.4.4)
Screen OCR 9.1
Screen OCR SDK 9.1
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
SiteMap Generator 0.971 (beta)
SketchUp 8 (Version: 3.0.15158)
Skype™ 5.10 (Version: 5.10.116)
SoundSwitch (Version: 2.4.1.4)
Speccy (Version: 1.11)
SpeedFan (remove only)
Spices.Net 5 Evaluation (Version: 5.0)
Spotify (Version: 0.8.4.124.ga3559d86)
Spybot - Search & Destroy (Version: 1.6.2)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Steam (Version: 1.0.0.0)
SteamTool 1.1 (Version: 1.1)
System Requirements Lab CYRI (Version: 4.5.1.0)
Team Fortress 2
TeamViewer 6 (Version: 6.0.9947)
TextPad 5 (Version: 5.4.2)
The Elder Scrolls V: Skyrim
The Lord of the Rings FREE Trial (Version: 1.00.0000)
Tixati
TuneUp Utilities 2011 (Version: 10.0.4500.46)
TuneUp Utilities Language Pack (en-GB) (Version: 9.0.6000.7)
TuneUp Utilities Language Pack (en-US) (Version: 10.0.4500.46)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
uTorrentControl2 Toolbar (Version: 6.8.9.0)
v0.2.2
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VDownloader 3.9.1280
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VIA Platform Device Manager (Version: 1.34)
Viper 3.0.04 (Version: 3.0.04)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinX DVD Ripper Platinum 6.0.2
WinX HD Video Converter Deluxe 3.10.3
Xfire (remove only)

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 8190.18 MB
Available physical RAM: 3652.61 MB
Total Pagefile: 16378.55 MB
Available Pagefile: 11232.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.12 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:147.77 GB) NTFS
4 Drive f: (SSD) (Fixed) (Total:29.7 GB) (Free:14.18 GB) FAT32
5 Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
6 Drive h: (Backup) (Fixed) (Total:148.95 GB) (Free:93.03 GB) NTFS

========================= Users: ========================================

User accounts for \\COLBY-PC

Administrator Colby Guest
postgres

========================= Restore Points ==================================

27-09-2012 03:36:50 Windows Update
30-09-2012 14:41:19 Windows Update
02-10-2012 01:15:56 Windows Update
03-10-2012 18:23:24 Installed DirectX
06-10-2012 14:01:57 Windows Update
10-10-2012 14:35:32 Windows Update
11-10-2012 02:00:46 Windows Update
11-10-2012 21:49:50 Device Driver Package Install: Arduino LLC (www.arduino.cc) Ports (COM & LPT)
11-10-2012 21:50:40 Device Driver Package Install: FTDI Universal Serial Bus controllers
11-10-2012 21:52:01 Device Driver Package Install: FTDI Ports (COM & LPT)
11-10-2012 21:52:53 Device Driver Package Install: MakerBot Industries Ports (COM & LPT)
11-10-2012 21:53:51 Device Driver Package Install: MakerBot Industries Ports (COM & LPT)
11-10-2012 21:57:12 Installed Python 2.7.3

**** End of log ****


Farbar:

Farbar Service Scanner Version: 07-10-2012
Ran by Colby (administrator) on 12-10-2012 at 09:44:11
Running from "C:\Users\Colby\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 10:41] - [2012-06-02 01:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner:

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 10:04:21
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Colby - COLBY-PC
# Boot Mode : Normal
# Running from : C:\Users\Colby\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\searchplugins\search.xml
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Giant Savings
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Colby\AppData\Local\Giant Savings
Folder Deleted : C:\Users\Colby\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Colby\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\Conduit
Folder Deleted : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\extensions\crossriderapp4479@crossrider.com
Folder Deleted : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\extensions\staged

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C421AC0-D0C7-4640-88A0-0A78E12B9702}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B92B1934-327D-45AE-9077-3992EDC0EE7A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\0r61ljbt.default\prefs.js

[OK] File is clean.

Profile name : Colby [Profil par défaut]
File : C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\prefs.js

C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\d8dmqy41.default\user.js ... Deleted !

Deleted : user_pref("CT2680363..clientLogIsEnabled", true);
Deleted : user_pref("CT2680363..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2680363..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2680363.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2680363.CTID", "CT2680363");
Deleted : user_pref("CT2680363.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2680363.CurrentServerDate", "22-3-2011");
Deleted : user_pref("CT2680363.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2680363.DialogsGetterLastCheckTime", "Mon Mar 21 2011 20:20:26 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2680363.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129221960058849484", "Sun May 01 2011 16:37:13 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129222078068706850", "Sun May 01 2011 16:37:13 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129228979092089554", "Sun May 01 2011 16:37:13 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129243777123493394", "Sun May 01 2011 16:37:13 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129308349891594152", "Sun May 01 2011 16:39:13 GMT-040[...]
Deleted : user_pref("CT2680363.ExternalComponentPollDate129362183886169315", "Sun May 01 2011 16:39:13 GMT-040[...]
Deleted : user_pref("CT2680363.FirstServerDate", "29-1-2011");
Deleted : user_pref("CT2680363.FirstTime", true);
Deleted : user_pref("CT2680363.FirstTimeFF3", true);
Deleted : user_pref("CT2680363.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2680363.GroupingInvalidateCache", false);
Deleted : user_pref("CT2680363.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2680363.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2680363.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2680363.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2680363.HasUserGlobalKeys", true);
Deleted : user_pref("CT2680363.Initialize", true);
Deleted : user_pref("CT2680363.InitializeCommonPrefs", true);
Deleted : user_pref("CT2680363.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2680363.InstalledDate", "Sat Jan 29 2011 09:42:23 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2680363.InvalidateCache", false);
Deleted : user_pref("CT2680363.IsGrouping", false);
Deleted : user_pref("CT2680363.IsMulticommunity", false);
Deleted : user_pref("CT2680363.IsOpenThankYouPage", true);
Deleted : user_pref("CT2680363.IsOpenUninstallPage", true);
Deleted : user_pref("CT2680363.LanguagePackLastCheckTime", "Sun May 01 2011 16:37:25 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2680363.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2680363.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2680363.LastLogin_3.2.5.2", "Fri Mar 18 2011 07:01:56 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2680363.LastLogin_3.3.3.2", "Sun May 01 2011 16:37:25 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2680363.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2680363.Locale", "en");
Deleted : user_pref("CT2680363.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2680363.MCDetectTooltipShow", false);
Deleted : user_pref("CT2680363.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2680363.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2680363.RadioLastCheckTime", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2680363.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2680363.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2680363.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2680363.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Deleted : user_pref("CT2680363.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2680363.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2680363.SearchInNewTabLastCheckTime", "Sun May 01 2011 16:37:13 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2680363.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2680363.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2680363.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2680363.ServiceMapLastCheckTime", "Sun May 01 2011 16:37:25 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2680363.SettingsLastCheckTime", "Sun May 01 2011 16:37:13 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2680363.SettingsLastUpdate", "1297859499");
Deleted : user_pref("CT2680363.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastCheck", "Sun May 01 2011 16:37:13 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2680363.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2680363.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2680363");
Deleted : user_pref("CT2680363.Uninstall", true);
Deleted : user_pref("CT2680363.UserID", "UN42900616288621661");
Deleted : user_pref("CT2680363.ValidationData_Search", 2);
Deleted : user_pref("CT2680363.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2680363.alertChannelId", "1072794");
Deleted : user_pref("CT2680363.components.129240097234456939", false);
Deleted : user_pref("CT2680363.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2680363.globalFirstTimeInfoLastCheckTime", "Sun May 01 2011 16:37:25 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2680363.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2680363.myStuffEnabled", true);
Deleted : user_pref("CT2680363.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2680363.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2680363.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2680363.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2680363.oldAppsList", "129217750664239615,129217750664239616,129240097234456939,1292219[...]
Deleted : user_pref("CT2680363.testingCtid", "");
Deleted : user_pref("CT2680363.toolbarAppMetaDataLastCheckTime", "Sun May 01 2011 16:37:25 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2680363.toolbarContextMenuLastCheckTime", "Sat Jan 29 2011 09:42:23 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2680363.usagesFlag", 2);
Deleted : user_pref("CT679552.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT679552.CTID", "CT679552");
Deleted : user_pref("CT679552.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT679552.CurrentServerDate", "13-7-2010");
Deleted : user_pref("CT679552.DialogsAlignMode", "LTR");
Deleted : user_pref("CT679552.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Banne[...]
Deleted : user_pref("CT679552.EMailNotifierPollDate", "Mon Jul 12 2010 18:20:50 GMT-0400 (Eastern Daylight Tim[...]
Deleted : user_pref("CT679552.FeedLastCount128131988526262813", 0);
Deleted : user_pref("CT679552.FeedPollDate128131988526262813", "Mon Jul 12 2010 18:20:26 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT679552.FirstServerDate", "13-7-2010");
Deleted : user_pref("CT679552.FirstTime", true);
Deleted : user_pref("CT679552.FirstTimeFF3", true);
Deleted : user_pref("CT679552.FirstTimeSettingsDone", true);
Deleted : user_pref("CT679552.FixPageNotFoundErrors", true);
Deleted : user_pref("CT679552.GroupingInvalidateCache", false);
Deleted : user_pref("CT679552.GroupingLastCheckTime", "0");
Deleted : user_pref("CT679552.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT679552.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT679552.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT679552.Initialize", true);
Deleted : user_pref("CT679552.InitializeCommonPrefs", true);
Deleted : user_pref("CT679552.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT679552.InstalledDate", "Mon Jul 12 2010 18:20:27 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT679552.InvalidateCache", false);
Deleted : user_pref("CT679552.IsGrouping", false);
Deleted : user_pref("CT679552.IsMulticommunity", false);
Deleted : user_pref("CT679552.IsOpenThankYouPage", true);
Deleted : user_pref("CT679552.IsOpenUninstallPage", true);
Deleted : user_pref("CT679552.LanguagePackLastCheckTime", "Mon Jul 12 2010 18:32:48 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT679552.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT679552.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"[...]
Deleted : user_pref("CT679552.LastLogin_2.7.1.3", "Mon Jul 12 2010 18:32:47 GMT-0400 (Eastern Daylight Time)")[...]
Deleted : user_pref("CT679552.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT679552.Locale", "en");
Deleted : user_pref("CT679552.LoginCache", 4);
Deleted : user_pref("CT679552.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT679552.MCDetectTooltipShow", false);
Deleted : user_pref("CT679552.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT679552.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT679552.RadioIsPodcast", false);
Deleted : user_pref("CT679552.RadioLastCheckTime", "Mon Jul 12 2010 18:29:46 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT679552.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT679552.RadioMediaID", "10102");
Deleted : user_pref("CT679552.RadioMediaType", "Media Player");
Deleted : user_pref("CT679552.RadioMenuSelectedID", "EBRadioMenu_CT67955210102");
Deleted : user_pref("CT679552.RadioShrinked", "expanded");
Deleted : user_pref("CT679552.RadioStationName", "WDRV");
Deleted : user_pref("CT679552.RadioStationURL", "hxxp://www.wdrv.com/live/wdrv.asx?playFile=wdrv%7Easf");
Deleted : user_pref("CT679552.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT679552.SearchBoxWidth", 100);
Deleted : user_pref("CT679552.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM[...]
Deleted : user_pref("CT679552.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT679552.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT6795[...]
Deleted : user_pref("CT679552.SearchInNewTabEnabled", true);
Deleted : user_pref("CT679552.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT679552.SearchInNewTabLastCheckTime", "Mon Jul 12 2010 18:32:47 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT679552.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TO[...]
Deleted : user_pref("CT679552.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService[...]
Deleted : user_pref("CT679552.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT679552.SettingsLastCheckTime", "Mon Jul 12 2010 18:29:16 GMT-0400 (Eastern Daylight Tim[...]
Deleted : user_pref("CT679552.SettingsLastUpdate", "1272193463");
Deleted : user_pref("CT679552.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT679552.ThirdPartyComponentsLastCheck", "Mon Jul 12 2010 18:20:25 GMT-0400 (Eastern Dayl[...]
Deleted : user_pref("CT679552.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT679552.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=1[...]
Deleted : user_pref("CT679552.Uninstall", true);
Deleted : user_pref("CT679552.UserID", "UN90839470524869443");
Deleted : user_pref("CT679552.ValidationData_Search", 1);
Deleted : user_pref("CT679552.ValidationData_Toolbar", 2);
Deleted : user_pref("CT679552.WeatherNetwork", "");
Deleted : user_pref("CT679552.WeatherPollDate", "Mon Jul 12 2010 18:20:51 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT679552.WeatherUnit", "F");
Deleted : user_pref("CT679552.alertChannelId", "61774");
Deleted : user_pref("CT679552.clientLogIsEnabled", false);
Deleted : user_pref("CT679552.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx[...]
Deleted : user_pref("CT679552.components.1000034", false);
Deleted : user_pref("CT679552.components.1000048", false);
Deleted : user_pref("CT679552.components.1000082", false);
Deleted : user_pref("CT679552.components.1000234", false);
Deleted : user_pref("CT679552.components.128131875589700145", false);
Deleted : user_pref("CT679552.components.128131988526262813", false);
Deleted : user_pref("CT679552.myStuffEnabled", true);
Deleted : user_pref("CT679552.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT679552.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOri[...]
Deleted : user_pref("CT679552.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT679552.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Com[...]
Deleted : user_pref("CT679552.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Regi[...]
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2680363");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1072794/1068498/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/61774/61215/US", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2680363", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2680363",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2680363/CT2680363[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Colby\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://bing.zugotoolbar.com/s/?iesrc=IE-[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT679552,CT2680363");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT679552,CT2680363");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 21 2011 20:20:26 GMT-04[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Mar 18 2011 07:13:17 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Mar 21 2011 20:20:24 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{9fa65a3b-d150-4dd2-bd6a-39bcc9a12b5c}");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Feb 12 2011 16:40:08 GMT-0500 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "eaeaf208-7c0d-4df6-b8b4-b60f72fb47ce");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon May 14 2012 22:09:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon May 14 2012 22:09:11 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "d8c7c22e-1475-49b7-8b51-a67bd3fbac10");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.amazon.com/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Deleted : user_pref("aol_toolbar.surf.date", "529");
Deleted : user_pref("aol_toolbar.surf.lastDate", "12");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "1");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2011");
Deleted : user_pref("aol_toolbar.surf.month", "5892");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "15622");
Deleted : user_pref("aol_toolbar.surf.total", "160649");
Deleted : user_pref("aol_toolbar.surf.week", "4553");
Deleted : user_pref("aol_toolbar.surf.year", "21513");
Deleted : user_pref("browser.search.defaultthis.engineName", "RuneScape Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2680363&Sea[...]
Deleted : user_pref("extensions.DivXWebPlayer@divx.com.install-event-fired", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1343867978);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.active", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.addressbar", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.affid", "0");
Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundver", 6);
Deleted : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1343867978");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1343867978");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Wed Oct 03 2012 14:[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Wed Oct 10 2012 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1349288091");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1346430605749");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221242%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2262614%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1346430604240");
Deleted : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.domain", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.emailsig", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.exposesites", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.group", 0);
Deleted : user_pref("extensions.crossriderapp4479.4479.homepage", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.iframe", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "40");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Wed Oct 03[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");
Deleted : user_pref("extensions.crossriderapp4479.4479.newtab", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.opensearch", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 6);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "(function(f,B){if(typeof(B)==[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 15);
Deleted : user_pref("extensions.crossriderapp4479.4479.premium", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.thankyou", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp4479.4479.ver", 40);
Deleted : user_pref("extensions.crossriderapp4479.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp4479.apps", "4479");
Deleted : user_pref("extensions.crossriderapp4479.bic", "1392b118b4bb0f6008a42ba68a261fce");
Deleted : user_pref("extensions.crossriderapp4479.cid", 4479);
Deleted : user_pref("extensions.crossriderapp4479.firstrun", false);
Deleted : user_pref("extensions.crossriderapp4479.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp4479.installationdate", 1345047334);
Deleted : user_pref("extensions.crossriderapp4479.lastcheck", 22488135);
Deleted : user_pref("extensions.crossriderapp4479.lastcheckitem", 22488135);
Deleted : user_pref("extensions.crossriderapp4479.misc.lastBgWorkerTimer", "1345047514634");
Deleted : user_pref("extensions.crossriderapp4479.misc.lastDomWorkerTimer", "1345047514633");
Deleted : user_pref("extensions.crossriderapp4479.modetype", "production");
Deleted : user_pref("extensions.crossriderapp4479@crossrider.com.install-event-fired", true);
Deleted : user_pref("extensions.enabledAddons", "moveplayer@movenetworks.com:1.0.0.071303000004,tineye@ideeinc[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2680363&q=&SearchSource=2[...]

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Colby\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [39565 octets] - [12/10/2012 09:42:32]
AdwCleaner[S3].txt - [39269 octets] - [12/10/2012 10:04:21]

########## EOF - C:\AdwCleaner[S3].txt - [39330 octets] ##########


Junkware Removal Tool:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.4.9 (10.12.2012)
OS: Windows 7 Home Premium x64
Ran by Colby on Fri 10/12/2012 at 9:44:48.22
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Failed to delete: [VALUE-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}
Failed to delete: [VALUE-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{687578b9-7132-4a7a-80e4-30ee31099e03}



*** Registry Keys:

Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\conduit"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\crossrider"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\pricegong"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\software\smartbar"
Successfully deleted: [KEY] "hkey_current_user\software\appdatalow\toolbar"
Successfully deleted: [KEY] "hkey_current_user\software\cr_installer"
Successfully deleted: [KEY] "hkey_current_user\software\installedbrowserextensions"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\conduit"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] "hkey_local_machine\software\freeze.com"
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_classes_root\wow6432node\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\classes\wow6432node\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\classes\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\browser helper objects\{687578b9-7132-4a7a-80e4-30ee31099e03}



*** Files:

Successfully deleted: [FILE] C:\Program Files (x86)\giant savings\Giant Savings.ico
Successfully deleted: [FILE] C:\Program Files (x86)\giant savings\Giant Savings.ini
Successfully deleted: [FILE] C:\Program Files (x86)\giant savings\Giant SavingsInstaller.log
Failed to delete: [FILE-LOCKED!] C:\eula.1028.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1031.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1033.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1036.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1040.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1041.txt
Failed to delete: [FILE-LOCKED!] C:\eula.1042.txt
Failed to delete: [FILE-LOCKED!] C:\eula.2052.txt
Failed to delete: [FILE-LOCKED!] C:\install.res.1028.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1031.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1033.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1036.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1040.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1041.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.1042.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.2052.dll
Failed to delete: [FILE-LOCKED!] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\Colby\appdata\local\conduit"
Successfully deleted: [FOLDER] "C:\Users\Colby\appdata\locallow\conduit"
Successfully deleted: [FOLDER] "C:\Users\Colby\appdata\locallow\pricegong"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\conduit\community alerts"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\free offers from freeze.com"
Failed to delete: [FOLDER-LOCKED!] "C:\Program Files (x86)\giant savings"



*** FireFox detected and repaired

Successfully deleted: [user.js] from C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\0r61ljbt.default
Successfully deleted: [crossriderapp4479@crossrider.com] from C:\Users\Colby\AppData\Roaming\Mozilla\Firefox\Profiles\0r61ljbt.default\extensions
Removed the following from [PREFS.JS] :

user_pref("extensions.crossriderapp4479.adsOldValue", -1);


*** Event Viewer Logs - Cleared


**************************************************************
Scan was completed on Fri 10/12/2012 at 9:53:50.76
End of Report


Rkill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 09:45:29 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (PID: 1512) [Mal-GEN]
* C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (PID: 1744) [AU-HEUR]
* C:\Users\Colby\Local Settings\Apps\F.lux\flux.exe (PID: 5748) [UP-HEUR]
* C:\Users\Colby\Downloads\JRT.exe (PID: 6200) [UP-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Colby\Desktop\rkill\rkill-10-12-2012-09-46-19.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com

20 out of 15049 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/12/2012 09:46:26 AM
Execution time: 0 hours(s), 0 minute(s), and 57 seconds(s)

Autoruns:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "Autodesk Sync" "Autodesk Sync" "Autodesk, Inc." "c:\program files\autodesk\autodesk sync\adsync.exe"
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "Launch LCore" "Logitech Gaming Framework" "Logitech Inc." "c:\program files\logitech gaming software\lcore.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "VDownloader" "VDownloader" "Vitzo" "c:\program files\vdownloader\vdownloader.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "HDAudDeck" "VIA HD Audio CPL" "VIA" "c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe"
+ "LWS" "Logitech Webcam Software" "Logitech Inc." "c:\program files (x86)\logitech\lws\webcam software\lws.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"C:\Users\Colby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropbox.exe"
+ "thunderbird - Shortcut.lnk" "Thunderbird" "Mozilla Corporation" "c:\program files (x86)\mozilla thunderbird\thunderbird.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Internet Explorer" "" "" "File not found: start"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc." "c:\users\colby\appdata\local\akamai\netsession_win.exe"
+ "DisplayFusion" "DisplayFusion" "Binary Fortress Software" "c:\program files (x86)\displayfusion\displayfusion.exe"
+ "F.lux" "" "" "c:\users\colby\local settings\apps\f.lux\flux.exe"
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\colby\appdata\local\facebook\update\facebookupdate.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "TextPad" "TextPad 64-bit shell extension DLL" "Helios Software Solutions" "c:\program files (x86)\textpad 5\system\shellext64.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "AcShellExtension.AcContextMenuHandler" "AutoCAD Dwg common shell extension handler" "Autodesk" "c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "SimpleShlExt" "EaseUS Todo Backup Application" "CHENGDU YIWO Tech Development Co.,Ltd" "c:\program files (x86)\easeus\todo backup\bin\x64\imagesh.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\sdshelex-x64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Autodesk.DWF.ContextMenu" "Autodesk DWF ShellExtension Module" "Autodesk, Inc." "c:\program files (x86)\common files\autodesk shared\dwf common\dwfshellextension.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\sdshelex-win32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
+ "SimpleShlExt" "EaseUS Todo Backup Application" "CHENGDU YIWO Tech Development Co.,Ltd" "c:\program files (x86)\easeus\todo backup\bin\x64\imagesh.dll"
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\dseshext-x64.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\sdshelex-x64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "TuneUp Disk Space Explorer Shell Extension" "TuneUp Disk Space Explorer Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\dseshext-x86.dll"
+ "TuneUp Shredder Shell Extension" "TuneUp Shredder Shell Extension" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\sdshelex-win32.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "AcColumnHandler" "AutoCAD Dwg common shell extension handler" "Autodesk" "c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "AutoCAD Digital Signatures Icon Overlay Handler" "AutoCAD component" "Autodesk, Inc." "c:\windows\system32\acsignicon.dll"
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\colby\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "PodcastBHO Class" "1.0" "doubleTwist Corporation" "c:\program files (x86)\common files\doubletwist\iepodcastplugin.dll"
+ "uTorrentControl2 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\utorrentcontrol2\prxtbutor.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "uTorrentControl2 Toolbar" "Conduit Toolbar" "Conduit Ltd." "c:\program files (x86)\utorrentcontrol2\prxtbutor.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Reader and Acrobat Manager" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\AdobeAAMUpdater-1.0-Colby-PC-Colby" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1345733373-1631375348-4063671056-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\colby\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1345733373-1631375348-4063671056-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\colby\appdata\local\facebook\update\facebookupdate.exe"
+ "\Google Updater and Installer" "Google Installer" "Google Inc." "c:\users\colby\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1345733373-1631375348-4063671056-1000Core" "Google Installer" "Google Inc." "c:\users\colby\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-1345733373-1631375348-4063671056-1000UA" "Google Installer" "Google Inc." "c:\users\colby\appdata\local\google\update\googleupdate.exe"
+ "\Java Update Scheduler" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\proXPN" "proXPN Client" "proXPN.com" "c:\program files (x86)\proxpn\bin\proxpn.exe"
+ "\Run RoboForm TaskBar Icon" "" "" "File not found: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
+ "\TuneUpUtilities_Task_BkGndMaintenance2011" "TuneUp 1-Click Maintenance" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\oneclick.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Akamai" "Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly." "Akamai Technologies, Inc." "c:/program files (x86)/common files/akamai/netsession_win_5891ae0.dll"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Autodesk Content Service" "Autodesk Content Service" "Autodesk, Inc." "c:\program files (x86)\autodesk\content service\connect.service.contentservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Conveyor" "MakerBot Conveyor service" "FireDaemon Technologies Limited" "c:\program files (x86)\makerbot\firedaemon\firedaemon.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "EaseUS Agent" "Provides service to backup files and image disks." "CHENGDU YIWO Tech Development Co., Ltd" "c:\program files (x86)\easeus\todo backup\bin\agent.exe"
+ "FLEXnet Licensing Service 64" "This service performs licensing functions on behalf of FLEXnet enabled products." "Flexera Software, Inc." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe"
+ "ForceWare Intelligent Application Manager (IAM)" "app_filter Module" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcappflt.exe"
+ "Freemake Improver" "Freemake Improver" "Freemake" "c:\programdata\freemake\freemakeutilsservice\freemakeutilsservice.exe"
+ "Guard Agent" "Monitor EaseUS Todo Backup agent." "CHENGDU YIWO Tech Development Co., Ltd" "c:\program files (x86)\easeus\todo backup\bin\guardagent.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "lxcr_device" "Printer Communication System" " " "c:\windows\system32\lxcrcoms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nSvcIp" "NVIDIA Corporation" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcip.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1033] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "postgresql-x64-9.1" "Provides relational database storage." "PostgreSQL Global Development Group" "c:/program files/postgresql/9.1/bin/pg_ctl.exe"
+ "SbieSvc" "Sandboxie Service" "SANDBOXIE L.T.D" "c:\program files\sandboxie\sbiesvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "TeamViewer6" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version6\teamviewer_service.exe"
+ "TuneUp.UtilitiesSvc" "This service analyzes the usage of your computer in the background, enabling automatic usage-dependent optimizations. All of its functions can be set in TuneUp Utilities. If you stop or disable this service, parts of TuneUp Utilities will not work anymore." "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\tuneuputilitiesservice64.exe"
+ "UMVPFSrv" "UMVPF is a user mode Logitech driver" "Logitech Inc." "c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe"
+ "UxTuneUp" "Allows to use visual styles without Microsoft signature." "TuneUp Software" "c:\windows\system32\uxtuneup.dll"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdiox64" "AMD IO Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AODDriver4.01" "AMD OverDrive Service Driver" "Advanced Micro Devices" "c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswMBR" "" "" "File not found: C:\Users\Colby\AppData\Local\Temp\aswMBR.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "AtiPcie" "AMD PCIE Filter Driver for ATI PCIE chipset" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\atipcie.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerIf" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserif.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTCFilterService" "Motorola Unsafe Removal Filter Driver" "Motorola Inc" "c:\windows\system32\drivers\motfilt.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CompFilter64" "Logitech USB Video Class Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvbflt64.sys"
+ "easytether" "" "" "File not found: system32\DRIVERS\easytthr.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EUBAKUP" "Disk Backup Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eubakup.sys"
+ "EUBKMON" "" "" "c:\windows\system32\drivers\eubkmon.sys"
+ "EUDSKACS" "Disk Access Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eudskacs.sys"
+ "EUFDDISK" "Disk Backup Image Preview Driver" "CHENGDU YIWO Tech Development Co., Ltd" "c:\windows\system32\drivers\eufddisk.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iPodDrv" "doubleTwist iPod Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\ipoddrv.sys"
+ "LADF_BakerCOnly" "BakerC Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfbakercamd64.sys"
+ "LADF_BakerROnly" "DPL2/EQ Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfbakerramd64.sys"
+ "LADF_CaptureOnly" "Capture Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfgscamd64.sys"
+ "LADF_RenderOnly" "DPL2/EQ Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfgsramd64.sys"
+ "LGBusEnum" "Logitech WingMan Virtual Bus Enumerator Driver" "Logitech Inc." "c:\windows\system32\drivers\lgbusenum.sys"
+ "LGVirHid" "Logitech GamePanel Virtual Hid Device Driver" "Logitech Inc." "c:\windows\system32\drivers\lgvirhid.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "LVRS64" "Logitech Kernel Audio Improvement Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\lvrs64.sys"
+ "LVUVC64" "Logitech USB Video Class Driver" "Logitech Inc." "c:\windows\system32\drivers\lvuvc64.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "motandroidusb" "ADB Interface" "Motorola" "c:\windows\system32\drivers\motoandroid.sys"
+ "motccgp" "Motorola USB Composite Device Driver" "Motorola" "c:\windows\system32\drivers\motccgp.sys"
+ "motccgpfl" "Motorola USB Composite Filter Driver" "Motorola" "c:\windows\system32\drivers\motccgpfl.sys"
+ "MotDev" "Motorola USB Composite/Flash Driver" "Motorola Inc" "c:\windows\system32\drivers\motodrv.sys"
+ "motmodem" "Motorola USB Modem and Ports Driver" "Motorola" "c:\windows\system32\drivers\motmodem.sys"
+ "MotoSwitchService" "" "Motorola" "c:\windows\system32\drivers\motswch.sys"
+ "Motousbnet" "Motorola USB Networking Driver" "Motorola" "c:\windows\system32\drivers\motousbnet.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "npf" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 185.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6264.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "nvstor64" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SbieDrv" "Sandboxie Kernel Mode Driver" "SANDBOXIE L.T.D" "c:\program files\sandboxie\sbiedrv.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "slsusb" "" "System Level Solutions (India) Pvt. Ltd." "c:\windows\system32\drivers\slsusb.sys"
+ "speedfan" "SpeedFan x64 Driver" "Almico Software" "c:\windows\syswow64\speedfan.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "tap0901" "TAP-Win32 Virtual Network Driver" "The OpenVPN Project" "c:\windows\system32\drivers\tap0901.sys"
+ "TuneUpUtilitiesDrv" "TuneUp Utilities Driver" "TuneUp Software" "c:\program files (x86)\tuneup utilities 2011\tuneuputilitiesdriver64.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\system32\lvcod64.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid64.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\system32\xfcodec64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.i420" "Video Codec" "Logitech Inc." "c:\windows\syswow64\lvcodec2.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
+ "VIDC.XFR1" "Xfire Video Codec" "" "c:\windows\syswow64\xfcodec.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3filter.ax"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon H.264 Encoder 1.5.0" "Canon H264 Encoder Filter" "CANON INC." "c:\program files (x86)\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter" "Canon Image Rotation Filter " "Canon Inc." "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Mov File Parser Filter2" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files (x86)\canon\canon mov decoder170\canonh264filter.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files (x86)\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\ffdshow\ffdshow.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files (x86)\ffdshow\flvsplitter.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
+ "Matroska Source" "Matroska Splitter" "Gabest" "c:\program files (x86)\ffdshow\matroskasplitter.ax"
+ "Matroska Splitter" "Matroska Splitter" "Gabest" "c:\program files (x86)\ffdshow\matroskasplitter.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "Mpeg Source" "Mpeg Splitter" "Gabest" "c:\program files (x86)\ffdshow\mpegsplitter.ax"
+ "Mpeg Splitter" "Mpeg Splitter" "Gabest" "c:\program files (x86)\ffdshow\mpegsplitter.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files (x86)\ffdshow\mp4splitter.ax"
+ "Ogg Source" "Ogg Splitter" "Gabest" "c:\program files (x86)\ffdshow\oggsplitter.ax"
+ "Ogg Splitter" "Ogg Splitter" "Gabest" "c:\program files (x86)\ffdshow\oggsplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "TechSmith Camera Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith File Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Floating Point Wave Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Flv Key Frame Setter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Force Color32A" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 24" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 32" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 555" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 565" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 8" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Rate Tuner" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Image Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Overlay" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Perf Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushVMR Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Quicktime MOV Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Simple PIP" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SimplePushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Sound Effects Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Splitter Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Structured Storage Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SWF Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Time Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Title Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Buffer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Dest" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith WMFSDK Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ZoomPIP Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Program Files (x86)\DisplayFusion\DFSSaver.scr" "DisplayFusion Screen Saver" "Binary Fortress Software" "c:\program files (x86)\displayfusion\dfssaver.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "2400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxcrlmpm.dll"
"C:\Users\Colby\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"



I think that's all of them. Let me know where to go from here. Thanks!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:54 PM

Posted 12 October 2012 - 10:49 AM

Right click on JUNKWARE tool-select run as administrator ,post the log

Any current issues?

#5 Gundown64

Gundown64
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 12 October 2012 - 01:59 PM

No current issues, but that is what worries me. Trojans/viruses/malware that don't show them selves are the scariest.

Here is the log. How am I looking?

Version: 1.4.9 (10.12.2012)
OS: Windows 7 Home Premium x64
Ran by Colby on Fri 10/12/2012 at 14:48:57.85
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Fri 10/12/2012 at 14:58:07.96
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:54 PM

Posted 12 October 2012 - 02:00 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#7 Gundown64

Gundown64
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:54 PM

Posted 12 October 2012 - 03:02 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)


Alrighty, thanks a bunch! I am very cautious when it comes to downloading things and were I browse, plus I have MSE already running, as well as MBAM and Sybot S&D so I am not sure how I got all of that nasty stuff.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:54 PM

Posted 12 October 2012 - 03:05 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users