Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 Firewall And Windows Security Missing


  • Please log in to reply
9 replies to this topic

#1 george321

george321

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 12 October 2012 - 02:39 PM

My wife was trying to install a game from Big Fish she had bought on line and during the install it said it could not continue the install and there may be a problem with getting thru the firewall. I looked for the firewall and the Windows Security Center They were both missing and could not be started. I got the error message "Windows Firewall Can't Change Some Of Your Settings. Error Code 0x80070424".

I am using a HP pc with Win7 64 bit. I run CCleaner,Malwarebyt,Avast on a regular basis. I had no indications of a problem until the attempt to install the game. Your expert help will be appreciated

Edited by Orange Blossom, 12 October 2012 - 02:44 PM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 AM

Posted 12 October 2012 - 02:40 PM

Lets check for malware before fixing services

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 george321

george321
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 13 October 2012 - 07:42 PM

12:27:07.0417 4668 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:27:07.0948 4668 ============================================================
12:27:07.0948 4668 Current date / time: 2012/10/13 12:27:07.0948
12:27:07.0948 4668 SystemInfo:
12:27:07.0948 4668
12:27:07.0948 4668 OS Version: 6.1.7601 ServicePack: 1.0
12:27:07.0948 4668 Product type: Workstation
12:27:07.0948 4668 ComputerName: BEET-MACHINE
12:27:07.0948 4668 UserName: Beet
12:27:07.0948 4668 Windows directory: C:\Windows
12:27:07.0948 4668 System windows directory: C:\Windows
12:27:07.0948 4668 Running under WOW64
12:27:07.0948 4668 Processor architecture: Intel x64
12:27:07.0948 4668 Number of processors: 2
12:27:07.0948 4668 Page size: 0x1000
12:27:07.0948 4668 Boot type: Normal boot
12:27:07.0948 4668 ============================================================
12:27:08.0868 4668 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
12:27:08.0868 4668 ============================================================
12:27:08.0868 4668 \Device\Harddisk0\DR0:
12:27:08.0868 4668 MBR partitions:
12:27:08.0868 4668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:27:08.0868 4668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4907E800
12:27:08.0868 4668 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x490B1000, BlocksNum 0x17A6800
12:27:08.0868 4668 ============================================================
12:27:08.0899 4668 C: <-> \Device\Harddisk0\DR0\Partition2
12:27:08.0962 4668 D: <-> \Device\Harddisk0\DR0\Partition3
12:27:08.0962 4668 ============================================================
12:27:08.0962 4668 Initialize success
12:27:08.0962 4668 ============================================================
12:28:14.0591 2988 ============================================================
12:28:14.0591 2988 Scan started
12:28:14.0591 2988 Mode: Manual; TDLFS;
12:28:14.0591 2988 ============================================================
12:28:18.0101 2988 ================ Scan system memory ========================
12:28:18.0101 2988 System memory - ok
12:28:18.0101 2988 ================ Scan services =============================
12:28:18.0257 2988 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:28:18.0257 2988 1394ohci - ok
12:28:18.0304 2988 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:28:18.0304 2988 ACPI - ok
12:28:18.0351 2988 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:28:18.0351 2988 AcpiPmi - ok
12:28:18.0475 2988 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:28:18.0475 2988 AdobeARMservice - ok
12:28:18.0631 2988 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:28:18.0647 2988 AdobeFlashPlayerUpdateSvc - ok
12:28:18.0725 2988 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:28:18.0725 2988 adp94xx - ok
12:28:18.0772 2988 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:28:18.0772 2988 adpahci - ok
12:28:18.0772 2988 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:28:18.0772 2988 adpu320 - ok
12:28:18.0803 2988 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:28:18.0803 2988 AeLookupSvc - ok
12:28:18.0850 2988 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:28:18.0865 2988 AFD - ok
12:28:18.0943 2988 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
12:28:18.0943 2988 AgereModemAudio - ok
12:28:19.0006 2988 [ A6AB6F0ACE87DA76B4C401813D18BE95 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
12:28:19.0037 2988 AgereSoftModem - ok
12:28:19.0084 2988 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:28:19.0084 2988 agp440 - ok
12:28:19.0099 2988 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:28:19.0115 2988 ALG - ok
12:28:19.0131 2988 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:28:19.0131 2988 aliide - ok
12:28:19.0146 2988 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:28:19.0146 2988 amdide - ok
12:28:19.0177 2988 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:28:19.0177 2988 AmdK8 - ok
12:28:19.0193 2988 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:28:19.0193 2988 AmdPPM - ok
12:28:19.0224 2988 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:28:19.0224 2988 amdsata - ok
12:28:19.0255 2988 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:28:19.0255 2988 amdsbs - ok
12:28:19.0287 2988 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:28:19.0287 2988 amdxata - ok
12:28:19.0411 2988 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:28:19.0411 2988 AOL ACS - ok
12:28:19.0474 2988 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:28:19.0474 2988 AppID - ok
12:28:19.0505 2988 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:28:19.0505 2988 AppIDSvc - ok
12:28:19.0536 2988 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:28:19.0536 2988 Appinfo - ok
12:28:19.0677 2988 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:28:19.0677 2988 Apple Mobile Device - ok
12:28:19.0723 2988 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:28:19.0723 2988 arc - ok
12:28:19.0723 2988 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:28:19.0723 2988 arcsas - ok
12:28:19.0770 2988 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
12:28:19.0770 2988 aswFsBlk - ok
12:28:19.0801 2988 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:28:19.0801 2988 aswMonFlt - ok
12:28:19.0833 2988 [ AA92BC4BCBA40CA3AA3FFD1BE24F0C09 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
12:28:19.0848 2988 aswRdr - ok
12:28:19.0879 2988 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:28:19.0895 2988 aswSnx - ok
12:28:19.0911 2988 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:28:19.0911 2988 aswSP - ok
12:28:19.0926 2988 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
12:28:19.0926 2988 aswTdi - ok
12:28:19.0942 2988 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:28:19.0942 2988 AsyncMac - ok
12:28:19.0989 2988 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:28:19.0989 2988 atapi - ok
12:28:20.0035 2988 [ 64F07381335E37C142F6D176705FFCA6 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
12:28:20.0035 2988 atksgt - ok
12:28:20.0098 2988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:28:20.0113 2988 AudioEndpointBuilder - ok
12:28:20.0129 2988 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:28:20.0145 2988 AudioSrv - ok
12:28:20.0207 2988 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:28:20.0207 2988 avast! Antivirus - ok
12:28:20.0238 2988 AVGIDSDriver - ok
12:28:20.0254 2988 AVGIDSEH - ok
12:28:20.0254 2988 AVGIDSFilter - ok
12:28:20.0285 2988 Avgldx64 - ok
12:28:20.0285 2988 Avgmfx64 - ok
12:28:20.0301 2988 Avgrkx64 - ok
12:28:20.0301 2988 Avgtdia - ok
12:28:20.0347 2988 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
12:28:20.0363 2988 avgtp - ok
12:28:20.0394 2988 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:28:20.0394 2988 AxInstSV - ok
12:28:20.0457 2988 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:28:20.0472 2988 b06bdrv - ok
12:28:20.0519 2988 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:28:20.0535 2988 b57nd60a - ok
12:28:20.0550 2988 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:28:20.0566 2988 BDESVC - ok
12:28:20.0566 2988 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:28:20.0566 2988 Beep - ok
12:28:20.0597 2988 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:28:20.0597 2988 blbdrive - ok
12:28:20.0628 2988 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:28:20.0628 2988 Bonjour Service - ok
12:28:20.0691 2988 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:28:20.0691 2988 bowser - ok
12:28:20.0722 2988 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:28:20.0722 2988 BrFiltLo - ok
12:28:20.0737 2988 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:28:20.0737 2988 BrFiltUp - ok
12:28:20.0769 2988 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
12:28:20.0769 2988 Browser - ok
12:28:20.0815 2988 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:28:20.0815 2988 Brserid - ok
12:28:20.0831 2988 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:28:20.0831 2988 BrSerWdm - ok
12:28:20.0847 2988 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:28:20.0847 2988 BrUsbMdm - ok
12:28:20.0862 2988 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:28:20.0862 2988 BrUsbSer - ok
12:28:20.0893 2988 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:28:20.0893 2988 BTHMODEM - ok
12:28:20.0925 2988 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:28:20.0925 2988 bthserv - ok
12:28:20.0956 2988 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:28:20.0956 2988 cdfs - ok
12:28:21.0018 2988 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:28:21.0018 2988 cdrom - ok
12:28:21.0065 2988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:28:21.0065 2988 CertPropSvc - ok
12:28:21.0081 2988 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:28:21.0096 2988 circlass - ok
12:28:21.0112 2988 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:28:21.0112 2988 CLFS - ok
12:28:21.0190 2988 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:28:21.0190 2988 clr_optimization_v2.0.50727_32 - ok
12:28:21.0237 2988 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:28:21.0237 2988 clr_optimization_v2.0.50727_64 - ok
12:28:21.0315 2988 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:28:21.0315 2988 clr_optimization_v4.0.30319_32 - ok
12:28:21.0361 2988 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:28:21.0361 2988 clr_optimization_v4.0.30319_64 - ok
12:28:21.0408 2988 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:28:21.0408 2988 CmBatt - ok
12:28:21.0455 2988 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:28:21.0455 2988 cmdide - ok
12:28:21.0533 2988 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:28:21.0549 2988 CNG - ok
12:28:21.0580 2988 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:28:21.0580 2988 Compbatt - ok
12:28:21.0627 2988 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:28:21.0627 2988 CompositeBus - ok
12:28:21.0642 2988 COMSysApp - ok
12:28:21.0658 2988 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:28:21.0658 2988 crcdisk - ok
12:28:21.0720 2988 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:28:21.0720 2988 CryptSvc - ok
12:28:21.0767 2988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:28:21.0783 2988 DcomLaunch - ok
12:28:21.0829 2988 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:28:21.0829 2988 defragsvc - ok
12:28:21.0876 2988 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:28:21.0876 2988 DfsC - ok
12:28:21.0923 2988 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:28:21.0923 2988 Dhcp - ok
12:28:21.0954 2988 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:28:21.0954 2988 discache - ok
12:28:22.0001 2988 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:28:22.0001 2988 Disk - ok
12:28:22.0048 2988 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:28:22.0048 2988 Dnscache - ok
12:28:22.0079 2988 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:28:22.0079 2988 dot3svc - ok
12:28:22.0126 2988 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:28:22.0126 2988 DPS - ok
12:28:22.0157 2988 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:28:22.0157 2988 drmkaud - ok
12:28:22.0204 2988 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:28:22.0219 2988 DXGKrnl - ok
12:28:22.0266 2988 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:28:22.0266 2988 EapHost - ok
12:28:22.0344 2988 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:28:22.0391 2988 ebdrv - ok
12:28:22.0422 2988 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:28:22.0422 2988 EFS - ok
12:28:22.0485 2988 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:28:22.0500 2988 ehRecvr - ok
12:28:22.0531 2988 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:28:22.0531 2988 ehSched - ok
12:28:22.0578 2988 [ A14D6E3EF78F6D6AC42F98D633F2400A ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
12:28:22.0578 2988 ElbyCDIO - ok
12:28:22.0625 2988 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:28:22.0641 2988 elxstor - ok
12:28:22.0672 2988 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:28:22.0672 2988 ErrDev - ok
12:28:22.0703 2988 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:28:22.0719 2988 EventSystem - ok
12:28:22.0750 2988 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:28:22.0750 2988 exfat - ok
12:28:22.0765 2988 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:28:22.0765 2988 fastfat - ok
12:28:22.0828 2988 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:28:22.0843 2988 Fax - ok
12:28:22.0859 2988 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:28:22.0875 2988 fdc - ok
12:28:22.0890 2988 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:28:22.0890 2988 fdPHost - ok
12:28:22.0906 2988 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:28:22.0906 2988 FDResPub - ok
12:28:22.0921 2988 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:28:22.0921 2988 FileInfo - ok
12:28:22.0937 2988 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:28:22.0937 2988 Filetrace - ok
12:28:22.0953 2988 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:28:22.0953 2988 flpydisk - ok
12:28:22.0999 2988 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:28:22.0999 2988 FltMgr - ok
12:28:23.0046 2988 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:28:23.0077 2988 FontCache - ok
12:28:23.0140 2988 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:28:23.0140 2988 FontCache3.0.0.0 - ok
12:28:23.0218 2988 [ D40B85303BCFF96A717392B06FB015C4 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
12:28:23.0218 2988 Freemake Improver - ok
12:28:23.0265 2988 [ 8D3B3AD7F9B6EE8AC96B1AD293BB0FB0 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
12:28:23.0265 2988 FreemakeVideoCapture - ok
12:28:23.0280 2988 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:28:23.0296 2988 FsDepends - ok
12:28:23.0327 2988 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:28:23.0327 2988 Fs_Rec - ok
12:28:23.0374 2988 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:28:23.0374 2988 fvevol - ok
12:28:23.0405 2988 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:28:23.0405 2988 gagp30kx - ok
12:28:23.0499 2988 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:28:23.0499 2988 GamesAppService - ok
12:28:23.0561 2988 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:28:23.0561 2988 GEARAspiWDM - ok
12:28:23.0608 2988 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:28:23.0639 2988 gpsvc - ok
12:28:23.0764 2988 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:23.0779 2988 gupdate - ok
12:28:23.0811 2988 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:28:23.0811 2988 gupdatem - ok
12:28:23.0857 2988 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:28:23.0857 2988 gusvc - ok
12:28:23.0873 2988 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:28:23.0873 2988 hcw85cir - ok
12:28:23.0904 2988 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:28:23.0904 2988 HDAudBus - ok
12:28:23.0935 2988 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:28:23.0951 2988 HidBatt - ok
12:28:23.0967 2988 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:28:23.0967 2988 HidBth - ok
12:28:23.0982 2988 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:28:23.0982 2988 HidIr - ok
12:28:24.0013 2988 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:28:24.0013 2988 hidserv - ok
12:28:24.0045 2988 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:28:24.0045 2988 HidUsb - ok
12:28:24.0076 2988 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:28:24.0076 2988 hkmsvc - ok
12:28:24.0107 2988 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:28:24.0123 2988 HomeGroupListener - ok
12:28:24.0169 2988 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:28:24.0169 2988 HomeGroupProvider - ok
12:28:24.0263 2988 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:28:24.0263 2988 HP Support Assistant Service - ok
12:28:24.0341 2988 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:28:24.0341 2988 HPDrvMntSvc.exe - ok
12:28:24.0403 2988 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:28:24.0419 2988 hpqwmiex - ok
12:28:24.0450 2988 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:28:24.0450 2988 HpSAMD - ok
12:28:24.0513 2988 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:28:24.0528 2988 HTTP - ok
12:28:24.0559 2988 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:28:24.0559 2988 hwpolicy - ok
12:28:24.0622 2988 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:28:24.0622 2988 i8042prt - ok
12:28:24.0684 2988 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:28:24.0700 2988 iaStorV - ok
12:28:24.0778 2988 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:28:24.0778 2988 IDriverT - ok
12:28:24.0840 2988 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:28:24.0871 2988 idsvc - ok
12:28:25.0027 2988 [ 89B99E3E988DFA20ABB58FF1930ADD21 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:28:25.0137 2988 igfx - ok
12:28:25.0168 2988 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:28:25.0168 2988 iirsp - ok
12:28:25.0246 2988 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
12:28:25.0246 2988 IJPLMSVC - ok
12:28:25.0293 2988 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:28:25.0324 2988 IKEEXT - ok
12:28:25.0402 2988 [ BFBABCB231628A4551DBB10D0EA25D62 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:28:25.0433 2988 IntcAzAudAddService - ok
12:28:25.0480 2988 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:28:25.0480 2988 intelide - ok
12:28:25.0511 2988 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:28:25.0511 2988 intelppm - ok
12:28:25.0527 2988 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:28:25.0527 2988 IPBusEnum - ok
12:28:25.0573 2988 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:28:25.0573 2988 IpFilterDriver - ok
12:28:25.0605 2988 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:28:25.0605 2988 IPMIDRV - ok
12:28:25.0636 2988 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:28:25.0636 2988 IPNAT - ok
12:28:25.0698 2988 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:28:25.0714 2988 iPod Service - ok
12:28:25.0745 2988 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:28:25.0745 2988 IRENUM - ok
12:28:25.0761 2988 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:28:25.0776 2988 isapnp - ok
12:28:25.0807 2988 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:28:25.0807 2988 iScsiPrt - ok
12:28:25.0839 2988 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:28:25.0839 2988 kbdclass - ok
12:28:25.0885 2988 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:28:25.0885 2988 kbdhid - ok
12:28:25.0901 2988 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:28:25.0901 2988 KeyIso - ok
12:28:25.0948 2988 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:28:25.0948 2988 KSecDD - ok
12:28:25.0963 2988 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:28:25.0963 2988 KSecPkg - ok
12:28:25.0979 2988 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:28:25.0979 2988 ksthunk - ok
12:28:25.0995 2988 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:28:26.0010 2988 KtmRm - ok
12:28:26.0057 2988 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:28:26.0057 2988 LanmanServer - ok
12:28:26.0088 2988 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:28:26.0104 2988 LanmanWorkstation - ok
12:28:26.0135 2988 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:28:26.0135 2988 LightScribeService - ok
12:28:26.0182 2988 [ 83BA097ACAAD0B00505634A62D90F93A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
12:28:26.0197 2988 lirsgt - ok
12:28:26.0213 2988 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:28:26.0213 2988 lltdio - ok
12:28:26.0260 2988 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:28:26.0275 2988 lltdsvc - ok
12:28:26.0291 2988 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:28:26.0291 2988 lmhosts - ok
12:28:26.0307 2988 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:28:26.0322 2988 LSI_FC - ok
12:28:26.0338 2988 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:28:26.0338 2988 LSI_SAS - ok
12:28:26.0369 2988 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:28:26.0369 2988 LSI_SAS2 - ok
12:28:26.0385 2988 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:28:26.0385 2988 LSI_SCSI - ok
12:28:26.0431 2988 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:28:26.0431 2988 luafv - ok
12:28:26.0463 2988 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:28:26.0478 2988 Mcx2Svc - ok
12:28:26.0494 2988 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:28:26.0494 2988 megasas - ok
12:28:26.0525 2988 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:28:26.0525 2988 MegaSR - ok
12:28:26.0556 2988 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:28:26.0556 2988 MMCSS - ok
12:28:26.0556 2988 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:28:26.0556 2988 Modem - ok
12:28:26.0587 2988 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:28:26.0587 2988 monitor - ok
12:28:26.0603 2988 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:28:26.0603 2988 mouclass - ok
12:28:26.0619 2988 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:28:26.0634 2988 mouhid - ok
12:28:26.0665 2988 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:28:26.0665 2988 mountmgr - ok
12:28:26.0728 2988 [ 0D265CCCCEB68C43C595C03150F0BFD0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:28:26.0728 2988 MozillaMaintenance - ok
12:28:26.0759 2988 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:28:26.0759 2988 mpio - ok
12:28:26.0775 2988 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:28:26.0775 2988 mpsdrv - ok
12:28:26.0821 2988 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:28:26.0821 2988 MRxDAV - ok
12:28:26.0853 2988 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:28:26.0868 2988 mrxsmb - ok
12:28:26.0915 2988 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:28:26.0915 2988 mrxsmb10 - ok
12:28:26.0931 2988 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:28:26.0946 2988 mrxsmb20 - ok
12:28:26.0977 2988 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:28:26.0977 2988 msahci - ok
12:28:27.0024 2988 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:28:27.0024 2988 msdsm - ok
12:28:27.0040 2988 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:28:27.0040 2988 MSDTC - ok
12:28:27.0071 2988 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:28:27.0071 2988 Msfs - ok
12:28:27.0087 2988 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:28:27.0087 2988 mshidkmdf - ok
12:28:27.0102 2988 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:28:27.0102 2988 msisadrv - ok
12:28:27.0133 2988 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:28:27.0133 2988 MSiSCSI - ok
12:28:27.0133 2988 msiserver - ok
12:28:27.0165 2988 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:28:27.0165 2988 MSKSSRV - ok
12:28:27.0180 2988 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:28:27.0180 2988 MSPCLOCK - ok
12:28:27.0180 2988 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:28:27.0196 2988 MSPQM - ok
12:28:27.0227 2988 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:28:27.0227 2988 MsRPC - ok
12:28:27.0243 2988 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:28:27.0243 2988 mssmbios - ok
12:28:27.0274 2988 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:28:27.0274 2988 MSTEE - ok
12:28:27.0289 2988 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:28:27.0289 2988 MTConfig - ok
12:28:27.0305 2988 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:28:27.0305 2988 Mup - ok
12:28:27.0336 2988 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:28:27.0352 2988 napagent - ok
12:28:27.0383 2988 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:28:27.0399 2988 NativeWifiP - ok
12:28:27.0492 2988 [ 87A00FAEDD703D8D2BDCB29CE5EEEA6B ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
12:28:27.0523 2988 NBService - ok
12:28:27.0601 2988 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
12:28:27.0633 2988 NDIS - ok
12:28:27.0679 2988 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:28:27.0679 2988 NdisCap - ok
12:28:27.0695 2988 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:28:27.0695 2988 NdisTapi - ok
12:28:27.0742 2988 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:28:27.0742 2988 Ndisuio - ok
12:28:27.0773 2988 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:28:27.0773 2988 NdisWan - ok
12:28:27.0804 2988 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:28:27.0804 2988 NDProxy - ok
12:28:27.0820 2988 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:28:27.0820 2988 NetBIOS - ok
12:28:27.0867 2988 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:28:27.0867 2988 NetBT - ok
12:28:27.0882 2988 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:28:27.0882 2988 Netlogon - ok
12:28:27.0913 2988 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:28:27.0929 2988 Netman - ok
12:28:27.0945 2988 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:28:27.0976 2988 netprofm - ok
12:28:28.0007 2988 [ 1A8E9C7464B57A453C336884E1C69B01 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
12:28:28.0038 2988 netr28ux - ok
12:28:28.0069 2988 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:28:28.0069 2988 NetTcpPortSharing - ok
12:28:28.0101 2988 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:28:28.0101 2988 nfrd960 - ok
12:28:28.0147 2988 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:28:28.0163 2988 NlaSvc - ok
12:28:28.0210 2988 [ 351533ACC2A069B94E80BBFC177E8FDF ] npf C:\Windows\system32\drivers\npf.sys
12:28:28.0210 2988 npf - ok
12:28:28.0241 2988 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:28:28.0241 2988 Npfs - ok
12:28:28.0257 2988 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:28:28.0257 2988 nsi - ok
12:28:28.0272 2988 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:28:28.0272 2988 nsiproxy - ok
12:28:28.0335 2988 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:28:28.0381 2988 Ntfs - ok
12:28:28.0397 2988 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:28:28.0397 2988 Null - ok
12:28:28.0428 2988 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:28:28.0428 2988 nvraid - ok
12:28:28.0475 2988 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:28:28.0475 2988 nvstor - ok
12:28:28.0506 2988 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:28:28.0506 2988 nv_agp - ok
12:28:28.0522 2988 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:28:28.0522 2988 ohci1394 - ok
12:28:28.0553 2988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:28:28.0553 2988 p2pimsvc - ok
12:28:28.0584 2988 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:28:28.0600 2988 p2psvc - ok
12:28:28.0615 2988 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:28:28.0615 2988 Parport - ok
12:28:28.0647 2988 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:28:28.0662 2988 partmgr - ok
12:28:28.0678 2988 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:28:28.0678 2988 PcaSvc - ok
12:28:28.0787 2988 [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
12:28:28.0803 2988 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok
12:28:28.0818 2988 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:28:28.0818 2988 pci - ok
12:28:28.0849 2988 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:28:28.0849 2988 pciide - ok
12:28:28.0881 2988 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:28:28.0881 2988 pcmcia - ok
12:28:28.0912 2988 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:28:28.0912 2988 pcw - ok
12:28:28.0927 2988 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:28:28.0943 2988 PEAUTH - ok
12:28:29.0052 2988 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:28:29.0068 2988 PerfHost - ok
12:28:29.0161 2988 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:28:29.0208 2988 pla - ok
12:28:29.0255 2988 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:28:29.0271 2988 PlugPlay - ok
12:28:29.0302 2988 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:28:29.0302 2988 PNRPAutoReg - ok
12:28:29.0333 2988 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:28:29.0333 2988 PNRPsvc - ok
12:28:29.0364 2988 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:28:29.0380 2988 PolicyAgent - ok
12:28:29.0411 2988 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:28:29.0411 2988 Power - ok
12:28:29.0489 2988 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:28:29.0489 2988 PptpMiniport - ok
12:28:29.0520 2988 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:28:29.0520 2988 Processor - ok
12:28:29.0567 2988 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:28:29.0583 2988 ProfSvc - ok
12:28:29.0629 2988 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:28:29.0629 2988 ProtectedStorage - ok
12:28:29.0676 2988 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:28:29.0692 2988 Psched - ok
12:28:29.0739 2988 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
12:28:29.0739 2988 PSI - ok
12:28:29.0817 2988 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:28:29.0848 2988 ql2300 - ok
12:28:29.0879 2988 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:28:29.0879 2988 ql40xx - ok
12:28:29.0895 2988 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:28:29.0895 2988 QWAVE - ok
12:28:29.0926 2988 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:28:29.0926 2988 QWAVEdrv - ok
12:28:30.0035 2988 [ 720FEA3AAA15FE7E0BEAB10AC2E6D2B0 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
12:28:30.0035 2988 RalinkRegistryWriter - ok
12:28:30.0051 2988 [ 178CEF55E09DC320FF6561D4EEB4F632 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
12:28:30.0066 2988 RalinkRegistryWriter64 - ok
12:28:30.0082 2988 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:28:30.0082 2988 RasAcd - ok
12:28:30.0113 2988 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:28:30.0113 2988 RasAgileVpn - ok
12:28:30.0129 2988 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:28:30.0129 2988 RasAuto - ok
12:28:30.0175 2988 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:28:30.0175 2988 Rasl2tp - ok
12:28:30.0222 2988 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:28:30.0238 2988 RasMan - ok
12:28:30.0269 2988 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:28:30.0269 2988 RasPppoe - ok
12:28:30.0300 2988 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:28:30.0300 2988 RasSstp - ok
12:28:30.0331 2988 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:28:30.0331 2988 rdbss - ok
12:28:30.0363 2988 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:28:30.0363 2988 rdpbus - ok
12:28:30.0394 2988 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:28:30.0394 2988 RDPCDD - ok
12:28:30.0409 2988 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:28:30.0409 2988 RDPENCDD - ok
12:28:30.0425 2988 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:28:30.0425 2988 RDPREFMP - ok
12:28:30.0472 2988 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:28:30.0472 2988 RDPWD - ok
12:28:30.0519 2988 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:28:30.0519 2988 rdyboost - ok
12:28:30.0550 2988 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:28:30.0550 2988 RemoteAccess - ok
12:28:30.0581 2988 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:28:30.0581 2988 RemoteRegistry - ok
12:28:30.0597 2988 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:28:30.0597 2988 RpcEptMapper - ok
12:28:30.0612 2988 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:28:30.0628 2988 RpcLocator - ok
12:28:30.0659 2988 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:28:30.0659 2988 RpcSs - ok
12:28:30.0675 2988 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:28:30.0675 2988 rspndr - ok
12:28:30.0721 2988 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:28:30.0721 2988 RTL8167 - ok
12:28:30.0737 2988 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:28:30.0737 2988 SamSs - ok
12:28:30.0768 2988 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:28:30.0768 2988 sbp2port - ok
12:28:30.0799 2988 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:28:30.0799 2988 SCardSvr - ok
12:28:30.0846 2988 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:28:30.0846 2988 scfilter - ok
12:28:30.0893 2988 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:28:30.0924 2988 Schedule - ok
12:28:30.0955 2988 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:28:30.0955 2988 SCPolicySvc - ok
12:28:31.0002 2988 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:28:31.0002 2988 SDRSVC - ok
12:28:31.0033 2988 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:28:31.0033 2988 secdrv - ok
12:28:31.0065 2988 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:28:31.0065 2988 seclogon - ok
12:28:31.0143 2988 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
12:28:31.0158 2988 Secunia PSI Agent - ok
12:28:31.0189 2988 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
12:28:31.0189 2988 Secunia Update Agent - ok
12:28:31.0205 2988 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:28:31.0221 2988 SENS - ok
12:28:31.0236 2988 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:28:31.0236 2988 SensrSvc - ok
12:28:31.0252 2988 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:28:31.0267 2988 Serenum - ok
12:28:31.0283 2988 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:28:31.0283 2988 Serial - ok
12:28:31.0330 2988 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:28:31.0330 2988 sermouse - ok
12:28:31.0377 2988 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:28:31.0377 2988 SessionEnv - ok
12:28:31.0423 2988 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:28:31.0423 2988 sffdisk - ok
12:28:31.0439 2988 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:28:31.0439 2988 sffp_mmc - ok
12:28:31.0455 2988 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:28:31.0455 2988 sffp_sd - ok
12:28:31.0486 2988 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:28:31.0486 2988 sfloppy - ok
12:28:31.0533 2988 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:28:31.0548 2988 ShellHWDetection - ok
12:28:31.0579 2988 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:28:31.0579 2988 SiSRaid2 - ok
12:28:31.0579 2988 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:28:31.0595 2988 SiSRaid4 - ok
12:28:31.0626 2988 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:28:31.0626 2988 Smb - ok
12:28:31.0657 2988 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:28:31.0673 2988 SNMPTRAP - ok
12:28:31.0673 2988 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:28:31.0689 2988 spldr - ok
12:28:31.0720 2988 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
12:28:31.0735 2988 Spooler - ok
12:28:31.0845 2988 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:28:31.0923 2988 sppsvc - ok
12:28:31.0938 2988 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:28:31.0938 2988 sppuinotify - ok
12:28:31.0969 2988 sprtlisten - ok
12:28:32.0032 2988 [ DFC4E2081324E505CA479E473A78D893 ] sptd C:\Windows\System32\Drivers\sptd.sys
12:28:32.0047 2988 sptd - ok
12:28:32.0094 2988 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:28:32.0094 2988 srv - ok
12:28:32.0141 2988 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:28:32.0141 2988 srv2 - ok
12:28:32.0188 2988 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:28:32.0188 2988 srvnet - ok
12:28:32.0219 2988 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:28:32.0219 2988 SSDPSRV - ok
12:28:32.0250 2988 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:28:32.0250 2988 SstpSvc - ok
12:28:32.0297 2988 Steam Client Service - ok
12:28:32.0328 2988 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:28:32.0328 2988 stexstor - ok
12:28:32.0375 2988 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:28:32.0406 2988 stisvc - ok
12:28:32.0437 2988 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
12:28:32.0453 2988 SupportSoft RemoteAssist - ok
12:28:32.0484 2988 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:28:32.0484 2988 swenum - ok
12:28:32.0531 2988 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:28:32.0547 2988 swprv - ok
12:28:32.0609 2988 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:28:32.0640 2988 SysMain - ok
12:28:32.0687 2988 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:28:32.0687 2988 TabletInputService - ok
12:28:32.0734 2988 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:28:32.0734 2988 TapiSrv - ok
12:28:32.0749 2988 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:28:32.0749 2988 TBS - ok
12:28:32.0812 2988 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:28:32.0859 2988 Tcpip - ok
12:28:32.0905 2988 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:28:32.0905 2988 TCPIP6 - ok
12:28:32.0952 2988 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:28:32.0952 2988 tcpipreg - ok
12:28:32.0983 2988 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:28:32.0983 2988 TDPIPE - ok
12:28:33.0030 2988 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:28:33.0030 2988 TDTCP - ok
12:28:33.0061 2988 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:28:33.0061 2988 tdx - ok
12:28:33.0093 2988 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:28:33.0108 2988 TermDD - ok
12:28:33.0139 2988 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:28:33.0155 2988 TermService - ok
12:28:33.0186 2988 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:28:33.0186 2988 Themes - ok
12:28:33.0217 2988 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:28:33.0217 2988 THREADORDER - ok
12:28:33.0233 2988 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:28:33.0233 2988 TrkWks - ok
12:28:33.0280 2988 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:28:33.0295 2988 TrustedInstaller - ok
12:28:33.0327 2988 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:28:33.0327 2988 tssecsrv - ok
12:28:33.0373 2988 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:28:33.0373 2988 TsUsbFlt - ok
12:28:33.0420 2988 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:28:33.0420 2988 tunnel - ok
12:28:33.0451 2988 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:28:33.0451 2988 uagp35 - ok
12:28:33.0483 2988 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:28:33.0483 2988 udfs - ok
12:28:33.0529 2988 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:28:33.0529 2988 UI0Detect - ok
12:28:33.0545 2988 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:28:33.0545 2988 uliagpkx - ok
12:28:33.0592 2988 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:28:33.0592 2988 umbus - ok
12:28:33.0607 2988 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:28:33.0607 2988 UmPass - ok
12:28:33.0623 2988 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:28:33.0639 2988 upnphost - ok
12:28:33.0654 2988 [ CD03479F2DA26500B203ED075C146A7A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:28:33.0670 2988 USBAAPL64 - ok
12:28:33.0685 2988 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:28:33.0685 2988 usbccgp - ok
12:28:33.0732 2988 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:28:33.0732 2988 usbcir - ok
12:28:33.0748 2988 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:28:33.0748 2988 usbehci - ok
12:28:33.0763 2988 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:28:33.0763 2988 usbhub - ok
12:28:33.0779 2988 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:28:33.0779 2988 usbohci - ok
12:28:33.0810 2988 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:28:33.0810 2988 usbprint - ok
12:28:33.0841 2988 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:28:33.0841 2988 usbscan - ok
12:28:33.0857 2988 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:28:33.0873 2988 USBSTOR - ok
12:28:33.0873 2988 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:28:33.0873 2988 usbuhci - ok
12:28:33.0888 2988 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:28:33.0904 2988 UxSms - ok
12:28:33.0904 2988 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:28:33.0904 2988 VaultSvc - ok
12:28:33.0951 2988 [ 6372EAA7CC0E8A2FC4BE7B3F2DE1ED62 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
12:28:33.0951 2988 VBoxDrv - ok
12:28:33.0982 2988 [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
12:28:33.0982 2988 VBoxNetAdp - ok
12:28:34.0013 2988 [ 89835A2F779979F1D545E40F36D737E0 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
12:28:34.0029 2988 VBoxNetFlt - ok
12:28:34.0060 2988 [ F9BD6CFF0376D1DADDB1CB2F794D9BC7 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
12:28:34.0060 2988 VBoxUSBMon - ok
12:28:34.0091 2988 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:28:34.0091 2988 vdrvroot - ok
12:28:34.0138 2988 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:28:34.0169 2988 vds - ok
12:28:34.0200 2988 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:28:34.0200 2988 vga - ok
12:28:34.0216 2988 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:28:34.0216 2988 VgaSave - ok
12:28:34.0247 2988 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:28:34.0263 2988 vhdmp - ok
12:28:34.0263 2988 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:28:34.0278 2988 viaide - ok
12:28:34.0278 2988 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:28:34.0278 2988 volmgr - ok
12:28:34.0325 2988 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:28:34.0341 2988 volmgrx - ok
12:28:34.0356 2988 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:28:34.0356 2988 volsnap - ok
12:28:34.0387 2988 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:28:34.0403 2988 vsmraid - ok
12:28:34.0450 2988 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:28:34.0497 2988 VSS - ok
12:28:34.0590 2988 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
12:28:34.0606 2988 vToolbarUpdater12.2.6 - ok
12:28:34.0621 2988 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:28:34.0621 2988 vwifibus - ok
12:28:34.0637 2988 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:28:34.0653 2988 vwififlt - ok
12:28:34.0668 2988 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:28:34.0668 2988 vwifimp - ok
12:28:34.0699 2988 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:28:34.0715 2988 W32Time - ok
12:28:34.0762 2988 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:28:34.0762 2988 WacomPen - ok
12:28:34.0777 2988 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:28:34.0793 2988 WANARP - ok
12:28:34.0809 2988 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:28:34.0809 2988 Wanarpv6 - ok
12:28:34.0824 2988 [ ECEB715BECE47E101DDEC06B11126066 ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
12:28:34.0824 2988 wanatw - ok
12:28:34.0902 2988 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:28:34.0918 2988 WatAdminSvc - ok
12:28:34.0980 2988 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:28:35.0011 2988 wbengine - ok
12:28:35.0027 2988 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:28:35.0027 2988 WbioSrvc - ok
12:28:35.0074 2988 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:28:35.0089 2988 wcncsvc - ok
12:28:35.0121 2988 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:28:35.0121 2988 WcsPlugInService - ok
12:28:35.0136 2988 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:28:35.0136 2988 Wd - ok
12:28:35.0167 2988 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:28:35.0183 2988 Wdf01000 - ok
12:28:35.0199 2988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:28:35.0199 2988 WdiServiceHost - ok
12:28:35.0214 2988 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:28:35.0214 2988 WdiSystemHost - ok
12:28:35.0245 2988 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:28:35.0261 2988 WebClient - ok
12:28:35.0277 2988 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:28:35.0292 2988 Wecsvc - ok
12:28:35.0323 2988 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:28:35.0323 2988 wercplsupport - ok
12:28:35.0355 2988 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:28:35.0355 2988 WerSvc - ok
12:28:35.0370 2988 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:28:35.0370 2988 WfpLwf - ok
12:28:35.0401 2988 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:28:35.0401 2988 WIMMount - ok
12:28:35.0401 2988 WinHttpAutoProxySvc - ok
12:28:35.0448 2988 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:28:35.0464 2988 Winmgmt - ok
12:28:35.0557 2988 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:28:35.0604 2988 WinRM - ok
12:28:35.0682 2988 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:28:35.0682 2988 WinUsb - ok
12:28:35.0776 2988 [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
12:28:35.0791 2988 WiseBootAssistant - ok
12:28:35.0823 2988 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:28:35.0854 2988 Wlansvc - ok
12:28:35.0869 2988 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:28:35.0869 2988 WmiAcpi - ok
12:28:35.0901 2988 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:28:35.0901 2988 wmiApSrv - ok
12:28:35.0947 2988 WMPNetworkSvc - ok
12:28:35.0963 2988 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:28:35.0963 2988 WPCSvc - ok
12:28:36.0010 2988 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:28:36.0010 2988 WPDBusEnum - ok
12:28:36.0041 2988 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:28:36.0041 2988 ws2ifsl - ok
12:28:36.0057 2988 WSearch - ok
12:28:36.0072 2988 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:28:36.0072 2988 WudfPf - ok
12:28:36.0135 2988 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:28:36.0135 2988 WUDFRd - ok
12:28:36.0181 2988 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:28:36.0181 2988 wudfsvc - ok
12:28:36.0197 2988 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:28:36.0213 2988 WwanSvc - ok
12:28:36.0275 2988 ================ Scan global ===============================
12:28:36.0291 2988 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:28:36.0337 2988 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:28:36.0353 2988 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:28:36.0369 2988 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:28:36.0400 2988 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:28:36.0415 2988 [Global] - ok
12:28:36.0415 2988 ================ Scan MBR ==================================
12:28:36.0431 2988 [ AF00FC1920E1CF861B39B90A4375EDF3 ] \Device\Harddisk0\DR0
12:28:36.0696 2988 \Device\Harddisk0\DR0 - ok
12:28:36.0696 2988 ================ Scan VBR ==================================
12:28:36.0696 2988 [ 9271EF0D59D36D17CA11CF7BCF257ADB ] \Device\Harddisk0\DR0\Partition1
12:28:36.0712 2988 \Device\Harddisk0\DR0\Partition1 - ok
12:28:36.0743 2988 [ D38CAD957FAA80637F7C92070FD7EE1A ] \Device\Harddisk0\DR0\Partition2
12:28:36.0743 2988 \Device\Harddisk0\DR0\Partition2 - ok
12:28:36.0774 2988 [ B08E86D36F8E94600DBFADA805724501 ] \Device\Harddisk0\DR0\Partition3
12:28:36.0774 2988 \Device\Harddisk0\DR0\Partition3 - ok
12:28:36.0774 2988 ============================================================
12:28:36.0774 2988 Scan finished
12:28:36.0774 2988 ============================================================
12:28:36.0790 3216 Detected object count: 0
12:28:36.0790 3216 Actual detected object count: 0
12:40:43.0334 2860 Deinitialize success


AVAST FULL SCAN 10/13/12

avast! Scan Report
* This file is generated automatically
*
* Scan name: Full system scan
* Started on: Saturday, October 13, 2012 12:43:42 PM
* VPS: 121013-0, 10/13/2012
*

Infected files: 0
Total files: 547418
Total folders: 51996
Total size: 156.5 GB

*
* Scan stopped: Saturday, October 13, 2012 2:38:02 PM
* Run-time was 1 hour(s), 54 minute(s), 20 second(s)



C:\Users\Beet\AppData\Local\Babylon\Setup\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Beet\Downloads\freemake video downloader setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 AM

Posted 13 October 2012 - 07:46 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 george321

george321
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 14 October 2012 - 01:28 PM

Malwarebyte 10/14/12


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Beet :: BEET-MACHINE [administrator]

10/14/2012 9:35:32 AM
mbam-log-2012-10-14 (09-35-32).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 564113
Time elapsed: 1 hour(s), 30 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)


Mini-Toolbox 10-14-12


MiniToolBox by Farbar Version: 23-07-2012
Ran by Beet (administrator) on 14-10-2012 at 11:20:47
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

802.11n USB Wireless LAN Card = Wireless Network Connection 3 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 6 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Beet-Machine
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-A1-B0-23-BC-AC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : 802.11n USB Wireless LAN Card #3
Physical Address. . . . . . . . . : 00-A1-B0-23-BC-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fd00::2c16:7bf7:cde0:c74(Preferred)
Temporary IPv6 Address. . . . . . : fd00::69e1:f12:fcda:99fa(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c16:7bf7:cde0:c74%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 14, 2012 9:31:45 AM
Lease Expires . . . . . . . . . . : Monday, October 15, 2012 9:31:45 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.2.25
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 40-61-86-30-E1-C4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-44-52
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b55e:599c:fd6f:791c%26(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 621281319
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-8D-40-DE-40-61-86-30-E1-C4
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1B844E29-E6F1-4BEE-B4B9-EB12041D8B01}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A26D64E3-DC15-46FA-8E3C-666631158A43}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{04E297EF-90B3-4747-9E4C-4114A4B84F8E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2001:4860:4001:802::1009
74.125.224.105
74.125.224.110
74.125.224.96
74.125.224.97
74.125.224.98
74.125.224.99
74.125.224.100
74.125.224.101
74.125.224.102
74.125.224.103
74.125.224.104


Pinging google.com [74.125.224.110] with 32 bytes of data:
Reply from 74.125.224.110: bytes=32 time=196ms TTL=57
Reply from 74.125.224.110: bytes=32 time=113ms TTL=57

Ping statistics for 74.125.224.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 113ms, Maximum = 196ms, Average = 154ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=656ms TTL=53
Reply from 98.139.183.24: bytes=32 time=728ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 656ms, Maximum = 728ms, Average = 692ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
28...00 a1 b0 23 bc ac ......Microsoft Virtual WiFi Miniport Adapter
13...00 a1 b0 23 bc ad ......802.11n USB Wireless LAN Card #3
10...40 61 86 30 e1 c4 ......Realtek PCIe FE Family Controller
26...08 00 27 00 44 52 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 33 fd00::/64 On-link
13 281 fd00::2c16:7bf7:cde0:c74/128
On-link
13 281 fd00::69e1:f12:fcda:99fa/128
On-link
26 276 fe80::/64 On-link
13 281 fe80::/64 On-link
13 281 fe80::2c16:7bf7:cde0:c74/128
On-link
26 276 fe80::b55e:599c:fd6f:791c/128
On-link
1 306 ff00::/8 On-link
26 276 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 09:30:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 02:50:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/13/2012 11:06:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {74b1a935-2dea-4217-9a51-cf2e7500f568}

Error: (10/12/2012 09:05:32 AM) (Source: Application Hang) (User: )
Description: The program EverydayJigsaw.exe version 1.6.0.809 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c28

Start Time: 01cda88aeffe1f05

Termination Time: 47

Application Path: C:\Games\KraiSoft Games\Everyday Jigsaw\EverydayJigsaw.exe

Report Id: 4224c4da-147e-11e2-adc5-40618630e1c4

Error: (10/07/2012 05:45:24 PM) (Source: Application Hang) (User: )
Description: The program Photoshop.exe version 7.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1538

Start Time: 01cda4e5b5d77485

Termination Time: 51

Application Path: C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe

Report Id: 0677b739-10d9-11e2-afd2-40618630e1c4

Error: (09/25/2012 03:08:09 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 1.0.1446.623 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16a0

Start Time: 01cd9b5f994debe6

Termination Time: 17

Application Path: C:\Program Files (x86)\Steam\Steam.exe

Report Id:

Error: (09/25/2012 02:51:27 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (09/18/2012 09:07:46 PM) (Source: Application Hang) (User: )
Description: The program waol.exe version 9.7.0.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fc8

Start Time: 01cd95fb19a93a56

Termination Time: 30

Application Path: C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe

Report Id: 2cb535b4-0207-11e2-a9ea-40618630e1c4

Error: (09/15/2012 09:30:59 AM) (Source: Bonjour Service) (User: )
Description: 480: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (09/15/2012 09:30:59 AM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


System errors:
=============
Error: (10/14/2012 08:59:28 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSEH
Avgldx64
Avgmfx64
Avgrkx64
Avgtdia

Error: (10/14/2012 08:59:22 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/14/2012 08:59:21 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/14/2012 08:59:04 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/14/2012 08:59:03 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/13/2012 08:58:07 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSEH
Avgldx64
Avgmfx64
Avgrkx64
Avgtdia

Error: (10/13/2012 08:57:57 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/13/2012 08:57:56 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (10/13/2012 08:57:38 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/13/2012 08:57:32 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (10/14/2012 09:30:50 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/13/2012 02:50:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Beet\Downloads\esetsmartinstaller_enu.exe

Error: (10/13/2012 11:06:28 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {74b1a935-2dea-4217-9a51-cf2e7500f568}

Error: (10/12/2012 09:05:32 AM) (Source: Application Hang)(User: )
Description: EverydayJigsaw.exe1.6.0.809c2801cda88aeffe1f0547C:\Games\KraiSoft Games\Everyday Jigsaw\EverydayJigsaw.exe4224c4da-147e-11e2-adc5-40618630e1c4

Error: (10/07/2012 05:45:24 PM) (Source: Application Hang)(User: )
Description: Photoshop.exe7.0.0.0153801cda4e5b5d7748551C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe0677b739-10d9-11e2-afd2-40618630e1c4

Error: (09/25/2012 03:08:09 PM) (Source: Application Hang)(User: )
Description: Steam.exe1.0.1446.62316a001cd9b5f994debe617C:\Program Files (x86)\Steam\Steam.exe

Error: (09/25/2012 02:51:27 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (09/18/2012 09:07:46 PM) (Source: Application Hang)(User: )
Description: waol.exe9.7.0.2fc801cd95fb19a93a5630C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe2cb535b4-0207-11e2-a9ea-40618630e1c4

Error: (09/15/2012 09:30:59 AM) (Source: Bonjour Service)(User: )
Description: 480: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (09/15/2012 09:30:59 AM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


=========================== Installed Programs ============================

µTorrent (Version: 2.2.1)
123 Free Puzzle (Version: 123 Free Memory Card Games 2003)
7-Zip 4.57
7-Zip 9.22 (x64 edition) (Version: 9.22.00.0)
A Girl in the City (Version: 1.0)
Actiontec Gateway
Activate Norton Online Backup (Version: 1.1.20.0)
Adobe AIR (Version: 3.4.0.2540)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Agatha Christie - Death on the NileGoldshare Downloads
Agatha Christie 4 50 from Paddington 1.0
Age of Castles
Allmyapps (Version: 1.5.0.1)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Astral Arrows 1.1
Auslogics Disk Defrag (Version: 3.5)
avast! Free Antivirus (Version: 7.0.1456.0)
AVG 2012 (Version: 12.0.1809)
AVG 2012 (Version: 12.0.2085)
AVG Security Toolbar (Version: 12.2.5.34)
BackUp Maker v6.1
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner (Version: 3.22)
CCleaner version 3.11.1550 (Version: 3.11.1550)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CloneDVD2
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Graphics Suite 11 (Version: 11)
Coronation Street - Mystery of the Missing Hotpot Recipe (Version: v1.120411)
Crayon Physics Deluxe - release 51
CyberLink DVD Suite Deluxe (Version: 6.0.3101)
Dark Tales 2 Edgar Allan Poes The Black Cat Collectors Edition 1.00
DHTML Editing Component (Version: 6.02.0001)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DirectX Media Runtime 5.1
Download Updater (AOL Inc.)
Dream Mysteries - Case of the Red Fox (Version: 1.0)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 7.0.7.7 Beta MATOZ-REPACK (30/06/2010)
Elf 1.15 Toolbar (Version: 6.3.0.26)
Enlightenus 1.00
Enlightenus 2 The Timeless Tower Collectors Edition 1.00
ESET Online Scanner v3
Everyday Jigsaw
FileHippo.com Update Checker
Freemake Video Downloader (Version: 3.2.0)
Google Chrome (Version: 22.0.1229.94)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
Grim Facade Mystery of Venice Collectors Edition 1.00
Half-Life
Hardware Diagnostic Tools (Version: 6.0.5434.08)
Hector - Badge of Carnage - Hector Episode 1 (Version: 1.0.0.0)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Homepage Protection (Version: )
Hoyle Card Games 2003 (Version: 1.0.0.0)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.80)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.0.3420)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.1.3601)
HP MediaSmart SmartMenu (Version: 3.0.28.2)
HP Odometer (Version: 2.10.0000)
HP Remote Solution (Version: 1.1.9.0)
HP Setup (Version: 1.2.3220.3079)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
ImgBurn (Version: 2.5.7.0)
Inbox Toolbar (Version: 1.0.0.135)
InfraRecorder
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1912)
iTunes (Version: 10.6.1.7)
Jack the Ripper Letter from HellJust For Fun Games
Jane Angel Templar Mystery 1.00
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
KraiSoft Games Launcher
LabelPrint (Version: 2.5.1901)
LG United Mobile Drivers (Version: 3.3.0.0)
LightScribe System Software (Version: 1.18.5.1)
LSI PCI-SV92EX Soft Modem (Version: 2.2.98)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Marble Arena 2
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Image Composite Editor (Version: 1.3.5)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Money 2007 Home & Business (Version: 16)
Microsoft Money Shared Libraries (Version: 16.0.0.614)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 16.0 (x86 en-US) (Version: 16.0)
Mozilla Maintenance Service (Version: 16.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Murder Island - Secret of Tantalus (Version: 1.0)
Muse 1.00
MyHeritage Family Tree Builder (Version: 5.1.0.5309)
Mystery Age 2- The Dark Priests (Version: 1.0)
Mystery Agency A Vampires Kiss 1.00
Mystery Case Files - 13th Skull Collectors Edition (Version: 1.0.3.616)
Mystery Case Files Dire Grove Collectors Edition (Updated) 1.1.5
Mystery in London 1.00
Nancy Drew - Message in a Haunted Mansion Strategy GuideJust For Fun Games
Nancy Drew - Message in a Haunted MansionJust For Fun Games
Nero 7 Ultra Edition (Version: 7.02.2620)
Nick Chase and the Deadly Diamond 1.00
NVIDIA GAME System Software 2.8.1 (Version: 2.8.1)
OpenOffice.org 3.4 (Version: 3.4.9590)
Oracle VM VirtualBox 4.1.4 (Version: 4.1.4)
Palm Desktop by ACCESS (Version: 6.4.0.0)
Petz Catz 2 (Version: 2.2.0.90)
Picasa 3 (Version: 3.8)
PictureMover (Version: 3.3.1.19)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
Puzz-3D Victorian Mansion
QuickConnect (Version: 4.1)
QuickTime (Version: 7.72.80.56)
Qwest QuickAssist Desktop Tools (Version: 23)
Ralink RT2870 Wireless LAN Card (Version: 1.5.7.0)
Ralink RT7x Wireless LAN Card (Version: 1.5.4.0)
Reading the Dead 1.00
Real Jigsaw Puzzle
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 6.0.1.5910)
RealUpgrade 1.1 (Version: 1.1.0)
Relics of Fate A Penny Macey Mystery 1.00
Royal TroubleJust For Fun Games
Save Our Spirit 1.00
Season of Mystery - The Cherry Blossom Murders (Version: 1.0)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Shutter Island
SolSuite 2011 v11.4
Source SDK Base 2007
Speccy (Version: 1.16)
Steam (Version: 1.0.0.0)
Temp File Cleaner
The Colour of Murder 1.0
The Legend of the Golden Tome (Version: 1.0)
The Stroke of Midnight 1.00
Treasure Seekers: The Time Has Come Collector's Edition
Twisted - A Haunted Carol (Version: 1.0)
Uninstall AOL Emergency Connect Utility 1.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Viewpoint Media Player
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games App (HP Games) (Version: 4.0.4.9)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WinRAR archiver
Wise Care 365 version 1.82 (Version: 1.82)
Wizard101 (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4085.18 MB
Available physical RAM: 1948.66 MB
Total Pagefile: 8168.55 MB
Available Pagefile: 5976.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.46 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:584.25 GB) (Free:465.88 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.83 GB) (Free:2.15 GB) NTFS

========================= Users: ========================================

User accounts for \\BEET-MACHINE

Administrator Beet Guest

========================= Restore Points ==================================

20-09-2012 16:48:32 HPSF Restore Point
25-09-2012 20:50:54 Installed Steam
03-10-2012 15:10:43 Scheduled Checkpoint
10-10-2012 18:03:46 Scheduled Checkpoint
13-10-2012 17:06:28 Install LG UNITED Drivers

**** End of log ****


Farbar 10-14-12


Farbar Service Scanner Version: 07-10-2012
Ran by Beet (administrator) on 14-10-2012 at 11:42:26
Running from "C:\Users\Beet\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit



Adware 10-14-12


# AdwCleaner v2.005 - Logfile created 10/14/2012 at 11:49:18
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Beet - BEET-MACHINE
# Boot Mode : Normal
# Running from : C:\Users\Beet\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Elf_1.15
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Beet\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Beet\AppData\Local\Babylon
Folder Deleted : C:\Users\Beet\AppData\Local\Conduit
Folder Deleted : C:\Users\Beet\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Beet\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Beet\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Beet\AppData\LocalLow\Elf_1.15
Folder Deleted : C:\Users\Beet\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Beet\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Beet\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Beet\AppData\Roaming\Mozilla\Firefox\Profiles\6uoac5dq.default\extensions\avg@toolbar
Folder Deleted : C:\Users\Beet\AppData\Roaming\Mozilla\Firefox\Profiles\6uoac5dq.default\extensions\inboxcomtoolbar@inbox.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Elf_1.15
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2866295
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Elf_1.15
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Inbox Toolbar
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E9E11949-9F54-4985-AECE-912A2B8E259D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E9E11949-9F54-4985-AECE-912A2B8E259D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07A3C6F4-F72F-4FDE-B40C-1B1E10A52928}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C9B2841-463E-465D-868D-EAAC9A171AC7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Elf_1.15 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={7D9E3A4D-41BB-4145-B4E0-5F8210C42EAA}&mid=3a95808a57c9ed398ec963829ea66a69-3308affe62616ec4461b9223cceda1400d42e01a&lang=en&ds=ft011&pr=sa&d=2012-10-03 13:24:55&v=12.2.5.34&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0 (en-US)

Profile name : default
File : C:\Users\Beet\AppData\Roaming\Mozilla\Firefox\Profiles\6uoac5dq.default\prefs.js

C:\Users\Beet\AppData\Roaming\Mozilla\Firefox\Profiles\6uoac5dq.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.button.1302891991910_1319118951429.view", "0");
Deleted : user_pref("aol_toolbar.buttons.defaultview", 0);
Deleted : user_pref("aol_toolbar.cookie.homepage", "");
Deleted : user_pref("aol_toolbar.cookie.search", "");
Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Deleted : user_pref("aol_toolbar.guid", "{26C3F3C1-D684-C3E4-4F30-1E57A73C94A2}");
Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.212.1.7864");
Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Deleted : user_pref("aol_toolbar.install.mtmhp", "txtlnkusaolp00000051");
Deleted : user_pref("aol_toolbar.install.ncid", "");
Deleted : user_pref("aol_toolbar.metrics.activestampdate", "14");
Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "9");
Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Deleted : user_pref("aol_toolbar.metrics.originalDate", "30");
Deleted : user_pref("aol_toolbar.metrics.originalHours", "30");
Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "19");
Deleted : user_pref("aol_toolbar.metrics.originalMonth", "1");
Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "10");
Deleted : user_pref("aol_toolbar.metrics.originalYear", "2010");
Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
Deleted : user_pref("aol_toolbar.remote.alerts.xml", "1324852152259");
Deleted : user_pref("aol_toolbar.remote.publish.xml", "1350152591716");
Deleted : user_pref("aol_toolbar.remote.ticker.rss", "1331569451793");
Deleted : user_pref("aol_toolbar.rtw.active", false);
Deleted : user_pref("aol_toolbar.search.cid", "12-03-2012");
Deleted : user_pref("aol_toolbar.search.instd", "20110309234944810");
Deleted : user_pref("aol_toolbar.search.oid", "30-01-2010");
Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Deleted : user_pref("aol_toolbar.search.source", "tb50-ff-aolrt");
Deleted : user_pref("aol_toolbar.skin.custom", false);
Deleted : user_pref("aol_toolbar.surf.date", "1");
Deleted : user_pref("aol_toolbar.surf.lastDate", "14");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "9");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.mURL", "");
Deleted : user_pref("aol_toolbar.surf.mURLh", "0");
Deleted : user_pref("aol_toolbar.surf.mURLw", "0");
Deleted : user_pref("aol_toolbar.surf.mURLx", "0");
Deleted : user_pref("aol_toolbar.surf.mURLy", "0");
Deleted : user_pref("aol_toolbar.surf.milestone", "-1");
Deleted : user_pref("aol_toolbar.surf.month", "47");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "51");
Deleted : user_pref("aol_toolbar.surf.show", true);
Deleted : user_pref("aol_toolbar.surf.total", "3064");
Deleted : user_pref("aol_toolbar.surf.week", "1");
Deleted : user_pref("aol_toolbar.surf.year", "626");
Deleted : user_pref("aol_toolbar.ticker.active", false);
Deleted : user_pref("aol_toolbar.ticker.animation", "hscroll");
Deleted : user_pref("aol_toolbar.ticker.collapsed", "0");
Deleted : user_pref("aol_toolbar.ticker.endColor", "444444");
Deleted : user_pref("aol_toolbar.ticker.fontFamily", "Arial, Helvetica, sans-serif");
Deleted : user_pref("aol_toolbar.ticker.fontSize", "10");
Deleted : user_pref("aol_toolbar.ticker.maxWidth", "200");
Deleted : user_pref("aol_toolbar.ticker.show", true);
Deleted : user_pref("aol_toolbar.ticker.startColor", "0D0D0D");
Deleted : user_pref("aol_toolbar.ticker.tipHidden", "Show Headlines");
Deleted : user_pref("aol_toolbar.ticker.tipVisible", "Hide Headlines");
Deleted : user_pref("aol_toolbar.ticker.url", "hxxp://feeds.feedburner.com/aolnewstopstories");
Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Deleted : user_pref("aol_toolbar.weather.degc", "13");
Deleted : user_pref("aol_toolbar.weather.degf", "55");
Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/34.png");
Deleted : user_pref("aol_toolbar.weather.metric", true);
Deleted : user_pref("aol_toolbar.weather.tooltip", "Saint George , UT : Mostly Sunny");
Deleted : user_pref("aol_toolbar.weather.update", "1350228725282");
Deleted : user_pref("aol_toolbar.weather.zipcode", "84790");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB5[...]
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Deleted : user_pref("ibxcomtb.defs", "<buttons>\n<button id=\"reference_search\" position=\"100\" default=\"3\[...]
Deleted : user_pref("ibxcomtb.ibxHP", "hxxp://www.inbox.com/homepage.aspx?tbid=80117&lng=en");
Deleted : user_pref("keyword.URL", "hxxp://aolsearch.aol.com/aol/search?invocationType=client_searchbox&query=[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Beet\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"backup":{"_signature":"UHQK377kdKu1aDAJMXOlXVBHD5bQ3Td2y8kHsX78YTU=","_version":4,"browser":{"show_home_button":true},"extensions":{"ids":["aciahcmjmecflokailenpkdchphgkefd","ahfgeienlihckogmohjhadlkjgocpleb","icmlaeflemplmjndnaapfdbbnpncnbda","jfmjfhklogoienhpfnppmbcbjfjnkonk","mcbkbpnkkkipelfledbfocopglifcfmi"]},"homepage":true,"homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxps://isearch.avg.com/?cid={7D9E3A4D-41BB-4145-B4E0-5F8210C42EAA}&mid=3a95808a57c9ed398ec963829ea66a69-3308affe62616ec4461b9223cceda1400d42e01a&lang=en&ds=ft011&pr=sa&d=2012-10-03 13:24:55&v=12.2.5.34&sap=hp"]}},"browser":{"check_default_browser":false,"clear_lso_data_enabled":true,"last_known_google_url":"hxxp://www.google.com/","last_prompted_google_url":"hxxp://www.google.com/","show_home_button":true,"window_placement":{"bottom":840,"left":134,"maximized":false,"right":1184,"top":0,"work_area_bottom":860,"work_area_left":0,"work_area_right":1600,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"default_apps_install_state":2,"default_apps_installed":true,"default_search_provider":{"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}{google:instantEnabledParameter}{searchTerms}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"distribution":{"alternate_shortcut_text":false,"chrome_shortcut_icon_index":0,"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_history":false,"import_home_page":false,"import_search_engine":false,"make_chrome_default_for_user":true,"ping_delay":20,"show_welcome_page":true,"skip_first_run_ui":true,"verbose_logging":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://0.85.channel.facebook.com/",["hxxp://0.85.channel.facebook.com/",9.687541693459099,"hxxp://static.ak.fbcdn.net/",0.2817763724850065]],["hxxp://1dd4a1d8b4.filmnoirliveshere.ninggadgets.com/",["hxxp://1dd4a1d8b4.filmnoirliveshere.ninggadgets.com/",0.9697640010093236,"hxxp://ning.muziic.com/",0.9697640010093236]],["hxxp://a.tribalfusion.com/",["hxxp://a.tribalfusion.com/",1.012619100451691,"hxxp://su.addthis.com/",1.012619100451691]],["hxxp://ad-g.doubleclick.net/",["hxxp://s0.2mdn.net/",1.012619100451691]],["hxxp://ad.burstdirectads.com/",["hxxp://ad.burstdirectads.com/",1.016738042343424,"hxxp://ad.yieldmanager.com/",1.108395021942862,"hxxp://content.yieldmanager.com/",0.7779483729347658,"hxxp://cookex.amp.yahoo.com/",0.6308156831255457]],["hxxp://ad.doubleclick.net/",["hxxp://s0.2mdn.net/",0.5746219249157020,"hxxp://s1.2mdn.net/",0.07899910294298146]],["hxxp://ad.turn.com/",["hxxp://cdn.turn.com/",1.012619100451691]],["hxxp://ad.yieldmanager.com/",["hxxp://ad.turn.com/",1.306884480070131,"hxxp://ad.yieldmanager.com/",1.895415239307011,"hxxp://ad2.turn.com/",1.012619100451691,"hxxp://cdn.turn.com/",1.306884480070131,"hxxp://googleads.g.doubleclick.net/",1.454017169879350,"hxxp://r.turn.com/",1.012619100451691,"hxxp://s0.2mdn.net/",1.012619100451691,"hxxp://www.googleadservices.com/",1.454017169879350,"hxxps://googleads.g.doubleclick.net/",1.012619100451691,"hxxps://www.googleadservices.com/",1.012619100451691]],["hxxp://ads.bluelithium.com/",["hxxp://ad.yieldmanager.com/",0.1813569856358619,"hxxp://ads.bluelithium.com/",0.1813569856358619,"hxxp://ak1.abmr.net/",0.1813569856358619,"hxxp://content.yieldmanager.com/",0.2077080006427820,"hxxp://content.yieldmanager.edgesuite.net/",0.1813569856358619]],["hxxp://ads.pubmatic.com/",["hxxp://a.tribalfusion.com/",1.306884480070131,"hxxp://cdn5.tribalfusion.com/",1.012619100451691,"hxxp://d.audienceiq.com/",1.012619100451691,"hxxp://image2.pubmatic.com/",2.483945998543891,"hxxp://p.qwobl.net/",1.012619100451691,"hxxp://pubmatic-match.dotomi.com/",1.012619100451691,"hxxp://r.turn.com/",1.012619100451691,"hxxp://rs.gwallet.com/",1.012619100451691,"hxxp://tags.expo9.exponential.com/",1.159751790260911,"hxxp://user.lucidmedia.com/",1.012619100451691]],["hxxp://api.socialmedia.com/",["hxxp://api.socialmedia.com/",8.344170449912161,"hxxp://static.socialmedia.com/",2.817978405319686]],["hxxp://assets.mixpod.com/",["hxxp://assets.mixpod.com/",1.379201614681059,"hxxp://flash.quantserve.com/",1.729148293032969,"hxxp://i.ytimg.com/",1.554174953857015,"hxxp://s.youtube.com/",1.204228275505104,"hxxp://s.ytimg.com/",1.379201614681059,"hxxp://v24.lscache5.c.youtube.com/",1.204228275505104,"hxxp://www.youtube.com/",2.254068310560836,"hxxp://xml.mixpod.com/",1.729148293032969]],["hxxp://bros.failblog.org/",["hxxp://cheezburger.com/",2.622271876240613,"hxxp://chzbromania.files.wordpress.com/",2.761146087754912,"hxxp://pixel.quantserve.com/",1.094655549583309,"hxxp://platform.twitter.com/",2.205649241697711,"hxxp://s0.wp.com/",2.344523453212013,"hxxp://s1.wordpress.com/",0.9557813380690089,"hxxp://secure-us.imrworldwide.com/",0.9557813380690089,"hxxp://stats.wordpress.com/",1.094655549583309,"hxxp://www.facebook.com/",2.344523453212013,"hxxp://www.youtube.com/",0.9557813380690089]],["hxxp://cache.btrll.com/",["hxxp://ad.yieldmanager.com/",1.094655549583309,"hxxp://b.scorecardresearch.com/",0.9557813380690089,"hxxp://brxserv.btrll.com/",1.233529761097610,"hxxp://cache.btrll.com/",1.650152395640510,"hxxp://ib.adnxs.com/",1.094655549583309,"hxxp://load.exelator.com/",1.094655549583309,"hxxp://pixel.quantserve.com/",1.372403972611910,"hxxp://segs.btrll.com/",1.233529761097610,"hxxp://tags.bluekai.com/",1.233529761097610,"hxxp://vast.bp3845011.btrll.com/",1.233529761097610]],["hxxp://cdn.eyewonder.com/",["hxxp://cdn.eyewonder.com/",2.344523453212013]],["hxxp://cdn.turn.com/",["hxxp://ad.afy11.net/",0.6683286062981156,"hxxp://bh.contextweb.com/",0.6683286062981156,"hxxp://ce.lijit.com/",1.012619100451691,"hxxp://cms.ad.yieldmanager.net/",0.6683286062981156,"hxxp://d.mediabrandsww.com/",1.012619100451691,"hxxp://d.p-td.com/",0.6683286062981156,"hxxp://image2.pubmatic.com/",0.1921418009962831,"hxxp://r.openx.net/",0.1921418009962831,"hxxp://r.turn.com/",0.3392744908055030,"hxxp://tag.admeld.com/",0.2911239409034592]],["hxxp://cdn.w55c.net/",["hxxp://ad.doubleclick.net/",0.7696898946398459]],["hxxp://cec47afa95.filmnoirliveshere.ninggadgets.com/",["hxxp://ajax.googleapis.com/",0.7947906618333684,"hxxp://cec47afa95.filmnoirliveshere.ninggadgets.com/",0.9697640010093236,"hxxp://os.ning.com/",1.841131230105581,"hxxps://www.paypal.com/",0.7947906618333684]],["hxxp://d.xp1.ru4.com/",["hxxp://adadvisor.net/",1.012619100451691,"hxxp://bid.openx.net/",1.012619100451691,"hxxp://cm.g.doubleclick.net/",1.012619100451691,"hxxp://hxxp.content.ru4.com/",1.159751790260911,"hxxp://image2.pubmatic.com/",1.012619100451691,"hxxp://m.xp1.ru4.com/",1.454017169879350,"hxxp://pixel.rubiconproject.com/",1.012619100451691,"hxxp://r.nexac.com/",1.012619100451691,"hxxp://tag.admeld.com/",1.012619100451691,"hxxp://tags.bluekai.com/",1.012619100451691]],["hxxp://en.wikipedia.org/",["hxxp://bits.wikimedia.org/",5.110974811985247,"hxxp://en.wikipedia.org/",1.841050066682858,"hxxp://geoiplookup.wikimedia.org/",1.607484013446973,"hxxp://meta.wikimedia.org/",1.607484013446973,"hxxp://upload.wikimedia.org/",17.95710773995891]],["hxxp://engrishfunny.failblog.org/",["hxxp://cheezburger.com/",2.622271876240613,"hxxp://engrishfunny.files.wordpress.com/",2.761146087754912,"hxxp://partner.googleadservices.com/",0.9557813380690089,"hxxp://pixel.quantserve.com/",1.233529761097610,"hxxp://platform.twitter.com/",3.733265568355017,"hxxp://s0.wp.com/",7.760617702269724,"hxxp://s1.wordpress.com/",0.9557813380690089,"hxxp://www.facebook.com/",6.371875587126721,"hxxp://www.google-analytics.com/",0.9557813380690089,"hxxp://www.lijit.com/",0.9557813380690089]],["hxxp://facebook.com/",["hxxp://www.facebook.com/",0.9489075644695643]],["hxxp://failblog.org/",["hxxp://cdn.static.viddler.com/",1.012619100451691,"hxxp://cheezburger.com/",1.306884480070131,"hxxp://csi.gstatic.com/",1.012619100451691,"hxxp://images.cheezburger.com/",2.631078688353109,"hxxp://pixel.quantserve.com/",1.306884480070131,"hxxp://s0.wp.com/",5.223295112099831,"hxxp://stats.wordpress.com/",1.159751790260911,"hxxp://www.facebook.com/",2.042547929116230,"hxxp://www.lijit.com/",1.306884480070131,"hxxp://www.viddler.com/",2.191391948566589]],["hxxp://files.avast.com/",["hxxp://files.avast.com/",2.007691368222829]],["hxxp://filmnoirliveshere.ning.com/",["hxxp://1dd4a1d8b4.filmnoirliveshere.ninggadgets.com/",1.204228275505104,"hxxp://api.ning.com/",32.52445598800124,"hxxp://assets.mixpod.com/",1.316211212577715,"hxxp://cec47afa95.filmnoirliveshere.ninggadgets.com/",1.204228275505104,"hxxp://flash.picturetrail.com/",1.204228275505104,"hxxp://s41.sitemeter.com/",0.9697640010093236,"hxxp://static.ning.com/",2.303060845530103,"hxxp://w276.photobucket.com/",1.204228275505104,"hxxp://www.google-analytics.com/",1.204228275505104,"hxxp://www.youtube.com/",1.204228275505104]],["hxxp://flash.picturetrail.com/",["hxxp://flash.picturetrail.com/",2.77898832808870,"hxxp://pic90.picturetrail.com/",5.228615076552073]],["hxxp://gamefudge.com/",["hxxp://www.gamefudge.com/",1.012619100451691]],["hxxp://google.com/",["hxxp://www.google.com/",0.7501794918869307]],["hxxp://googleads.g.doubleclick.net/",["hxxp://cdn2.invitemedia.com/",0.2470107934080030,"hxxp://g.ca.bid.invitemedia.com/",0.2783479836164810,"hxxp://googleads.g.doubleclick.net/",0.2783479836164810,"hxxp://pagead2.googlesyndication.com/",1.621126029870013,"hxxp://pixel.invitemedia.com/",0.27834798361
64810]],["hxxp://ib.adnxs.com/",["hxxp://ad.yieldmanager.com/",1.748282549497790,"hxxp://ads.pubmatic.com/",1.348081633216712,"hxxp://ads.revsci.net/",1.454017169879350,"hxxp://ib.adnxs.com/",1.306884480070131,"hxxp://pixel.quantserve.com/",1.012619100451691,"hxxp://r.turn.com/",1.012619100451691,"hxxp://sync.mathtag.com/",1.012619100451691,"hxxp://tag.admeld.com/",1.454017169879350,"hxxp://track.pubmatic.com/",1.012619100451691,"hxxp://w55c.net/",1.012619100451691]],["hxxp://images.google.com/",["hxxp://api.ning.com/",0.9697640010093236,"hxxp://clients1.google.com/",3.394894481988063,"hxxp://filmnoirliveshere.ning.com/",0.9697640010093236,"hxxp://id.google.com/",0.9102730656894991,"hxxp://images.google.com/",14.20474737627859,"hxxp://ssl.gstatic.com/",1.025755469545629,"hxxp://t0.gstatic.com/",20.08035210580724,"hxxp://t1.gstatic.com/",18.81004566338980,"hxxp://t2.gstatic.com/",19.50294008652659,"hxxp://t3.gstatic.com/",17.42425681711622]],["hxxp://java.com/",["hxxp://cetrk.com/",1.10427557841350,"hxxp://java.com/",3.350579746468311,"hxxp://metrics.sun.com/",1.585626471568101]],["hxxp://jdn.monster.com/",["hxxp://jdn.monster.com/",1.789026607154811,"hxxp://spe.atdmt.com/",0.9557813380690089,"hxxp://view.atdmt.com/",0.9557813380690089]],["hxxp://maps.google.com/",["hxxp://cbk0.google.com/",1.275840513421308,"hxxp://khm0.google.com/",115.0982617022395,"hxxp://khm1.google.com/",129.1573011838516,"hxxp://khmdb0.google.com/",11.31546908831461,"hxxp://khmdb1.google.com/",10.84601993759235,"hxxp://maps.google.com/",119.3099581195154,"hxxp://maps.gstatic.com/",40.15809423544788,"hxxp://mt0.google.com/",180.3459290931939,"hxxp://mt1.google.com/",150.7889325225345,"hxxp://www.google.com/",1.975753751632905]],["hxxp://maps.gstatic.com/",["hxxp://cbk0.google.com/",33.53170580145761,"hxxp://cbk1.google.com/",111.3906909794767,"hxxp://cbk2.google.com/",28.63167656078008,"hxxp://cbk3.google.com/",35.10056246013021,"hxxp://maps.gstatic.com/",11.09639985425195,"hxxp://mt0.google.com/",3.363712954302093,"hxxp://mt1.google.com/",5.130913983782051,"hxxp://mt2.google.com/",3.362686267821670,"hxxp://mt3.google.com/",2.952531613909956,"hxxp://www.google.com/",3.872661812450517]],["hxxp://media.fastclick.net/",["hxxp://cdn.fastclick.net/",0.3664402911689259,"hxxp://yttrk.com/",0.5053145026832264]],["hxxp://media.gamefudge.com/",["hxxp://www.officegamespot.com/",1.748282549497790]],["hxxp://ning.muziic.com/",["hxxp://b.scorecardresearch.com/",1.554174953857015,"hxxp://edge.quantserve.com/",0.7947906618333684,"hxxp://ning.muziic.com/",5.869017497936071,"hxxp://optimize.indieclick.com/",1.729148293032969,"hxxp://pixel.indieclick.com/",1.379201614681059,"hxxp://pixel.quantserve.com/",1.554174953857015,"hxxp://player.muziic.com/",2.247069376993797,"hxxp://static-1270264595.s3.amazonaws.com/",1.554174953857015,"hxxp://www.google-analytics.com/",1.379201614681059,"hxxp://www.muziic.com/",1.379201614681059]],["hxxp://optimized-by.rubiconproject.com/",["hxxp://ad.turn.com/",0.6468695419765987,"hxxp://ad.yieldmanager.com/",0.4163383508628601,"hxxp://b.scorecardresearch.com/",0.9378943396259669,"hxxp://demr.opt.fimserve.com/",0.5658081092188555,"hxxp://fim.adnxs.com/",0.6468695419765987,"hxxp://geo-lb01.w55c.net/",0.7696898946398459,"hxxp://rtb.media6degrees.com/",0.6468695419765987,"hxxp://tap2-cdn.rubiconproject.com/",0.6468695419765987]],["hxxp://pbid.pro-market.net/",["hxxp://tag.admeld.com/",0.9557813380690089]],["hxxp://pixel.invitemedia.com/",["hxxp://r.nexac.com/",0.1813569856358619]],["hxxp://platform.twitter.com/",["hxxp://platform.twitter.com/",0.1548341709464955,"hxxp://urls.api.twitter.com/",1.106566630888218]],["hxxp://player.muziic.com/",["hxxp://ad.doubleclick.net/",0.7947906618333684,"hxxp://cdn.fastclick.net/",1.204228275505104,"hxxp://media.fastclick.net/",0.9697640010093236,"hxxp://s0.2mdn.net/",0.7947906618333684,"hxxp://yttrk.com/",1.204228275505104]],["hxxp://playpickle.com/",["hxxp://cdn-static.liverail.com/",0.6683286062981156,"hxxp://cdn.kmdl101.com/",1.250974057942627,"hxxp://pages.plpickle.com/",0.6683286062981156]],["hxxp://r.turn.com/",["hxxp://cdn.turn.com/",1.012619100451691]],["hxxp://rs.gwallet.com/",["hxxp://image2.pubmatic.com/",1.012619100451691]],["hxxp://s.ytimg.com/",["hxxp://o-o.preferred.nuq04s10.v18.lscache4.c.youtube.com/",1.012619100451691,"hxxp://s.youtube.com/",1.012619100451691,"hxxp://www.youtube.com/",1.159751790260911]],["hxxp://s7.addthis.com/",["hxxp://cf.addthis.com/",0.2911239409034592,"hxxp://ds.addthis.com/",1.012619100451691,"hxxp://l.addthiscdn.com/",0.5994552056676605]],["hxxp://search.myheritage.com/",["hxxp://c.mhcache.com/",1.158817350222715,"hxxp://www.google-analytics.com/",0.6690400757850595,"hxxp://www.google.com/",0.494856165469370,"hxxp://www.myheritage.com/",0.3800543980738758]],["hxxp://speed.pointroll.com/",["hxxp://smq.pointroll.com/",1.094655549583309,"hxxp://speed.pointroll.com/",2.066775030183412]],["hxxp://static-1270264595.s3.amazonaws.com/",["hxxp://s.ytimg.com/",1.379201614681059,"hxxp://www.youtube.com/",1.379201614681059]],["hxxp://static.addtoany.com/",["hxxp://www.google-analytics.com/",0.8072786064065857]],["hxxp://static.ning.com/",["hxxp://api.ning.com/",3.128935006440610,"hxxp://filmnoirliveshere.ning.com/",1.729148293032969]],["hxxp://static.poptropica.com/",["hxxp://static.poptropica.com/",192.6349264613715,"hxxp://www.poptropica.com/",31.45831214279716,"hxxps://www.poptropica.com/",9.294628297326256]],["hxxp://tap2-cdn.rubiconproject.com/",["hxxp://pixel.quantserve.com/",0.3964922836451814]],["hxxp://thereifixedit.failblog.org/",["hxxp://i0.poll.fm/",0.9557813380690089,"hxxp://images.cheezburger.com/",3.177768722297814,"hxxp://pixel.quantserve.com/",1.372403972611910,"hxxp://platform.twitter.com/",2.205649241697711,"hxxp://s1.wordpress.com/",0.9557813380690089,"hxxp://secure-us.imrworldwide.com/",0.9557813380690089,"hxxp://stats.wordpress.com/",1.094655549583309,"hxxp://thereifixedit.files.wordpress.com/",2.205649241697711,"hxxp://www.facebook.com/",2.344523453212013,"hxxp://www.lijit.com/",1.094655549583309]],["hxxp://totaljerkface.com/",["hxxp://www.totaljerkface.com/",0.6731475107533865]],["hxxp://uac.advertising.com/",["hxxp://cmap.am.ace.advertising.com/",0.1813569856358619,"hxxp://cmap.an.ace.advertising.com/",0.1813569856358619,"hxxp://cmap.dc.ace.advertising.com/",0.1813569856358619,"hxxp://cmap.rm.ace.advertising.com/",0.1813569856358619,"hxxp://cmap.rub.ace.advertising.com/",0.1813569856358619,"hxxp://cms.ad.yieldmanager.net/",0.2077080006427820,"hxxp://cookex.amp.yahoo.com/",0.1813569856358619,"hxxp://ib.adnxs.com/",0.1813569856358619,"hxxp://pixel.rubiconproject.com/",0.1813569856358619,"hxxp://tag.admeld.com/",0.1813569856358619]],["hxxp://ugliesttattoos.failblog.org/",["hxxp://b.scorecardresearch.com/",1.094655549583309,"hxxp://images.cheezburger.com/",1.789026607154811,"hxxp://pixel.quantserve.com/",1.233529761097610,"hxxp://platform.twitter.com/",3.594391356840715,"hxxp://s0.wp.com/",1.233529761097610,"hxxp://secure-us.imrworldwide.com/",0.9557813380690089,"hxxp://stats.wordpress.com/",1.094655549583309,"hxxp://ugliesttattoos.files.wordpress.com/",3.594391356840715,"hxxp://www.facebook.com/",2.344523453212013,"hxxp://www.lijit.com/",1.372403972611910]],["hxxp://view.atdmt.com/",["hxxp://ad.doubleclick.net/",1.012619100451691,"hxxp://choices.truste.com/",0.2797832294311114,"hxxp://ec.atdmt.com/",0.2077080006427820,"hxxp://ib.adnxs.com/",0.1198195013737806,"hxxp://log30.doubleverify.com/",0.09859254139281734,"hxxp://privacy-policy.truste.com/",0.07224152638589720,"hxxp://rmd.atdmt.com/",0.05213940794236778,"hxxp://spe.atdmt.com/",0.2130544181338460,"hxxp://t.mookie1.com/",0.1053501179499015]],["hxxp://w276.photobucket.com/",["hxxp://s276.photobucket.com/",1.729148293032969,"hxxp://w276.photobucket.com/",7.678241825015445]],["hxxp://w55c.net/",["hxxp://tag.admeld.com/",0.6308156831255457]],["hxxp://www.avast.com/",["hxxp://an.avast.com/",1.688629585300075,"hxxp://dnn506yrbagrg.cloudfront.net/",1.476825035922114,"hxxp://maps.google.com/",1.476825035922114,"hxxp://maps.googleapis.com/",0.9347002865441547,"hxxp://maps.gstatic.com/",1.824440738045807,"hxxp://static.avast.com/",30.09285776524236,"hxxp://www.avast.com/",2.870367893976456,"hxxp://www.facebook.com/",0.5679889446425704,"hxxp://www.google-analytics.com/",2.154760938045806,"hxxps://blog.avast.com/",0.3955637293046473]],["hxxp://www.ebay.com/",["hxxp://ebay-stories.com/",1.313228117939032,"hxxp://i.ebayimg.com/",2.648904579774458,"hxxp://ir.ebaystatic.com/",2.267282733535765,"hxxp://p.ebaystatic.com/",1.313228117939032,"hxxp://pics.ebaystatic.com/",1.313228117939032,"hxxp://q.ebaystatic.com/",1.504039041058379,"hxxp://rover.ebay.com/",1.313228117939032,"hxxp://rtm.ebaystatic.com/",2.076471810416419,"hxxp://srx.main.ebayrtm.com/",1.885660887297072]],["hxxp://www.escapewizard.com/",["hxxp://www.escapewizard.com/",4.285914332486349,"hxxp://www.google-analytics.com/",1.857229544077419]],["hxxp://www.facebook.com/",["hxxp://external.ak.fbcdn.net/",2.993395769208965,"hxxp://photos-e.ak.fbcdn.net/",2.387589482583341,"hxxp://platform.ak.fbcdn.net/",2.387589482583341,"hxxp://profile.ak.fbcdn.net/",0.7212170088530699,"hxxp://static.ak.fbcdn.net/",15.88288901177522,"hxxp://www.facebook.com/",2.387589482583341]],["hxxp://www.fijitfriends.com/",["hxxp://ajax.googleapis.com/",1.345181806089499,"hxxp://b.scorecardresearch.com/",1.648070424679187,"hxxp://corporate.mattel.com/",11.94628345672859,"hxxp://sb.scorecardresearch.com/",1.496626115384343,"hxxp://statse.webtrendslive.com/",1.496626115384343,"hxxp://tracker.mattel.com/",2.102403352563719,"hxxp://use.typekit.com/",1.345181806089499,"hxxp://www.fijitfriends.com/",13.15783793108735,"hxxp://www.google-analytics.com/",3.919735064101849]],["hxxp://www.gamefudge.com/",["hxxp://media.gamefudge.com/",0.8154612961073355,"hxxp://pagead2.googlesyndication.com/",0.6683286062981156,"hxxp://www.facebook.com/",1.448131862286981,"hxxp://www.gamefudge.com/",9.7
49358221323176,"hxxp://www.google-analytics.com/",1.545239437561067]],["hxxp://www.google.com/",["hxxp://clients1.google.com/",0.4568070767791875,"hxxp://t0.gstatic.com/",0.4402030180227591,"hxxp://t1.gstatic.com/",0.1157914225458089,"hxxp://t2.gstatic.com/",0.4402030180227591,"hxxp://t3.gstatic.com/",0.2425494853033229,"hxxp://www.google.com/",3.269681829747955]],["hxxp://www.officegamespot.com/",["hxxp://bs.serving-sys.com/",1.159751790260911,"hxxp://cdn.cpmstar.com/",0.6683286062981156,"hxxp://cdn3.cpmstar.com/",0.8154612961073355,"hxxp://ds.serving-sys.com/",1.401049401548031,"hxxp://p.brilig.com/",0.7654361815722011,"hxxp://server.cpmstar.com/",1.253916711738810,"hxxp://www.google-analytics.com/",1.156809136464726,"hxxp://www.officegamefiles.com/",1.159751790260911,"hxxp://www.officegamespot.com/",4.261308891439267,"hxxps://plusone.google.com/",1.059701561190641]],["hxxp://www.peopleofwalmart.com/",["hxxp://ib.adnxs.com/",2.042547929116230,"hxxp://image2.pubmatic.com/",1.012619100451691,"hxxp://map.media6degrees.com/",1.012619100451691,"hxxp://media.peopleofwalmart.com/",9.987713178814104,"hxxp://pixel.quantserve.com/",1.012619100451691,"hxxp://static.addtoany.com/",1.159751790260911,"hxxp://static.ak.fbcdn.net/",1.012619100451691,"hxxp://www.facebook.com/",1.601149859688571,"hxxp://www.google-analytics.com/",1.159751790260911,"hxxp://www.peopleofwalmart.com/",2.925344067971549]],["hxxp://www.piriform.com/",["hxxp://ajax.googleapis.com/",0.8594332721383019,"hxxp://connect.facebook.net/",0.8594332721383019,"hxxp://static.ak.facebook.com/",1.791411089889912,"hxxp://static.piriform.com/",4.622514668814953,"hxxp://www.facebook.com/",1.486613504917744,"hxxp://www.google-analytics.com/",1.736403950788140,"hxxp://www.piriform.com/",2.257999586199409,"hxxps://s-static.ak.facebook.com/",1.791411089889912]],["hxxp://www.poptropica.com/",["hxxp://b.scorecardresearch.com/",2.853567126666146,"hxxp://edge.quantserve.com/",1.193737496794654,"hxxp://icompass.insightexpressai.com/",0.7580568033086410,"hxxp://notify.maps.poptropica.com/",0.6879135037498746,"hxxp://pixel.quantserve.com/",3.427903157415856,"hxxp://segment-pixel.invitemedia.com/",0.2911239409034593,"hxxp://static.poptropica.com/",10.82623234819727,"hxxp://www.google-analytics.com/",4.037089323745024,"hxxp://www.googleadservices.com/",0.2911239409034593,"hxxp://www.poptropica.com/",2.096345580191926]],["hxxp://www.timewasterz.com/",["hxxp://api-public.addthis.com/",0.4523225158584407,"hxxp://content.yieldmanager.edgesuite.net/",1.812547754283420,"hxxp://network.kitaramarketplace.com/",0.6683286062981156,"hxxp://playpickle.com/",0.6683286062981156,"hxxp://s7.addthis.com/",0.7484229343841813,"hxxp://whos.amung.us/",0.9936684100042632,"hxxp://www.facebook.com/",0.4523225158584407,"hxxp://www.google-analytics.com/",0.6853371452400616,"hxxp://www.idealinternet.com/",2.973040954823143,"hxxp://www.timewasterz.com/",5.459816470779616]],["hxxp://www.totaljerkface.com/",["hxxp://pagead2.googlesyndication.com/",0.7501794918869305,"hxxp://tags.bluekai.com/",0.4768319573984893,"hxxp://www.adobe.com/",1.024332111170136,"hxxp://www.facebook.com/",0.9153316721780184,"hxxp://www.google-analytics.com/",1.298484730453342,"hxxp://www.totaljerkface.com/",15.23408734251898,"hxxp://x.mochiads.com/",0.6904909701460663,"hxxp://y.mochiads.com/",0.5814905311539484,"hxxp://z.mochiads.com/",0.4163383508628601,"hxxps://www.paypal.com/",0.8591799308790488]],["hxxp://www.viddler.com/",["hxxp://adadvisor.net/",1.012619100451691,"hxxp://cdn-static.viddler.com/",2.385815844686610,"hxxp://cdn-thumbs.viddler.com/",1.159751790260911,"hxxp://cm.g.doubleclick.net/",1.012619100451691,"hxxp://rcv-srv43.inplay.tubemogul.com/",1.306884480070131,"hxxp://receive.inplay.tubemogul.com/",1.306884480070131,"hxxp://rtd.tubemogul.com/",1.012619100451691,"hxxp://sync.adap.tv/",1.012619100451691,"hxxp://tag.admeld.com/",1.012619100451691,"hxxp://www.viddler.com/",1.159751790260911]],["hxxp://www.wishwall.me/",["hxxp://ajax.googleapis.com/",1.958169039267564,"hxxp://connect.facebook.net/",1.517256805260298,"hxxp://s3.amazonaws.com/",1.517256805260298,"hxxp://www.google-analytics.com/",1.517256805260298,"hxxp://www.wishwall.me/",14.08325547446736]],["hxxp://www.youtube.com/",["hxxp://csi.gstatic.com/",1.012619100451691,"hxxp://i1.ytimg.com/",1.454017169879350,"hxxp://i2.ytimg.com/",1.159751790260911,"hxxp://i3.ytimg.com/",2.595308596010831,"hxxp://i4.ytimg.com/",1.306884480070131,"hxxp://o-o.preferred.nuq04s10.v18.lscache4.c.youtube.com/",1.012619100451691,"hxxp://s.ytimg.com/",1.362565778803601,"hxxp://speed.pointroll.com/",1.159751790260911,"hxxp://suggestqueries.google.com/",2.336813308734669,"hxxp://www.youtube.com/",1.012619100451691]],["hxxp://youtube.com/",["hxxp://www.youtube.com/",1.012619100451691]],["hxxps://clients6.google.com/",["hxxps://clients6.google.com/",0.6853371452400616,"hxxps://ssl.gstatic.com/",0.4410968801567563]],["hxxps://plusone.google.com/",["hxxps://clients6.google.com/",0.6853371452400616,"hxxps://plusone.google.com/",0.5051878798376526,"hxxps://ssl.gstatic.com/",0.4410968801567563]],["hxxps://www.ascomp.de/",["hxxps://www.ascomp.de/",8.416868585440104]],["hxxps://www.facebook.com/",["hxxps://s-static.ak.fbcdn.net/",3.659792517097586,"hxxps://www.facebook.com/",1.517256805260298]]],"startup_list":[1,"hxxp://an.avast.com/","hxxp://api.webrep.avast.com/","hxxp://localhost:18821/","hxxp://localhost:27275/","hxxp://localhost:7754/","hxxp://maps.google.com/","hxxp://maps.gstatic.com/","hxxp://static.avast.com/","hxxp://www.avast.com/","hxxp://www.google-analytics.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"12988837097383106","next_check":"12992827396150087"},"blacklistupdate":{"lastpingday":"12988796401763106","version":"0.0.0.116"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"aciahcmjmecflokailenpkdchphgkefd":{"active_permissions":{"api":["unlimitedStorage"]},"allowFileAccess":true,"app_launcher_ordinal":"t","from_bookmark":false,"from_webstore":false,"granted_permissions":{"api":["unlimitedStorage"]},"incognito":true,"install_time":"12978387187739373","lastpingday":"12988796401864106","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://entanglement.gopherwoodstudios.com/"},"urls":["hxxp://entanglement.gopherwoodstudios.com/"]},"current_locale":"en_US","default_locale":"en","description":"Create the longest path possible and challenge your friends in the game of Entanglement.","icons":{"128":"icon-128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUmhWocpvLByaYty7BXdP5gGHPMabneLdA/eEYQz86oi2K5hJjmpAsQvNLAn6Q2kkzsOS4OXsqpM00J60N2uVLQyw4K9wrR4avsO3R9yCKfDqcGoXQW3y+Cg73bWM99DJtDsrbnJ9mC3OcSiTE97GBhCldQyB0lmTTCQnIamhitwIDAQAB","name":"Entanglement","permissions":["unlimitedStorage"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"2.7.9"},"page_ordinal":"n","path":"aciahcmjmecflokailenpkdchphgkefd\\2.7.9_0","state":1},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist":true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk":{"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklist":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":true},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabimpknna":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"dfafokiagoiocidlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklist":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdp
ajbbniphgkgceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehicimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"eofejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fjjeecfjmgfnleghoellhldedkaocjfc":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"blacklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjemjadeli":{"blacklist":true},"fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gmghjgfdialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":true},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodllmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hjkhligcnpfjhjlapmejaiaiigibofif":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"blacklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true,"install_time":"12945388724830265"},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"icmlaeflemplmjndnaapfdbbnpncnbda":{"ack_external":true,"active_permissions":{"api":["tabs","webNavigation"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"events":["experimental.runtime.onInstalled"],"from_bookmark":false,"from_webstore":false,"install_time":"12986689999152988","lastpingday":"12988796401864106","location":3,"manifest":{"background_page":"background.html","browser_action":{"default_icon":"skin/images/icons/grey0-16.png","default_title":"avast! WebRep","popup":"popup.html"},"content_scripts":[{"css":["skin/css/anchor.css"],"matches":["hxxp://*/*","hxxps://*/*"]}],"current_locale":"en_US","default_locale":"en","description":"Web Reputation Plugin","icons":{"128":"skin/images/icons/green3-24.png","256":"skin/images/icons/green3-24.png","48":"skin/images/icons/green3-24.png","64":"skin/images/icons/green3-24.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfBBgbBomL+8Ze0I3H5diuRW5XcxzEGzMgmCWRwf/XB4gdxIKK880IIDrKW13wW/RjlB5M6CipuiERx/91yBYP6Oz+56h22Chwgn0zIiGq35MJpP1cfYbnp4bzl1odIIX/d8j8LZ+Ur22y76sZP+WtoFphr+7axJRXC8IrXhAEcQIDAQAB","name":"avast! WebRep","permissions":["hxxp://*/*","hxxps://*/*","tabs","webNavigation"],"version":"7.0.1456"},"path":"icmlaeflemplmjndnaapfdbbnpncnbda\\7.0.1456_0","state":1},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jfmjfhklogoienhpfnppmbcbjfjnkonk":{"ack_external":true,"active_permissions":{"api":["tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"from_bookmark":false,"from_webstore":false,"install_time":"12975275817725404","lastpingday":"12988796401864106","location":3,"manifest":{"background_page":"background.html","content_scripts":[{"js":["contentscript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_idle"}],"description":"RealPlayer HTML5Video Downloader Extension","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl0WKWTrid8Fh+tsoJPRheLc7tksPgH1NfLF79Fj3YKb0fk2Fip1eE/chfSnGWQkxe5Ck2r+ZPba7m+FWQhZDCE5EXvOTDoqi7TEvjccW5pMpW5wCUOLKQVSttgBwkY8EUYt40SwtJ6HmLoPZfQmo9W3qAjnlhlF5AkY4jYgBv3QIDAQAB","name":"RealPlayer HTML5Video Downloader Extension","permissions":["tabs","hxxp://*/*","hxxps://*/*"],"version":"1.5"},"path":"jfmjfhklogoienhpfnppmbcbjfjnkonk\\1.5_0","state":1},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklist":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpeijjbllejgmokmahkeommcodahoobm":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":true},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kcfnnanmpghdnoompcfclakpacapnfbn":{"blacklist":true},"kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true},"kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true},"kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kgdkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true},"kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true},"kolbbghckjilleabphhgeggcgpfidofi":{"blacklist":true},"lbficnmfealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":true},"ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true},"lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"liomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lkfdchejjogilmloogbbjlnlpbhgjfab":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjppdidhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true,"install_time":"12945388724830265"},"lndempehphjoeimfchjflohpmhamiamf":{"blacklist":true},"loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true},"lookpbabilcplifjdeifacodednpacmk":{"blacklist":true},"lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true},"mamfageekafifnickhgkibkofcclfefe":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mcbkbpnkkkipelfledbfocopglifcfmi":{"active_permissions":{"api":["notifications","unlimitedStorage"]},"app_launcher_ordinal":"w","granted_permissions":{"api":["notifications","unlimitedStorage"]},"incognito":true,"install_time":"12944548398134293","lastpingday":"12988796401864106","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://poppit.pogo.com/hd/PoppitHD.html"},"urls":["hxxp://poppit.pogo.com/"]},"description":"The prickly puzzle game where popping balloons has never been so much fun! Pop colorful strings of balloons to earn a bonus!","icons":{"128":"icon_poppit.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEE80zEq495GvVBavV3VqpSg6fxQ1uFruS/4lDt0R0OXwudOByq8DLehpIw6BZZzAFwNIh17wIImMSseLvf+ocyx5Ny1DTByIquqJ5g9K5mixHbRiZLZcZvJ9u7hOmiHz5YEQSj+0iVC5knN0jKv7If+aHVgyS+gYr4TOLTvKhQwIDAQAB","name":"Poppit","permissions":["unlimitedStorage","notifications"],"update_url":"hxxp://clients2.go
ogle.com/service/update2/crx","version":"2.2"},"page_ordinal":"n","path":"mcbkbpnkkkipelfledbfocopglifcfmi\\2.2_0","state":1},"mdiehnlecbjlppbpaaipmlnhhjgepfcg":{"blacklist":true},"megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true},"mfffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mfncimdpmknolnnnccdmkpnpkaofonkc":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljgg":{"blacklist":true},"mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true},"mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true},"mkobblpffgbncfhijabakfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedbhndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mnllienogacopjnkmhgnniopjpgjpopp":{"blacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true},"ncpdanjmicnihdlijomcggnnekloephc":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"negkalblfongjbphdcbbhddlickhlamd":{"blacklist":true},"nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true},"nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true},"nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnkod":{"blacklist":true},"nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nifbebeekindefklojhchehidpikbjfc":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":true},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true},"npadaghbcdejfngcjpbnoikajdnongca":{"blacklist":true},"npolaghondefgiomhkbiiompikfjneep":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"oanjogmonneelfpnfmdlalfddkeckdej":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"odnamglmogfldajnhkfodmloofeokcmm":{"blacklist":true},"ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true},"oidjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true},"omceiakkomngangmllpgbjcoeloglald":{"blacklist":true},"onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true},"pajgiddgjidlcajihkjoacjbplimkgfe":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":true},"pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"blacklist":true},"pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true},"pgldfhecfiofkhnbgcncepnkjkeoahlk":{"blacklist":true},"phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true},"pjdhkkcnlbfebiokpeghfffajaabahfo":{"blacklist":true},"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blacklist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimgafpp":{"blacklist":true},"pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"pobponmhkpmphbnfhpjdagklbkmjhked":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true}},"toolbar":["icmlaeflemplmjndnaapfdbbnpncnbda"],"toolbarsize":-1},"google":{"services":{"username":""}},"homepage":"hxxps://isearch.avg.com/?cid={7D9E3A4D-41BB-4145-B4E0-5F8210C42EAA}&mid=3a95808a57c9ed398ec963829ea66a69-3308affe62616ec4461b9223cceda1400d42e01a&lang=en&ds=ft011&pr=sa&d=2012-10-03 13:24:55&v=12.2.5.34&sap=hp","homepage_is_newtabpage":false,"hxxp_throttling":{"enabled":true},"instant":{"enabled_time":"12975275796067979"},"net":{"hxxp_server_properties":{"clients1.google.com:443":{"settings":[{"id":5,"value":32},{"id":6,"value":0}],"supports_spdy":true},"clients2.google.com:443":{"settings":[{"id":4,"value":100},{"id":5,"value":10},{"id":6,"value":0}],"supports_spdy":true},"www.google.com:443":{"settings":[{"id":4,"value":100},{"id":5,"value":10},{"id":6,"value":0}],"supports_spdy":true}}},"ntp":{"alt_logo_resource_server":"hxxps://www.google.com/support/chrome/bin/topic/30248/inproduct","gplus_required":false,"pref_version":3,"promo_closed":false,"promo_end":1348293600.0,"promo_group":233,"promo_group_max":1,"promo_group_timeslice":0,"promo_increment":1,"promo_initial_segment":4,"promo_line":"What do you think of Chrome? <a href=\"hxxps://survey.googleratings.com/wix/p5963862.aspx\">Take the survey</a>","promo_num_groups":1000,"promo_resource_cache_update":"1348353321.44911","promo_start":1347861600.0,"promo_views":0,"promo_views_max":15,"shown_sections":64,"sign_in_promo":{"group_max":100},"tips_cache":{"current_tip":0,"tips":["How do you feel about Google Chrome? Take our <a href=\"hxxp://www.google.com/support/chrome/bin/request.py?contact_type=general_feedback&ctx=tip\">survey<a/>.","The <a href=\"hxxps://chrome.google.com/extensions/\">Chrome extensions gallery</a> has over 5,000 extensions! Explore extensions in different categories, such as blogging, shopping, web development, and more.","Parlez-vous français ? Google Chrome's built-in translation bar helps you read more of the Web. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=173424&ctx=tip\">Learn more</a>","Add extra features and functionality to your browser with extensions. Visit the <a href=\"hxxps://chrome.google.com/extensions\" target=\"_blank\">Chrome extensions gallery</a> or <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?hl=en&answer=154007&ctx=tip\" target=\"_blank\">learn more</a>.\n","Click and hold down the back button to see your browsing history.","Customize Google Chrome with themes! Check out designs at the <a href=\"hxxps://tools.google.com/chrome/intl/en/themes/index.html\" target=\"_blank\">Themes Gallery</a>.","When you use the find bar, yellow markers on the scrollbar help you quickly locate matches on the page. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95635&ctx=tip\">Learn more</a>","Search your bookmarks and browsing history from the address bar. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95440&ctx=tip\">Learn more</a>","Have your tabs arranged your way. Click a tab and drag it to a new position along the top of the browser window. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95622&ctx=tips\">Learn more</a>","Quickly resize a tab by dragging it to a docking position on your monitor or browser window. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95622#resize&ctx=tip\">Learn more</a>","Drag a link to the tab strip at the top of your browser window to open it in a new tab.","Press <strong>Ctrl+T</strong> to open a new tab. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>Ctrl+N</strong> to open a new browser window. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","To search a site, start typing the site's web address in the address bar and press <strong>Tab</strong> when prompted. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95655&ctx=tip\">search tricks</a>.","Create address bar keywords for search engines you frequently use. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95653&ctx=tips\">Learn how</a>","Press <strong>Ctrl</strong> and + to enlarge a page; <strong>Ctrl</strong> and - to make the page smaller; and <strong>Ctrl</strong> and <strong>0</strong> to return the page to its normal size. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>Ctrl+F</strong> to search the page you're viewing. Learn more about <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95635&ctx=tip\">using the find bar</a>.\n","Press <strong>Ctrl+S</strong> to save your current webpage. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>Ctrl+P</strong> to print your current webpage. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>Ctrl+J</strong> to see a list of files you've downloaded. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>Ctrl+H</strong> to see your browsing history. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Click a tab and drag it out of the tab strip to open it in a new window. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95622&ctx=tips\">Learn more</a>\n","Press <strong>Ctrl+Shift+N</strong> to open a new window in incognito mode. Pages you visit while in incognito mode aren't stored in your browsing history. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95464&ctx=tip\">Learn more</a>","Press <strong>Ctrl+O</strong> to open
a file in the browser. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Press <strong>F11</strong> to go full screen. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Click the star next to the address bar to bookmark the page you're viewing. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95739&ctx=tip\">bookmarking tricks</a>.\n","Place shortcuts for your favorite sites on your computer desktop. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95710&ctx=tip\">Learn more</a>","Want to hide thumbnails on the New Tab page? Use the controls at the top of the page. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95451&ctx=tip\">Learn more</a>","Drag the star to the bookmarks bar to create a bookmark for the page? Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95739&ctx=tip\">bookmarking tricks</a>.","Drag a link to the bookmarks bar to create an instant bookmark. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95739&ctx=tip\">bookmarking tricks</a>.","Press <strong>Ctrl+Shift+T</strong> repeatedly to reopen the last 10 tabs you closed. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Don't want to leave traces of your browsing history? Browse in incognito mode. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95464&ctx=tip\">Learn more</a>","Accidentally closed a window full of tabs? Find it again in the <strong>Recently closed</strong> section of the New Tab page.","Add a home button next to the address bar. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95314&ctx=tip\">Learn how</a>","Search directly from the address bar. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95655&ctx=tip\">search tips</a>.\n","Press <strong>F6</strong> to quickly place your cursor in the address bar. Learn more <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=95743&ctx=tip\">keyboard shortcuts</a>.","Switching between computers? Keep your Google Chrome settings, bookmarks, and themes in sync across computers. <a href=\"hxxp://www.google.com/support/chrome/bin/answer.py?answer=165138&ctx=tip\">Learn how</a>"],"topic_id":"24013"},"tips_cache_update":"1282065018.840807","tips_server":"hxxps://clients2.google.com/tools/service/npredir?r=chrometips_win&hl=en-US","web_resource_cache_update":"1304207860.052492"},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.89","plugins_list":[{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.89\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.89\\pdf.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\21.0.1180.89\\gcswf32.dll","version":"11,1,102,62"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32.dll","version":"10,3,183,11"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"AVG Internet Security","path":"C:\\Users\\Beet\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\jmfkcklnlgedgbglfkkgedjfmejoahla\\12.0.0.1804_0\\plugins/avgnpss.dll","version":"12.0.0.1804"},{"enabled":true,"name":"AVG Internet Security"},{"enabled":true,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll","version":"10.1.2.45"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Java Deployment Toolkit 6.0.290.11","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll","version":"6.0.290.11"},{"enabled":true,"name":"Java™ Platform SE 6 U29","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll","version":"6.0.290.11"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"downloadUpdater","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.dll","version":"1.1.0.2"},{"enabled":true,"name":"downloadUpdater2","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.dll","version":"1.3.0.0"},{"enabled":true,"name":"downloadUpdater"},{"enabled":true,"name":"Windows Genuine Advantage","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npLegitCheckPlugin.dll","version":"1.9.0009.1"},{"enabled":true,"name":"Windows Genuine Advantage"},{"enabled":true,"name":"RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nppl3260.dll","version":"15.0.1.13"},{"enabled":true,"name":"RealPlayer Version Plugin","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nprpjplug.dll","version":"15.0.1.13"},{"enabled":true,"name":"RealPlayer™ HTML5VideoShim Plug-In (32-bit) ","path":"C:\\ProgramData\\Real\\RealPlayer\\BrowserRecordPlugin\\MozillaPlugins\\nprphtml5videoshim.dll","version":"15.0.1.13"},{"enabled":true,"name":"RealPlayer"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin2.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin3.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin4.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin5.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin6.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.1","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npqtplugin7.dll","version":"7.7.1 (1680.42)"},{"enabled":true,"name":"QuickTime"},{"enabled":true,"name":"RealJukebox NS Plugin","path":"C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\nprjplug.dll","version":"15.0.1.13"},{"enabled":true,"name":"RealJukebox NS Plugin"},{"enabled":true,"name":"PalmSource Package Installer","path":"C:\\PROGRA~2\\Palm\\PACKAG~1\\NPInstal.dll","version":"1, 5, 0, 4"},{"enabled":true,"name":"PalmSource Package Installer"},{"enabled":true,"name":"DictionaryBoss Installer Plugin Stub","path":"C:\\Program Files (x86)\\DictionaryBossEI\\Installr\\1.bin\\NPv4EISB.dll","version":"1, 0, 0, 0"},{"enabled":true,"name":"DictionaryBoss Installer Plugin Stub"},{"enabled":true,"name":"Google Earth Plugin","path":"C:\\Program Files (x86)\\Google\\Google Earth\\plugin\\npgeplugin.dll","version":"6.1.0.5001"},{"enabled":true,"name":"Google Earth Plugin"},{"enabled":true,"name":"Picasa","path":"C:\\Program Files (x86)\\Google\\Picasa3\\npPicasa3.dll","version":"3, 1, 0, 0"},{"enabled":true,"name":"Picasa"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.99\\npGoogleUpdate3.dll","version":"1.3.21.99"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"MetaStream 3 Plugin","path":"C:\\Program Files (x86)\\Viewpoint\\Viewpoint Experience Technology\\npViewpoint.dll","version":"3, 2, 2, 26"},{"enabled":true,"name":"MetaStream 3 Plugin"},{"enabled":true,"name":"WildTangent Games App Presence Detector","path":"C:\\Program Files (x86)\\WildTangent Games\\App\\BrowserIntegration\\Registered\\0\\NP_wtapp.dll","version":"4.0.5.4"},{"enabled":true,"name":"WildTangent Games App Presence Detector"},{"enabled":true,"name":"iTunes Application Detector","path":"C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll","version":"1.0.1.1"},{"enabled":true,"name":"iTunes Application Detector"},{"enabled":true,"name":"CANON iMAGE GATEWAY Album Plugin Utility","path":"C:\\Program Files\\Canon\\Easy-PhotoPrint EX\\NPEZFFPI.DLL","version":"3.0.5.0"},{"enabled":true,"name":"CANON iMAGE GATEWAY Album Plugin Utility"},{"enabled":true,"name":"RealNetworks™ Chrome Background Extension Plug-In (32-bit) ","path":"C:\\ProgramData\\Real\\RealPlayer\\BrowserRecordPlugin\\MozillaPlugins\\nprpchromebrowserrecordext.dll","version":"15.0.1.13"},{"enabled":true,"name":"RealNetworks™ Chrome Background Extension Plug-In (32-bit) "},{"enabled":true,"name":"Silverlight Plug-In","path":"c:\\Program Files (x86)\\Microsoft Silverlight\\4.1.10111.0\\npctrl.dll","version":"4.1.10111.0"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Default Plug-in"}]},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exited_cleanly":true,"id":"not-signed-in","multiple_profile_prefs_version":1,"name":"First user","nickname":"","per_host_zoom_levels":{"armorgames.com":2.0,"cheats.ign.com":2,"www.1001onlinegames.com":1.0,"www.crazymonkeygames.com":1.0,"www.facebook.com":2.223901033401489,"www.totaljerkface.com":2}},"savefile":{"default_directory":"C:\\Users\\Beet\\Pictures"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":["hxx
ps://isearch.avg.com/?cid={7D9E3A4D-41BB-4145-B4E0-5F8210C42EAA}&mid=3a95808a57c9ed398ec963829ea66a69-3308affe62616ec4461b9223cceda1400d42e01a&lang=en&ds=ft011&pr=sa&d=2012-10-03 13:24:55&v=12.2.5.34&sap=hp"]},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false}}

*************************

AdwCleaner[S1].txt - [81749 octets] - [14/10/2012 11:49:18]

########## EOF - C:\AdwCleaner[S1].txt - [81810 octets] ##########


Junkware 10-14-12


Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.7 (10.14.2012)
OS: Windows 7 Home Premium x64
Ran by Beet on Sun 10/14/2012 at 12:00:03.52
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.1049.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.1049.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/14/2012 at 12:16:30.02
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 AM

Posted 14 October 2012 - 01:30 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 george321

george321
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 15 October 2012 - 11:10 AM

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit





Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/15/2012 09:57:29 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Beet\Downloads\FSS(1).exe (PID: 6032) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Beet\Desktop\rkill\rkill-10-15-2012-09-58-01.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/15/2012 09:58:21 AM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)



"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files (x86)\canon\solutionmenu\cnslmain.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartMenu" "SmartMenu" "" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "HostManager" "AOL" "AOL Inc." "c:\program files (x86)\common files\aol\1312228912\ee\aolsoftware.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "NortonOnlineBackupReminder" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\activation\nobuactivation.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "UpdatePRCShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\recovery\muitransfer\muistartmenu.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma Loader.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "HotSync Manager.lnk" "HotSync® Manager Application" "PalmSource, Inc" "c:\program files (x86)\palm\hotsync.exe"
+ "PictureMover.lnk" "PictureMover Application" "Hewlett-Packard Company" "c:\program files (x86)\picturemover\bin\picturemover.exe"
+ "Ralink Wireless Utility.lnk" "RaUI MFC Application" "Ralink Technology, Corp." "c:\program files (x86)\ralink\common\raui.exe"
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files (x86)\secunia\psi\psi_tray.exe"
"C:\Users\Beet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.4.lnk" "" "" "c:\program files (x86)\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HPADVISOR" "HP Advisor" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp advisor\hpadvisor.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "NeroMobileAd" "Nero Mobile Advertisment" "Nero AG" "c:\program files (x86)\nero\nero 7\nero mobile\neromobilead.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "CShellStitcher Object" "Microsoft Image Composite Editor Shell Extension" "Microsoft Corporation" "c:\program files\microsoft research\image composite editor\shellextension.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip32.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip32.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip32.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files (x86)\nero\nero 7\nero backitup\nbshell.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AOL Toolbar Loader" "AOL Toolbar" "AOL Inc." "c:\program files (x86)\aol toolbar\aoltb.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Canon Easy-WebPrint EX BHO" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexbho.dll"
+ "hpBHO Class" "Homepage Protection" "AOL Products" "c:\program files (x86)\common files\homepage protection\homepageprotection.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "MHTBPos00 Class" "IE Toolbar Engine" "" "c:\program files (x86)\family toolbar\tbcore3.dll"
+ "Microsoft Live Search Toolbar Helper" "MSN® Shell Extender" "Microsoft Corp." "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "AOL Toolbar" "AOL Toolbar" "AOL Inc." "c:\program files (x86)\aol toolbar\aoltb.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Canon Easy-WebPrint EX" "Easy-WebPrint EX" "CANON INC." "c:\program files (x86)\canon\easy-webprint ex\ewpexhlp.dll"
+ "Microsoft Live Search Toolbar" "MSN® Shell Extender" "Microsoft Corp." "c:\program files (x86)\msn\toolbar\3.0.0560.0\msneshellx.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\avast! Emergency Update" "avast! Emergency Update" "AVAST Software" "c:\program files\avast software\avast\avastemupdate.exe"
+ "\BackUp_Maker-Beet" "Backup Software" "ASCOMP Software GmbH" "c:\program files (x86)\ascomp software\backup maker\bkmaker.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files (x86)\ccleaner\ccleaner.exe"
+ "\CLMLSvc" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe"
+ "\DVDAgent" "HP DVDSmart Resident Program" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\dvdagent.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpsfmessenger\hpsfmsgr.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" "HPTuneUp" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check" "HP Support Assistant Updater" "Hewlett-Packard" "c:\programdata\hewlett-packard\hp support framework\resources\updater\hpsfupdater.exe"
+ "\HPCeeScheduleForBeet" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\McAfee.com Update Check (Beet-Machine-Beet)" "" "" "File not found: C:\PROGRA~2\McAfee.com\Agent\mcupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDRScheduledMaintenance" "Hardware Diagnostic Tools" "PC-Doctor, Inc." "c:\program files\pc-doctor for windows\pcdr5cuiw32.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3947069001-978379417-1703279084-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3947069001-978379417-1703279084-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\{3A125B69-C636-4E9A-9489-24B4776E9BC0}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.6\aol.exe"
+ "\{5B93CA70-EF9F-4D69-8765-074123625309}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.7\aol.exe"
+ "\{885AD7A2-C0B7-4834-BA55-77A470F51A2B}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.7\aol.exe"
+ "\{88C7481D-C397-4B5A-88EA-D5868DC2C636}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.7\aol.exe"
+ "\{B0E05AEF-15D5-4B27-B018-8DD726C6CF4F}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.6\aol.exe"
+ "\{B83CF515-F16C-47FE-877E-0F046A34A57F}" "AOL Software" "AOL Inc." "c:\program files (x86)\aol desktop 9.7\aol.exe"
+ "\{D1ABAEA7-E5D8-4243-B28C-F455CBC4F901}" "" "" "File not found: C:\Daemon Tools\Daemon.Tools.Pro.4.10.0218.Advanced.Version\Setup\DTPro4100218Advanced.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agr64svc.exe"
+ "AOL ACS" "Connectivity engine for America Online" "AOL LLC" "c:\program files (x86)\common files\aol\acs\aolacsd.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Freemake Improver" "Freemake Improver" "Freemake" "c:\programdata\freemake\freemakeutilsservice\freemakeutilsservice.exe"
+ "FreemakeVideoCapture" "CaptureLibService" "Freemake" "c:\program files (x86)\freemake\capturelib\capturelibservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files (x86)\canon\ijplm\ijplmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, CD/DVD or FTP." "Nero AG" "c:\program files (x86)\nero\nero 7\nero backitup\nbservice.exe"
+ "RalinkRegistryWriter" "RalinkRegistryWriter" "Ralink Technology, Corp." "c:\program files (x86)\ralink\common\raregistry.exe"
+ "RalinkRegistryWriter64" "RalinkRegistryWriter" "Ralink Technology, Corp." "c:\program files (x86)\ralink\common\raregistry64.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\psia.exe"
+ "Secunia Update Agent" "Performs routine updates of selected software on the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files (x86)\secunia\psi\sua.exe"
+ "sprtlisten" "sprtlisten Module" "SupportSoft, Inc." "c:\program files (x86)\common files\supportsoft\bin\sprtlisten.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files (x86)\common files\supportsoft\bin\ssrc.exe"
+ "vToolbarUpdater12.2.6" "" "" "File not found: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WiseBootAssistant" "In order to optimize system performance,Wise Care 365 will canculate your system startup time." "WiseCleaner.com" "c:\program files (x86)\wise\wise care 365\boottime.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "atksgt" "" "" "c:\windows\system32\drivers\atksgt.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "" "File not found: system32\DRIVERS\AVGIDSDriver.Sys"
+ "AVGIDSEH" "AVG Technologies IDS Application Activity Monitor Helper Driver" "" "File not found: system32\DRIVERS\AVGIDSEH.Sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "" "File not found: system32\DRIVERS\AVGIDSFilter.Sys"
+ "Avgldx64" "" "" "File not found: system32\DRIVERS\avgldx64.sys"
+ "Avgmfx64" "" "" "File not found: system32\DRIVERS\avgmfx64.sys"
+ "Avgrkx64" "" "" "File not found: system32\DRIVERS\avgrkx64.sys"
+ "Avgtdia" "" "" "File not found: system32\DRIVERS\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "lirsgt" "" "" "c:\windows\system32\drivers\lirsgt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "netr28ux" "Ralink 802.11n Wireless Adapter Driver" "Ralink Technology Corp." "c:\windows\system32\drivers\netr28ux.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "npf" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{F36B3A4C-F95654BD-06000000}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "SCSI Pass Through Direct Host" "Duplex Secure Ltd." "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VBoxDrv" "VirtualBox Support Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxdrv.sys"
+ "VBoxNetAdp" "VirtualBox Host-Only Network Adapter Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt" "VirtualBox Bridged Networking Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxnetflt.sys"
+ "VBoxUSBMon" "VirtualBox USB Monitor Driver" "Oracle Corporation" "c:\windows\system32\drivers\vboxusbmon.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wanatw" "Wan Miniport (ATW)" "America Online, Inc." "c:\windows\system32\drivers\wanatw64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.KMVC" "" "" "File not found: KMVIDC32.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ArcGetDataSample" "ArcGetDataSample" "arcsoft" "c:\program files (x86)\palm\photodesktop\arcgetdatasample.ax"
+ "ArcPutDataSample" "ArcGetDataSample" "arcsoft" "c:\program files (x86)\palm\photodesktop\arcputdatasample.ax"
+ "ArcSoft AAC Decoder" "ArcSoft AAC Decoder" "ArcSoft Inc." "c:\program files (x86)\palm\photodesktop\aacdecode.ax"
+ "Arcsoft AMRDecoder" "AMRDecoder" "ArcSoft" "c:\program files (x86)\palm\photodesktop\amrdecoder.ax"
+ "ArcSoft Deinterlace" "deinterlace" "ArcSoft" "c:\program files (x86)\palm\photodesktop\deinterlace.ax"
+ "ArcSoft H.264 Decoder" "ArcSoft H.264 Decoder (Filter) eval" "ArcSoft" "c:\program files (x86)\palm\photodesktop\h264decfilter.ax"
+ "ArcSoft MP4 Splitter" "ArcSoft MP4 Splitter Filter " "ArcSoft Co. (hangzhou, PRC)" "c:\program files (x86)\palm\photodesktop\mp4splitter.ax"
+ "ArcSoft MPEG Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files (x86)\palm\photodesktop\mpgaudio.ax"
+ "ArcSoft Mpeg Encoder Filter" "" "ArcSoft" "c:\program files (x86)\palm\photodesktop\arcmpegcodec.ax"
+ "ArcSoft MPEG Splitter" "MPGSplitter Filter" "ArcSoft, Inc." "c:\program files (x86)\palm\photodesktop\arcspl.ax"
+ "ArcSoft MPEG Video Decoder" "ArcSoft Mpeg Video Decoder Filter" "ArcSoft Inc." "c:\program files (x86)\palm\photodesktop\mpgvideo.ax"
+ "ArcSoft MPEG4 Decoder" "ArcSoft MPEG4 Video Decoder (Filter)" "Arcsoft" "c:\program files (x86)\palm\photodesktop\mp4decoder.ax"
+ "ArcSoft MPEG4 Decoder" "ArcSoft H.263 Video Decoder (Filter)" "Arcsoft" "c:\program files (x86)\palm\photodesktop\h263dec.ax"
+ "Arcsoft QCELPDecoder" "ArcSoft QCELP Decoder" "ArcSoft" "c:\program files (x86)\palm\photodesktop\qcelpdecoder.ax"
+ "ArcSoft Video Decoder" "ArcSoft Video Decoder" "ArcSoft Inc." "c:\program files (x86)\palm\photodesktop\uasvid.ax"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrevr.dll"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (HP)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer (HP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clnavx.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsrc.ax"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmptsreg.ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink SubTitle Importor (HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsubtitle.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink TS Filter Filter" "TSFF" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsff.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "CyberLink Volume Meter" "CLVolumeMeter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\hpvolumemeter.ax"
+ "CyberLink WMV Dumper(HP)" "CLWMVDum Dynamic Link Library" "" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmwmvdump.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero 7\nero vision\nvdv.dll"
+ "File Dump" "FileDump DLL" "ArcSoft Inc." "c:\program files (x86)\palm\photodesktop\filedump.ax"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "" "c:\program files (x86)\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "" "c:\program files (x86)\common files\ahead\dsfilter\hmnavigator.ax"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Processor" "Nero Audio Processor" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudioconv.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files (x86)\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nefsource.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files (x86)\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero3D Text Effect" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero3D Transition" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero3D Video Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesoundswitch.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PCM Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraud.ax"
+ "PCM Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudenc.ax"
+ "PCM Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraursmpl.ax"
+ "PCM Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdump.ax"
+ "PCM MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgmux.ax"
+ "PCM MPEG Splitter" "PCM MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrm2splter.ax"
+ "PCM MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc2.ax"
+ "PCM RTP Source Filter" "RTP Source Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrrtpsrc.ax"
+ "PCM SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsshot.ax"
+ "PCM Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvidfx.ax"
+ "PCM Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrresample.ax"
+ "PCM Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvsd.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmravi_audtr.ax"
+ "TimeShift2.0 Client Filter" "Timeshift2.0 Filter" "Arcsoft Inc." "c:\program files (x86)\palm\photodesktop\timeshift2.ax"
+ "TimeShift2.0 Server Filter" "Timeshift2.0 Filter" "Arcsoft Inc." "c:\program files (x86)\palm\photodesktop\timeshift2.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "" "" "File not found: C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "AnyDiscHelp.dll" "" "" "File not found: AnyDiscHelp.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\system32\FTBSaver.scr" "" "" "File not found: C:\Windows\system32\FTBSaver.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP560 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma0.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"C:\Users\Beet\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\Gadget.xml"

**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 AM

Posted 15 October 2012 - 11:34 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 george321

george321
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Local time:11:53 PM

Posted 15 October 2012 - 03:24 PM

Thanks very much for your help. It really is appreciated.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:53 AM

Posted 15 October 2012 - 03:24 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users