Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't seem to get rid of existing malware


  • This topic is locked This topic is locked
8 replies to this topic

#1 kaolite

kaolite

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 25 October 2012 - 10:34 AM

So for the past few days my Dell Inspiron 1525 laptop has been randomly freezing. I started running malware software on it but now it seems if I try to run any program it'll freeze. Pointer just rotates showing it's thinking but nothing happens. I know part of it is the Coupon Printer junk, I dled JRT to deal with that but it doesn't seem to have worked. I have the log of it. Anytime I try to run Malware Bytes or Spy Bot, it freezes.

Im actually posting this from my phone since I wasn't able to use my laptop for more then a few minutes without it freezing. Also though Im fully connected to my wireless, FireFox won't open any new webpages, just the normal start up page. It says it's trying to connect but the page never loads.

Any help with this would be greatly appreciated!

BC AdBot (Login to Remove)

 


#2 kaolite

kaolite
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 25 October 2012 - 12:59 PM

Sorry for the double post since I still cant access my net I can't edit my thread, seems that isnt available on my phone, but I forgot to include somethings in my first post.

I ran TDSSKiller and it found nothing. Also Im using Vista. I also cant seem to get my laptop to boot into safe mode. It loads all the files but then restarts itself and loads Windows normally. No idea why its doing this.

Edit: Ok finally got my laptop to boot into Safe Mode, ran Malware Bytes and Spy Bot, both found nothing. Not sure why but I'm able to access the internet again.

Though it appears to be running fine now I still have no idea what caused it and still would like some help figuring it out. Spyware no longer seems to be the issue.

Edited by kaolite, 25 October 2012 - 03:28 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:40 AM

Posted 25 October 2012 - 08:37 PM

Hello, please post the JRT log/

For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.



OR


Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.



If needed : type these one line at a time, press enter after each line. See if it works after each.


netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns



We Need to Repair Safe Mode
  • Please download Safe Boot Key Repair and save it to your desktop.
  • Open Posted Image on your desktop.
  • Copy and paste the resultant log here in your next reply.


Now try to run these..

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



ADW Cleaner



Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.


    ESET ONLINE






    Finally,I'd like us to scan your machine with ESET OnlineScan
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the Posted Image button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      • Double click on the Posted Image
        icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 kaolite

kaolite
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 27 October 2012 - 08:58 AM

Sorry, I didnt get an email that this had been replied too. Ill try downloading all that via safe mode since when I run Windows it freezes 2 minutes in. Ill try my best to post the logs as well.

Here's a few of logs before I run AdwCleaner

JRT

Junkware Removal Tool (JRT) by Thisisu
Version: 2.1.4 (10.25.2012)
OS: Windows Vista ™ Home Premium x86
Ran by Britt on Sat 10/27/2012 at 10:00:59.86
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Successfully deleted: [search-here.xml] from C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\searchplugins
Failed to delete: [babylon.xml] from "C:\Program Files\mozilla firefox\searchplugins"
Failed to delete: [search.xml] from "C:\Program Files\mozilla firefox\searchplugins"


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sat 10/27/2012 at 10:05:04.19
End of Report

Rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/27/2012 10:10:45 AM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/27/2012 10:10:52 AM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)

TDSSKiller

10:12:12.0508 0524 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
10:12:14.0115 0524 ============================================================
10:12:14.0130 0524 Current date / time: 2012/10/27 10:12:14.0115
10:12:14.0130 0524 SystemInfo:
10:12:14.0130 0524
10:12:14.0130 0524 OS Version: 6.0.6002 ServicePack: 2.0
10:12:14.0130 0524 Product type: Workstation
10:12:14.0130 0524 ComputerName: HAMILITON
10:12:14.0130 0524 UserName: Britt
10:12:14.0130 0524 Windows directory: C:\Windows
10:12:14.0130 0524 System windows directory: C:\Windows
10:12:14.0130 0524 Processor architecture: Intel x86
10:12:14.0130 0524 Number of processors: 2
10:12:14.0130 0524 Page size: 0x1000
10:12:14.0130 0524 Boot type: Safe boot with network
10:12:14.0130 0524 ============================================================
10:12:14.0629 0524 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:12:14.0629 0524 ============================================================
10:12:14.0629 0524 \Device\Harddisk0\DR0:
10:12:14.0629 0524 MBR partitions:
10:12:14.0629 0524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
10:12:14.0629 0524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x1B929168
10:12:14.0661 0524 ============================================================
10:12:14.0723 0524 C: <-> \Device\Harddisk0\DR0\Partition2
10:12:14.0770 0524 D: <-> \Device\Harddisk0\DR0\Partition1
10:12:14.0770 0524 ============================================================
10:12:14.0770 0524 Initialize success
10:12:14.0770 0524 ============================================================
10:12:40.0011 1816 ============================================================
10:12:40.0011 1816 Scan started
10:12:40.0011 1816 Mode: Manual; TDLFS;
10:12:40.0011 1816 ============================================================
10:12:40.0198 1816 ================ Scan services =============================
10:12:40.0369 1816 [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:12:40.0369 1816 ACPI - ok
10:12:40.0479 1816 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:12:40.0479 1816 AdobeARMservice - ok
10:12:40.0541 1816 [ 44c00a385ca9dbc1d5cf3781f8c26aea ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:12:40.0541 1816 AdobeFlashPlayerUpdateSvc - ok
10:12:40.0588 1816 [ 04f0fcac69c7c71a3ac4eb97fafc8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:12:40.0588 1816 adp94xx - ok
10:12:40.0603 1816 [ 60505e0041f7751bdbb80f88bf45c2ce ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:12:40.0619 1816 adpahci - ok
10:12:40.0619 1816 [ 8a42779b02aec986eab64ecfc98f8bd7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:12:40.0635 1816 adpu160m - ok
10:12:40.0635 1816 [ 241c9e37f8ce45ef51c3de27515ca4e5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:12:40.0650 1816 adpu320 - ok
10:12:40.0681 1816 [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:12:40.0681 1816 AeLookupSvc - ok
10:12:40.0713 1816 [ ef1142512bec12f1c2c87735da1755be ] AESTFilters C:\Windows\system32\aestsrv.exe
10:12:40.0713 1816 AESTFilters - ok
10:12:40.0775 1816 [ 3911b972b55fea0478476b2e777b29fa ] AFD C:\Windows\system32\drivers\afd.sys
10:12:40.0775 1816 AFD - ok
10:12:40.0822 1816 [ 13f9e33747e6b41a3ff305c37db0d360 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:12:40.0837 1816 agp440 - ok
10:12:40.0869 1816 [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:12:40.0869 1816 aic78xx - ok
10:12:40.0884 1816 [ a1545b731579895d8cc44fc0481c1192 ] ALG C:\Windows\System32\alg.exe
10:12:40.0884 1816 ALG - ok
10:12:40.0900 1816 [ 9eaef5fc9b8e351afa7e78a6fae91f91 ] aliide C:\Windows\system32\drivers\aliide.sys
10:12:40.0900 1816 aliide - ok
10:12:40.0915 1816 [ c47344bc706e5f0b9dce369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:12:40.0915 1816 amdagp - ok
10:12:40.0947 1816 [ 9b78a39a4c173fdbc1321e0dd659b34c ] amdide C:\Windows\system32\drivers\amdide.sys
10:12:40.0947 1816 amdide - ok
10:12:40.0962 1816 [ 18f29b49ad23ecee3d2a826c725c8d48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:12:40.0962 1816 AmdK7 - ok
10:12:40.0978 1816 [ 93ae7f7dd54ab986a6f1a1b37be7442d ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:12:40.0993 1816 AmdK8 - ok
10:12:41.0025 1816 [ a80230bd04f0b8bf05185b369bb1cbb8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
10:12:41.0025 1816 ApfiltrService - ok
10:12:41.0040 1816 [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo C:\Windows\System32\appinfo.dll
10:12:41.0040 1816 Appinfo - ok
10:12:41.0087 1816 [ 5d2888182fb46632511acee92fdad522 ] arc C:\Windows\system32\drivers\arc.sys
10:12:41.0087 1816 arc - ok
10:12:41.0087 1816 [ 5e2a321bd7c8b3624e41fdec3e244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:12:41.0103 1816 arcsas - ok
10:12:41.0118 1816 [ 598daf89e7b2ad88ff6511cb9c4ba61a ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
10:12:41.0118 1816 aswFsBlk - ok
10:12:41.0165 1816 [ 7233224b8a2081cdb684826056b89561 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:12:41.0165 1816 aswMonFlt - ok
10:12:41.0212 1816 [ 816c6dcd6bf930c8fd8f68137e1bddc4 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
10:12:41.0212 1816 aswRdr - ok
10:12:41.0243 1816 [ 6c8b09e245795e98b6bcc983d0aa4d26 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:12:41.0259 1816 aswSnx - ok
10:12:41.0290 1816 [ 437e3f4b4529aa616d4979a2b74cf8c5 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:12:41.0305 1816 aswSP - ok
10:12:41.0352 1816 [ bd07c8162c7fad38fe4aaae18e835216 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:12:41.0352 1816 aswTdi - ok
10:12:41.0368 1816 [ 53b202abee6455406254444303e87be1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:12:41.0368 1816 AsyncMac - ok
10:12:41.0399 1816 [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi C:\Windows\system32\drivers\atapi.sys
10:12:41.0399 1816 atapi - ok
10:12:41.0430 1816 [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:12:41.0446 1816 AudioEndpointBuilder - ok
10:12:41.0493 1816 [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:12:41.0493 1816 Audiosrv - ok
10:12:41.0555 1816 [ fb05ff189fc5f57de636315b1f5e56db ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:12:41.0571 1816 avast! Antivirus - ok
10:12:41.0602 1816 BCM42RLY - ok
10:12:41.0649 1816 [ cdf7f28ffd693b1b4137845dd1ef1ccc ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
10:12:41.0664 1816 BCM43XX - ok
10:12:41.0695 1816 [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:12:41.0711 1816 Beep - ok
10:12:41.0742 1816 [ c789af0f724fda5852fb9a7d3a432381 ] BFE C:\Windows\System32\bfe.dll
10:12:41.0758 1816 BFE - ok
10:12:41.0851 1816 [ 93952506c6d67330367f7e7934b6a02f ] BITS C:\Windows\system32\qmgr.dll
10:12:41.0851 1816 BITS - ok
10:12:41.0867 1816 [ d4df28447741fd3d953526e33a617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:12:41.0867 1816 blbdrive - ok
10:12:41.0914 1816 [ 35f376253f687bde63976ccb3f2108ca ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:12:41.0914 1816 bowser - ok
10:12:41.0929 1816 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:12:41.0929 1816 BrFiltLo - ok
10:12:41.0945 1816 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:12:41.0945 1816 BrFiltUp - ok
10:12:41.0976 1816 [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser C:\Windows\System32\browser.dll
10:12:41.0976 1816 Browser - ok
10:12:42.0007 1816 [ b304e75cff293029eddf094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:12:42.0007 1816 Brserid - ok
10:12:42.0023 1816 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:12:42.0023 1816 BrSerWdm - ok
10:12:42.0054 1816 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:12:42.0054 1816 BrUsbMdm - ok
10:12:42.0070 1816 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:12:42.0070 1816 BrUsbSer - ok
10:12:42.0070 1816 BTCFilterService - ok
10:12:42.0085 1816 [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:12:42.0101 1816 BTHMODEM - ok
10:12:42.0148 1816 [ 7add03e75beb9e6dd102c3081d29840a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:12:42.0148 1816 cdfs - ok
10:12:42.0195 1816 [ 6b4bffb9becd728097024276430db314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:12:42.0195 1816 cdrom - ok
10:12:42.0241 1816 [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc C:\Windows\System32\certprop.dll
10:12:42.0241 1816 CertPropSvc - ok
10:12:42.0288 1816 [ e5d4133f37219dbcfe102bc61072589d ] circlass C:\Windows\system32\drivers\circlass.sys
10:12:42.0288 1816 circlass - ok
10:12:42.0335 1816 [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS C:\Windows\system32\CLFS.sys
10:12:42.0335 1816 CLFS - ok
10:12:42.0413 1816 [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:12:42.0413 1816 clr_optimization_v2.0.50727_32 - ok
10:12:42.0475 1816 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:12:42.0507 1816 clr_optimization_v4.0.30319_32 - ok
10:12:42.0538 1816 [ 99afc3795b58cc478fbbbcdc658fcb56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:12:42.0538 1816 CmBatt - ok
10:12:42.0678 1816 [ 907324001ae25ac5959c91eaa34cabae ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
10:12:42.0756 1816 cmdAgent - ok
10:12:42.0819 1816 [ 22d54351b7a2c94814d00faa502ff381 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
10:12:42.0834 1816 cmdGuard - ok
10:12:42.0850 1816 [ ffb59cad4be8c317624d40959a48a5db ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
10:12:42.0850 1816 cmdHlp - ok
10:12:42.0912 1816 [ 0ca25e686a4928484e9fdabd168ab629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:12:42.0912 1816 cmdide - ok
10:12:42.0928 1816 [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:12:42.0928 1816 Compbatt - ok
10:12:42.0959 1816 COMSysApp - ok
10:12:43.0115 1816 cpuz134 - ok
10:12:43.0131 1816 [ 741e9dff4f42d2d8477d0fc1dc0df871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:12:43.0131 1816 crcdisk - ok
10:12:43.0162 1816 [ 1f07becdca750766a96cda811ba86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:12:43.0162 1816 Crusoe - ok
10:12:43.0224 1816 [ f1e8c34892336d33eddcdfe44e474f64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:12:43.0224 1816 CryptSvc - ok
10:12:43.0271 1816 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:12:43.0287 1816 DcomLaunch - ok
10:12:43.0318 1816 [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:12:43.0318 1816 DfsC - ok
10:12:43.0411 1816 [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR C:\Windows\system32\DFSR.exe
10:12:43.0474 1816 DFSR - ok
10:12:43.0583 1816 [ 9028559c132146fb75eb7acf384b086a ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:12:43.0583 1816 Dhcp - ok
10:12:43.0599 1816 [ 5d4aefc3386920236a548271f8f1af6a ] disk C:\Windows\system32\drivers\disk.sys
10:12:43.0599 1816 disk - ok
10:12:43.0645 1816 [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:12:43.0645 1816 Dnscache - ok
10:12:43.0723 1816 [ 13511564cac5a005255765e322c16967 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
10:12:43.0723 1816 DockLoginService - ok
10:12:43.0770 1816 [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:12:43.0770 1816 dot3svc - ok
10:12:43.0801 1816 [ 4f59c172c094e1a1d46463a8dc061cbd ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:12:43.0801 1816 Dot4 - ok
10:12:43.0833 1816 [ 80bf3ba09f6f2523c8f6b7cc6dbf7bd5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:12:43.0833 1816 Dot4Print - ok
10:12:43.0864 1816 [ c55004ca6b419b6695970dfe849b122f ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:12:43.0864 1816 dot4usb - ok
10:12:43.0911 1816 [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS C:\Windows\system32\dps.dll
10:12:43.0911 1816 DPS - ok
10:12:43.0942 1816 [ 97fef831ab90bee128c9af390e243f80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:12:43.0942 1816 drmkaud - ok
10:12:43.0989 1816 [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:12:44.0020 1816 DXGKrnl - ok
10:12:44.0051 1816 [ 908ed85b7806e8af3af5e9b74f7809d4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
10:12:44.0067 1816 e1express - ok
10:12:44.0082 1816 [ 5425f74ac0c1dbd96a1e04f17d63f94c ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:12:44.0098 1816 E1G60 - ok
10:12:44.0113 1816 [ c0b95e40d85cd807d614e264248a45b9 ] EapHost C:\Windows\System32\eapsvc.dll
10:12:44.0113 1816 EapHost - ok
10:12:44.0145 1816 [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:12:44.0145 1816 Ecache - ok
10:12:44.0191 1816 [ 9be3744d295a7701eb425332014f0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:12:44.0207 1816 ehRecvr - ok
10:12:44.0223 1816 [ ad1870c8e5d6dd340c829e6074bf3c3f ] ehSched C:\Windows\ehome\ehsched.exe
10:12:44.0223 1816 ehSched - ok
10:12:44.0238 1816 [ c27c4ee8926e74aa72efcab24c5242c3 ] ehstart C:\Windows\ehome\ehstart.dll
10:12:44.0238 1816 ehstart - ok
10:12:44.0301 1816 [ 23b62471681a124889978f6295b3f4c6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:12:44.0316 1816 elxstor - ok
10:12:44.0394 1816 [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:12:44.0410 1816 EMDMgmt - ok
10:12:44.0425 1816 [ 3db974f3935483555d7148663f726c61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:12:44.0425 1816 ErrDev - ok
10:12:44.0519 1816 [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem C:\Windows\system32\es.dll
10:12:44.0519 1816 EventSystem - ok
10:12:44.0550 1816 [ 22b408651f9123527bcee54b4f6c5cae ] exfat C:\Windows\system32\drivers\exfat.sys
10:12:44.0550 1816 exfat - ok
10:12:44.0597 1816 [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:12:44.0597 1816 fastfat - ok
10:12:44.0628 1816 [ afe1e8b9782a0dd7fb46bbd88e43f89a ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:12:44.0628 1816 fdc - ok
10:12:44.0675 1816 [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:12:44.0675 1816 fdPHost - ok
10:12:44.0691 1816 [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:12:44.0691 1816 FDResPub - ok
10:12:44.0706 1816 [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:12:44.0706 1816 FileInfo - ok
10:12:44.0753 1816 [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:12:44.0753 1816 Filetrace - ok
10:12:44.0784 1816 [ 85b7cf99d532820495d68d747fda9ebd ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:12:44.0784 1816 flpydisk - ok
10:12:44.0815 1816 [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:12:44.0815 1816 FltMgr - ok
10:12:44.0878 1816 [ 8ce364388c8eca59b14b539179276d44 ] FontCache C:\Windows\system32\FntCache.dll
10:12:44.0909 1816 FontCache - ok
10:12:45.0003 1816 [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:12:45.0003 1816 FontCache3.0.0.0 - ok
10:12:45.0049 1816 [ b972a66758577e0bfd1de0f91aaa27b5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:12:45.0049 1816 Fs_Rec - ok
10:12:45.0112 1816 [ 34582a6e6573d54a07ece5fe24a126b5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:12:45.0112 1816 gagp30kx - ok
10:12:45.0159 1816 [ d3316f6e3c011435f36e3d6e49b3196c ] GoToAssist C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
10:12:45.0159 1816 GoToAssist - ok
10:12:45.0190 1816 [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc C:\Windows\System32\gpsvc.dll
10:12:45.0221 1816 gpsvc - ok
10:12:45.0252 1816 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:12:45.0268 1816 gupdate - ok
10:12:45.0299 1816 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:12:45.0299 1816 gupdatem - ok
10:12:45.0346 1816 [ c1b577b2169900f4cf7190c39f085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:12:45.0346 1816 gusvc - ok
10:12:45.0393 1816 [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:12:45.0408 1816 HDAudBus - ok
10:12:45.0424 1816 [ 1338520e78d90154ed6be8f84de5fceb ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:12:45.0439 1816 HidBth - ok
10:12:45.0455 1816 [ ff3160c3a2445128c5a6d9b076da519e ] HidIr C:\Windows\system32\drivers\hidir.sys
10:12:45.0455 1816 HidIr - ok
10:12:45.0549 1816 [ 84067081f3318162797385e11a8f0582 ] hidserv C:\Windows\System32\hidserv.dll
10:12:45.0549 1816 hidserv - ok
10:12:45.0580 1816 [ cca4b519b17e23a00b826c55716809cc ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:12:45.0580 1816 HidUsb - ok
10:12:45.0611 1816 [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:12:45.0611 1816 hkmsvc - ok
10:12:45.0658 1816 [ 16ee7b23a009e00d835cdb79574a91a6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:12:45.0658 1816 HpCISSs - ok
10:12:45.0689 1816 [ 46d67209550973257601a533e2ac5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:12:45.0736 1816 HSFHWAZL - ok
10:12:45.0783 1816 [ ec36f1d542ed4252390d446bf6d4dfd0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:12:45.0814 1816 HSF_DPV - ok
10:12:45.0892 1816 [ f870aa3e254628ebeafe754108d664de ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:12:45.0892 1816 HTTP - ok
10:12:45.0923 1816 [ c6b032d69650985468160fc9937cf5b4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:12:45.0923 1816 i2omp - ok
10:12:45.0954 1816 [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:12:45.0954 1816 i8042prt - ok
10:12:46.0032 1816 [ ae38a12f79a4980ddb88f36514f8a1da ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
10:12:46.0048 1816 IAANTMON - ok
10:12:46.0095 1816 [ 997e8f5939f2d12cd9f2e6b395724c16 ] iaStor C:\Windows\system32\drivers\iastor.sys
10:12:46.0110 1816 iaStor - ok
10:12:46.0126 1816 [ 54155ea1b0df185878e0fc9ec3ac3a14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:12:46.0141 1816 iaStorV - ok
10:12:46.0204 1816 [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:12:46.0235 1816 idsvc - ok
10:12:46.0313 1816 [ c134e69ce901422d1f2d7ea8d69098fe ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:12:46.0360 1816 igfx - ok
10:12:46.0407 1816 [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:12:46.0407 1816 iirsp - ok
10:12:46.0500 1816 [ 54e0f4ccd6ce99a807459af928dd64ac ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
10:12:46.0500 1816 IJPLMSVC - ok
10:12:46.0531 1816 [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT C:\Windows\System32\ikeext.dll
10:12:46.0547 1816 IKEEXT - ok
10:12:46.0594 1816 [ d9f7411dbc673dbcdf517192301c8530 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
10:12:46.0594 1816 inspect - ok
10:12:46.0656 1816 [ 98d303ccb3415e9202e82043b37d66dc ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:12:46.0656 1816 IntcHdmiAddService - ok
10:12:46.0719 1816 [ 83aa759f3189e6370c30de5dc5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
10:12:46.0719 1816 intelide - ok
10:12:46.0750 1816 [ 224191001e78c89dfa78924c3ea595ff ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:12:46.0750 1816 intelppm - ok
10:12:46.0812 1816 [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:12:46.0812 1816 IPBusEnum - ok
10:12:46.0828 1816 [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:12:46.0828 1816 IpFilterDriver - ok
10:12:46.0890 1816 [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:12:46.0890 1816 iphlpsvc - ok
10:12:46.0906 1816 IpInIp - ok
10:12:46.0921 1816 [ b25aaf203552b7b3491139d582b39ad1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:12:46.0921 1816 IPMIDRV - ok
10:12:46.0953 1816 [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:12:46.0953 1816 IPNAT - ok
10:12:46.0968 1816 [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:12:46.0968 1816 IRENUM - ok
10:12:46.0984 1816 [ 6c70698a3e5c4376c6ab5c7c17fb0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:12:46.0984 1816 isapnp - ok
10:12:47.0015 1816 [ 232fa340531d940aac623b121a595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:12:47.0015 1816 iScsiPrt - ok
10:12:47.0031 1816 [ bced60d16156e428f8df8cf27b0df150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:12:47.0046 1816 iteatapi - ok
10:12:47.0046 1816 [ 06fa654504a498c30adca8bec4e87e7e ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:12:47.0046 1816 iteraid - ok
10:12:47.0062 1816 [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:12:47.0062 1816 kbdclass - ok
10:12:47.0093 1816 [ ede59ec70e25c24581add1fbec7325f7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:12:47.0093 1816 kbdhid - ok
10:12:47.0109 1816 [ a3e186b4b935905b829219502557314e ] KeyIso C:\Windows\system32\lsass.exe
10:12:47.0124 1816 KeyIso - ok
10:12:47.0155 1816 [ 4a1445efa932a3baf5bdb02d7131ee20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:12:47.0155 1816 KSecDD - ok
10:12:47.0202 1816 [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:12:47.0202 1816 KtmRm - ok
10:12:47.0249 1816 [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer C:\Windows\System32\srvsvc.dll
10:12:47.0249 1816 LanmanServer - ok
10:12:47.0296 1816 [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:12:47.0296 1816 LanmanWorkstation - ok
10:12:47.0343 1816 [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:12:47.0343 1816 lltdio - ok
10:12:47.0374 1816 [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:12:47.0389 1816 lltdsvc - ok
10:12:47.0405 1816 [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:12:47.0405 1816 lmhosts - ok
10:12:47.0436 1816 [ c7e15e82879bf3235b559563d4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:12:47.0436 1816 LSI_FC - ok
10:12:47.0514 1816 [ ee01ebae8c9bf0fa072e0ff68718920a ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:12:47.0514 1816 LSI_SAS - ok
10:12:47.0530 1816 [ 912a04696e9ca30146a62afa1463dd5c ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:12:47.0530 1816 LSI_SCSI - ok
10:12:47.0561 1816 [ 8f5c7426567798e62a3b3614965d62cc ] luafv C:\Windows\system32\drivers\luafv.sys
10:12:47.0561 1816 luafv - ok
10:12:47.0577 1816 [ aef9babb8a506bc4ce0451a64aaded46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:12:47.0592 1816 Mcx2Svc - ok
10:12:47.0608 1816 mdmxsdk - ok
10:12:47.0639 1816 [ 0001ce609d66632fa17b84705f658879 ] megasas C:\Windows\system32\drivers\megasas.sys
10:12:47.0639 1816 megasas - ok
10:12:47.0670 1816 [ c252f32cd9a49dbfc25ecf26ebd51a99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:12:47.0686 1816 MegaSR - ok
10:12:47.0764 1816 Microsoft SharePoint Workspace Audit Service - ok
10:12:47.0795 1816 [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:12:47.0795 1816 MMCSS - ok
10:12:47.0811 1816 [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem C:\Windows\system32\drivers\modem.sys
10:12:47.0811 1816 Modem - ok
10:12:47.0811 1816 [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:12:47.0811 1816 monitor - ok
10:12:47.0826 1816 motccgp - ok
10:12:47.0826 1816 motccgpfl - ok
10:12:47.0826 1816 motmodem - ok
10:12:47.0842 1816 MotoSwitchService - ok
10:12:47.0842 1816 Motousbnet - ok
10:12:47.0842 1816 motusbdevice - ok
10:12:47.0873 1816 [ 5bf6a1326a335c5298477754a506d263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:12:47.0873 1816 mouclass - ok
10:12:47.0920 1816 [ 93b8d4869e12cfbe663915502900876f ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:12:47.0920 1816 mouhid - ok
10:12:47.0935 1816 [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:12:47.0935 1816 MountMgr - ok
10:12:47.0998 1816 [ 511d011289755dd9f9a7579fb0b064e6 ] mpio C:\Windows\system32\drivers\mpio.sys
10:12:47.0998 1816 mpio - ok
10:12:48.0013 1816 [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:12:48.0013 1816 mpsdrv - ok
10:12:48.0045 1816 [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc C:\Windows\system32\mpssvc.dll
10:12:48.0060 1816 MpsSvc - ok
10:12:48.0076 1816 [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:12:48.0076 1816 Mraid35x - ok
10:12:48.0123 1816 [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:12:48.0123 1816 MRxDAV - ok
10:12:48.0138 1816 [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:12:48.0138 1816 mrxsmb - ok
10:12:48.0185 1816 [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:12:48.0185 1816 mrxsmb10 - ok
10:12:48.0232 1816 [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:12:48.0247 1816 mrxsmb20 - ok
10:12:48.0279 1816 [ f70590424eefbf5c27a40c67afdb8383 ] msahci C:\Windows\system32\drivers\msahci.sys
10:12:48.0279 1816 msahci - ok
10:12:48.0294 1816 [ 4468b0f385a86ecddaf8d3ca662ec0e7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:12:48.0310 1816 msdsm - ok
10:12:48.0341 1816 [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC C:\Windows\System32\msdtc.exe
10:12:48.0341 1816 MSDTC - ok
10:12:48.0403 1816 [ a9927f4a46b816c92f461acb90cf8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:12:48.0403 1816 Msfs - ok
10:12:48.0450 1816 [ 0f400e306f385c56317357d6dea56f62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:12:48.0450 1816 msisadrv - ok
10:12:48.0481 1816 [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:12:48.0497 1816 MSiSCSI - ok
10:12:48.0497 1816 msiserver - ok
10:12:48.0559 1816 [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:12:48.0559 1816 MSKSSRV - ok
10:12:48.0606 1816 [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:12:48.0606 1816 MSPCLOCK - ok
10:12:48.0622 1816 [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:12:48.0622 1816 MSPQM - ok
10:12:48.0731 1816 [ b49456d70555de905c311bcda6ec6adb ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:12:48.0747 1816 MsRPC - ok
10:12:48.0778 1816 [ e384487cb84be41d09711c30ca79646c ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:12:48.0778 1816 mssmbios - ok
10:12:48.0809 1816 [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:12:48.0809 1816 MSTEE - ok
10:12:48.0856 1816 [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup C:\Windows\system32\Drivers\mup.sys
10:12:48.0856 1816 Mup - ok
10:12:48.0996 1816 [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent C:\Windows\system32\qagentRT.dll
10:12:48.0996 1816 napagent - ok
10:12:49.0043 1816 [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:12:49.0043 1816 NativeWifiP - ok
10:12:49.0090 1816 [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:12:49.0090 1816 NDIS - ok
10:12:49.0168 1816 [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:12:49.0168 1816 NdisTapi - ok
10:12:49.0168 1816 [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:12:49.0168 1816 Ndisuio - ok
10:12:49.0199 1816 [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:12:49.0199 1816 NdisWan - ok
10:12:49.0246 1816 [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:12:49.0246 1816 NDProxy - ok
10:12:49.0261 1816 [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:12:49.0261 1816 NetBIOS - ok
10:12:49.0293 1816 [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:12:49.0293 1816 netbt - ok
10:12:49.0324 1816 [ a3e186b4b935905b829219502557314e ] Netlogon C:\Windows\system32\lsass.exe
10:12:49.0324 1816 Netlogon - ok
10:12:49.0386 1816 [ c8052711daecc48b982434c5116ca401 ] Netman C:\Windows\System32\netman.dll
10:12:49.0386 1816 Netman - ok
10:12:49.0433 1816 [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm C:\Windows\System32\netprofm.dll
10:12:49.0433 1816 netprofm - ok
10:12:49.0527 1816 [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:12:49.0527 1816 NetTcpPortSharing - ok
10:12:49.0589 1816 [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:12:49.0589 1816 nfrd960 - ok
10:12:49.0605 1816 [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:12:49.0620 1816 NlaSvc - ok
10:12:49.0651 1816 [ b48dc6abcd3aeff8618350ccbdc6b09a ] npf C:\Windows\system32\drivers\npf.sys
10:12:49.0651 1816 npf - ok
10:12:49.0683 1816 [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:12:49.0683 1816 Npfs - ok
10:12:49.0698 1816 [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi C:\Windows\system32\nsisvc.dll
10:12:49.0698 1816 nsi - ok
10:12:49.0714 1816 [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:12:49.0714 1816 nsiproxy - ok
10:12:49.0761 1816 [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:12:49.0776 1816 Ntfs - ok
10:12:49.0823 1816 [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:12:49.0823 1816 ntrigdigi - ok
10:12:49.0870 1816 [ cf7e041663119e09d2e118521ada9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
10:12:49.0870 1816 NuidFltr - ok
10:12:49.0885 1816 [ c5dbbcda07d780bda9b685df333bb41e ] Null C:\Windows\system32\drivers\Null.sys
10:12:49.0885 1816 Null - ok
10:12:49.0901 1816 [ 2edf9e7751554b42cbb60116de727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:12:49.0901 1816 nvraid - ok
10:12:49.0917 1816 [ abed0c09758d1d97db0042dbb2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:12:49.0917 1816 nvstor - ok
10:12:49.0932 1816 [ 18bbdf913916b71bd54575bdb6eeac0b ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:12:49.0932 1816 nv_agp - ok
10:12:49.0948 1816 NwlnkFlt - ok
10:12:49.0948 1816 NwlnkFwd - ok
10:12:49.0979 1816 [ 19cac780b858822055f46c58a111723c ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
10:12:49.0995 1816 OEM02Dev - ok
10:12:49.0995 1816 [ 86326062a90494bdd79ce383511d7d69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
10:12:49.0995 1816 OEM02Vfx - ok
10:12:50.0026 1816 [ 6f310e890d46e246e0e261a63d9b36b4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:12:50.0026 1816 ohci1394 - ok
10:12:50.0104 1816 [ 9d10f99a6712e28f8acd5641e3a7ea6b ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:12:50.0104 1816 ose - ok
10:12:50.0275 1816 [ 358a9cca612c68eb2f07ddad4ce1d8d7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:12:50.0400 1816 osppsvc - ok
10:12:50.0494 1816 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:12:50.0509 1816 p2pimsvc - ok
10:12:50.0525 1816 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc C:\Windows\system32\p2psvc.dll
10:12:50.0525 1816 p2psvc - ok
10:12:50.0572 1816 [ 0fa9b5055484649d63c303fe404e5f4d ] Parport C:\Windows\system32\drivers\parport.sys
10:12:50.0572 1816 Parport - ok
10:12:50.0587 1816 [ b9c2b89f08670e159f7181891e449cd9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:12:50.0587 1816 partmgr - ok
10:12:50.0603 1816 [ 4f9a6a8a31413180d0fcb279ad5d8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:12:50.0603 1816 Parvdm - ok
10:12:50.0634 1816 [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc C:\Windows\System32\pcasvc.dll
10:12:50.0634 1816 PcaSvc - ok
10:12:50.0665 1816 [ 941dc1d19e7e8620f40bbc206981efdb ] pci C:\Windows\system32\drivers\pci.sys
10:12:50.0681 1816 pci - ok
10:12:50.0681 1816 [ 1636d43f10416aeb483bc6001097b26c ] pciide C:\Windows\system32\drivers\pciide.sys
10:12:50.0681 1816 pciide - ok
10:12:50.0712 1816 [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:12:50.0712 1816 pcmcia - ok
10:12:50.0759 1816 [ 807ff1dd6e1bdf8e7d2062fca0daecaf ] PCTCore C:\Windows\system32\drivers\PCTCore.sys
10:12:50.0775 1816 PCTCore - ok
10:12:50.0806 1816 [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:12:50.0837 1816 PEAUTH - ok
10:12:50.0915 1816 [ b1689df169143f57053f795390c99db3 ] pla C:\Windows\system32\pla.dll
10:12:50.0962 1816 pla - ok
10:12:51.0024 1816 [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:12:51.0024 1816 PlugPlay - ok
10:12:51.0087 1816 [ 80e85394d8cd7f84340b1c6f4b9d698f ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
10:12:51.0133 1816 PMBDeviceInfoProvider - ok
10:12:51.0180 1816 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:12:51.0180 1816 PNRPAutoReg - ok
10:12:51.0211 1816 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:12:51.0211 1816 PNRPsvc - ok
10:12:51.0243 1816 [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:12:51.0258 1816 PolicyAgent - ok
10:12:51.0289 1816 [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:12:51.0289 1816 PptpMiniport - ok
10:12:51.0305 1816 [ 2027293619dd0f047c584cf2e7df4ffd ] Processor C:\Windows\system32\drivers\processr.sys
10:12:51.0305 1816 Processor - ok
10:12:51.0352 1816 [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc C:\Windows\system32\profsvc.dll
10:12:51.0352 1816 ProfSvc - ok
10:12:51.0367 1816 [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
10:12:51.0367 1816 ProtectedStorage - ok
10:12:51.0461 1816 [ 99514faa8df93d34b5589187db3aa0ba ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:12:51.0461 1816 PSched - ok
10:12:51.0539 1816 [ 40fedd328f98245ad201cf5f9f311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
10:12:51.0539 1816 PxHelp20 - ok
10:12:51.0586 1816 [ 0a6db55afb7820c99aa1f3a1d270f4f6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:12:51.0633 1816 ql2300 - ok
10:12:51.0664 1816 [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:12:51.0664 1816 ql40xx - ok
10:12:51.0695 1816 [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE C:\Windows\system32\qwave.dll
10:12:51.0711 1816 QWAVE - ok
10:12:51.0711 1816 [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:12:51.0711 1816 QWAVEdrv - ok
10:12:51.0804 1816 [ e642b131fb74caf4bb8a014f31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
10:12:51.0882 1816 R300 - ok
10:12:51.0913 1816 [ 147d7f9c556d259924351feb0de606c3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:12:51.0929 1816 RasAcd - ok
10:12:51.0945 1816 [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto C:\Windows\System32\rasauto.dll
10:12:51.0945 1816 RasAuto - ok
10:12:51.0945 1816 [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:12:51.0945 1816 Rasl2tp - ok
10:12:52.0023 1816 [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan C:\Windows\System32\rasmans.dll
10:12:52.0023 1816 RasMan - ok
10:12:52.0069 1816 [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:12:52.0069 1816 RasPppoe - ok
10:12:52.0101 1816 [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:12:52.0101 1816 RasSstp - ok
10:12:52.0132 1816 [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:12:52.0132 1816 rdbss - ok
10:12:52.0179 1816 [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:12:52.0179 1816 RDPCDD - ok
10:12:52.0194 1816 [ fbc0bacd9c3d7f6956853f64a66e252d ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:12:52.0194 1816 rdpdr - ok
10:12:52.0210 1816 [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:12:52.0225 1816 RDPENCDD - ok
10:12:52.0257 1816 [ c127ebd5afab31524662c48dfceb773a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:12:52.0257 1816 RDPWD - ok
10:12:52.0288 1816 [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:12:52.0288 1816 RemoteAccess - ok
10:12:52.0319 1816 [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:12:52.0319 1816 RemoteRegistry - ok
10:12:52.0350 1816 [ 355aac141b214bef1dbc1483afd9bd50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
10:12:52.0350 1816 rimmptsk - ok
10:12:52.0366 1816 [ a4216c71dd4f60b26418ccfd99cd0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
10:12:52.0366 1816 rimsptsk - ok
10:12:52.0366 1816 RimUsb - ok
10:12:52.0428 1816 [ d9b34325ee5df78b8f28a3de9f577c7d ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
10:12:52.0428 1816 RimVSerPort - ok
10:12:52.0444 1816 [ d231b577024aa324af13a42f3a807d10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
10:12:52.0444 1816 rismxdp - ok
10:12:52.0475 1816 [ 75e8a6bfa7374aba833ae92bf41ae4e6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
10:12:52.0475 1816 ROOTMODEM - ok
10:12:52.0537 1816 [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator C:\Windows\system32\locator.exe
10:12:52.0537 1816 RpcLocator - ok
10:12:52.0569 1816 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs C:\Windows\system32\rpcss.dll
10:12:52.0569 1816 RpcSs - ok
10:12:52.0615 1816 [ 9c508f4074a39e8b4b31d27198146fad ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:12:52.0615 1816 rspndr - ok
10:12:52.0662 1816 [ a3e186b4b935905b829219502557314e ] SamSs C:\Windows\system32\lsass.exe
10:12:52.0662 1816 SamSs - ok
10:12:52.0678 1816 [ 3ce8f073a557e172b330109436984e30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:12:52.0678 1816 sbp2port - ok
10:12:52.0787 1816 [ 794d4b48dfb6e999537c7c3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
10:12:52.0818 1816 SBSDWSCService - ok
10:12:52.0865 1816 [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:12:52.0881 1816 SCardSvr - ok
10:12:52.0943 1816 [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule C:\Windows\system32\schedsvc.dll
10:12:52.0943 1816 Schedule - ok
10:12:52.0974 1816 [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:12:52.0974 1816 SCPolicySvc - ok
10:12:53.0021 1816 [ 8f36b54688c31eed4580129040c6a3d3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:12:53.0021 1816 sdbus - ok
10:12:53.0099 1816 [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:12:53.0099 1816 SDRSVC - ok
10:12:53.0146 1816 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:12:53.0146 1816 secdrv - ok
10:12:53.0161 1816 [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon C:\Windows\system32\seclogon.dll
10:12:53.0177 1816 seclogon - ok
10:12:53.0193 1816 [ a9bbab5759771e523f55563d6cbe140f ] SENS C:\Windows\system32\sens.dll
10:12:53.0193 1816 SENS - ok
10:12:53.0208 1816 [ 68e44e331d46f0fb38f0863a84cd1a31 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:12:53.0208 1816 Serenum - ok
10:12:53.0255 1816 [ c70d69a918b178d3c3b06339b40c2e1b ] Serial C:\Windows\system32\drivers\serial.sys
10:12:53.0255 1816 Serial - ok
10:12:53.0271 1816 [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:12:53.0286 1816 sermouse - ok
10:12:53.0302 1816 [ d2193326f729b163125610dbf3e17d57 ] SessionEnv C:\Windows\system32\sessenv.dll
10:12:53.0317 1816 SessionEnv - ok
10:12:53.0364 1816 [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
10:12:53.0364 1816 sffdisk - ok
10:12:53.0364 1816 [ e95d451f7ea3e583aec75f3b3ee42dc5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:12:53.0364 1816 sffp_mmc - ok
10:12:53.0395 1816 [ 9f66a46c55d6f1ccabc79bb7afccc545 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
10:12:53.0395 1816 sffp_sd - ok
10:12:53.0395 1816 [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:12:53.0411 1816 sfloppy - ok
10:12:53.0489 1816 [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:12:53.0489 1816 SharedAccess - ok
10:12:53.0583 1816 [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:12:53.0583 1816 ShellHWDetection - ok
10:12:53.0645 1816 [ 1d76624a09a054f682d746b924e2dbc3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:12:53.0645 1816 sisagp - ok
10:12:53.0707 1816 [ 43cb7aa756c7db280d01da9b676cfde2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:12:53.0707 1816 SiSRaid2 - ok
10:12:53.0723 1816 [ a99c6c8b0baa970d8aa59ddc50b57f94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:12:53.0723 1816 SiSRaid4 - ok
10:12:53.0832 1816 [ f07af60b152221472fbdb2fecec4896d ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:12:53.0832 1816 SkypeUpdate - ok
10:12:53.0988 1816 [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc C:\Windows\system32\SLsvc.exe
10:12:54.0082 1816 slsvc - ok
10:12:54.0144 1816 [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:12:54.0144 1816 SLUINotify - ok
10:12:54.0175 1816 [ 7b75299a4d201d6a6533603d6914ab04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:12:54.0175 1816 Smb - ok
10:12:54.0207 1816 [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:12:54.0207 1816 SNMPTRAP - ok
10:12:54.0222 1816 [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr C:\Windows\system32\drivers\spldr.sys
10:12:54.0238 1816 spldr - ok
10:12:54.0269 1816 [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler C:\Windows\System32\spoolsv.exe
10:12:54.0269 1816 Spooler - ok
10:12:54.0300 1816 sprtsvc_dellsupportcenter - ok
10:12:54.0347 1816 [ 54902536aad0e9b99bc65f89c0caf93f ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:12:54.0347 1816 SQLWriter - ok
10:12:54.0378 1816 [ 41987f9fc0e61adf54f581e15029ad91 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:12:54.0378 1816 srv - ok
10:12:54.0425 1816 [ ff33aff99564b1aa534f58868cbe41ef ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:12:54.0425 1816 srv2 - ok
10:12:54.0456 1816 [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:12:54.0472 1816 srvnet - ok
10:12:54.0519 1816 [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:12:54.0519 1816 SSDPSRV - ok
10:12:54.0581 1816 [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:12:54.0597 1816 SstpSvc - ok
10:12:54.0628 1816 [ 6a2a5e809c2c0178326d92b19ee4aad3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
10:12:54.0628 1816 STHDA - ok
10:12:54.0675 1816 [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc C:\Windows\System32\wiaservc.dll
10:12:54.0675 1816 stisvc - ok
10:12:54.0706 1816 [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:12:54.0706 1816 swenum - ok
10:12:54.0737 1816 [ f21fd248040681cca1fb6c9a03aaa93d ] swprv C:\Windows\System32\swprv.dll
10:12:54.0737 1816 swprv - ok
10:12:54.0768 1816 [ 192aa3ac01df071b541094f251deed10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:12:54.0768 1816 Symc8xx - ok
10:12:54.0784 1816 [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:12:54.0784 1816 Sym_hi - ok
10:12:54.0799 1816 [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:12:54.0815 1816 Sym_u3 - ok
10:12:54.0862 1816 [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain C:\Windows\system32\sysmain.dll
10:12:54.0893 1816 SysMain - ok
10:12:54.0909 1816 [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:12:54.0909 1816 TabletInputService - ok
10:12:54.0940 1816 [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:12:54.0955 1816 TapiSrv - ok
10:12:54.0971 1816 [ cb05822cd9cc6c688168e113c603dbe7 ] TBS C:\Windows\System32\tbssvc.dll
10:12:54.0971 1816 TBS - ok
10:12:55.0033 1816 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:12:55.0033 1816 Tcpip - ok
10:12:55.0080 1816 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:12:55.0080 1816 Tcpip6 - ok
10:12:55.0174 1816 [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:12:55.0174 1816 tcpipreg - ok
10:12:55.0221 1816 [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:12:55.0236 1816 TDPIPE - ok
10:12:55.0252 1816 [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:12:55.0252 1816 TDTCP - ok
10:12:55.0283 1816 [ 76b06eb8a01fc8624d699e7045303e54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:12:55.0283 1816 tdx - ok
10:12:55.0283 1816 [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:12:55.0283 1816 TermDD - ok
10:12:55.0330 1816 [ bb95da09bef6e7a131bff3ba5032090d ] TermService C:\Windows\System32\termsrv.dll
10:12:55.0330 1816 TermService - ok
10:12:55.0361 1816 [ c7230fbee14437716701c15be02c27b8 ] Themes C:\Windows\system32\shsvcs.dll
10:12:55.0361 1816 Themes - ok
10:12:55.0377 1816 [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER C:\Windows\system32\mmcss.dll
10:12:55.0377 1816 THREADORDER - ok
10:12:55.0423 1816 [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks C:\Windows\System32\trkwks.dll
10:12:55.0439 1816 TrkWks - ok
10:12:55.0501 1816 [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:12:55.0501 1816 TrustedInstaller - ok
10:12:55.0533 1816 [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:12:55.0533 1816 tssecsrv - ok
10:12:55.0564 1816 [ caecc0120ac49e3d2f758b9169872d38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:12:55.0564 1816 tunmp - ok
10:12:55.0611 1816 [ 300db877ac094feab0be7688c3454a9c ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:12:55.0611 1816 tunnel - ok
10:12:55.0626 1816 [ 7d33c4db2ce363c8518d2dfcf533941f ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:12:55.0626 1816 uagp35 - ok
10:12:55.0657 1816 [ d9728af68c4c7693cb100b8441cbdec6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:12:55.0657 1816 udfs - ok
10:12:55.0689 1816 [ ecef404f62863755951e09c802c94ad5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:12:55.0689 1816 UI0Detect - ok
10:12:55.0704 1816 [ b0acfdc9e4af279e9116c03e014b2b27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:12:55.0704 1816 uliagpkx - ok
10:12:55.0767 1816 [ 9224bb254f591de4ca8d572a5f0d635c ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:12:55.0782 1816 uliahci - ok
10:12:55.0798 1816 [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:12:55.0798 1816 UlSata - ok
10:12:55.0845 1816 [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:12:55.0845 1816 ulsata2 - ok
10:12:55.0907 1816 [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:12:55.0907 1816 umbus - ok
10:12:55.0923 1816 [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost C:\Windows\System32\upnphost.dll
10:12:55.0923 1816 upnphost - ok
10:12:55.0969 1816 [ 32db9517628ff0d070682aab61e688f0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:12:55.0969 1816 usbaudio - ok
10:12:55.0985 1816 [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:12:55.0985 1816 usbccgp - ok
10:12:56.0016 1816 [ e9476e6c486e76bc4898074768fb7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:12:56.0016 1816 usbcir - ok
10:12:56.0032 1816 [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:12:56.0032 1816 usbehci - ok
10:12:56.0063 1816 [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:12:56.0079 1816 usbhub - ok
10:12:56.0110 1816 [ 38dbc7dd6cc5a72011f187425384388b ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:12:56.0110 1816 usbohci - ok
10:12:56.0141 1816 [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:12:56.0141 1816 usbprint - ok
10:12:56.0188 1816 [ a508c9bd8724980512136b039bba65e9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:12:56.0188 1816 usbscan - ok
10:12:56.0250 1816 [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:12:56.0250 1816 USBSTOR - ok
10:12:56.0281 1816 [ 814d653efc4d48be3b04a307eceff56f ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:12:56.0281 1816 usbuhci - ok
10:12:56.0344 1816 [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms C:\Windows\System32\uxsms.dll
10:12:56.0359 1816 UxSms - ok
10:12:56.0391 1816 [ cd88d1b7776dc17a119049742ec07eb4 ] vds C:\Windows\System32\vds.exe
10:12:56.0406 1816 vds - ok
10:12:56.0422 1816 [ 87b06e1f30b749a114f74622d013f8d4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:12:56.0422 1816 vga - ok
10:12:56.0437 1816 [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave C:\Windows\System32\drivers\vga.sys
10:12:56.0437 1816 VgaSave - ok
10:12:56.0453 1816 [ 5d7159def58a800d5781ba3a879627bc ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:12:56.0469 1816 viaagp - ok
10:12:56.0484 1816 [ c4f3a691b5bad343e6249bd8c2d45dee ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:12:56.0484 1816 ViaC7 - ok
10:12:56.0500 1816 [ aadf5587a4063f52c2c3fed7887426fc ] viaide C:\Windows\system32\drivers\viaide.sys
10:12:56.0500 1816 viaide - ok
10:12:56.0515 1816 [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:12:56.0515 1816 volmgr - ok
10:12:56.0547 1816 [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:12:56.0562 1816 volmgrx - ok
10:12:56.0625 1816 [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:12:56.0625 1816 volsnap - ok
10:12:56.0656 1816 [ 587253e09325e6bf226b299774b728a9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:12:56.0656 1816 vsmraid - ok
10:12:56.0703 1816 [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS C:\Windows\system32\vssvc.exe
10:12:56.0734 1816 VSS - ok
10:12:56.0781 1816 [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time C:\Windows\system32\w32time.dll
10:12:56.0796 1816 W32Time - ok
10:12:56.0843 1816 [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:12:56.0843 1816 WacomPen - ok
10:12:56.0859 1816 [ 55201897378cca7af8b5efd874374a26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:12:56.0859 1816 Wanarp - ok
10:12:56.0874 1816 [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:12:56.0874 1816 Wanarpv6 - ok
10:12:56.0905 1816 [ a3cd60fd826381b49f03832590e069af ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:12:56.0905 1816 wcncsvc - ok
10:12:56.0952 1816 [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:12:56.0952 1816 WcsPlugInService - ok
10:12:56.0968 1816 [ 78fe9542363f297b18c027b2d7e7c07f ] Wd C:\Windows\system32\drivers\wd.sys
10:12:56.0968 1816 Wd - ok
10:12:57.0015 1816 [ d6efaf429fd30c5df613d220e344cce7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
10:12:57.0015 1816 WDC_SAM - ok
10:12:57.0030 1816 [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:12:57.0046 1816 Wdf01000 - ok
10:12:57.0093 1816 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:12:57.0093 1816 WdiServiceHost - ok
10:12:57.0108 1816 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:12:57.0108 1816 WdiSystemHost - ok
10:12:57.0171 1816 [ 04c37d8107320312fbae09926103d5e2 ] WebClient C:\Windows\System32\webclnt.dll
10:12:57.0171 1816 WebClient - ok
10:12:57.0202 1816 [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:12:57.0202 1816 Wecsvc - ok
10:12:57.0264 1816 [ 670ff720071ed741206d69bd995ea453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:12:57.0264 1816 wercplsupport - ok
10:12:57.0327 1816 [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc C:\Windows\System32\WerSvc.dll
10:12:57.0327 1816 WerSvc - ok
10:12:57.0389 1816 [ 5c7bdcf5864db00323fe2d90fa26a8a2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:12:57.0405 1816 winachsf - ok
10:12:57.0483 1816 [ 4575aa12561c5648483403541d0d7f2b ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:12:57.0483 1816 WinDefend - ok
10:12:57.0498 1816 WinHttpAutoProxySvc - ok
10:12:57.0561 1816 [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:12:57.0561 1816 Winmgmt - ok
10:12:57.0623 1816 [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
10:12:57.0654 1816 WinRM - ok
10:12:57.0717 1816 [ c008405e4feeb069e30da1d823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:12:57.0732 1816 Wlansvc - ok
10:12:57.0732 1816 wltrysvc - ok
10:12:57.0779 1816 [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:12:57.0779 1816 WmiAcpi - ok
10:12:57.0826 1816 [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:12:57.0826 1816 wmiApSrv - ok
10:12:57.0888 1816 [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:12:57.0904 1816 WMPNetworkSvc - ok
10:12:57.0935 1816 [ cfc5a04558f5070cee3e3a7809f3ff52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:12:57.0935 1816 WPCSvc - ok
10:12:57.0966 1816 [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:12:57.0966 1816 WPDBusEnum - ok
10:12:58.0013 1816 [ de9d36f91a4df3d911626643debf11ea ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:12:58.0013 1816 WpdUsb - ok
10:12:58.0122 1816 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:12:58.0153 1816 WPFFontCache_v0400 - ok
10:12:58.0169 1816 [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:12:58.0169 1816 ws2ifsl - ok
10:12:58.0216 1816 [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc C:\Windows\system32\wscsvc.dll
10:12:58.0216 1816 wscsvc - ok
10:12:58.0216 1816 WSearch - ok
10:12:58.0309 1816 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\Windows\system32\wuaueng.dll
10:12:58.0356 1816 wuauserv - ok
10:12:58.0387 1816 [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:12:58.0387 1816 WUDFRd - ok
10:12:58.0419 1816 [ 575a4190d989f64732119e4114045a4f ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:12:58.0419 1816 wudfsvc - ok
10:12:58.0481 1816 [ a4822191c7cea271903c2a4fb6d9809d ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
10:12:58.0497 1816 yukonwlh - ok
10:12:58.0497 1816 ================ Scan global ===============================
10:12:58.0590 1816 (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
10:12:58.0621 1816 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
10:12:58.0637 1816 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
10:12:58.0684 1816 (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
10:12:58.0684 1816 [Global] - ok
10:12:58.0684 1816 ================ Scan MBR ==================================
10:12:58.0715 1816 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
10:12:59.0074 1816 \Device\Harddisk0\DR0 - ok
10:12:59.0074 1816 ================ Scan VBR ==================================
10:12:59.0105 1816 Boot (0x1200) (1c87bb41b794aa77b498067de1159056) \Device\Harddisk0\DR0\Partition1
10:12:59.0105 1816 \Device\Harddisk0\DR0\Partition1 - ok
10:12:59.0121 1816 Boot (0x1200) (f805fa144e726ceaa4cf9a250587b283) \Device\Harddisk0\DR0\Partition2
10:12:59.0121 1816 \Device\Harddisk0\DR0\Partition2 - ok
10:12:59.0121 1816 ============================================================
10:12:59.0121 1816 Scan finished
10:12:59.0121 1816 ============================================================
10:12:59.0136 0408 Detected object count: 0
10:12:59.0136 0408 Actual detected object count: 0


SafeRepairBootKey wouldnt run for me, it said it would only run in 2000 oe XP.

Will post the other logs after Win reboots.

Edit: I ran AdwCleaner but when I restarted in Safe Mode I didnt get the text file.

Wait, found it

# AdwCleaner v2.005 - Logfile created 10/27/2012 at 10:16:58
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Britt - HAMILITON
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Britt\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\extensions\addon@defaulttab.com.xpi
File Deleted : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\searchplugins\search-here.xml
File Deleted : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\searchplugins\web-search.xml
File Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\searchplugins\Ask.xml
File Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\searchplugins\fast-browser-search.xml
File Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\searchplugins\web-browser-search.xml
File Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\searchplugins\web-search.xml
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Britt\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\FCTB
Folder Deleted : C:\Users\Ryan\AppData\Local\searchcom_001
Folder Deleted : C:\Users\Ryan\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Ryan\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Ryan\AppData\LocalLow\searchcom_001
Folder Deleted : C:\Users\Ryan\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\Conduit
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\ConduitCommon
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\CT2392836
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f}
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f}(105)
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\extensions\engine@conduit.com
Folder Deleted : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlaySushi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\prefs.js

C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\orpk31y0.default\user.js ... Deleted !

Deleted : user_pref("CT2392836..clientLogIsEnabled", false);
Deleted : user_pref("CT2392836..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2392836..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2392836.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2392836.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2392836.AppTrackingLastCheckTime", "Sun Mar 25 2012 10:34:22 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2392836.BrowserCompStateIsOpen_129593578332876296", true);
Deleted : user_pref("CT2392836.BrowserCompStateIsOpen_129683259195978340", true);
Deleted : user_pref("CT2392836.CTID", "CT2392836");
Deleted : user_pref("CT2392836.CurrentServerDate", "25-10-2012");
Deleted : user_pref("CT2392836.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2392836.DialogsGetterLastCheckTime", "Thu Oct 25 2012 22:10:35 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2392836.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2392836.EMailNotifierPollDate", "Sat May 26 2012 22:05:11 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2392836.ExternalComponentPollDate129173813012786425", "Thu May 24 2012 22:42:12 GMT-040[...]
Deleted : user_pref("CT2392836.FirstServerDate", "5-7-2010");
Deleted : user_pref("CT2392836.FirstTime", true);
Deleted : user_pref("CT2392836.FirstTimeFF3", true);
Deleted : user_pref("CT2392836.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2392836.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2392836.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2392836.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2392836.HasUserGlobalKeys", true);
Deleted : user_pref("CT2392836.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2392836.Initialize", true);
Deleted : user_pref("CT2392836.InitializeCommonPrefs", true);
Deleted : user_pref("CT2392836.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2392836.InstalledDate", "Mon Jul 05 2010 14:21:32 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2392836.InvalidateCache", false);
Deleted : user_pref("CT2392836.IsAlertDBUpdated", true);
Deleted : user_pref("CT2392836.IsGrouping", false);
Deleted : user_pref("CT2392836.IsMulticommunity", false);
Deleted : user_pref("CT2392836.IsOpenThankYouPage", true);
Deleted : user_pref("CT2392836.IsOpenUninstallPage", true);
Deleted : user_pref("CT2392836.LanguagePackLastCheckTime", "Wed Oct 24 2012 22:54:03 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2392836.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2392836.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2392836.LastLogin_2.7.1.3", "Fri Jul 30 2010 22:49:35 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2392836.LastLogin_3.10.0.1", "Tue Apr 24 2012 21:35:34 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.12.2.3", "Wed May 30 2012 19:22:48 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.13.0.6", "Sun Jul 15 2012 09:37:08 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.14.1.0", "Tue Aug 21 2012 22:32:15 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.15.1.0", "Thu Oct 25 2012 22:10:35 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.5.0.12", "Sun Jul 31 2011 15:44:36 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.6.0.10", "Fri Sep 30 2011 15:22:42 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.LastLogin_3.7.0.6", "Mon Oct 10 2011 22:25:09 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2392836.LastLogin_3.8.0.8", "Wed Nov 30 2011 22:55:54 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2392836.LastLogin_3.8.1.0", "Tue Jan 03 2012 00:43:22 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2392836.LastLogin_3.9.0.3", "Mon Feb 13 2012 16:40:04 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2392836.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2392836.Locale", "en");
Deleted : user_pref("CT2392836.LoginCache", 4);
Deleted : user_pref("CT2392836.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2392836.MCDetectTooltipShow", false);
Deleted : user_pref("CT2392836.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2392836.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2392836.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2392836.RadioIsPodcast", false);
Deleted : user_pref("CT2392836.RadioLastCheckTime", "Sat May 26 2012 15:30:35 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2392836.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2392836.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2392836.RadioMediaID", "9957");
Deleted : user_pref("CT2392836.RadioMediaType", "Media Player");
Deleted : user_pref("CT2392836.RadioMenuSelectedID", "EBRadioMenu_CT2392836_RECENT9957");
Deleted : user_pref("CT2392836.RadioShrinked", "expanded");
Deleted : user_pref("CT2392836.RadioStationName", "Country");
Deleted : user_pref("CT2392836.RadioStationURL", "hxxp://www.sky.fm/wma/country.asx");
Deleted : user_pref("CT2392836.RadioVolume", "42");
Deleted : user_pref("CT2392836.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2392836.SavedHomepage", "hxxp://www.tattoodle.com?tid={2D8EAA99-1977-825B-C1A0-31CBBAF2[...]
Deleted : user_pref("CT2392836.SearchBoxWidth", 153);
Deleted : user_pref("CT2392836.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2392836.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2392836.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2392836.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT239[...]
Deleted : user_pref("CT2392836.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2392836.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2392836.SearchInNewTabLastCheckTime", "Wed Oct 24 2012 22:53:58 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2392836.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2392836.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2392836.SearchProtectorEnabled", false);
Deleted : user_pref("CT2392836.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2392836.ServiceMapLastCheckTime", "Wed Oct 24 2012 22:54:03 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2392836.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2392836.SettingsLastCheckTime", "Thu Oct 25 2012 22:10:35 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2392836.SettingsLastUpdate", "1351094827");
Deleted : user_pref("CT2392836.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2392836.ThirdPartyComponentsLastCheck", "Tue May 08 2012 23:41:47 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2392836.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2392836.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2392836.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2392836");
Deleted : user_pref("CT2392836.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2392836.UserID", "UN28241002124319237");
Deleted : user_pref("CT2392836.ValidationData_Search", 2);
Deleted : user_pref("CT2392836.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2392836.WeatherNetwork", "");
Deleted : user_pref("CT2392836.WeatherPollDate", "Sat May 26 2012 22:05:12 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2392836.WeatherUnit", "F");
Deleted : user_pref("CT2392836.alertChannelId", "787548");
Deleted : user_pref("CT2392836.approveUntrustedApps", false);
Deleted : user_pref("CT2392836.backendstorage.cb_firstuse0100", "31");
Deleted : user_pref("CT2392836.backendstorage.cb_user_id_000", "43423535313031383530353534345F46697265666F78")[...]
Deleted : user_pref("CT2392836.backendstorage.cbcountry_000", "5553");
Deleted : user_pref("CT2392836.backendstorage.cbfirsttime", "5475652053657020323720323031312032323A30393A34302[...]
Deleted : user_pref("CT2392836.backendstorage.shoppingapp.gk.exipres", "547565204D617920323920323031322032323A[...]
Deleted : user_pref("CT2392836.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Deleted : user_pref("CT2392836.backendstorage.undefined", "68747470733A2F2F7777772E676F6F676C652E636F6D");
Deleted : user_pref("CT2392836.backendstorage.url_history", "687474703A2F2F7777772E676F6F676C652E636F6D2F75726[...]
Deleted : user_pref("CT2392836.backendstorage.url_history0001", "687474703A2F2F7777772E73616D73636C75622E636F6[...]
Deleted : user_pref("CT2392836.clientLogIsEnabled", true);
Deleted : user_pref("CT2392836.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2392836.components.1000034", true);
Deleted : user_pref("CT2392836.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2392836.globalFirstTimeInfoLastCheckTime", "Thu May 24 2012 22:42:13 GMT-0400 (Eastern [...]
Deleted : user_pref("CT2392836.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2392836.initDone", true);
Deleted : user_pref("CT2392836.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2392836.myStuffEnabled", true);
Deleted : user_pref("CT2392836.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2392836.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2392836.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2392836.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2392836.oldAppsList", "128528134317618801,128528134409962554,111,129132071779055387,129[...]
Deleted : user_pref("CT2392836.revertSettingsEnabled", false);
Deleted : user_pref("CT2392836.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2392836.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2392836.testingCtid", "");
Deleted : user_pref("CT2392836.toolbarAppMetaDataLastCheckTime", "Wed Oct 24 2012 22:54:03 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2392836.toolbarContextMenuLastCheckTime", "Sat May 19 2012 22:20:05 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2392836.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2392836.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2392836/CT2392836[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/787548/783370/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2392836", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2392836",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2392836&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2392836/CT2392836[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/equalize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/minimize[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/play.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/stop.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/StarFleet/vol.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"f61[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Ryan\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://us.yhs.search.yahoo.com/avg/searc[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2392836");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2392836");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jul 30 2010 23:31:13 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jul 30 2010 22:53:57 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1276093853");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{11667c73-6fb0-4215-9858-745df39ae901}");
Deleted : user_pref("CommunityToolbar.globalUserId", "f19a2c49-72ea-4215-a09b-75fb01c53a1c");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2392836");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu May 24 2012 22:42:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat May 26 2012 15:30:44 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 26 2012 15:30:36 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "f89b4f96-7719-4ffe-a103-1242305e4640");
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("browser.search.defaultthis.engineName", "Fast Browser Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?v=2&bd[...]
Deleted : user_pref("browser.search.order.1", "Fast Browser Search");
Deleted : user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?v=2&bd=042010&ua=002[...]
Deleted : user_pref("wbstoolbar.wNewTab", "hxxp://tab.fastbrowsersearch.com/?bd=042010&ua=002");

Profile name : default
File : C:\Users\Britt\AppData\Roaming\Mozilla\Firefox\Profiles\fsbbssz4.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.DNSCatch", false);
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.FirstLaunchShown", true);
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.LastDate", 26);
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.customNewTab", false);
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.processAddrBar", false);
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.session", "96B8AFD4E81044B9CCA92287615C58033607[...]
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.tb_lang", "en");
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.user_id", "33997501");
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.disablecuidinject", "1");
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.lastcheck", "Sat%20Nov%2026%202011%2011%3A[...]
Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.yahooSearch", false);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.DNSCatch", false);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.FirstLaunchShown", true);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.LastDate", 26);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.customNewTab", false);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.processAddrBar", false);
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.session", "96B8AFD4E81044B9CCA92287615C58033607[...]
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.tb_lang", "en");
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.user_id", "28885789");
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.vars.disablecuidinject", "1");
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.vars.lastcheck", "Sat%20Nov%2026%202011%2011%3A[...]
Deleted : user_pref("freecauseebcfd043312f448d96f425ba0f1ea646.yahooSearch", false);
Deleted : user_pref("playsushi.position.button", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Britt\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\Ryan\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

File : C:\Users\Britt\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [32408 octets] - [27/10/2012 10:16:58]

########## EOF - C:\AdwCleaner[S1].txt - [32469 octets] ##########


Edit: ESET
Ok had some issues, first I ran it and mid way thru my 2 year old unplugged the cord and my laptop shut off when the battery ran out. ESET had found 14+ issues but I never got to see the log since I didnt realize what he had done until the laptop was off. I restarted it, ran ESET again and it didnt find anything. I never got a LIST THREATS button or EXPORT, it just had some files it said to Quarentine. Im not sure it deleted what it had found previously.

Here is the 2nd scan log

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b4921db95a1e2b4296704954ad559257
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-10-27 05:53:44
# local_time=2012-10-27 01:53:44 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=3073 16777214 80 71 4537133 26848411 0 0
# compatibility_mode=5892 16776573 100 100 0 187966902 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=35679
# found=0
# cleaned=0
# scan_time=1049
ESETSmartInstaller@High as downloader log:
all ok

Also after I ran this I rebooted and started windows normally. Again after about a minute my HD stopped and the comp froze.

Edited by kaolite, 27 October 2012 - 01:22 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:40 AM

Posted 27 October 2012 - 05:51 PM

How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 kaolite

kaolite
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 27 October 2012 - 07:48 PM

HD still freezes if I boot windows. Runs fine in safe mode.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:40 AM

Posted 27 October 2012 - 08:37 PM

I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
If Gmer won't run,skip it.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 kaolite

kaolite
  • Topic Starter

  • Members
  • 62 posts
  • OFFLINE
  •  
  • Local time:10:40 AM

Posted 28 October 2012 - 08:31 AM

Ran DDS and posted the logs in the new thread. Tried to run Gmer and got BSOD both times with the error DRIVER IRQL IS NOT LESS OR EQUAL so I didn't run it a 3rd time.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:40 AM

Posted 28 October 2012 - 01:21 PM

Thats OK..
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users