Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Web search being redirected


  • Please log in to reply
18 replies to this topic

#1 runamuck

runamuck

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 30 November 2012 - 08:08 AM

I am hoping someone will know what this is. I have read a few threads and it looks as if it is a common issue, but nothing I have read online has led to any found virus or problem. I have run MalwareBytes, Search&Destroy, SuperAntiSpyware, etc. They have occasionally found something that they said they removed, but the problem persists.

One thing I noticed is that it often redirects to 66.146.72.42. I don't know if that will tell you anything.

My cousin said I probably have a rootkit and had me try a few programs to try to find it, but they all came up as clean.

Any help you can provide would be very much appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 AM

Posted 30 November 2012 - 09:56 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 30 November 2012 - 05:33 PM

Thank you so much! Here is the first one:

17:30:58.0909 7188 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:30:59.0331 7188 ============================================================
17:30:59.0331 7188 Current date / time: 2012/11/30 17:30:59.0331
17:30:59.0331 7188 SystemInfo:
17:30:59.0331 7188
17:30:59.0331 7188 OS Version: 6.1.7601 ServicePack: 1.0
17:30:59.0331 7188 Product type: Workstation
17:30:59.0331 7188 ComputerName: MARGARET-LAPTOP
17:30:59.0331 7188 UserName: Margaret
17:30:59.0331 7188 Windows directory: C:\Windows
17:30:59.0331 7188 System windows directory: C:\Windows
17:30:59.0331 7188 Running under WOW64
17:30:59.0331 7188 Processor architecture: Intel x64
17:30:59.0331 7188 Number of processors: 4
17:30:59.0331 7188 Page size: 0x1000
17:30:59.0331 7188 Boot type: Normal boot
17:30:59.0331 7188 ============================================================
17:31:00.0688 7188 BG loaded
17:31:01.0265 7188 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:31:01.0281 7188 ============================================================
17:31:01.0281 7188 \Device\Harddisk0\DR0:
17:31:01.0281 7188 MBR partitions:
17:31:01.0281 7188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1E8E000
17:31:01.0281 7188 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1EA2000, BlocksNum 0x489B4000
17:31:01.0281 7188 ============================================================
17:31:01.0296 7188 C: <-> \Device\Harddisk0\DR0\Partition2
17:31:01.0296 7188 ============================================================
17:31:01.0296 7188 Initialize success
17:31:01.0296 7188 ============================================================
17:31:28.0202 7908 ============================================================
17:31:28.0202 7908 Scan started
17:31:28.0202 7908 Mode: Manual; TDLFS;
17:31:28.0202 7908 ============================================================
17:31:28.0436 7908 ================ Scan system memory ========================
17:31:28.0436 7908 System memory - ok
17:31:28.0436 7908 ================ Scan services =============================
17:31:28.0530 7908 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:31:28.0530 7908 !SASCORE - ok
17:31:28.0811 7908 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:31:28.0811 7908 1394ohci - ok
17:31:28.0842 7908 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:31:28.0842 7908 ACPI - ok
17:31:28.0873 7908 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:31:28.0873 7908 AcpiPmi - ok
17:31:28.0998 7908 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:31:28.0998 7908 AdobeARMservice - ok
17:31:29.0045 7908 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:31:29.0076 7908 adp94xx - ok
17:31:29.0123 7908 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:31:29.0138 7908 adpahci - ok
17:31:29.0185 7908 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:31:29.0201 7908 adpu320 - ok
17:31:29.0232 7908 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:31:29.0232 7908 AeLookupSvc - ok
17:31:29.0294 7908 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:31:29.0326 7908 AERTFilters - ok
17:31:29.0388 7908 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:31:29.0404 7908 AFD - ok
17:31:29.0450 7908 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:31:29.0450 7908 agp440 - ok
17:31:29.0482 7908 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:31:29.0497 7908 ALG - ok
17:31:29.0528 7908 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:31:29.0528 7908 aliide - ok
17:31:29.0606 7908 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
17:31:29.0606 7908 Amazon Download Agent - ok
17:31:29.0622 7908 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:31:29.0638 7908 amdide - ok
17:31:29.0653 7908 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:31:29.0669 7908 AmdK8 - ok
17:31:29.0684 7908 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:31:29.0700 7908 AmdPPM - ok
17:31:29.0731 7908 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:31:29.0747 7908 amdsata - ok
17:31:29.0778 7908 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:31:29.0794 7908 amdsbs - ok
17:31:29.0794 7908 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:31:29.0840 7908 amdxata - ok
17:31:29.0872 7908 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:31:29.0872 7908 AppID - ok
17:31:29.0887 7908 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:31:29.0887 7908 AppIDSvc - ok
17:31:29.0903 7908 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:31:29.0903 7908 Appinfo - ok
17:31:30.0012 7908 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:31:30.0074 7908 Apple Mobile Device - ok
17:31:30.0090 7908 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:31:30.0090 7908 arc - ok
17:31:30.0106 7908 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:31:30.0106 7908 arcsas - ok
17:31:30.0200 7908 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:31:30.0216 7908 aspnet_state - ok
17:31:30.0231 7908 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:31:30.0247 7908 AsyncMac - ok
17:31:30.0263 7908 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:31:30.0263 7908 atapi - ok
17:31:30.0325 7908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:31:30.0372 7908 AudioEndpointBuilder - ok
17:31:30.0387 7908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:31:30.0403 7908 AudioSrv - ok
17:31:30.0434 7908 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:31:30.0434 7908 AxInstSV - ok
17:31:30.0481 7908 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:31:30.0512 7908 b06bdrv - ok
17:31:30.0559 7908 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:31:30.0559 7908 b57nd60a - ok
17:31:30.0590 7908 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:31:30.0590 7908 BDESVC - ok
17:31:30.0606 7908 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:31:30.0606 7908 Beep - ok
17:31:30.0668 7908 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:31:30.0684 7908 BFE - ok
17:31:30.0731 7908 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:31:30.0746 7908 BITS - ok
17:31:30.0777 7908 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:31:30.0793 7908 blbdrive - ok
17:31:30.0887 7908 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:31:30.0902 7908 Bluetooth Device Monitor - ok
17:31:30.0949 7908 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:31:30.0965 7908 Bluetooth Media Service - ok
17:31:30.0996 7908 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:31:31.0011 7908 Bluetooth OBEX Service - ok
17:31:31.0074 7908 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:31:31.0136 7908 Bonjour Service - ok
17:31:31.0184 7908 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:31:31.0184 7908 bowser - ok
17:31:31.0215 7908 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:31:31.0231 7908 BrFiltLo - ok
17:31:31.0246 7908 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:31:31.0246 7908 BrFiltUp - ok
17:31:31.0278 7908 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:31:31.0278 7908 Browser - ok
17:31:31.0309 7908 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:31:31.0309 7908 Brserid - ok
17:31:31.0324 7908 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:31:31.0324 7908 BrSerWdm - ok
17:31:31.0324 7908 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:31:31.0324 7908 BrUsbMdm - ok
17:31:31.0324 7908 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:31:31.0340 7908 BrUsbSer - ok
17:31:31.0402 7908 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:31:31.0402 7908 BthEnum - ok
17:31:31.0418 7908 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:31:31.0418 7908 BTHMODEM - ok
17:31:31.0449 7908 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:31:31.0465 7908 BthPan - ok
17:31:31.0496 7908 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:31:31.0512 7908 BTHPORT - ok
17:31:31.0543 7908 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:31:31.0543 7908 bthserv - ok
17:31:31.0574 7908 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:31:31.0574 7908 BTHUSB - ok
17:31:31.0605 7908 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:31:31.0652 7908 btmaux - ok
17:31:31.0652 7908 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:31:31.0699 7908 btmhsf - ok
17:31:31.0714 7908 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:31:31.0714 7908 cdfs - ok
17:31:31.0761 7908 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:31:31.0777 7908 cdrom - ok
17:31:31.0792 7908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:31:31.0792 7908 CertPropSvc - ok
17:31:31.0839 7908 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:31:31.0886 7908 cfwids - ok
17:31:31.0933 7908 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:31:31.0933 7908 circlass - ok
17:31:31.0964 7908 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:31:31.0964 7908 CLFS - ok
17:31:32.0027 7908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:31:32.0042 7908 clr_optimization_v2.0.50727_32 - ok
17:31:32.0089 7908 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:31:32.0105 7908 clr_optimization_v2.0.50727_64 - ok
17:31:32.0183 7908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:31:32.0183 7908 clr_optimization_v4.0.30319_32 - ok
17:31:32.0198 7908 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:31:32.0214 7908 clr_optimization_v4.0.30319_64 - ok
17:31:32.0245 7908 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:31:32.0261 7908 CmBatt - ok
17:31:32.0292 7908 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:31:32.0292 7908 cmdide - ok
17:31:32.0339 7908 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:31:32.0354 7908 CNG - ok
17:31:32.0370 7908 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:31:32.0370 7908 Compbatt - ok
17:31:32.0401 7908 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:31:32.0432 7908 CompositeBus - ok
17:31:32.0448 7908 COMSysApp - ok
17:31:32.0463 7908 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:31:32.0463 7908 crcdisk - ok
17:31:32.0510 7908 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:31:32.0510 7908 CryptSvc - ok
17:31:32.0557 7908 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:31:32.0604 7908 CtClsFlt - ok
17:31:32.0666 7908 [ 1CA90212A99DB6975C344826D11055C9 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:31:32.0713 7908 dc3d - ok
17:31:32.0744 7908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:31:32.0760 7908 DcomLaunch - ok
17:31:32.0791 7908 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:31:32.0791 7908 defragsvc - ok
17:31:32.0822 7908 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:31:32.0822 7908 DfsC - ok
17:31:32.0853 7908 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:31:32.0869 7908 Dhcp - ok
17:31:32.0885 7908 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:31:32.0885 7908 discache - ok
17:31:32.0916 7908 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:31:32.0931 7908 Disk - ok
17:31:32.0978 7908 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:31:32.0978 7908 Dnscache - ok
17:31:32.0994 7908 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:31:32.0994 7908 dot3svc - ok
17:31:33.0009 7908 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:31:33.0009 7908 DPS - ok
17:31:33.0056 7908 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:31:33.0056 7908 drmkaud - ok
17:31:33.0103 7908 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:31:33.0150 7908 DXGKrnl - ok
17:31:33.0181 7908 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:31:33.0181 7908 EapHost - ok
17:31:33.0275 7908 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:31:33.0399 7908 ebdrv - ok
17:31:33.0446 7908 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:31:33.0446 7908 EFS - ok
17:31:33.0509 7908 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:31:33.0524 7908 ehRecvr - ok
17:31:33.0555 7908 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:31:33.0555 7908 ehSched - ok
17:31:33.0587 7908 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:31:33.0602 7908 elxstor - ok
17:31:33.0618 7908 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:31:33.0618 7908 ErrDev - ok
17:31:33.0649 7908 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:31:33.0665 7908 EventSystem - ok
17:31:33.0805 7908 [ ED8FBADBBAF7420ADEAE2D5D81F0D4A1 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:31:33.0852 7908 EvtEng - ok
17:31:33.0883 7908 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:31:33.0883 7908 exfat - ok
17:31:33.0930 7908 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:31:33.0930 7908 fastfat - ok
17:31:33.0977 7908 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:31:34.0008 7908 Fax - ok
17:31:34.0023 7908 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:31:34.0023 7908 fdc - ok
17:31:34.0039 7908 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:31:34.0039 7908 fdPHost - ok
17:31:34.0055 7908 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:31:34.0055 7908 FDResPub - ok
17:31:34.0070 7908 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:31:34.0070 7908 FileInfo - ok
17:31:34.0086 7908 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:31:34.0086 7908 Filetrace - ok
17:31:34.0242 7908 [ AE56514767FA25421C0A0E4A49B0B11C ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
17:31:34.0335 7908 Fitbit Connect - ok
17:31:34.0445 7908 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:31:34.0476 7908 FLEXnet Licensing Service - ok
17:31:34.0491 7908 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:31:34.0491 7908 flpydisk - ok
17:31:34.0507 7908 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:31:34.0523 7908 FltMgr - ok
17:31:34.0569 7908 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:31:34.0585 7908 FontCache - ok
17:31:34.0632 7908 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:31:34.0694 7908 FontCache3.0.0.0 - ok
17:31:34.0710 7908 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:31:34.0710 7908 FsDepends - ok
17:31:34.0757 7908 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:31:34.0757 7908 Fs_Rec - ok
17:31:34.0772 7908 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:31:34.0772 7908 fvevol - ok
17:31:34.0803 7908 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:31:34.0803 7908 gagp30kx - ok
17:31:34.0866 7908 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:31:34.0866 7908 GamesAppService - ok
17:31:34.0913 7908 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:31:34.0928 7908 GEARAspiWDM - ok
17:31:34.0975 7908 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:31:35.0022 7908 gpsvc - ok
17:31:35.0100 7908 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:35.0115 7908 gupdate - ok
17:31:35.0131 7908 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:35.0131 7908 gupdatem - ok
17:31:35.0178 7908 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:31:35.0178 7908 hcw85cir - ok
17:31:35.0209 7908 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:31:35.0209 7908 HDAudBus - ok
17:31:35.0225 7908 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:31:35.0225 7908 HidBatt - ok
17:31:35.0240 7908 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:31:35.0256 7908 HidBth - ok
17:31:35.0271 7908 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:31:35.0287 7908 HidIr - ok
17:31:35.0318 7908 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:31:35.0318 7908 hidserv - ok
17:31:35.0365 7908 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:31:35.0365 7908 HidUsb - ok
17:31:35.0443 7908 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:31:35.0505 7908 HipShieldK - ok
17:31:35.0521 7908 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:31:35.0521 7908 hkmsvc - ok
17:31:35.0537 7908 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:31:35.0552 7908 HomeGroupListener - ok
17:31:35.0568 7908 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:31:35.0583 7908 HomeGroupProvider - ok
17:31:35.0599 7908 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:31:35.0661 7908 HpSAMD - ok
17:31:35.0693 7908 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:31:35.0693 7908 HTTP - ok
17:31:35.0708 7908 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:31:35.0708 7908 hwpolicy - ok
17:31:35.0739 7908 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:31:35.0755 7908 i8042prt - ok
17:31:35.0833 7908 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:31:35.0833 7908 iaStor - ok
17:31:35.0880 7908 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:31:35.0927 7908 iaStorV - ok
17:31:35.0958 7908 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:31:35.0973 7908 iBtFltCoex - ok
17:31:36.0020 7908 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:31:36.0114 7908 idsvc - ok
17:31:36.0333 7908 [ A47D902F5C0C43DCF5EE2CAE02BF39A8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:31:36.0692 7908 igfx - ok
17:31:36.0723 7908 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:31:36.0723 7908 iirsp - ok
17:31:36.0770 7908 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:31:36.0832 7908 IKEEXT - ok
17:31:36.0879 7908 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:31:36.0926 7908 intaud_WaveExtensible - ok
17:31:37.0020 7908 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:31:37.0176 7908 IntcAzAudAddService - ok
17:31:37.0207 7908 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:31:37.0238 7908 IntcDAud - ok
17:31:37.0269 7908 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:31:37.0285 7908 intelide - ok
17:31:37.0316 7908 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:31:37.0316 7908 intelppm - ok
17:31:37.0332 7908 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:31:37.0347 7908 IPBusEnum - ok
17:31:37.0378 7908 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:31:37.0425 7908 IpFilterDriver - ok
17:31:37.0472 7908 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:31:37.0488 7908 iphlpsvc - ok
17:31:37.0503 7908 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:31:37.0534 7908 IPMIDRV - ok
17:31:37.0534 7908 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:31:37.0534 7908 IPNAT - ok
17:31:37.0612 7908 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:31:37.0675 7908 iPod Service - ok
17:31:37.0706 7908 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:31:37.0706 7908 IRENUM - ok
17:31:37.0722 7908 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:31:37.0722 7908 isapnp - ok
17:31:37.0768 7908 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:31:37.0768 7908 iScsiPrt - ok
17:31:37.0800 7908 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:31:37.0893 7908 iwdbus - ok
17:31:37.0924 7908 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:31:37.0940 7908 kbdclass - ok
17:31:37.0956 7908 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:31:38.0002 7908 kbdhid - ok
17:31:38.0018 7908 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:31:38.0018 7908 KeyIso - ok
17:31:38.0049 7908 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:31:38.0065 7908 KSecDD - ok
17:31:38.0096 7908 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:31:38.0096 7908 KSecPkg - ok
17:31:38.0112 7908 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:31:38.0127 7908 ksthunk - ok
17:31:38.0174 7908 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:31:38.0174 7908 KtmRm - ok
17:31:38.0221 7908 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:31:38.0236 7908 LanmanServer - ok
17:31:38.0268 7908 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:38.0283 7908 LanmanWorkstation - ok
17:31:38.0314 7908 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:31:38.0314 7908 lltdio - ok
17:31:38.0361 7908 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:31:38.0361 7908 lltdsvc - ok
17:31:38.0377 7908 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:31:38.0377 7908 lmhosts - ok
17:31:38.0424 7908 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:31:38.0439 7908 LSI_FC - ok
17:31:38.0439 7908 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:31:38.0439 7908 LSI_SAS - ok
17:31:38.0455 7908 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:31:38.0455 7908 LSI_SAS2 - ok
17:31:38.0470 7908 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:31:38.0470 7908 LSI_SCSI - ok
17:31:38.0486 7908 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:31:38.0486 7908 luafv - ok
17:31:38.0548 7908 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:31:38.0548 7908 MBAMProtector - ok
17:31:38.0580 7908 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:31:38.0595 7908 MBAMScheduler - ok
17:31:38.0626 7908 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:31:38.0642 7908 MBAMService - ok
17:31:38.0720 7908 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:31:38.0720 7908 McAWFwk - ok
17:31:38.0798 7908 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
17:31:38.0798 7908 McComponentHostService - ok
17:31:38.0892 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:31:38.0954 7908 McMPFSvc - ok
17:31:38.0985 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:31:38.0985 7908 mcmscsvc - ok
17:31:39.0001 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:31:39.0001 7908 McNaiAnn - ok
17:31:39.0032 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:31:39.0048 7908 McNASvc - ok
17:31:39.0094 7908 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
17:31:39.0110 7908 McODS - ok
17:31:39.0110 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:31:39.0126 7908 McOobeSv - ok
17:31:39.0126 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:31:39.0126 7908 McProxy - ok
17:31:39.0188 7908 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:31:39.0188 7908 McShield - ok
17:31:39.0235 7908 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:31:39.0250 7908 Mcx2Svc - ok
17:31:39.0282 7908 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:31:39.0282 7908 megasas - ok
17:31:39.0313 7908 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:31:39.0328 7908 MegaSR - ok
17:31:39.0344 7908 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:31:39.0375 7908 MEIx64 - ok
17:31:39.0422 7908 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:31:39.0422 7908 mfeapfk - ok
17:31:39.0453 7908 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:31:39.0516 7908 mfeavfk - ok
17:31:39.0531 7908 mfeavfk01 - ok
17:31:39.0594 7908 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:31:39.0656 7908 mfefire - ok
17:31:39.0687 7908 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:31:39.0687 7908 mfefirek - ok
17:31:39.0734 7908 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:31:39.0750 7908 mfehidk - ok
17:31:39.0781 7908 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:31:39.0828 7908 mferkdet - ok
17:31:39.0859 7908 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
17:31:39.0859 7908 mfevtp - ok
17:31:39.0874 7908 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:31:39.0890 7908 mfewfpk - ok
17:31:39.0921 7908 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:31:39.0921 7908 MMCSS - ok
17:31:39.0952 7908 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:31:39.0968 7908 Modem - ok
17:31:39.0984 7908 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:31:39.0999 7908 monitor - ok
17:31:39.0999 7908 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:31:40.0015 7908 mouclass - ok
17:31:40.0030 7908 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:31:40.0030 7908 mouhid - ok
17:31:40.0062 7908 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:31:40.0062 7908 mountmgr - ok
17:31:40.0155 7908 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:40.0155 7908 MozillaMaintenance - ok
17:31:40.0186 7908 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:31:40.0249 7908 mpio - ok
17:31:40.0264 7908 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:31:40.0264 7908 mpsdrv - ok
17:31:40.0311 7908 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:31:40.0358 7908 MpsSvc - ok
17:31:40.0374 7908 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:31:40.0374 7908 MRxDAV - ok
17:31:40.0405 7908 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:40.0405 7908 mrxsmb - ok
17:31:40.0405 7908 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:40.0420 7908 mrxsmb10 - ok
17:31:40.0420 7908 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:40.0420 7908 mrxsmb20 - ok
17:31:40.0452 7908 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:31:40.0452 7908 msahci - ok
17:31:40.0467 7908 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:31:40.0530 7908 msdsm - ok
17:31:40.0545 7908 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:31:40.0545 7908 MSDTC - ok
17:31:40.0561 7908 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:31:40.0561 7908 Msfs - ok
17:31:40.0592 7908 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:31:40.0592 7908 mshidkmdf - ok
17:31:40.0608 7908 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:31:40.0608 7908 msisadrv - ok
17:31:40.0639 7908 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:31:40.0639 7908 MSiSCSI - ok
17:31:40.0639 7908 msiserver - ok
17:31:40.0686 7908 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:31:40.0686 7908 MSK80Service - ok
17:31:40.0701 7908 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:31:40.0717 7908 MSKSSRV - ok
17:31:40.0717 7908 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:40.0717 7908 MSPCLOCK - ok
17:31:40.0732 7908 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:31:40.0732 7908 MSPQM - ok
17:31:40.0764 7908 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:31:40.0764 7908 MsRPC - ok
17:31:40.0779 7908 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:31:40.0795 7908 mssmbios - ok
17:31:40.0810 7908 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:31:40.0810 7908 MSTEE - ok
17:31:40.0826 7908 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:31:40.0826 7908 MTConfig - ok
17:31:40.0842 7908 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:31:40.0842 7908 Mup - ok
17:31:40.0888 7908 [ F02A154FDE5DA779E971352256E64CFF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:31:40.0935 7908 MyWiFiDHCPDNS - ok
17:31:40.0982 7908 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:31:40.0998 7908 napagent - ok
17:31:41.0029 7908 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:31:41.0060 7908 NativeWifiP - ok
17:31:41.0185 7908 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:31:41.0247 7908 NAUpdate - ok
17:31:41.0310 7908 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:31:41.0325 7908 NDIS - ok
17:31:41.0341 7908 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:41.0341 7908 NdisCap - ok
17:31:41.0372 7908 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:41.0372 7908 NdisTapi - ok
17:31:41.0388 7908 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:41.0403 7908 Ndisuio - ok
17:31:41.0419 7908 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:41.0419 7908 NdisWan - ok
17:31:41.0434 7908 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:31:41.0434 7908 NDProxy - ok
17:31:41.0450 7908 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:41.0450 7908 NetBIOS - ok
17:31:41.0466 7908 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:41.0481 7908 NetBT - ok
17:31:41.0497 7908 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:31:41.0497 7908 Netlogon - ok
17:31:41.0544 7908 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:31:41.0559 7908 Netman - ok
17:31:41.0590 7908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:41.0590 7908 NetMsmqActivator - ok
17:31:41.0590 7908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:41.0606 7908 NetPipeActivator - ok
17:31:41.0622 7908 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:31:41.0622 7908 netprofm - ok
17:31:41.0622 7908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:41.0622 7908 NetTcpActivator - ok
17:31:41.0622 7908 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:41.0637 7908 NetTcpPortSharing - ok
17:31:41.0809 7908 [ C3FC3EEE5A0CE77A02B27CFDFAF0C758 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:31:41.0965 7908 NETwNs64 - ok
17:31:41.0996 7908 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:31:41.0996 7908 nfrd960 - ok
17:31:42.0043 7908 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:42.0043 7908 NlaSvc - ok
17:31:42.0183 7908 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:31:42.0183 7908 NOBU - ok
17:31:42.0199 7908 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:42.0199 7908 Npfs - ok
17:31:42.0230 7908 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:31:42.0230 7908 nsi - ok
17:31:42.0230 7908 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:42.0230 7908 nsiproxy - ok
17:31:42.0324 7908 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:42.0355 7908 Ntfs - ok
17:31:42.0355 7908 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:31:42.0370 7908 Null - ok
17:31:42.0402 7908 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:31:42.0402 7908 nusb3hub - ok
17:31:42.0433 7908 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:31:42.0495 7908 nusb3xhc - ok
17:31:42.0526 7908 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:42.0589 7908 nvraid - ok
17:31:42.0636 7908 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:42.0682 7908 nvstor - ok
17:31:42.0714 7908 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:42.0714 7908 nv_agp - ok
17:31:42.0729 7908 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:42.0729 7908 ohci1394 - ok
17:31:42.0776 7908 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:42.0838 7908 ose - ok
17:31:42.0994 7908 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:31:43.0291 7908 osppsvc - ok
17:31:43.0322 7908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:43.0322 7908 p2pimsvc - ok
17:31:43.0353 7908 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:43.0369 7908 p2psvc - ok
17:31:43.0400 7908 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:31:43.0416 7908 Parport - ok
17:31:43.0447 7908 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:43.0494 7908 partmgr - ok
17:31:43.0509 7908 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:43.0509 7908 PcaSvc - ok
17:31:43.0525 7908 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:31:43.0540 7908 pci - ok
17:31:43.0540 7908 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:43.0556 7908 pciide - ok
17:31:43.0572 7908 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:31:43.0572 7908 pcmcia - ok
17:31:43.0587 7908 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:43.0603 7908 pcw - ok
17:31:43.0634 7908 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:43.0665 7908 PEAUTH - ok
17:31:43.0774 7908 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:43.0774 7908 PerfHost - ok
17:31:43.0852 7908 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:31:43.0868 7908 pla - ok
17:31:43.0915 7908 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:43.0915 7908 PlugPlay - ok
17:31:43.0915 7908 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:43.0930 7908 PNRPAutoReg - ok
17:31:43.0946 7908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:43.0946 7908 PNRPsvc - ok
17:31:43.0977 7908 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:31:44.0024 7908 Point64 - ok
17:31:44.0071 7908 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:44.0086 7908 PolicyAgent - ok
17:31:44.0118 7908 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:31:44.0133 7908 Power - ok
17:31:44.0164 7908 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:44.0211 7908 PptpMiniport - ok
17:31:44.0211 7908 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:31:44.0227 7908 Processor - ok
17:31:44.0258 7908 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:44.0305 7908 ProfSvc - ok
17:31:44.0305 7908 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:44.0305 7908 ProtectedStorage - ok
17:31:44.0336 7908 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:44.0336 7908 Psched - ok
17:31:44.0383 7908 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:31:44.0414 7908 ql2300 - ok
17:31:44.0445 7908 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:31:44.0461 7908 ql40xx - ok
17:31:44.0492 7908 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:31:44.0492 7908 QWAVE - ok
17:31:44.0508 7908 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:44.0508 7908 QWAVEdrv - ok
17:31:44.0523 7908 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:44.0523 7908 RasAcd - ok
17:31:44.0554 7908 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:44.0570 7908 RasAgileVpn - ok
17:31:44.0570 7908 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:44.0586 7908 RasAuto - ok
17:31:44.0586 7908 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:44.0632 7908 Rasl2tp - ok
17:31:44.0632 7908 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:31:44.0632 7908 RasMan - ok
17:31:44.0648 7908 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:44.0664 7908 RasPppoe - ok
17:31:44.0664 7908 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:44.0679 7908 RasSstp - ok
17:31:44.0695 7908 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:44.0710 7908 rdbss - ok
17:31:44.0726 7908 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:31:44.0726 7908 rdpbus - ok
17:31:44.0742 7908 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:44.0742 7908 RDPCDD - ok
17:31:44.0757 7908 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:44.0773 7908 RDPENCDD - ok
17:31:44.0773 7908 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:44.0773 7908 RDPREFMP - ok
17:31:44.0820 7908 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:44.0866 7908 RDPWD - ok
17:31:44.0898 7908 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:44.0898 7908 rdyboost - ok
17:31:44.0976 7908 [ 3A1EF2F8D0808BECE6A2FEF3EA3987A5 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:31:45.0038 7908 RegSrvc - ok
17:31:45.0069 7908 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:45.0069 7908 RemoteAccess - ok
17:31:45.0100 7908 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:45.0116 7908 RemoteRegistry - ok
17:31:45.0147 7908 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:31:45.0163 7908 RFCOMM - ok
17:31:45.0272 7908 [ E7062DBD907E0C5CEEB5ABDAF07E6B32 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
17:31:45.0303 7908 RosettaStoneDaemon - ok
17:31:45.0319 7908 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:45.0319 7908 RpcEptMapper - ok
17:31:45.0334 7908 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:31:45.0334 7908 RpcLocator - ok
17:31:45.0366 7908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:45.0366 7908 RpcSs - ok
17:31:45.0397 7908 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:45.0397 7908 rspndr - ok
17:31:45.0459 7908 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:31:45.0459 7908 RSUSBSTOR - ok
17:31:45.0506 7908 [ A73ED14670220307874AD6BC2F279349 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:31:45.0584 7908 RTL8167 - ok
17:31:45.0584 7908 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:31:45.0584 7908 SamSs - ok
17:31:45.0662 7908 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:31:45.0662 7908 SASDIFSV - ok
17:31:45.0693 7908 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:31:45.0693 7908 SASKUTIL - ok
17:31:45.0709 7908 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:45.0771 7908 sbp2port - ok
17:31:45.0943 7908 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:31:46.0005 7908 SBSDWSCService - ok
17:31:46.0021 7908 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:46.0036 7908 SCardSvr - ok
17:31:46.0052 7908 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:46.0052 7908 scfilter - ok
17:31:46.0114 7908 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:31:46.0114 7908 Schedule - ok
17:31:46.0146 7908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:46.0146 7908 SCPolicySvc - ok
17:31:46.0161 7908 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:46.0177 7908 SDRSVC - ok
17:31:46.0208 7908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:46.0208 7908 secdrv - ok
17:31:46.0239 7908 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:31:46.0239 7908 seclogon - ok
17:31:46.0270 7908 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:31:46.0270 7908 SENS - ok
17:31:46.0286 7908 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:46.0286 7908 SensrSvc - ok
17:31:46.0317 7908 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:31:46.0333 7908 Serenum - ok
17:31:46.0333 7908 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:31:46.0348 7908 Serial - ok
17:31:46.0364 7908 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:31:46.0364 7908 sermouse - ok
17:31:46.0395 7908 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:46.0426 7908 SessionEnv - ok
17:31:46.0426 7908 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:46.0426 7908 sffdisk - ok
17:31:46.0442 7908 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:46.0442 7908 sffp_mmc - ok
17:31:46.0442 7908 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:46.0442 7908 sffp_sd - ok
17:31:46.0458 7908 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:31:46.0458 7908 sfloppy - ok
17:31:46.0551 7908 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:31:46.0614 7908 SftService - ok
17:31:46.0645 7908 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:46.0645 7908 SharedAccess - ok
17:31:46.0660 7908 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:46.0692 7908 ShellHWDetection - ok
17:31:46.0692 7908 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:31:46.0692 7908 SiSRaid2 - ok
17:31:46.0692 7908 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:31:46.0707 7908 SiSRaid4 - ok
17:31:46.0723 7908 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:46.0723 7908 Smb - ok
17:31:46.0754 7908 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:46.0754 7908 SNMPTRAP - ok
17:31:46.0770 7908 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:46.0785 7908 spldr - ok
17:31:46.0832 7908 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:46.0848 7908 Spooler - ok
17:31:46.0957 7908 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:47.0004 7908 sppsvc - ok
17:31:47.0019 7908 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:47.0019 7908 sppuinotify - ok
17:31:47.0066 7908 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:47.0066 7908 srv - ok
17:31:47.0097 7908 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:47.0113 7908 srv2 - ok
17:31:47.0128 7908 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:47.0160 7908 srvnet - ok
17:31:47.0191 7908 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:47.0191 7908 SSDPSRV - ok
17:31:47.0206 7908 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:47.0206 7908 SstpSvc - ok
17:31:47.0238 7908 Steam Client Service - ok
17:31:47.0269 7908 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:31:47.0269 7908 stexstor - ok
17:31:47.0300 7908 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:31:47.0316 7908 StillCam - ok
17:31:47.0362 7908 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:47.0378 7908 stisvc - ok
17:31:47.0394 7908 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:31:47.0394 7908 swenum - ok
17:31:47.0425 7908 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:31:47.0425 7908 swprv - ok
17:31:47.0518 7908 [ AAD83760A0887975D8F524B4D2C86060 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:31:47.0581 7908 SynTP - ok
17:31:47.0643 7908 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:31:47.0643 7908 SysMain - ok
17:31:47.0659 7908 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:47.0659 7908 TabletInputService - ok
17:31:47.0690 7908 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:47.0690 7908 TapiSrv - ok
17:31:47.0690 7908 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:31:47.0706 7908 TBS - ok
17:31:47.0799 7908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:47.0846 7908 Tcpip - ok
17:31:47.0893 7908 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:47.0908 7908 TCPIP6 - ok
17:31:47.0940 7908 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:47.0971 7908 tcpipreg - ok
17:31:48.0002 7908 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:48.0002 7908 TDPIPE - ok
17:31:48.0033 7908 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:48.0080 7908 TDTCP - ok
17:31:48.0096 7908 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:48.0127 7908 tdx - ok
17:31:48.0142 7908 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:31:48.0142 7908 TermDD - ok
17:31:48.0189 7908 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:31:48.0220 7908 TermService - ok
17:31:48.0252 7908 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:31:48.0252 7908 Themes - ok
17:31:48.0267 7908 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:48.0283 7908 THREADORDER - ok
17:31:48.0298 7908 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:31:48.0298 7908 TrkWks - ok
17:31:48.0345 7908 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:48.0345 7908 TrustedInstaller - ok
17:31:48.0376 7908 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:48.0376 7908 tssecsrv - ok
17:31:48.0408 7908 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:48.0408 7908 TsUsbFlt - ok
17:31:48.0423 7908 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:31:48.0470 7908 TsUsbGD - ok
17:31:48.0501 7908 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:48.0501 7908 tunnel - ok
17:31:48.0564 7908 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:31:48.0564 7908 TurboB - ok
17:31:48.0610 7908 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:31:48.0657 7908 TurboBoost - ok
17:31:48.0657 7908 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:31:48.0657 7908 uagp35 - ok
17:31:48.0688 7908 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:48.0751 7908 udfs - ok
17:31:48.0782 7908 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:48.0782 7908 UI0Detect - ok
17:31:48.0798 7908 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:48.0813 7908 uliagpkx - ok
17:31:48.0860 7908 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:31:48.0860 7908 umbus - ok
17:31:48.0876 7908 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:31:48.0876 7908 UmPass - ok
17:31:48.0907 7908 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:31:48.0922 7908 upnphost - ok
17:31:48.0954 7908 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:31:48.0954 7908 USBAAPL64 - ok
17:31:49.0032 7908 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:31:49.0094 7908 usbaudio - ok
17:31:49.0110 7908 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:49.0110 7908 usbccgp - ok
17:31:49.0141 7908 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:49.0141 7908 usbcir - ok
17:31:49.0156 7908 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:31:49.0188 7908 usbehci - ok
17:31:49.0234 7908 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:49.0250 7908 usbhub - ok
17:31:49.0266 7908 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:31:49.0297 7908 usbohci - ok
17:31:49.0312 7908 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:31:49.0312 7908 usbprint - ok
17:31:49.0359 7908 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:31:49.0375 7908 usbscan - ok
17:31:49.0390 7908 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:49.0390 7908 USBSTOR - ok
17:31:49.0406 7908 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:31:49.0484 7908 usbuhci - ok
17:31:49.0515 7908 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:31:49.0515 7908 usbvideo - ok
17:31:49.0546 7908 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:31:49.0562 7908 UxSms - ok
17:31:49.0578 7908 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:31:49.0578 7908 VaultSvc - ok
17:31:49.0609 7908 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:49.0609 7908 vdrvroot - ok
17:31:49.0640 7908 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:31:49.0656 7908 vds - ok
17:31:49.0656 7908 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:49.0671 7908 vga - ok
17:31:49.0671 7908 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:49.0671 7908 VgaSave - ok
17:31:49.0702 7908 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:49.0702 7908 vhdmp - ok
17:31:49.0702 7908 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:49.0702 7908 viaide - ok
17:31:49.0718 7908 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:49.0765 7908 volmgr - ok
17:31:49.0780 7908 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:49.0780 7908 volmgrx - ok
17:31:49.0796 7908 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:49.0796 7908 volsnap - ok
17:31:49.0827 7908 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:31:49.0843 7908 vsmraid - ok
17:31:49.0921 7908 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:31:49.0952 7908 VSS - ok
17:31:49.0968 7908 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:49.0983 7908 vwifibus - ok
17:31:49.0999 7908 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:50.0014 7908 vwififlt - ok
17:31:50.0046 7908 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:50.0046 7908 vwifimp - ok
17:31:50.0061 7908 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:31:50.0077 7908 W32Time - ok
17:31:50.0108 7908 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:31:50.0108 7908 WacomPen - ok
17:31:50.0139 7908 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0170 7908 WANARP - ok
17:31:50.0186 7908 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:50.0186 7908 Wanarpv6 - ok
17:31:50.0264 7908 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:31:50.0311 7908 WatAdminSvc - ok
17:31:50.0373 7908 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:31:50.0451 7908 wbengine - ok
17:31:50.0467 7908 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:50.0467 7908 WbioSrvc - ok
17:31:50.0498 7908 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:50.0498 7908 wcncsvc - ok
17:31:50.0514 7908 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:50.0514 7908 WcsPlugInService - ok
17:31:50.0545 7908 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:31:50.0545 7908 Wd - ok
17:31:50.0623 7908 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:50.0654 7908 Wdf01000 - ok
17:31:50.0654 7908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:50.0670 7908 WdiServiceHost - ok
17:31:50.0670 7908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:50.0685 7908 WdiSystemHost - ok
17:31:50.0685 7908 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:31:50.0716 7908 WebClient - ok
17:31:50.0732 7908 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:50.0748 7908 Wecsvc - ok
17:31:50.0748 7908 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:50.0763 7908 wercplsupport - ok
17:31:50.0779 7908 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:50.0794 7908 WerSvc - ok
17:31:50.0810 7908 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:50.0810 7908 WfpLwf - ok
17:31:50.0857 7908 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:31:50.0857 7908 WimFltr - ok
17:31:50.0888 7908 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:50.0888 7908 WIMMount - ok
17:31:50.0904 7908 WinDefend - ok
17:31:50.0919 7908 WinHttpAutoProxySvc - ok
17:31:50.0966 7908 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:50.0982 7908 Winmgmt - ok
17:31:51.0060 7908 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:51.0122 7908 WinRM - ok
17:31:51.0200 7908 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:31:51.0231 7908 WinUsb - ok
17:31:51.0262 7908 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:51.0262 7908 Wlansvc - ok
17:31:51.0325 7908 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:31:51.0372 7908 wlcrasvc - ok
17:31:51.0481 7908 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:31:51.0512 7908 wlidsvc - ok
17:31:51.0543 7908 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:31:51.0559 7908 WmiAcpi - ok
17:31:51.0590 7908 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:51.0606 7908 wmiApSrv - ok
17:31:51.0637 7908 WMPNetworkSvc - ok
17:31:51.0668 7908 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:51.0668 7908 WPCSvc - ok
17:31:51.0699 7908 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:51.0699 7908 WPDBusEnum - ok
17:31:51.0715 7908 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:51.0715 7908 ws2ifsl - ok
17:31:51.0746 7908 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:31:51.0762 7908 wscsvc - ok
17:31:51.0762 7908 WSearch - ok
17:31:51.0871 7908 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:51.0871 7908 wuauserv - ok
17:31:51.0902 7908 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:51.0949 7908 WudfPf - ok
17:31:51.0980 7908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:52.0011 7908 WUDFRd - ok
17:31:52.0042 7908 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:52.0042 7908 wudfsvc - ok
17:31:52.0074 7908 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:52.0074 7908 WwanSvc - ok
17:31:52.0120 7908 ================ Scan global ===============================
17:31:52.0152 7908 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:31:52.0183 7908 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:31:52.0261 7908 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:31:52.0292 7908 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:31:52.0339 7908 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:31:52.0354 7908 [Global] - ok
17:31:52.0354 7908 ================ Scan MBR ==================================
17:31:52.0370 7908 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:31:52.0838 7908 \Device\Harddisk0\DR0 - ok
17:31:52.0838 7908 ================ Scan VBR ==================================
17:31:52.0854 7908 [ C456AFBFE5867AE2DEEE9AB7FD1C854C ] \Device\Harddisk0\DR0\Partition1
17:31:52.0854 7908 \Device\Harddisk0\DR0\Partition1 - ok
17:31:52.0885 7908 [ DD7149B5F4DC0ED7AC869FCE42B08217 ] \Device\Harddisk0\DR0\Partition2
17:31:52.0885 7908 \Device\Harddisk0\DR0\Partition2 - ok
17:31:52.0885 7908 ============================================================
17:31:52.0885 7908 Scan finished
17:31:52.0885 7908 ============================================================
17:31:52.0916 8804 Detected object count: 0
17:31:52.0916 8804 Actual detected object count: 0

#4 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 30 November 2012 - 10:16 PM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 17:35:20
-----------------------------
17:35:20.561 OS Version: Windows x64 6.1.7601 Service Pack 1
17:35:20.561 Number of processors: 4 586 0x2A07
17:35:20.561 ComputerName: MARGARET-LAPTOP UserName: Margaret
17:35:21.996 Initialize success
17:36:13.297 AVAST engine defs: 12113001
17:36:29.505 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:36:29.505 Disk 0 Vendor: WDC_WD64 03.0 Size: 610480MB BusType: 3
17:36:29.521 Disk 0 MBR read successfully
17:36:29.521 Disk 0 MBR scan
17:36:29.521 Disk 0 Windows VISTA default MBR code
17:36:29.521 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:36:29.536 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15644 MB offset 81920
17:36:29.552 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 594792 MB offset 32120832
17:36:29.583 Disk 0 scanning C:\Windows\system32\drivers
17:36:39.333 Service scanning
17:37:05.011 Modules scanning
17:37:05.026 Disk 0 trace - called modules:
17:37:05.042 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:37:05.541 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e5d060]
17:37:05.541 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005fbc050]
17:37:07.132 AVAST engine scan C:\Windows
17:37:09.956 AVAST engine scan C:\Windows\system32
17:41:09.218 AVAST engine scan C:\Windows\system32\drivers
17:41:34.630 AVAST engine scan C:\Users\Margaret
17:58:48.967 AVAST engine scan C:\ProgramData
18:20:41.663 Scan finished successfully
22:15:18.104 Disk 0 MBR has been saved successfully to "C:\Users\Margaret\Documents\MBR.dat"
22:15:18.104 The log file has been saved successfully to "C:\Users\Margaret\Documents\aswMBR.txt"

#5 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 12:14 AM

The last one found this:

C:\Users\Margaret\AppData\Local\Apps\Adobe\iocsots.dll a variant of Win32/Kryptik.APAF trojan cleaned by deleting - quarantined
C:\Users\Margaret\Downloads\WinZip165(1).exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\Users\Margaret\Downloads\WinZip165.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 AM

Posted 01 December 2012 - 07:39 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Edited by narenxp, 01 December 2012 - 07:39 AM.


#7 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 10:50 AM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Margaret :: MARGARET-LAPTOP [administrator]

Protection: Disabled

12/1/2012 9:21:36 AM
mbam-log-2012-12-01 (09-21-36).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 416006
Time elapsed: 1 hour(s), 22 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 10:57 AM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Margaret (administrator) on 01-12-2012 at 10:51:52
Running from "C:\Users\Margaret\Desktop\downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.102 metric=1 publish=Yes


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Margaret-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ct.comcast.net.

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : AC-72-89-60-02-6C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : AC-72-89-60-02-6C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : AC-72-89-60-02-6F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 14-FE-B5-C4-5D-77
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ct.comcast.net.
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : AC-72-89-60-02-6B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1078:3bb:a0db:7893%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, December 01, 2012 9:16:52 AM
Lease Expires . . . . . . . . . . : Sunday, December 02, 2012 10:32:35 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 195850889
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-79-80-64-14-FE-B5-C4-5D-77
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B8154474-2BC3-4A68-AB1E-05B6542C3BD5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:69:2073:b815:8948(Preferred)
Link-local IPv6 Address . . . . . : fe80::69:2073:b815:8948%30(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{1C0A69F4-47DF-4BC9-B3C9-5ACF49013F0B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2AEA53C9-0F89-419C-B952-BF974B551249}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ct.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ct.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E99935ED-9718-47F2-853D-EA1888816A3A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:4006:800::1003
173.194.43.2
173.194.43.6
173.194.43.3
173.194.43.7
173.194.43.14
173.194.43.1
173.194.43.0
173.194.43.4
173.194.43.8
173.194.43.5
173.194.43.9


Pinging google.com [173.194.43.7] with 32 bytes of data:
Reply from 173.194.43.7: bytes=32 time=151ms TTL=53
Reply from 173.194.43.7: bytes=32 time=43ms TTL=53

Ping statistics for 173.194.43.7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 151ms, Average = 97ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=224ms TTL=50
Reply from 72.30.38.140: bytes=32 time=207ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 207ms, Maximum = 224ms, Average = 215ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...ac 72 89 60 02 6c ......Microsoft Virtual WiFi Miniport Adapter #2
15...ac 72 89 60 02 6c ......Microsoft Virtual WiFi Miniport Adapter
13...ac 72 89 60 02 6f ......Bluetooth Device (Personal Area Network)
12...14 fe b5 c4 5d 77 ......Realtek PCIe FE Family Controller
11...ac 72 89 60 02 6b ......Intel® Centrino® Wireless-N 1030
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
30...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 192.168.1.102 192.168.1.103 26
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.1.102 1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
30 58 ::/0 On-link
1 306 ::1/128 On-link
30 58 2001::/32 On-link
30 306 2001:0:9d38:953c:69:2073:b815:8948/128
On-link
11 281 fe80::/64 On-link
30 306 fe80::/64 On-link
30 306 fe80::69:2073:b815:8948/128
On-link
11 281 fe80::1078:3bb:a0db:7893/128
On-link
1 306 ff00::/8 On-link
30 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/01/2012 09:47:46 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/01/2012 09:16:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2012 10:17:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 10:17:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 10:17:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/30/2012 08:57:30 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (11/30/2012 02:53:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/30/2012 02:53:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (11/29/2012 11:31:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2012 11:13:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/01/2012 09:17:52 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (12/01/2012 09:17:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (11/30/2012 09:02:05 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/30/2012 09:02:03 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (11/29/2012 11:14:47 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (11/29/2012 11:14:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (11/29/2012 10:24:50 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (11/29/2012 10:21:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (11/29/2012 10:21:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (11/29/2012 10:21:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.


Microsoft Office Sessions:
=========================
Error: (12/01/2012 09:47:46 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (12/01/2012 09:16:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2012 10:17:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Margaret\Desktop\downloads\esetsmartinstaller_enu.exe

Error: (11/30/2012 10:17:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Margaret\Desktop\downloads\esetsmartinstaller_enu.exe

Error: (11/30/2012 10:17:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Margaret\Desktop\downloads\esetsmartinstaller_enu.exe

Error: (11/30/2012 08:57:30 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (11/30/2012 02:53:39 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/30/2012 02:53:38 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (11/29/2012 11:31:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2012 11:13:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2012-12-01 09:23:20.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-01 09:23:20.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-12-01 09:23:20.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 19:10:13.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 19:10:13.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 19:10:13.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 10:49:43.372
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 10:49:43.368
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-18 10:49:43.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-09-26 21:54:09.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET45D6.tmp because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Accidental Damage Services Agreement (Version: 2.0.0)
Adobe AIR (Version: 2.6.0.19120)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Advanced Audio FX Engine (Version: 1.12.05)
Agatha Christie 3 in 1 Bundle
Amazon Games & Software Downloader (Version: 2.0.2.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AVG Security Toolbar (Version: 13.2.0.5)
Awakening: The Skyward Castle
Banctec Service Agreement (Version: 2.0.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 3.0.9490)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 2.1
Canon MX860 series MP Drivers
Canon MX860 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Chuzzle Deluxe (Version: 2.2.0.95)
Complete Care Business Service Agreement (Version: 2.0.0)
Consumer In-Home Service Agreement (Version: 2.0.0)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.61)
Dell DataSafe Local Backup (Version: 9.4.61)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.5.201.0)
Dell Support Center (Version: 3.2.6032.55)
Dell Touchpad (Version: 15.3.2.1)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
eBay (Version: 1.4.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
ESET Online Scanner v3
Fallout
Family Tree Maker 2011 (Version: 20.0.376)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Fitbit Connect (Version: 1.0.0.2207)
Google Chrome (Version: 23.0.1271.95)
Google Update Helper (Version: 1.3.21.123)
Hazen ® (Version: 2.2.0.95)
High-Definition Video Playback (Version: 11.1.11500.4.273)
House of 1000 Doors: Family Secret (Version: 2.2.0.98)
iCloud (Version: 2.0.2.187)
Infected: The Twin Vaccine Collector's Edition (Version: 3.0.2.32)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Processor Graphics (Version: 8.15.10.2345)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.1.0.0537)
Intel® PROSet/Wireless WiFi Software (Version: 14.1.2000)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.38.0)
Intel® Wireless Display
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 27 (Version: 6.0.270)
JavaFX 2.1.1 (Version: 2.1.1)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SecurityCenter (Version: 11.6.435)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Nero 10 Movie ThemePack Basic (Version: 10.6.10000.1.0)
Nero Control Center 10 (Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20000.9.12)
Nero Update (Version: 11.0.11500.28.0)
Norton Security Scan (Version: 3.7.2.5)
OverDrive Media Console (Version: 3.2.20)
Pdf995
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Premium Service Agreement (Version: 2.0.0)
QualxServ Service Agreement (Version: 2.0.0)
Quicken 2012 (Version: 21.1.5.33)
Quickset64 (Version: 11.0.15)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6312)
RegAlyzer (Version: 1.6.2.16)
Rosetta Stone Ltd Services (Version: 3.2.17)
Rosetta Stone TOTALe (Version: 4.1.1)
Rosetta Stone TOTALe (Version: 4.1.15.1)
Samantha Swift (Version: 2.2.0.95)
SanDiskSecureAccess_Manager.exe (Version: 1.1.19755)
Shared C Run-time for x64 (Version: 10.0.0)
Spotify (Version: 0.8.4.124.ga3559d86)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1012)
swMSM (Version: 12.0.0.1)
SyncUP (Version: 1.12.11200.10.102)
SyncUP (Version: 10.2.15400)
System Requirements Lab CYRI (Version: 4.5.1.0)
The Price is Right (Version: 2.2.0.95)
TrustedID (Version: 5.0)
TrustedID IDMonitor Identity Protection (Version: 1.1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Dell Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinZip 16.5 (Version: 16.5.10095)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 6038.17 MB
Available physical RAM: 3078.95 MB
Total Pagefile: 12074.53 MB
Available Pagefile: 8085.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.77 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:580.85 GB) (Free:492.57 GB) NTFS

========================= Users: ========================================

User accounts for \\MARGARET-LAPTOP

Administrator Guest Margaret

========================= Restore Points ==================================

18-11-2012 22:52:37 Installed Java 7 Update 9 (64-bit)
26-11-2012 08:48:09 Scheduled Checkpoint
28-11-2012 08:00:20 Windows Update
29-11-2012 23:43:51 Removed Cozi
30-11-2012 01:10:57 Installed 7-Zip 9.20 (x64 edition)
30-11-2012 12:42:43 Removed Skype™ 5.10
30-11-2012 12:43:24 Removed Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC).
30-11-2012 13:42:54 Windows Backup
30-11-2012 14:03:05 Windows Backup

**** End of log ****

#9 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 10:59 AM

Farbar Service Scanner Version: 01-12-2012 01
Ran by Margaret (administrator) on 01-12-2012 at 10:57:51
Running from "C:\Users\Margaret\Desktop\downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll
[2012-11-15 07:09] - [2012-10-03 12:42] - 0569344 ____A (Microsoft Corporation) 08C2957BB30058E663720C5606885653

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 11:05 AM

# AdwCleaner v2.010 - Logfile created 12/01/2012 at 11:00:06
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Margaret - MARGARET-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Margaret\Desktop\downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Margaret\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Margaret\AppData\Roaming\Mozilla\Firefox\Profiles\thnwjl09.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Margaret\AppData\Roaming\Mozilla\Firefox\Profiles\thnwjl09.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Margaret\AppData\Roaming\Mozilla\Firefox\Profiles\thnwjl09.default\searchplugins\web-search.xml
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\Margaret\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Margaret\AppData\Roaming\Mozilla\Firefox\Profiles\thnwjl09.default\FCTB

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Margaret\AppData\Roaming\Mozilla\Firefox\Profiles\thnwjl09.default\prefs.js

Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.2808538.KeywordHistory", "avon%2520public%2520l[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.AutoSearchEventData", "auto%20search");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ClearCacheDate", 18);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DisplayEULA", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.DnsCatchEventData", "dns%20catch");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.FirstLaunchShown", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.LoadLayoutDate.62781", 18);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.NewTabSearchEventData", "tab%20search");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.ShowRecommendedOptions", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.StateReportDate", "1353161646750");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.TopRightSearchEventData", "top%20right%20search[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeInstallSaved", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.homepage", "chrome%3A//branding/l[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.beforeinstall.search", "Google");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.comp.affiliate.2810218.disabled", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.comp.search.2808538.width", "249");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.customNewTab", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.helpUsImprove", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.hideOthers", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.processAddrBar", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.restoreSearch", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.revision", "37");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.searchHistory", true);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.session", "94A56286A760D1A3E58260818A4CAE0FBBE3[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.showFirstLaunchOptions", false);
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tb_lang", "en");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.tool_id", "62781");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_id", "75755383");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_key", "a70c5ebd113ce804d5307e77a21da00f23a[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_layouts", "62781");
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.user_lnames", "Gamers%20Unite%21%20Snag%20Bar")[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.xml_service_url", "64e3a27980eeceb34248bc3e680b[...]
Deleted : user_pref("freecauseafe43e800abc4df281a03fe44b74abe8.yahooSearch", false);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Margaret\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [15649 octets] - [01/12/2012 11:00:06]

########## EOF - C:\AdwCleaner[S1].txt - [15710 octets] ##########

#11 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 11:12 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.7.0 (11.30.2012:3)
OS: Windows 7 Home Premium x64
Ran by Margaret on Sat 12/01/2012 at 11:06:55.98
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\Spotify Web Helper
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{8660e5b3-6c41-44de-8503-98d99bbecd41}
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{8660e5b3-6c41-44de-8503-98d99bbecd41}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\{1c43baf1-00c2-40a8-a09e-f84cfd79546d}
Successfully deleted the following from C:\Users\Margaret\AppData\Roaming\mozilla\firefox\profiles\thnwjl09.default\prefs.js

user_pref("id_couponscom.variablecashedNotifications", "%7B%22http%3A//www.amazon.com/gp/goldbox/ref%3Dpe_309730_27101110_pe_todaysdeal/%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Get%20up%20to%20%24500%20Gift%20Card%20with%20Apple%20Product%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/product/B00004YRVK/ref%3Das_li_qf_sp_asin_il_tl%3Fie%3DUTF8%26tag%3Dportinc09-20%26linkCode%3Das2%26camp%3D1789%26creative%3D9325%26creativeASIN%3DB00004YRVK%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Get%20up%20to%20%24500%20Gift%20Card%20with%20Apple%20Product%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/product/B000HI90DS/ref%3Das_li_qf_sp_asin_il_tl%3Fie%3DUTF8%26tag%3Dportinc09-20%26linkCode%3Das2%26camp%3D1789%26creative%3D9325%26creativeASIN%3DB000HI90DS%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Get%20up%20to%20%24500%20Gift%20Card%20with%20Apple%20Product%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/product/0896897001/ref%3Das_li_qf_sp_asin_il_tl%3Fie%3DUTF8%26tag%3Dportinc09-20%26linkCode%3Das2%26camp%3D1789%26creative%3D9325%26creativeASIN%3D0896897001%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Get%20up%20to%20%24500%20Gift%20Card%20with%20Apple%20Product%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/s/ref%3Dnb_sb_noss_2/192-3921785-4071144%3Furl%3Dsearch-alias%253Daps%26field-keywords%3Dlego+pc+game%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/LEGO-Lord-Rings-Pc/dp/B0088MVOT8/ref%3Dsr_1_1%3Fie%3DUTF8%26qid%3D1354224959%26sr%3D8-1%26keywords%3Dlego+pc+game%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/cart/view-upsell.html%3Fie%3DUTF8%26HUCT%3D1%26newItems%3DC2VL6INV07SEKK%252C1%26nodeID%3D468642%26storeID%3Dvideogames%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/goldbox/ref%3Dcs_top_nav_gb27%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%2C%22http%3A//www.amazon.com/gp/product/B000ELORWM/ref%3Das_li_qf_sp_asin_il_tl%3Fie%3DUTF8%26tag%3Dportinc09-20%26linkCode%3Das2%26camp%3D1789%26creative%3D9325%26creativeASIN%3DB000ELORWM%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5C%221252%5C%22%20name%3D%5C%22redirect%5C%22%20newbrowserwindow%3D%5C%22newtab%5C%22/%3E%5Cr%5Cn%3C/SETTINGS%3E%5Cr%5Cn%3CBUTTON%20caption%3D%5C%22Amazon.com%20Coupon%20Codes%5C%22%20image%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CMENU%20type%3D%5C%22Single%5C%22%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc1%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc2%5C%22%20caption%3D%5C%22Shop%20Cyber%20Monday%20Toy%20Deals%20all%20Week%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc3%5C%22%20caption%3D%5C%22Samsung%20Galaxy%20S%20III%20Only%20%2449.99%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc4%5C%22%20caption%3D%5C%22Shop%20Great%20Deals%20on%20Electronics%20for%20Holiday%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc5%5C%22%20caption%3D%5C%22Gold%20Box%20Deal%20of%20the%20Day%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc6%5C%22%20caption%3D%5C%22Purchase%20the%20all%20New%20Kindle%20Fire%20Starting%20at%20%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc7%5C%22%20caption%3D%5C%22Save%2015%25%20Off%20Subscribe%20%26amp%3B%20Save%20when%20you%20use%20your...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc8%5C%22%20caption%3D%5C%22on%20Electronics%2C%20Groceries%2C%20Beauty%20%26amp%3B%20more%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc9%5C%22%20caption%3D%5C%22Shop%20%245%20Magazine%20Subscriptions%20During%20the%20Cyber...%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3CITEM%20id%3D%5C%22cc10%5C%22%20caption%3D%5C%22Save%2020%25%20Off%20Select%20Shoes%20and%20Handbags%5C%22%20hint%3D%5C%22%5C%22%20imagef%3D%5C%22http%3A//cdn.coupons.com/couponbar.coupons.com/TB1/cb3_icons_special1.png%5C%22%20command%3D%5C%22redirect%5C%22%20href%3D%5C%22http%3A//www.coupons.com/coupon-codes/amazon/%5C%22%20/%3E%5Cr%5Cn%3C/MENU%3E%3C/BUTTON%3E%5Cr%5Cn%3CSPACE%20id%3D%5C%22b2611%5C%22%20width%3D%5C%221%5C%22/%3E%5Cr%5Cn%3CSEPARATOR%20id%3D%5C%22b2711%5C%22/%3E%5Cr%5Cn%3C/TOOLBAR%3E%5Cr%5Cn%22%7D");
user_pref("id_couponscom.variables.Var1", "http%3A//cdn.coupons.com/couponbar.coupons.com");
user_pref("id_couponscom.variables.Var2", "http%3A//couponbar.coupons.com");
user_pref("id_couponscom.variables.Var3", "http%3A//www.coupons.com/coupon-codes/");
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
user_pref("weboftrust.search.dogpile.display", "Dogpile");
user_pref("weboftrust.search.dogpile.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*dogpile\\.com\\/|^http\\:\\/\\/(.+\\.)?r\\.msn\\.com\\/");
user_pref("weboftrust.search.dogpile.pre0.match", 3);
user_pref("weboftrust.search.dogpile.pre0.re", "^http(s)?\\:\\/\\/cs\\.(dogpile|infospace)\\.com\\/ClickHandler.+ru=(http[^&]+)");
user_pref("weboftrust.search.dogpile.prestyle", ".paidSearchResult [ATTR] { display: none ! important; } .searchResultsPane { max-width: 44.08em; } [ATTR] { position: absolute; visibility: hidden; }");
user_pref("weboftrust.search.dogpile.style", "a.resultTitle ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 4px; padding-bottom: 1px; position: relative; visibility: visible; }");
user_pref("weboftrust.search.dogpile.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*dogpile\\.com\\/(info\\.[^\\/]+/)?(search\\/)?web.+");
user_pref("weboftrust.search.ixquick.display", "Ixquick");
user_pref("weboftrust.search.ixquick.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/?");
user_pref("weboftrust.search.ixquick.pre0.match", 6);
user_pref("weboftrust.search.ixquick.pre0.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)?google\\.(com?\\.[a-z]{2}|[a-z]{2,})\\/(url|pagead|interstitial|aclk).*\\\\?.*(q|adurl|url)=(.+)(&.*)?");
user_pref("weboftrust.search.ixquick.pre1.match", 4);
user_pref("weboftrust.search.ixquick.pre1.re", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/do\\/highlight.*&u=(http[^&]*)");
user_pref("weboftrust.search.ixquick.prestyle", "[ATTR] { position: absolute; visibility: hidden; }");
user_pref("weboftrust.search.ixquick.style", "a.title ~ [ATTR=\"NAME\"], a.title2 ~ [ATTR=\"NAME\"], .result h3 > a ~ [ATTR=\"NAME\"] { background: url(IMAGE) right no-repeat; margin-left: 4px; position: relative; visibility: visible; }");
user_pref("weboftrust.search.ixquick.url", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(ixquick|startpage|startingpage)\\.com\\/do\\/(meta)?search");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 12/01/2012 at 11:11:12.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 AM

Posted 01 December 2012 - 12:24 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#13 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 12:30 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/01/2012 12:28:32 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Margaret\Desktop\rkill\rkill-12-01-2012-12-28-35.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 12/01/2012 12:28:44 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

#14 runamuck

runamuck
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 01 December 2012 - 12:36 PM

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BTMTrayAgent" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenu" "CNSLMAIN" "CANON INC." "c:\program files (x86)\canon\solutionmenu\cnslmain.exe"
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickSet" "QuickSet" "Dell Inc." "c:\program files\dell\quickset\quickset.exe"
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AccuWeatherWidget" "AccuWeather.com desktop weather widget" "" "c:\program files (x86)\dell stage\dell stage\accuweather\accuweather.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "AmazonGSDownloaderTray" "TaskTray Application" "Amazon.com" "c:\program files (x86)\amazon\amazon games & software downloader\amazongsdownloadertray.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "Dell DataSafe Online" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuclient.exe"
+ "Dell Webcam Central" "Webcam Central" "Creative Technology Ltd" "c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "NeroLauncher" "" "" "c:\program files (x86)\nero\syncup\nerolauncher.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_JULY_P1" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\Margaret\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Intel® Turbo Boost Technology Monitor 2.0.lnk" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\signalislandui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DelayShred" "" "" "c:\program files\mcafee\mqs\shrcl.exe"
+ "Fitbit Connect" "Fitbit Connect Desktop Client" "Fitbit, Inc." "c:\program files (x86)\fitbit connect\fitbit connect.exe"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\margaret\appdata\roaming\spotify\spotify.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files (x86)\spybot - search & destroy\teatimer.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
+ "SUPERAntiSpyware" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "BTMSentToExt" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn64.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20121118214537.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20121118214538.dll"
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Spybot - Search && Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Microsoft_Hardware_Launch_IPoint_exe" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "\Norton Security Scan for Margaret" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\3.7.2.5\nss.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\dell support center\uaclauncher.exe"
+ "\SUPERAntiSpyware Scheduled Task b2465713-6a19-4842-8d61-71a997222dab" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SUPERAntiSpyware Scheduled Task ef848955-b7ce-4e6f-b9be-d513489148b3" "SUPERAntiSpyware Task Dispatcher" "SUPERAdBlocker.com" "c:\program files\superantispyware\sastask.exe"
+ "\SystemToolsDailyTest" "" "" "File not found: uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sascore64.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "Amazon Download Agent" "Amazon Games & Software Downloader Service" "Amazon.com" "c:\program files (x86)\amazon\amazon games & software downloader\amazongsdownloaderservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bluetooth Device Monitor" "A process to monitor Bluetooth radio state and configure Bluetooth remote folders." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\devmonsrv.exe"
+ "Bluetooth Media Service" "Provides Bluetooth Media Profiles support" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\mediasrv.exe"
+ "Bluetooth OBEX Service" "Provides Bluetooth File Transfer Protocol support." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\obexsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "Fitbit Connect" "Uploads your Fitbit's data to Fitbit.com in the background" "Fitbit, Inc." "c:\program files (x86)\fitbit connect\fitbitconnectservice.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "McAWFwk" "McAfee Activation Service" "McAfee, Inc." "c:\program files\mcafee\msc\mcawfwk.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "NOBU" "Dell DataSafe Online Service" "Dell, Inc." "c:\program files (x86)\dell\dell datasafe online\nobuagent.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RosettaStoneDaemon" "Rosetta Stone Ltd. application" "Rosetta Stone Ltd." "c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SftService" "SoftThinks Agent Service" "SoftThinks SAS" "c:\program files (x86)\dell datasafe local backup\sftservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btmaux" "Bluetooth Auxiliary Driver" "Intel Corporation" "c:\windows\system32\drivers\btmaux.sys"
+ "btmhsf" "Bluetooth HighSpeed Filter Driver" "Intel Corporation" "c:\windows\system32\drivers\btmhsf.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iBtFltCoex" "Intel® Centrino® Wireless (Bluetooth Adapter) Driver" "Intel Corporation" "c:\windows\system32\drivers\ibtfltcoex.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnka.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative Correct TimeStamp Filter" "Creative Correct TimeStamp Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctfrfix.ax"
+ "Creative H264 No Quality Control Filter" "Creative No Quality Control Filter" "Creative Technology Ltd." "c:\program files (x86)\dell webcam\dell webcam central\cth264noqc.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "QIC1802 Demux" "QIC1802 Demux" "Quanta Computer Inc." "c:\program files (x86)\dell webcam\dell webcam central\qicdemux.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmedque.dll"
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnk.dll"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmprevu.dll"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files (x86)\windows media components\encoder\wmesrcwp.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MX860 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm9n.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
+ "Canon MP FAX Language Monitor MX860 series" "MP FAX Language Monitor DLL" "Canon Inc." "c:\windows\system32\cncf2lj.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon64.dll"
"C:\Users\Margaret\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "WinZip Gadget" "" "WinZip" "C:\Program Files\Windows Sidebar\Shared Gadgets\WinZip.Gadget\en-US\Gadget.xml"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:09 AM

Posted 01 December 2012 - 12:51 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users