Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i belive that i have a virus.


  • Please log in to reply
17 replies to this topic

#1 fldanger

fldanger

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 06 March 2013 - 11:48 PM

I am running windows 7 pro 64 bit on a dell xps studio.I have firefox as a browser,and everytime the cursor passes by adds that play a game such as shoot this it automaticaly redirects the page .The computer also seems to respond slower than normal .I also can't run flash player in full screen mode because it keeps freezing up.I have updated both firefox and flash player I even tried to disable the excelarator hardware but none of theese did any good.Flash payer done run fine in I E

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 PM

Posted 06 March 2013 - 11:49 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 04:29 PM

1.Here is the tds scan logs.

 

 

22:40:54.0432 7044  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:40:54.0791 7044  ============================================================
22:40:54.0791 7044  Current date / time: 2013/03/08 22:40:54.0791
22:40:54.0791 7044  SystemInfo:
22:40:54.0791 7044  
22:40:54.0791 7044  OS Version: 6.1.7601 ServicePack: 1.0
22:40:54.0791 7044  Product type: Workstation
22:40:54.0791 7044  ComputerName: RONS-PC
22:40:54.0791 7044  UserName: RON
22:40:54.0791 7044  Windows directory: C:\Windows
22:40:54.0791 7044  System windows directory: C:\Windows
22:40:54.0791 7044  Running under WOW64
22:40:54.0791 7044  Processor architecture: Intel x64
22:40:54.0791 7044  Number of processors: 8
22:40:54.0791 7044  Page size: 0x1000
22:40:54.0791 7044  Boot type: Normal boot
22:40:54.0791 7044  ============================================================
22:40:55.0805 7044  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:40:55.0821 7044  ============================================================
22:40:55.0821 7044  \Device\Harddisk0\DR0:
22:40:55.0821 7044  MBR partitions:
22:40:55.0821 7044  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x46000, BlocksNum 0x574FF800
22:40:55.0821 7044  ============================================================
22:40:55.0852 7044  C: <-> \Device\Harddisk0\DR0\Partition1
22:40:55.0852 7044  ============================================================
22:40:55.0852 7044  Initialize success
22:40:55.0852 7044  ============================================================
22:42:02.0117 5968  Deinitialize success



#4 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 04:31 PM

here are the asw scan logs

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-08 22:55:02
-----------------------------
22:55:02.673    OS Version: Windows x64 6.1.7601 Service Pack 1
22:55:02.673    Number of processors: 8 586 0x1A05
22:55:02.673    ComputerName: RONS-PC  UserName: RON
22:55:05.980    Initialize success
22:55:33.081    AVAST engine defs: 13030801
22:56:36.605    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-6
22:56:36.605    Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 11
22:56:36.620    Disk 0 MBR read successfully
22:56:36.636    Disk 0 MBR scan
22:56:36.636    Disk 0 Windows 7 default MBR code
22:56:36.636    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       715263 MB offset 286720
22:56:36.651    Disk 0 scanning C:\Windows\system32\drivers
22:56:41.051    Service scanning
22:56:54.420    Modules scanning
22:56:54.420    Disk 0 trace - called modules:
22:56:54.435    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80076922c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:56:54.435    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e2b790]
22:56:54.435    3 CLASSPNP.SYS[fffff88001a1743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-6[0xfffffa8007b6b680]
22:56:54.435    \Driver\atapi[0xfffffa8007b52b60] -> IRP_MJ_CREATE -> 0xfffffa80076922c0
22:57:09.099    AVAST engine scan C:\Windows
22:57:11.658    AVAST engine scan C:\Windows\system32
22:58:59.220    AVAST engine scan C:\Windows\system32\drivers
22:59:04.664    AVAST engine scan C:\Users\RON
23:00:47.656    File: C:\Users\RON\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\ef1e38b-27ba8db5  **INFECTED** Win32:Dropper-gen [Drp]
23:02:06.358    File: C:\Users\RON\Documents\My Downloads\Call.Of.Duty.MegaPack-KaOs\Call.Of.Duty.Black.Ops.RERIP-KaOs\Install.exe  **INFECTED** Win32:Malware-gen
23:02:34.422    AVAST engine scan C:\ProgramData
23:03:21.051    Scan finished successfully
23:03:43.453    Disk 0 MBR has been saved successfully to "C:\Users\RON\Desktop\MBR.dat"
23:03:43.453    The log file has been saved successfully to "C:\Users\RON\Desktop\aswMBR.txt"
 



#5 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 04:32 PM

here is the est scan results

 

C:\Documents and Settings\All Users\Ask\APN-Stub\ATU\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Documents and Settings\All Users\Ask\APN-Stub\ATU2\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Documents and Settings\All Users\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Documents and Settings\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Documents and Settings\RON\AppData\Local\Application Data\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Babylon\Setup\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    
C:\Documents and Settings\RON\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Temp\svchost.exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Temp\7zO6264.tmp\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    
C:\Documents and Settings\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[2].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7WPS4SP3\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\AppData\Local\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Application Data\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c134b9133e3@50c134b913425.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\RON\Application Data\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c7e736bbc46@50c7e736bbc7f.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Documents and Settings\RON\Local Settings\Babylon\Setup\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    
C:\Documents and Settings\RON\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Local Settings\Temp\svchost.exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Local Settings\Temp\7zO6264.tmp\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    
C:\Documents and Settings\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[2].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\7WPS4SP3\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\Local Settings\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Documents and Settings\RON\My Documents\My Downloads\Call of Duty 2\keygen.exe    a variant of Win32/Keygen.CU application    
C:\ProgramData\Ask\APN-Stub\ATU\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\ProgramData\Ask\APN-Stub\ATU2\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Users\All Users\Application Data\Ask\APN-Stub\ATU\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Users\All Users\Application Data\Ask\APN-Stub\ATU2\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Users\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Users\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Users\All Users\Ask\APN-Stub\ATU\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Users\All Users\Ask\APN-Stub\ATU2\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    
C:\Users\All Users\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Users\All Users\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    
C:\Users\RON\AppData\Local\Babylon\Setup\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    
C:\Users\RON\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\Local\Temp\svchost.exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\Local\Temp\7zO6264.tmp\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    
C:\Users\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[2].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7WPS4SP3\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\Local\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\ef1e38b-27ba8db5    a variant of Win32/Injector.ACPY trojan    
C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c134b9133e3@50c134b913425.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c7e736bbc46@50c7e736bbc7f.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Users\RON\Application Data\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c134b9133e3@50c134b913425.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Users\RON\Application Data\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c7e736bbc46@50c7e736bbc7f.com.xpi    Win32/Adware.MultiPlug.H application    
C:\Users\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Android (Flashing Software)\Flashing Software\droid cricket flash (2).zip    a variant of Win32/Packed.Themida application    
C:\Users\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Drivers (Flashing Software)\Motorola_Drivers.exe    a variant of Win32/Keygen.AM application    
C:\Users\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Verizon (Flashing Software)\SPC Generator\SPC Generator.exe    probably a variant of Win32/Agent.EIKMSVM trojan    
C:\Users\RON\Desktop\cell flash\Verizon\SPC Generator\SPC Generator.exe    probably a variant of Win32/Agent.EIKMSVM trojan    
C:\Users\RON\Documents\My Downloads\Call of Duty 2\keygen.exe    a variant of Win32/Keygen.CU application    
C:\Users\RON\Downloads\cbsidlm-tra1-BlueStacks_App_Player-SEO-75593133.exe    Win32/DownloadAdmin.G application    
C:\Users\RON\Local Settings\Babylon\Setup\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    
C:\Users\RON\Local Settings\Microsoft\Windows\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\Local Settings\Temp\svchost.exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\Local Settings\Temp\7zO6264.tmp\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    
C:\Users\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[2].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\Local Settings\Temp\Temporary Internet Files\Content.IE5\7WPS4SP3\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\Local Settings\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    
C:\Users\RON\My Documents\My Downloads\Call of Duty 2\keygen.exe    a variant of Win32/Keygen.CU application    
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ba9a9a2-1d0535a7    Java/Exploit.Agent.NAO trojan    
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\56dd0d79-2636481e    Java/Exploit.Agent.NAO trojan    
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ba9a9a2-1d0535a7    Java/Exploit.Agent.NAO trojan    
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\56dd0d79-2636481e    Java/Exploit.Agent.NAO trojan    
C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\ATU\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\ATU2\APNIC.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll    a variant of Win32/Adware.Yontoo.B application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Babylon\Setup\MyBabylonTB.exe    a variant of Win32/Toolbar.Babylon application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\8D0GR2Y5\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Temp\svchost.exe    a variant of Win32/BitCoinMiner.N application    cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Temp\7zO6264.tmp\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Temp\Temporary Internet Files\Content.IE5\5YDYFE9K\svchost[2].exe    a variant of Win32/BitCoinMiner.N application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Local\Application Data\Temp\Temporary Internet Files\Content.IE5\7WPS4SP3\svchost[1].exe    a variant of Win32/BitCoinMiner.N application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\ef1e38b-27ba8db5    a variant of Win32/Injector.ACPY trojan    cleaned by deleting - quarantined
C:\Documents and Settings\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c134b9133e3@50c134b913425.com.xpi    Win32/Adware.MultiPlug.H application    deleted (after the next restart) - quarantined
C:\Documents and Settings\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\50c7e736bbc46@50c7e736bbc7f.com.xpi    Win32/Adware.MultiPlug.H application    deleted (after the next restart) - quarantined
C:\Documents and Settings\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Android (Flashing Software)\Flashing Software\droid cricket flash (2).zip    a variant of Win32/Packed.Themida application    deleted - quarantined
C:\Documents and Settings\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Drivers (Flashing Software)\Motorola_Drivers.exe    a variant of Win32/Keygen.AM application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\Desktop\cell flash\CdmaFlashingSoftware.Com\Verizon (Flashing Software)\SPC Generator\SPC Generator.exe    probably a variant of Win32/Agent.EIKMSVM trojan    cleaned by deleting - quarantined
C:\Documents and Settings\RON\Desktop\cell flash\Verizon\SPC Generator\SPC Generator.exe    probably a variant of Win32/Agent.EIKMSVM trojan    cleaned by deleting - quarantined
C:\Documents and Settings\RON\Documents\My Downloads\Call of Duty 2\keygen.exe    a variant of Win32/Keygen.CU application    cleaned by deleting - quarantined
C:\Documents and Settings\RON\Downloads\cbsidlm-tra1-BlueStacks_App_Player-SEO-75593133.exe    Win32/DownloadAdmin.G application    cleaned by deleting - quarantined
C:\Program Files (x86)\AllUsersDesktop#\CDMAFLASHINGSOFTWARE\CDMA Workshop 2.7\cdma_workshop_FULL_Cracked.exe    a variant of Win32/Packed.Themida application    cleaned by deleting - quarantined
C:\Program Files (x86)\GTA 3 - Snow City\models\Generic\dxwebsetup.exe    MSIL/Agent.NXK trojan    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\6xdatact.dll    a variant of Win32/Toolbar.MyWebSearch.A application    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\6xhtmlmu.dll    probably a variant of Win32/Toolbar.MyWebSearch.B application    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\6xieovr.dll    probably a variant of Win32/Toolbar.MyWebSearch.P application    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\6xPlugin.dll    probably a variant of Win32/Toolbar.MyWebSearch application    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\6xskin.dll    a variant of Win32/Toolbar.MyWebSearch.P application    cleaned by deleting - quarantined
C:\Program Files (x86)\ReadingFanatic_6x\bar\2.bin\T8HTML.DLL    probably a variant of Win32/Toolbar.MyWebSearch.F application    cleaned by deleting - quarantined
C:\Program Files (x86)\VaudiX\sprotector.dll    a variant of Win32/SProtector.A application    cleaned by deleting - quarantined



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:10 PM

Posted 09 March 2013 - 04:34 PM

TDSSkiller log is incomplete.Please post last few lines of TDSSkiller log alone.

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
    For instructions with screenshots, please refer to this .
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#7 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:20 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.28.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
RON :: RONS-PC [administrator]

Protection: Enabled

2/28/2013 7:52:00 PM
mbam-log-2013-02-28 (19-52-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246217
Time elapsed: 2 minute(s), 31 second(s)

Memory Processes Detected: 1
C:\Users\RON\AppData\Local\Temp\svchost.exe (Trojan.Agent.Gen) -> 5020 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SYSTEM\CurrentControlSet\Services\CryptSvc|Start (Disabled.Cryptsvc) -> Bad: (4) Good: (2) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\RON\AppData\Local\Temp\svchost.exe (Trojan.Agent.Gen) -> Delete on reboot.

(end)

#8 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:23 PM

Farbar Service Scanner Version: 03-03-2013
Ran by RON (administrator) on 09-03-2013 at 17:39:09
Running from "C:\Users\RON\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#9 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:25 PM

Farbar Service Scanner Version: 03-03-2013
Ran by RON (administrator) on 09-03-2013 at 17:39:09
Running from "C:\Users\RON\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:27 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Professional x64
Ran by RON on Sat 03/09/2013 at 18:02:36.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\crossriderplugin
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{9302e698-7e00-43ab-b867-c6e759bc2ada}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{9302e698-7e00-43ab-b867-c6e759bc2ada}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\codeccheck"
Successfully deleted: [Folder] "C:\Program Files (x86)\crossriderwebapps"
Successfully deleted: [Folder] "C:\Windows\freecorder"



~~~ FireFox

Successfully deleted the following from C:\Users\RON\AppData\Roaming\mozilla\firefox\profiles\hh6dpon9.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.order.1", "Privitize VPN");
user_pref("extensions.crossrider.bic", "13afc5cad304b39de7c6b3378ffcf099");
user_pref("extensions.toolbar.mindspark._6xMembers_.hp.user.defined", true);
user_pref("extensions.toolbar.mindspark._6xMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.installDate", "2012120318");
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.partnerId", "^AIC^xdm011^YY^us");
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.partnerSubId", "ebookspot-2");
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._6xMembers_.installation.toolbarId", "AB083739-8CBE-461D-8F1F-6DFB30EE05DF");
user_pref("extensions.toolbar.mindspark._6xMembers_.lastActivePing", "1362853313075");
user_pref("extensions.toolbar.mindspark._6xMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._6xMembers_.options.homePageEnabled", false);
user_pref("extensions.toolbar.mindspark._6xMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._6xMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark._6xMembers_.searchHistory", ".php?file=3idk3||fastyshare.com/3I60ajkpD1WLlGv");
user_pref("extensions.toolbar.mindspark._6xMembers_.weather.location", "33601");
user_pref("extensions.toolbar.mindspark.lastInstalled", "readingfanatic@mindspark.com");
Emptied folder: C:\Users\RON\AppData\Roaming\mozilla\firefox\profiles\hh6dpon9.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/09/2013 at 18:07:12.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#11 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:29 PM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/09/2013 06:08:43 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\RON\AppData\Local\Temp\svchost.exe (PID: 5100) [SFI]
* C:\Users\RON\AppData\Local\Temp\svchost.exe (PID: 5100) [UP-HEUR]
* C:\Users\RON\AppData\Local\Temp\svchost.exe (PID: 5100) [T-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 03/09/2013 06:08:54 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)

#12 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:31 PM

MiniToolBox by Farbar Version:05-03-2013
Ran by RON (administrator) on 09-03-2013 at 17:37:02
Running from "C:\Users\RON\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : RONS-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : A4-BA-DB-F9-EB-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d914:8e63:e0e4:571e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, March 09, 2013 7:11:21 AM
Lease Expires . . . . . . . . . . : Saturday, March 09, 2013 6:11:42 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 245676763
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-00-FC-FF-A4-BA-DB-F9-EB-ED
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:405:2de4:3f57:fffc(Preferred)
Link-local IPv6 Address . . . . . : fe80::405:2de4:3f57:fffc%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{F71B2792-3BC5-493B-A907-F74C052345A9}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: google.com
Addresses: 2607:f8b0:4008:800::1007
173.194.37.102
173.194.37.103
173.194.37.104
173.194.37.105
173.194.37.110
173.194.37.96
173.194.37.97
173.194.37.98
173.194.37.99
173.194.37.100
173.194.37.101


Pinging google.com [74.125.229.165] with 32 bytes of data:
Reply from 74.125.229.165: bytes=32 time=25ms TTL=51
Reply from 74.125.229.165: bytes=32 time=23ms TTL=51

Ping statistics for 74.125.229.165:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=378ms TTL=48
Reply from 206.190.36.45: bytes=32 time=422ms TTL=48

Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 378ms, Maximum = 422ms, Average = 400ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...a4 ba db f9 eb ed ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.3 266
192.168.0.3 255.255.255.255 On-link 192.168.0.3 266
192.168.0.255 255.255.255.255 On-link 192.168.0.3 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.3 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.3 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:953c:405:2de4:3f57:fffc/128
On-link
10 266 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::405:2de4:3f57:fffc/128
On-link
10 266 fe80::d914:8e63:e0e4:571e/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/08/2013 11:07:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2013 11:07:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2013 11:07:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2013 11:07:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2013 10:43:23 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2013 01:43:29 AM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2013 08:27:45 AM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/04/2013 08:57:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: QXDM.exe, version: 3.11.36.0, time stamp: 0x4739fcf2
Faulting module name: QXDM.exe, version: 3.11.36.0, time stamp: 0x4739fcf2
Exception code: 0xc0000005
Fault offset: 0x007647a9
Faulting process id: 0x15a8
Faulting application start time: 0xQXDM.exe0
Faulting application path: QXDM.exe1
Faulting module path: QXDM.exe2
Report Id: QXDM.exe3

Error: (03/04/2013 09:28:51 AM) (Source: Application Error) (User: )
Description: Faulting application name: lxeacoms.exe, version: 9.2.33.0, time stamp: 0x4b200765
Faulting module name: lxeahcp.dll, version: 9.2.33.0, time stamp: 0x4b20079e
Exception code: 0xc0000005
Fault offset: 0x0000000000003ea4
Faulting process id: 0xa54
Faulting application start time: 0xlxeacoms.exe0
Faulting application path: lxeacoms.exe1
Faulting module path: lxeacoms.exe2
Report Id: lxeacoms.exe3

Error: (03/03/2013 08:43:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: QXDM.exe, version: 3.11.36.0, time stamp: 0x4739fcf2
Faulting module name: QXDM.exe, version: 3.11.36.0, time stamp: 0x4739fcf2
Exception code: 0xc0000005
Fault offset: 0x007647a9
Faulting process id: 0x13a0
Faulting application start time: 0xQXDM.exe0
Faulting application path: QXDM.exe1
Faulting module path: QXDM.exe2
Report Id: QXDM.exe3


System errors:
=============
Error: (03/08/2013 10:45:31 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (03/08/2013 10:45:31 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (03/08/2013 10:43:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
RxFilter

Error: (03/08/2013 10:43:23 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/08/2013 10:43:17 PM) (Source: Service Control Manager) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (03/08/2013 10:43:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (03/08/2013 10:43:16 PM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (03/08/2013 10:43:16 PM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (03/08/2013 10:43:04 PM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Security. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.

Error: (03/08/2013 10:42:47 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-02-16 08:25:53.656
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-16 08:25:53.578
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-31 22:37:37.291
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-31 22:37:37.260
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
7-Zip 9.21 (Version: 9.21.00.0)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
AC3Filter 1.63b (Version: 1.63b)
Adobe AIR (Version: 2.5.1.17730)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 10 Plugin (Version: 10.3.183.67)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
ALLDATA Repair (Version: 10.40.1000.003)
Amazon Kindle
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Belkin Connect Wireless USB Adapter (Version: 1.0.0.3)
BlueStacks (Version: 0.7.4.793)
Call of Duty® - World at War™ 1.2 Patch
Call of Duty® - World at War™ 1.2 Patch (Version: 1.2)
Call of Duty® - World at War™ 1.3 Patch
Call of Duty® - World at War™ 1.3 Patch (Version: 1.3)
Call of Duty® - World at War™ 1.4 Patch
Call of Duty® - World at War™ 1.4 Patch (Version: 1.4)
Call of Duty® - World at War™ 1.5 Patch
Call of Duty® - World at War™ 1.5 Patch (Version: 1.5)
Call of Duty® - World at War™ 1.6 Patch
Call of Duty® - World at War™ 1.6 Patch (Version: 1.6)
Call of Duty® - World at War™ 1.7 Patch
Call of Duty® - World at War™ 1.7 Patch (Version: 1.7)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ComplitlyEngine
Conduit Engine (Version: 6.3.2.17)
ConvertHelper 2.2
CoreAAC Audio Decoder (remove only)
DAEMON Tools Lite (Version: 4.46.1.0327)
Dell Dock (Version: 2.0)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell Touch Zone (Version: 1.2.1.8)
Dell TouchCam (Version: 1.1.1223)
DirectXInstallService (Version: 9.0.2)
DivX Setup (Version: 2.6.1.24)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
ESET Online Scanner v3
FastAccess (Version: 2.4.95.1)
ffdshow [rev 3299] [2010-03-03] (Version: 1.0.0.3299)
File Type Assistant (Version: 2012.10.26.0)
FinalTorrent 2011
FNC 11 Installer (Version: 11.06.0000)
Glary Utilities 2.53.0.1726 (Version: 2.53.0.1726)
Grand Theft Auto Vice City (Version: 1.00.000)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
K-Lite Mega Codec Pack 7.2.0 (Version: 7.2.0)
Kobo (Version: 3.0.4)
Lexmark Printable Web (Version: 1.0.0.0)
Lexmark Pro700 Series
Lexmark S300-S400 Series
Lexmark Toolbar (Version: 4.3.37.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MapQuest Toolbar
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Flight Simulator X (Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (Version: 10.0.61355.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70)
NVIDIA 3D Vision Driver 310.70 (Version: 310.70)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1070)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.73.80.64)
QXDM Professional (Version: 3.11.36)
ReadingFanatic Toolbar
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
swMSM (Version: 12.0.0.1)
System Requirements Lab
TaxACT 2010
TouchScreenTools (Version: 1.4.27)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UPST Framework 1.1.3 073101
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VD64Inst (Version: 1.00.0000)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 8182.99 MB
Available physical RAM: 6279.6 MB
Total Pagefile: 16364.16 MB
Available Pagefile: 13940.91 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.5 GB) (Free:236.85 GB) NTFS

========================= Users: ========================================

User accounts for \\RONS-PC

Administrator Guest RON
UpdatusUser


**** End of log ****

#13 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:35 PM

# AdwCleaner v2.114 - Logfile created 03/09/2013 at 17:40:26
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : RON - RONS-PC
# Boot Mode : Normal
# Running from : C:\Users\RON\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\completebartb.xml
File Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\searchplugins\my-web-search.xml
File Deleted : C:\Users\UpdatusUser.RONS-PC\Desktop\SPEEDbit Video Downloader.lnk
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\ComplitlyEngine
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\Program Files (x86)\PutLockerDownloader
Folder Deleted : C:\Program Files (x86)\Vaudix
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Speedbit
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\RON\AppData\Local\Babylon
Folder Deleted : C:\Users\RON\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\RON\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\RON\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\RON\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\RON\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\RON\AppData\LocalLow\Speedbit
Folder Deleted : C:\Users\RON\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\RON\AppData\LocalLow\Vaudix
Folder Deleted : C:\Users\RON\AppData\Roaming\Complitly
Folder Deleted : C:\Users\RON\AppData\Roaming\ComplitlyEngine
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\Conduit
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\ConduitEngine
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\extensions\6xffxtbr@ReadingFanatic_6x.com
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\FCTB
Folder Deleted : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\jetpack

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\bflixtoolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\SPEEDbitVideoConverter
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PutLockerDownloader
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert
Key Deleted : HKLM\SOFTWARE\Classes\SBConvert.SBConvert.3
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{162E06EC-4E38-4809-AE76-BF2400D34334}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\apfdadfinodckpcehhdhjlgiphgnbfci
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8888D524-B47A-45AB-A259-D35C35296AFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ComplitlyEngine_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\prefs.js

C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\hh6dpon9.default\user.js ... Deleted !

Deleted : user_pref("CT3254077_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "PrivitizeBar Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3254077[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3254077");
Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.search.defaultenginename", "My Web Search");
Deleted : user_pref("extensions.50ba71c2645c4.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("extensions.50c134b9134a6.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.50c7e736bbcf1.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109882");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "0ef05105000000000000e091f5537565");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "0ef05105000000000000e091f5537565");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15361");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:32:52");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Privitize VPN");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.privitize.com/?aff=7&q=");
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Deleted : user_pref("extensions.toolbar.mindspark._6xMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=AB083739[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Opera v [Unable to get version]

File : C:\Users\RON\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [20898 octets] - [09/03/2013 17:40:26]

########## EOF - C:\AdwCleaner[S1].txt - [20959 octets] ##########

#14 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:38 PM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "combofix" "" "" "File not found: C:\ComboFix\CF455.3XE /c C:\ComboFix\Combobatch.bat"
+ "EzPrint" "" "" "c:\program files (x86)\lexmark s300-s400 series\ezprint.exe"
+ "lxeamon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark s300-s400 series\lxeamon.exe"
+ "lxeemon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark pro700 series\lxeemon.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe" "" "" "c:\users\ron\appdata\roaming\microsoft\windows\recent.vbe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BlueStacks Agent" "BlueStacks Agent" "BlueStack Systems, Inc." "c:\program files (x86)\bluestacks\hd-agent.exe"
+ "dellsupportcenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtcmd.exe"
+ "DivXMediaServer" "DivX DLNA Media Server" "DivX, LLC" "c:\program files (x86)\divx\divx media server\divxmediaserver.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "FATrayAlert" "FATrayMon" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\fatraymon.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "ReadingFanatic Search Scope Monitor" "MindSpark Toolbar Platform SearchScope Monitor" "MindSpark" "c:\program files (x86)\readingfanatic_6x\bar\2.bin\6xsrchmn.exe"
+ "ReadingFanatic_6x Browser Plugin Loader" "VER_DESCRIPTION" "VER_COMPANY_NAME" "c:\program files (x86)\readingfanatic_6x\bar\2.bin\6xbrmon.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
+ "UCam_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\dell\dell touchcam\muitransfer\muistartmenu.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Touch Zone.lnk" "Fingertapps" "" "c:\program files (x86)\dell touch zone\fingertapps.exe"
+ "Touch Screen Tools.lnk" "Touch Screen Tools" "" "c:\program files (x86)\nextwindow\touchscreentools.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "CrossRiderPlugin" "" "" "File not found: C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe"
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "ISUSPM Startup" "" "" "File not found: C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe"
+ "ISUSScheduler" "Macrovision Software Manager Scheduler" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\updateservice\issch.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files (x86)\glary utilities\contexthandler.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "RXDCExtSvr" "Roxio Disc Copier Shell Extension (AMD64)" "Sonic Solutions" "c:\program files\roxio\virtual drive 10\dc_shellext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Glary Utilities" "Context Menu Handler" "Glarysoft Ltd" "c:\program files (x86)\glary utilities\contexthandler.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.172" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "FAIESSOHelper Class" "FAIESSO Application" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faiesso.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"
+ "RealNetworks Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealDownloader" "c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll"
+ "Search Assistant BHO" "MindSpark Search Assistant" "MindSpark" "c:\program files (x86)\readingfanatic_6x\bar\2.bin\6xsrcas.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Lexmark Toolbar" "" "" "c:\program files\lexmark toolbar\toolband.dll"
+ "ReadingFanatic" "MindSpark Toolbar Platform" "MindSpark" "c:\program files (x86)\readingfanatic_6x\bar\2.bin\6xbar.dll"
"Task Scheduler" "" "" ""
+ "\elbyExecuteWithUAC" "" "" "File not found: C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe"
+ "\FinalTorrent Update Checker" "Bitberry Software Update Checker" "Bitberry Software" "c:\program files (x86)\finaltorrent\ftcheckforupdates.exe"
+ "\GlaryInitialize" "Glary Utilities Initialize" "Glarysoft Ltd" "c:\program files (x86)\glary utilities\initialize.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\ProgramUpdateCheck" "Find software to open your files" "Trusted Software ApS" "c:\program files (x86)\file type assistant\tsassist.exe"
+ "\RealDownloaderDownloaderScheduledTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealDownloader" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\recordingmanager.exe"
+ "\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\realnetworks\realdownloader\realupgrade.exe"
+ "\RealPlayerRealUpgradeLogonTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeLogonTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-3026595446-1615173926-3014735318-1001" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "\VaudiXUpdaterTask{9DB4F22D-D6C2-4D3B-B29C-81FDB904C0A2}" "" "" "File not found: C:\ProgramData\Premium\VaudiX\VaudiX.exe"
+ "\{04B7282A-3591-4E9E-B97A-034C32AFA3B2}" "" "" "File not found: C:\Program Files (x86)\Capcom\Resident Evil 4\game_me.exe"
+ "\{062B5F64-B173-40E3-8C22-7D586E982321}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{09BC139A-D732-436B-8F5E-B1ED65C4A5BE}" "" "" "File not found: C:\Program Files (x86)\Atari\Dungeons and Dragons Daggerdale\Binaries\Win32\DnDGame.exe"
+ "\{0E038A61-E97F-4355-A4E0-925E1397589B}" "" "" "File not found: L:\IMP1Q107\keychang.exe"
+ "\{1048F3D6-F6BE-4B9C-93C9-94266253FDE0}" "" "" "File not found: D:\Roxio Easy CD_DVD Burning DE\setup.exe"
+ "\{192864F5-DC01-4976-830D-1E84BC286309}" "" "" "File not found: C:\Users\RON\Desktop\Call.of.Duty.4.Modern.Warfare-KaOs\iw3sp.exe"
+ "\{19BE82A9-FBED-455F-9A79-2AC0676A83C9}" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe"
+ "\{1BA3A095-5F0C-4205-8691-444AF948F9B9}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{1FD7C669-7458-464B-A059-6F1E9E0BF0EB}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOpsMP.exe"
+ "\{221D80AD-B607-421C-ADE7-0F55BE3E39F4}" "" "" "File not found: C:\Program Files (x86)\RealFlight G5 Demo\RealFlight.exe"
+ "\{294672DB-6FE2-452B-A6CC-5757A0D53A71}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOpsMP.exe"
+ "\{2E1D7856-5BC3-4114-B476-F5DC0A329689}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{2F51F0CB-E1DB-4B5D-8CB8-550B70D9EF49}" "" "" "File not found: C:\Program Files (x86)\Capcom\Resident Evil 4\game_me.exe"
+ "\{2FBC1C32-D36C-4A63-B178-CCAB64D38C90}" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe"
+ "\{3083DE4F-A0D5-4510-A8F1-58F62FE5B5A4}" "Firefox" "Mozilla Corporation" "c:\program files (x86)\mozilla firefox\firefox.exe"
+ "\{3234F1B3-E7CF-4878-A5CE-D2F20EAA02DC}" "" "" "File not found: C:\Program Files (x86)\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe"
+ "\{37B27B43-2FD2-4121-B2D7-2FD72009E499}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{3B3BBDCF-2219-4F7E-9E82-63363284B9DC}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{40B7D7F9-1D57-4F95-9074-212FEB9FD2C6}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{42419796-E6FD-4233-B577-2E592C5C32CD}" "" "" "File not found: L:\IMP1Q107\keychang.exe"
+ "\{59E25D51-3249-4B45-B69B-7E67442E490D}" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe"
+ "\{5D795AB1-669A-4FF0-B55A-DF214C252D29}" "" "" "File not found: D:\Roxio Easy CD_DVD Burning DE\setup.exe"
+ "\{5EEFFA4C-FA42-4AB5-8A12-3DDE384E981F}" "" "" "File not found: C:\Games\Call.Of.Duty.And.United.Offensive-KaOs\CoDUOSP.exe"
+ "\{62D48360-C802-4CC6-9C0C-03649266C9AC}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOpsMP.exe"
+ "\{6FA7055D-82B0-44E1-9BB5-F17ECC43A29A}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{71D7CBF9-37C3-4AF6-9FA8-C783CB5DDA99}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{80337C1C-941E-455A-90BC-3E853C977DE4}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{812F17F6-A992-4E07-8FDB-A35BD76AAEE0}" "" "" "File not found: L:\IMP1Q107\keychang.exe"
+ "\{8139D255-C020-4E70-8EE2-3757B481E583}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{898192E5-51AC-4C67-8974-8EE286A859BD}" "" "" "File not found: C:\Program Files (x86)\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe"
+ "\{8A8FCD4C-9C72-4B19-B503-9B10C201E718}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{8D357E0A-768A-48E7-8BBB-EFA66A7A5451}" "" "" "File not found: C:\Program Files (x86)\Call of Duty\CoDUOSP.exe"
+ "\{8E074A2D-847F-4AEF-8F43-8361DAEE8CC1}" "" "" "File not found: C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe"
+ "\{913CF575-B143-4E4D-AEAC-6BB1BEDACD7F}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{9A4ED4BA-AC89-4FDF-870E-E987CF6F0C33}" "" "" "File not found: C:\Program Files (x86)\Atari\Dungeons and Dragons Daggerdale\Binaries\Win32\DnDGame.exe"
+ "\{9B9B7564-54C0-4715-A027-71AA8A17E6B0}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{9EC9731C-89AF-4D74-821E-56CC1677D7D2}" "" "" "File not found: C:\Program Files (x86)\Atari\Dungeons and Dragons Daggerdale\Binaries\Win32\DnDGame.exe"
+ "\{A2C3FD5E-E409-419B-AE6F-A5B1B03C0948}" "" "" "File not found: C:\Users\RON\Desktop\Call.Of.Duty.Black.Ops-KaOs\BlackOps.exe"
+ "\{CA25CD9A-C0B5-45E9-8B5C-0E32476957DD}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{CF371D14-5E3D-49E8-A160-EA8A6B46AEFD}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{D2D64BE4-C704-4401-B1F0-9C1B808A1252}" "" "" "File not found: C:\Program Files (x86)\Electronic Arts\Battlefield 2142 Deluxe Edition\BF2142.exe"
+ "\{D3209140-BAD4-4492-960E-65824B3AE5DF}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{DDB352DC-0679-47CB-9B24-0341325AEBFB}" "" "" "c:\program files (x86)\rockstar games\grand theft auto vice city\gta-vc.exe"
+ "\{E3DB1D25-DD84-4A99-8B2E-9B38A31CEC37}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{EA3A13D7-6129-45B9-B7CF-225AB8EC366C}" "" "" "File not found: C:\Program Files (x86)\Activision\Call of Duty - Black Ops\BlackOps.exe"
+ "\{FA239CCF-CA75-48A2-95EC-EA4B5EFC5FD7}" "" "" "File not found: C:\Program Files (x86)\Atari\Dungeons and Dragons Daggerdale\Binaries\Win32\DnDGame.exe"
+ "\{FB0F1A2B-D8BF-4DFB-9C1A-4A12A541339F}" "" "" "File not found: C:\Users\RON\Desktop\Call.of.Duty.4.Modern.Warfare-KaOs\iw3sp.exe"
+ "\{FBEF6BFC-9F9B-47EF-80A9-8C3BC99043D4}" "" "" "File not found: C:\Program Files (x86)\Atari\Dungeons and Dragons Daggerdale\Binaries\Win32\DnDGame.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "BstHdAndroidSvc" "BlueStacks Service" "BlueStack Systems, Inc." "c:\program files (x86)\bluestacks\hd-service.exe"
+ "BstHdLogRotatorSvc" "BlueStacks Log Rotator Service" "BlueStack Systems, Inc." "c:\program files (x86)\bluestacks\hd-logrotatorservice.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "FAService" "FAService" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faservice.exe"
+ "hasplms" "Manages licenses secured by Aladdin HASP." "Aladdin Knowledge Systems Ltd." "c:\windows\system32\hasplms.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "lxea_device" "Printer Communication System" " " "c:\windows\system32\lxeacoms.exe"
+ "lxeaCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxeaserv.exe"
+ "lxee_device" "Printer Communication System" " " "c:\windows\system32\lxeecoms.exe"
+ "lxeeCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxeeserv.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "" "File not found: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1029] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "ReadingFanatic_6xService" "PRODUCTVERS_TITLE" "COMPANYVERS_NAME" "c:\program files (x86)\readingfanatic_6x\bar\2.bin\6xbarsvc.exe"
+ "RealNetworks Downloader Resolver Service" "Manage different Downloader versions in RealNetworks' products." "" "c:\program files (x86)\realnetworks\realdownloader\rndlresolversvc.exe"
+ "RoxMediaDB10" "Roxio RoxMediaDB10 Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe"
+ "sprtsvc_DellSupportCenter" "SupportSoft Sprocket Service (DellSupportCenter)" "SupportSoft, Inc." "c:\program files (x86)\dell support center\bin\sprtsvc.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "YahooAUService" "Keeps your favorite Yahoo! software up-to-date with the latest features, tools, and enhancements." "Yahoo! Inc." "c:\program files (x86)\yahoo!\softwareupdate\yahooauservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aksdf" "Aladdin Data Mini-Filter Driver" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\aksdf.sys"
+ "aksfridge" "Ancillary Function Driver" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\aksfridge.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "ASPI32" "" "" "File not found: C:\Windows\System32\Drivers\ASPI32.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCMH43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwlhigh664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BstHdDrv" "BlueStacks Hypervisor for amd64" "BlueStack Systems" "c:\program files (x86)\bluestacks\hd-hypervisor-amd64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "FACAP" "faCap WebCam Capture" "Sensible Vision " "c:\windows\system32\drivers\facap.sys"
+ "hardlock" "Hardlock Device Driver for Windows x64" "Aladdin Knowledge Systems Ltd." "c:\windows\system32\drivers\hardlock.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 310.70 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "NW1950" "NWHIDFil" "" "c:\windows\system32\drivers\nw1950.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "" "" "File not found: System32\Drivers\RimUsb_AMD64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt64win7.sys"
+ "RTL8192su" "Realtek RTL8192S USB NDIS Driver" "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtl8192su.sys"
+ "RxFilter" "RxFilter mini-filter driver" "" "File not found: system32\DRIVERS\RxFilter.sys"
+ "SaiH0464" "Saitek Hid Driver" "Saitek" "c:\windows\system32\drivers\saih0464.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd" "SCSI Pass Through Direct Host" "Duplex Secure Ltd." "c:\windows\system32\drivers\sptd.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "usbbus" "" "" "File not found: system32\DRIVERS\lgx64bus.sys"
+ "UsbDiag" "LGE Mobile USB Serial Port" "" "File not found: system32\DRIVERS\lgx64diag.sys"
+ "USBModem" "LGE Mobile Modem Support" "" "File not found: system32\DRIVERS\lgx64modem.sys"
+ "VClone" "VirtualCloneCD Driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\vclone.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "VST64_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "VST64HWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstbs26.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "WnsDrvr" "" "" "File not found: C:\Windows\System32\Drivers\WnsDrvr.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\syswow64\ac3acm.acm"
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3fhg" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\mp3fhg.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\x64\ac3filter64.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Haali Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.x64.ax"
+ "Haali Media Splitter" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.x64.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.x64.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.x64.ax"
+ "Haali Video Renderer" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\dxr.x64.dll"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.x64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\ac3filter.ax"
+ "CoreAAC Audio Decoder" "CoreAAC" "" "c:\windows\syswow64\coreaac.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files (x86)\dell\dell touchcam\yctrack.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\dell\dell touchcam\ycrgl.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\dell\dell touchcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper" "CLWMVDump Dynamic Link Library" "" "c:\program files (x86)\dell\dell touchcam\ycwmvdump.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax"
+ "Haali Media Splitter" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax"
+ "Haali Media Splitter (AR)" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax"
+ "Haali Simple Media Splitter" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax"
+ "Haali Video Sink" "" "" "File not found: C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\syswow64\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\syswow64\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\syswow64\ir50_32.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmwriter.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG Audio Source" "Mpa Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - MPEG Audio Splitter" "Mpa Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpasplitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Mp3 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer MPEG4 Transform Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\vobloader.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll"
+ "Sonic MPEG-2 Video Decoder" "" "" "File not found: C:\Program Files (x86)\Common Files\Sonic Shared\SonicMC02\sonic7m2vd.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\videocompositing.ax"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\videocore 10\roxvideo.ax"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\dell\dell touchcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FACredProv" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
+ "FACredProv2" "FACredProv2 Application" "Sensible Vision " "c:\windows\system32\facredprov2.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "FACredProvFilter" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "RSVP TCP Service Provider" "" "" "File not found: C:\Windows\system32\rsvpsp.dll"
+ "RSVP UDP Service Provider" "" "" "File not found: C:\Windows\system32\rsvpsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "NWLink IPX/SPX/NetBIOS Compatible Transport Protocol" "" "" "File not found: C:\Windows\System32\nwprovau.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "LIDIL hpzllw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpzllw71.dll"
+ "LIDIL hpzllwn7" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzllwn7.dll"
+ "Pro700 Series Port" "Printer Communication System" " " "c:\windows\system32\lxeelmpm.dll"
+ "S300-S400 Series Port" "Printer Communication System" " " "c:\windows\system32\lxealmpm.dll"
"C:\Users\RON\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"
+ "CPU Meter" "See the current computer CPU and system memory (RAM)." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\Gadget.xml"

#15 fldanger

fldanger
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:10 PM

Posted 09 March 2013 - 06:40 PM


23:05:21.0474 2076 C:\Windows\System32\spool\drivers\x64\3\lxeedr.dll - ok
23:05:21.0474 2076 [ 55E3404EBA301BC8A420157BFE7184D2 ] C:\Windows\System32\UIRibbonRes.dll
23:05:21.0474 2076 C:\Windows\System32\UIRibbonRes.dll - ok
23:05:21.0490 2076 [ DCFB1EEEF91335518C2B2B93772C2713 ] C:\Windows\System32\spool\drivers\x64\3\lxeeptpc.dll
23:05:21.0490 2076 C:\Windows\System32\spool\drivers\x64\3\lxeeptpc.dll - ok
23:05:21.0490 2076 [ 8D7BDCC775B5782EC0063F3ADF94F750 ] C:\Windows\System32\spool\drivers\x64\3\lxeedrui.dll
23:05:21.0490 2076 C:\Windows\System32\spool\drivers\x64\3\lxeedrui.dll - ok
23:05:21.0490 2076 [ 91126AC2B7240B76D77AC44BEB800758 ] C:\Windows\System32\spool\drivers\x64\3\LXEEcfg.dll
23:05:21.0490 2076 C:\Windows\System32\spool\drivers\x64\3\LXEEcfg.dll - ok
23:05:21.0490 2076 [ 576A8FA7DF17220A1F5DCFB468C59D12 ] C:\Windows\System32\spool\drivers\x64\3\lxeeprpr.dll
23:05:21.0490 2076 C:\Windows\System32\spool\drivers\x64\3\lxeeprpr.dll - ok
23:05:21.0490 2076 [ 345BC7CADBE91E78B52497EF3B0D910B ] C:\Windows\System32\fms.dll
23:05:21.0490 2076 C:\Windows\System32\fms.dll - ok
23:05:21.0490 2076 [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
23:05:21.0490 2076 C:\Windows\System32\appmgmts.dll - ok
23:05:21.0505 2076 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
23:05:21.0505 2076 C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe - ok
23:05:21.0505 2076 [ B24450E38722F69F338533A36ECFFC29 ] C:\Windows\System32\RacEngn.dll
23:05:21.0505 2076 C:\Windows\System32\RacEngn.dll - ok
23:05:21.0505 2076 [ AA61A7047E854A9E914FDD17C2F35675 ] C:\Windows\System32\sqlceoledb30.dll
23:05:21.0505 2076 C:\Windows\System32\sqlceoledb30.dll - ok
23:05:21.0505 2076 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\73953361.sys
23:05:21.0505 2076 C:\Windows\System32\drivers\73953361.sys - ok
23:05:21.0505 2076 ============================================================
23:05:21.0505 2076 Scan finished
23:05:21.0505 2076 ============================================================
23:05:21.0521 1376 Detected object count: 0
23:05:21.0521 1376 Actual detected object count: 0
23:06:16.0511 4148 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users