TechSpot

Trojan rootkit proxy problem, can't connect to Internet

Solved
By Miles54321
Sep 5, 2012
Topic Status:
Not open for further replies.
  1. Whenever I try to connect to the internet it says resolving proxy and I can't connect, I have made sure that I've got proxy settings for both are off as I dont use a proxy, my sisters laptop works and my wii works online so both lan and wifi networks work but cant work with my pc

    I scanned with hijackthis and found a current version proxy local setting, I therefore then searched google and it said the setting was malicious so I removed it and it went into the hackthis backups, I tried to remove it but it stayed in my backups

    I then ran super anti spyware and it found 4 registry files put on there by the virus and 2 trojans, I removed them and I tried the internet it didnt work, I flushed my dns tried combo fix, rkiller, tdds killer,ad aware,malware bytes, spy bot search and destroy,sophos anti virus and theyve found nothing

    I had out of date versions on my pc of java and adobe reader 9 mui , I therefore removed them and turned off system restore but the problem persists

    because my internet is being affected by the trojan I'm on my phone and therefore cant copy and paste scan logs even from a txt file, would it therefore be ok to attachments of scan logs, once again I apologise you prefer copy and paste
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.


    Please post the log from ComboFix, located at C:\ComboFix.txt. Normally, it is best for users not to run the tool without help of a malware removal specialist.
  3. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    Thanks for the assistance, I really appreciate it

    Because my internet is down I will send this as an attachment if thats ok

    For some reason I can only attach picture images not txt files
  4. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    Sorry for the double post, I am using my mum's pc

    for some reason I cant attach files with my phone but I was able to get a hold of this

    Ok, here's the ComboFix log:

    ComboFix 12-09-01.01 - owner 04/09/2012 15:01:35.3.4 - x64 NETWORK
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6071.5123 [GMT 1:00]
    Running from: c:\users\owner\Desktop\ComboFix.exe
    AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Aware *Disabled/Outdated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    SP: Lavasoft Ad-Aware *Disabled/Outdated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-08-04 to 2012-09-04 )))))))))))))))))))))))))))))))
    .
    .
    2012-09-04 14:11 . 2012-09-04 14:11--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
    2012-09-04 14:11 . 2012-09-04 14:11--------d-----w-c:\users\Default\AppData\Local\temp
    2012-09-03 21:12 . 2012-09-03 21:12--------d-----w-C:\avast! sandbox
    2012-09-03 19:29 . 2012-09-03 19:29627600----a-w-c:\windows\system32\deployJava1.dll
    2012-09-03 07:05 . 2012-09-03 07:05--------d-----w-C:\TDSSKiller_Quarantine
    2012-09-03 00:12 . 2012-09-03 00:12--------d-----w-c:\programdata\PC Tools
    2012-09-03 00:12 . 2012-09-03 00:12--------d-----w-c:\users\owner\AppData\Roaming\TestApp
    2012-09-03 00:00 . 2012-09-03 00:00--------d-----w-c:\users\owner\AppData\Roaming\SUPERAntiSpyware.com
    2012-09-02 23:59 . 2012-09-03 00:00--------d-----w-c:\program files\SUPERAntiSpyware
    2012-09-02 23:59 . 2012-09-02 23:59--------d-----w-c:\programdata\SUPERAntiSpyware.com
    2012-09-02 23:31 . 2012-09-02 23:31--------d-----w-c:\program files (x86)\CheckPoint
    2012-09-02 23:31 . 2012-09-02 23:31--------d-----w-c:\programdata\CheckPoint
    2012-09-02 20:38 . 2012-09-02 20:38388096----a-r-c:\users\owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-09-02 20:38 . 2012-09-02 20:38--------d-----w-c:\program files (x86)\Trend Micro
    2012-09-02 16:44 . 2012-09-02 16:44--------d-----w-c:\programdata\Systweak
    2012-08-31 15:21 . 2012-08-31 15:2173696----a-w-c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
    2012-08-31 00:46 . 2012-08-31 00:46--------d-----w-c:\program files (x86)\PakkISO
    2012-08-30 09:39 . 2012-08-21 09:13142128----a-w-c:\windows\system32\drivers\aswFW.sys
    2012-08-30 09:39 . 2012-08-21 09:13266776----a-w-c:\windows\system32\drivers\aswNdis2.sys
    2012-08-30 09:39 . 2012-08-21 09:1319600----a-w-c:\windows\system32\drivers\aswKbd.sys
    2012-08-30 09:39 . 2012-07-13 10:4712368----a-w-c:\windows\system32\drivers\aswNdis.sys
    2012-08-18 22:43 . 2012-08-18 22:43--------d-----w-c:\program files (x86)\GPU-Z
    2012-08-18 16:13 . 2012-07-05 21:06772544----a-w-c:\windows\SysWow64\npDeployJava1.dll
    2012-08-18 04:31 . 2012-09-02 16:40--------d-----w-c:\users\owner\AppData\Roaming\Systweak
    2012-08-18 04:30 . 2012-07-24 22:3316896----a-w-c:\windows\system32\sasnative64.exe
    2012-08-18 04:30 . 2012-02-14 11:49114176----a-w-c:\windows\SysWow64\PCWizard.cpl
    2012-08-18 04:30 . 2012-09-02 16:41--------d-----w-c:\program files (x86)\Advanced System Protector
    2012-08-18 04:30 . 2012-08-18 04:30--------d-----w-c:\program files (x86)\CPUID
    2012-08-15 20:45 . 2012-08-15 20:45--------d-----w-C:\found.005
    2012-08-15 18:27 . 2012-08-16 08:12--------d-----w-c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    2012-08-07 17:34 . 2012-08-07 17:34--------d-----w-c:\program files (x86)\Wolfenstein 3D
    2012-08-05 17:03 . 2012-08-16 11:54--------d-----w-C:\found.004
    2012-08-05 16:43 . 2012-08-05 16:43--------d-----w-c:\users\owner\AppData\Roaming\Simply Super Software
    2012-08-05 16:42 . 2012-08-05 16:42--------d-----w-c:\program files (x86)\Trojan Remover
    2012-08-05 16:42 . 2012-08-05 16:42--------d-----w-c:\programdata\Simply Super Software
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-21 09:13 . 2012-08-04 15:02359464----a-w-c:\windows\system32\drivers\aswSP.sys
    2012-08-21 09:13 . 2012-08-04 15:0259728----a-w-c:\windows\system32\drivers\aswTdi.sys
    2012-08-21 09:13 . 2012-08-04 15:02969200----a-w-c:\windows\system32\drivers\aswSnx.sys
    2012-08-21 09:13 . 2012-08-04 15:0254072----a-w-c:\windows\system32\drivers\aswRdr2.sys
    2012-08-21 09:13 . 2012-08-04 15:0271600----a-w-c:\windows\system32\drivers\aswMonFlt.sys
    2012-08-21 09:13 . 2012-08-04 15:0225232----a-w-c:\windows\system32\drivers\aswFsBlk.sys
    2012-08-21 09:12 . 2012-08-04 15:0141224----a-w-c:\windows\avastSS.scr
    2012-08-21 09:12 . 2012-08-04 15:01227648----a-w-c:\windows\SysWow64\aswBoot.exe
    2012-08-21 09:12 . 2012-08-04 15:02285328----a-w-c:\windows\system32\aswBoot.exe
    2012-08-15 21:42 . 2012-08-03 22:5370344----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-15 21:42 . 2012-08-03 22:53426184----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
    2012-08-01 13:55 . 2010-10-27 06:45270408----a-w-c:\windows\SysWow64\PnkBstrB.xtr
    2012-08-01 13:55 . 2010-10-27 06:23270408----a-w-c:\windows\SysWow64\PnkBstrB.exe
    2012-07-23 19:28 . 2010-10-27 06:23270408----a-w-c:\windows\SysWow64\PnkBstrB.ex0
    2012-07-23 00:47 . 2010-10-27 06:2375136----a-w-c:\windows\SysWow64\PnkBstrA.exe
    2012-07-20 22:15 . 2010-10-27 06:232250024----a-w-c:\windows\SysWow64\pbsvc.exe
    2012-07-05 21:06 . 2010-08-18 12:13687544----a-w-c:\windows\SysWow64\deployJava1.dll
    2012-07-03 12:46 . 2012-02-22 10:3924904----a-w-c:\windows\system32\drivers\mbam.sys
    2012-06-11 18:59 . 2012-06-11 18:5910248192----a-w-c:\windows\system32\drivers\atikmdag.sys
    2012-06-11 18:35 . 2012-06-11 18:3570144----a-w-c:\windows\system32\coinst_8.98.dll
    2012-06-11 18:29 . 2012-06-11 18:2924826368----a-w-c:\windows\system32\atio6axx.dll
    2012-06-11 18:00 . 2012-06-11 18:0020467712----a-w-c:\windows\SysWow64\atioglxx.dll
    2012-06-11 17:25 . 2012-06-11 17:25163840----a-w-c:\windows\system32\atiapfxx.exe
    2012-06-11 17:24 . 2011-12-06 03:17924160----a-w-c:\windows\SysWow64\aticfx32.dll
    2012-06-11 17:23 . 2012-06-11 17:231090560----a-w-c:\windows\system32\aticfx64.dll
    2012-06-11 17:20 . 2012-06-11 17:20442368----a-w-c:\windows\system32\ATIDEMGX.dll
    2012-06-11 17:19 . 2012-06-11 17:19532992----a-w-c:\windows\system32\atieclxx.exe
    2012-06-11 17:19 . 2012-06-11 17:19239616----a-w-c:\windows\system32\atiesrxx.exe
    2012-06-11 17:17 . 2012-06-11 17:17120320----a-w-c:\windows\system32\atitmm64.dll
    2012-06-11 17:17 . 2012-06-11 17:1721504----a-w-c:\windows\system32\atimuixx.dll
    2012-06-11 17:17 . 2012-06-11 17:1759392----a-w-c:\windows\system32\atiedu64.dll
    2012-06-11 17:17 . 2012-06-11 17:1743520----a-w-c:\windows\SysWow64\ati2edxx.dll
    2012-06-11 17:16 . 2012-06-11 17:166301696----a-w-c:\windows\SysWow64\atidxx32.dll
    2012-06-11 17:01 . 2012-06-11 17:016914560----a-w-c:\windows\system32\atidxx64.dll
    2012-06-11 16:51 . 2012-06-11 16:514246528----a-w-c:\windows\system32\atiumd6a.dll
    2012-06-11 16:45 . 2012-06-11 16:4551200----a-w-c:\windows\system32\aticalrt64.dll
    2012-06-11 16:45 . 2012-06-11 16:4546080----a-w-c:\windows\SysWow64\aticalrt.dll
    2012-06-11 16:45 . 2011-12-06 02:335480448----a-w-c:\windows\SysWow64\atiumdag.dll
    2012-06-11 16:45 . 2012-06-11 16:4544544----a-w-c:\windows\system32\aticalcl64.dll
    2012-06-11 16:45 . 2012-06-11 16:4544032----a-w-c:\windows\SysWow64\aticalcl.dll
    2012-06-11 16:45 . 2012-06-11 16:4515703040----a-w-c:\windows\system32\aticaldd64.dll
    2012-06-11 16:43 . 2011-12-06 02:284729344----a-w-c:\windows\SysWow64\atiumdva.dll
    2012-06-11 16:40 . 2012-06-11 16:4013277696----a-w-c:\windows\SysWow64\aticaldd.dll
    2012-06-11 16:36 . 2012-06-11 16:366605824----a-w-c:\windows\system32\atiumd64.dll
    2012-06-11 16:27 . 2012-06-11 16:27539136----a-w-c:\windows\system32\atiadlxx.dll
    2012-06-11 16:26 . 2012-06-11 16:26368640----a-w-c:\windows\SysWow64\atiadlxy.dll
    2012-06-11 16:26 . 2012-06-11 16:2617920----a-w-c:\windows\system32\atig6pxx.dll
    2012-06-11 16:26 . 2012-06-11 16:2614848----a-w-c:\windows\SysWow64\atiglpxx.dll
    2012-06-11 16:26 . 2012-06-11 16:2614848----a-w-c:\windows\system32\atiglpxx.dll
    2012-06-11 16:26 . 2012-06-11 16:2641984----a-w-c:\windows\system32\atig6txx.dll
    2012-06-11 16:26 . 2012-06-11 16:2633280----a-w-c:\windows\SysWow64\atigktxx.dll
    2012-06-11 16:26 . 2012-06-11 16:26367616----a-w-c:\windows\system32\drivers\atikmpag.sys
    2012-06-11 16:25 . 2011-05-25 02:2454784----a-w-c:\windows\system32\atiuxp64.dll
    2012-06-11 16:25 . 2012-06-11 16:2542496----a-w-c:\windows\SysWow64\atiuxpag.dll
    2012-06-11 16:25 . 2011-05-25 02:2445056----a-w-c:\windows\system32\atiu9p64.dll
    2012-06-11 16:24 . 2011-05-25 02:2432768----a-w-c:\windows\SysWow64\atiu9pag.dll
    2012-06-11 16:24 . 2012-06-11 16:2453248----a-w-c:\windows\system32\drivers\ati2erec.dll
    2012-06-11 16:23 . 2012-06-11 16:2356320----a-w-c:\windows\system32\atimpc64.dll
    2012-06-11 16:23 . 2012-06-11 16:2356320----a-w-c:\windows\system32\amdpcom64.dll
    2012-06-11 16:23 . 2012-06-11 16:2356832----a-w-c:\windows\SysWow64\atimpc32.dll
    2012-06-11 16:23 . 2012-06-11 16:2356832----a-w-c:\windows\SysWow64\amdpcom32.dll
    2012-06-11 12:50 . 2012-06-11 12:50187392----a-w-c:\windows\system32\clinfo.exe
    2012-06-11 12:50 . 2012-06-11 12:5075264----a-w-c:\windows\system32\OpenVideo64.dll
    2012-06-11 12:50 . 2012-06-11 12:5065024----a-w-c:\windows\SysWow64\OpenVideo.dll
    2012-06-11 12:50 . 2012-06-11 12:5063488----a-w-c:\windows\system32\OVDecode64.dll
    2012-06-11 12:50 . 2012-06-11 12:5056320----a-w-c:\windows\SysWow64\OVDecode.dll
    2012-06-11 12:50 . 2012-06-11 12:5016457728----a-w-c:\windows\system32\amdocl64.dll
    2012-06-11 12:49 . 2012-06-11 12:4913008896----a-w-c:\windows\SysWow64\amdocl.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
    2010-11-19 19:132447360----a-w-c:\program files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2011-01-17 16:54175912----a-w-c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
    2012-04-11 20:0887440----a-w-c:\program files (x86)\adawaretb\adawareDx.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
    2010-06-13 19:102734688----a-w-c:\program files (x86)\Veoh_Web_Player\tbVeoh.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\program files (x86)\Veoh_Web_Player\tbVeoh.dll" [2010-06-13 2734688]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
    "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-04-11 87440]
    .
    [HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-09-10 13:41120104----a-w-c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
    "DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2012-05-02 4419488]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-19 880496]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 5661056]
    "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-11-25 393216]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
    "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
    "amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
    "IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    forteManager.lnk - c:\program files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2011-7-20 1687552]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification PackagesREG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
    @="Ad-Aware Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
    "Hotkey Utility"=c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
    "JMB36X IDE Setup"=c:\windows\RaidTool\xInsIDE.exe
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    "AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    "PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
    "ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
    "PWRISOVM.EXE"=c:\program files (x86)\PowerISO\PWRISOVM.EXE
    "EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
    "PlusService"=c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    "IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
    "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe"
    "TrojanScanner"=c:\program files (x86)\Trojan Remover\Trjscan.exe /boot
    .
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
    R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-09 503352]
    R1 aswSnx;aswSnx; [x]
    R1 aswSP;aswSP; [x]
    R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
    R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
    R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    R2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
    R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
    R2 aswFsBlk;aswFsBlk; [x]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
    R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-08-21 133912]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
    R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
    R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2012-08-15 108392]
    R2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
    R2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
    R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35344]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
    R2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
    R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
    R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
    R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
    R2 USBS3S4Detection;USBS3S4Detection;c:\oem\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
    R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
    R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
    R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-05-20 594472]
    R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-05-20 39976]
    R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
    R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-15 99384]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-02 135664]
    R3 LGDDCDevice;LGDDCDevice;c:\program files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336]
    R3 LGII2CDevice;LGII2CDevice;c:\program files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-31 114144]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-19 712704]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
    R3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 686592]
    R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]
    R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
    R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2012-08-16 19952]
    R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-09-29 119416]
    R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536]
    R3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [2011-12-19 84600]
    R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
    R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-15 203320]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
    R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-04 1255736]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
    R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
    R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-07-13 12368]
    S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
    S1 aswFW;avast! TDI Firewall driver; [x]
    S1 aswKbd;aswKbd; [x]
    S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-12-19 256632]
    S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
    S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-09-29 119416]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 21:42]
    .
    2012-09-03 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files (x86)\Glary Utilities\initialize.exe [2011-04-29 21:16]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-02 21:11]
    .
    2012-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-02 21:11]
    .
    2012-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-700293270-161366171-2932116839-1001Core.job
    - c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 18:28]
    .
    2012-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-700293270-161366171-2932116839-1001UA.job
    - c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-28 18:28]
    .
    2012-09-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 481c02d1-09b8-4646-a482-b214cc228ca1.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    2012-09-04 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 488803fe-d510-4280-a33a-0223580c273a.job
    - c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-08-21 09:11133400----a-w-c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-09-10 13:44137512----a-w-c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
    @="{0A479751-02BC-11d3-A855-0004AC2568AA}"
    [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
    2011-06-24 06:03456704----a-w-c:\program files\LinkShellExtension\HardlinkShellExt.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
    @="{0A479751-02BC-11d3-A855-0004AC2568DD}"
    [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
    2011-06-24 06:03456704----a-w-c:\program files\LinkShellExtension\HardlinkShellExt.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
    @="{0A479751-02BC-11d3-A855-0004AC2568EE}"
    [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
    2011-06-24 06:03456704----a-w-c:\program files\LinkShellExtension\HardlinkShellExt.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]
    "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
    "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
    "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
    "SBRegRebootCleaner"="c:\program files (x86)\Ad-Aware Antivirus\SBRC.exe" [2011-12-19 200560]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.plusnetwork.com/?sp=hp
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_m5811&r=17360810m506pe405v115w5511u385
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: DhcpNameServer = 192.168.2.1
    FF - ProfilePath - c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\
    FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file)
    WebBrowser-{9F788CF7-5726-42B2-9DBA-32353E4D64A7} - (no file)
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-700293270-161366171-2932116839-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    @Allowed: (Read) (RestrictedCode)
    "??"=hex:07,eb,30,d1,ee,27,83,43,0c,ec,82,61,f3,68,b8,12,b2,ae,2f,1a,a6,97,0d,
    d7,cb,09,73,dd,4d,f5,17,56,38,91,47,5e,3c,13,dc,e2,cf,a1,ee,77,d7,5e,80,36,\
    "??"=hex:29,6e,e1,8d,15,25,ca,1c,c5,e3,8a,55,89,ba,94,a2
    .
    [HKEY_USERS\S-1-5-21-700293270-161366171-2932116839-1001\Software\SecuROM\License information*]
    "datasecu"=hex:57,74,2e,54,c3,53,58,d0,b3,84,0a,b8,c6,17,46,01,1d,33,9b,ae,7c,
    d6,cc,a8,61,1c,66,6e,f9,49,de,f4,5f,eb,2d,46,0d,89,cb,78,1b,4f,e6,34,07,79,\
    "rkeysecu"=hex:02,48,a6,a7,41,ce,8b,d9,4c,0c,ed,99,9f,a4,bf,9d
    .
    [HKEY_LOCAL_MACHINE\software\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-09-04 15:14:05
    ComboFix-quarantined-files.txt 2012-09-04 14:14
    ComboFix2.txt 2012-09-03 20:15
    ComboFix3.txt 2012-09-02 22:47
    .
    Pre-Run: 166,450,118,656 bytes free
    Post-Run: 166,456,160,256 bytes free
    .
    - - End Of File - - 930C36A39577653DF8E8F84E52ED1ACD
  5. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download and run TDSSKiller to your desktop as outlined below:

    Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    For Windows XP, double-click to start.
    For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


    [​IMG]

    -------------------------

    Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    [​IMG]

    ------------------------

    Click the Start Scan button.

    [​IMG]

    -----------------------

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue


    [​IMG]

    ----------------------

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    [​IMG]


    --------------------

    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
    Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

    -------------------

    Here's a summary of what to do if you would like to print it out:

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  6. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    I found 6 files, they were unsigned and locked so I skipped them, I found nothing else other than that

    12:33:52.0933 0700 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
    12:33:53.0009 0700 ============================================================
    12:33:53.0009 0700 Current date / time: 2012/09/06 12:33:53.0009
    12:33:53.0009 0700 SystemInfo:
    12:33:53.0009 0700
    12:33:53.0009 0700 OS Version: 6.1.7601 ServicePack: 1.0
    12:33:53.0009 0700 Product type: Workstation
    12:33:53.0010 0700 ComputerName: OWNER-PC
    12:33:53.0010 0700 UserName: owner
    12:33:53.0010 0700 Windows directory: C:\Windows
    12:33:53.0010 0700 System windows directory: C:\Windows
    12:33:53.0010 0700 Running under WOW64
    12:33:53.0010 0700 Processor architecture: Intel x64
    12:33:53.0010 0700 Number of processors: 4
    12:33:53.0010 0700 Page size: 0x1000
    12:33:53.0010 0700 Boot type: Normal boot
    12:33:53.0010 0700 ============================================================
    12:33:53.0759 0700 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    12:33:53.0810 0700 ============================================================
    12:33:53.0810 0700 \Device\Harddisk0\DR0:
    12:33:53.0810 0700 MBR partitions:
    12:33:53.0810 0700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
    12:33:53.0810 0700 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x394E7000
    12:33:53.0810 0700 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B119800, BlocksNum 0x395EC800
    12:33:53.0810 0700 ============================================================
    12:33:53.0851 0700 C: <-> \Device\Harddisk0\DR0\Partition2
    12:33:53.0876 0700 D: <-> \Device\Harddisk0\DR0\Partition3
    12:33:53.0876 0700 ============================================================
    12:33:53.0876 0700 Initialize success
    12:33:53.0876 0700 ============================================================
    12:34:09.0953 1320 ============================================================
    12:34:09.0953 1320 Scan started
    12:34:09.0953 1320 Mode: Manual; SigCheck; TDLFS;
    12:34:09.0953 1320 ============================================================
    12:34:10.0186 1320 ================ Scan system memory ========================
    12:34:10.0186 1320 System memory - ok
    12:34:10.0186 1320 ================ Scan services =============================
    12:34:10.0276 1320 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    12:34:10.0362 1320 !SASCORE - ok
    12:34:10.0531 1320 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    12:34:10.0568 1320 1394ohci - ok
    12:34:10.0605 1320 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    12:34:10.0624 1320 ACPI - ok
    12:34:10.0651 1320 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    12:34:10.0701 1320 AcpiPmi - ok
    12:34:10.0768 1320 [ 09E61047B0CEF21559CFCEDF4F14D216 ] Ad-Aware Service C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    12:34:10.0799 1320 Ad-Aware Service - ok
    12:34:10.0841 1320 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
    12:34:10.0906 1320 adfs - ok
    12:34:11.0070 1320 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    12:34:11.0087 1320 AdobeFlashPlayerUpdateSvc - ok
    12:34:11.0122 1320 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    12:34:11.0163 1320 adp94xx - ok
    12:34:11.0192 1320 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    12:34:11.0230 1320 adpahci - ok
    12:34:11.0244 1320 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    12:34:11.0276 1320 adpu320 - ok
    12:34:11.0362 1320 [ E410DA575FF48D976B41670C6D262A82 ] AdvancedSystemCareService5 C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
    12:34:11.0380 1320 AdvancedSystemCareService5 - ok
    12:34:11.0405 1320 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    12:34:11.0456 1320 AeLookupSvc - ok
    12:34:11.0489 1320 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    12:34:11.0527 1320 AFD - ok
    12:34:11.0557 1320 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    12:34:11.0574 1320 agp440 - ok
    12:34:11.0589 1320 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    12:34:11.0625 1320 ALG - ok
    12:34:11.0657 1320 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    12:34:11.0672 1320 aliide - ok
    12:34:11.0707 1320 [ 9C616BA191B80F5CD1A1B9553E107100 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    12:34:12.0000 1320 AMD External Events Utility - ok
    12:34:12.0057 1320 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    12:34:12.0072 1320 amdide - ok
    12:34:12.0109 1320 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    12:34:12.0150 1320 AmdK8 - ok
    12:34:12.0317 1320 [ 5165E83751B8FF40E5E4925996FCC506 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    12:34:13.0091 1320 amdkmdag - ok
    12:34:13.0120 1320 [ 86AB3CF484260C4318F3A6E8B035F422 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    12:34:13.0392 1320 amdkmdap - ok
    12:34:13.0405 1320 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    12:34:13.0441 1320 AmdPPM - ok
    12:34:13.0480 1320 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    12:34:13.0496 1320 amdsata - ok
    12:34:13.0526 1320 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    12:34:13.0561 1320 amdsbs - ok
    12:34:13.0580 1320 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    12:34:13.0612 1320 amdxata - ok
    12:34:13.0641 1320 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    12:34:13.0704 1320 AppID - ok
    12:34:13.0728 1320 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    12:34:13.0781 1320 AppIDSvc - ok
    12:34:13.0809 1320 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    12:34:13.0851 1320 Appinfo - ok
    12:34:13.0942 1320 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    12:34:13.0965 1320 Apple Mobile Device - ok
    12:34:14.0017 1320 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    12:34:14.0044 1320 arc - ok
    12:34:14.0060 1320 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    12:34:14.0076 1320 arcsas - ok
    12:34:14.0202 1320 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    12:34:14.0216 1320 aspnet_state - ok
    12:34:14.0261 1320 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
    12:34:14.0292 1320 aswFsBlk - ok
    12:34:14.0341 1320 [ 7B922B13ACFF9E4FBA24A6EACC417B78 ] aswFW C:\Windows\system32\drivers\aswFW.sys
    12:34:14.0380 1320 aswFW - ok
    12:34:14.0432 1320 [ F146F83E8F7AC22BD011D5942E4C155C ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
    12:34:14.0469 1320 aswKbd - ok
    12:34:14.0531 1320 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
    12:34:14.0567 1320 aswMonFlt - ok
    12:34:14.0601 1320 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
    12:34:14.0629 1320 aswNdis - ok
    12:34:14.0661 1320 [ 5693F48725D83510C5C2A60DB4137D85 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
    12:34:14.0707 1320 aswNdis2 - ok
    12:34:14.0725 1320 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
    12:34:14.0744 1320 aswRdr - ok
    12:34:14.0783 1320 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
    12:34:14.0839 1320 aswSnx - ok
    12:34:14.0877 1320 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
    12:34:14.0908 1320 aswSP - ok
    12:34:14.0919 1320 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
    12:34:14.0939 1320 aswTdi - ok
    12:34:14.0975 1320 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    12:34:15.0051 1320 AsyncMac - ok
    12:34:15.0085 1320 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    12:34:15.0114 1320 atapi - ok
    12:34:15.0261 1320 [ 5165E83751B8FF40E5E4925996FCC506 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
    12:34:15.0378 1320 atikmdag - ok
    12:34:15.0430 1320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    12:34:15.0492 1320 AudioEndpointBuilder - ok
    12:34:15.0517 1320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    12:34:15.0564 1320 AudioSrv - ok
    12:34:15.0655 1320 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    12:34:15.0669 1320 avast! Antivirus - ok
    12:34:15.0705 1320 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
    12:34:15.0735 1320 avast! Firewall - ok
    12:34:15.0770 1320 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    12:34:15.0809 1320 AxInstSV - ok
    12:34:15.0832 1320 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    12:34:15.0857 1320 b06bdrv - ok
    12:34:15.0900 1320 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    12:34:15.0931 1320 b57nd60a - ok
    12:34:15.0961 1320 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    12:34:15.0997 1320 BDESVC - ok
    12:34:16.0007 1320 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    12:34:16.0048 1320 Beep - ok
    12:34:16.0112 1320 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    12:34:16.0172 1320 BFE - ok
    12:34:16.0226 1320 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    12:34:16.0261 1320 blbdrive - ok
    12:34:16.0297 1320 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    12:34:16.0327 1320 Bonjour Service - ok
    12:34:16.0364 1320 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    12:34:16.0399 1320 bowser - ok
    12:34:16.0416 1320 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    12:34:16.0437 1320 BrFiltLo - ok
    12:34:16.0446 1320 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    12:34:16.0494 1320 BrFiltUp - ok
    12:34:16.0508 1320 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    12:34:16.0575 1320 BridgeMP - ok
    12:34:16.0612 1320 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
    12:34:16.0658 1320 Browser - ok
    12:34:16.0679 1320 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    12:34:16.0701 1320 Brserid - ok
    12:34:16.0714 1320 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    12:34:16.0759 1320 BrSerWdm - ok
    12:34:16.0778 1320 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    12:34:16.0799 1320 BrUsbMdm - ok
    12:34:16.0813 1320 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    12:34:16.0855 1320 BrUsbSer - ok
    12:34:16.0885 1320 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
    12:34:16.0930 1320 BthEnum - ok
    12:34:16.0945 1320 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    12:34:16.0982 1320 BTHMODEM - ok
    12:34:17.0018 1320 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    12:34:17.0054 1320 BthPan - ok
    12:34:17.0113 1320 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
    12:34:17.0155 1320 BTHPORT - ok
    12:34:17.0188 1320 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    12:34:17.0235 1320 bthserv - ok
    12:34:17.0264 1320 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
    12:34:17.0294 1320 BTHUSB - ok
    12:34:17.0349 1320 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
    12:34:17.0386 1320 btwampfl - ok
    12:34:17.0407 1320 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
    12:34:17.0430 1320 btwaudio - ok
    12:34:17.0462 1320 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
    12:34:17.0483 1320 btwavdt - ok
    12:34:17.0562 1320 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    12:34:17.0588 1320 btwdins - ok
    12:34:17.0621 1320 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
    12:34:17.0648 1320 btwl2cap - ok
    12:34:17.0661 1320 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
    12:34:17.0677 1320 btwrchid - ok
    12:34:17.0685 1320 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    12:34:17.0757 1320 cdfs - ok
    12:34:17.0784 1320 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    12:34:17.0820 1320 cdrom - ok
    12:34:17.0851 1320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    12:34:17.0903 1320 CertPropSvc - ok
    12:34:17.0933 1320 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    12:34:17.0972 1320 circlass - ok
    12:34:18.0004 1320 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    12:34:18.0024 1320 CLFS - ok
    12:34:18.0086 1320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    12:34:18.0101 1320 clr_optimization_v2.0.50727_32 - ok
    12:34:18.0149 1320 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    12:34:18.0163 1320 clr_optimization_v2.0.50727_64 - ok
    12:34:18.0227 1320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    12:34:18.0254 1320 clr_optimization_v4.0.30319_32 - ok
    12:34:18.0271 1320 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    12:34:18.0299 1320 clr_optimization_v4.0.30319_64 - ok
    12:34:18.0317 1320 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    12:34:18.0346 1320 CmBatt - ok
    12:34:18.0358 1320 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    12:34:18.0373 1320 cmdide - ok
    12:34:18.0402 1320 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
    12:34:18.0433 1320 CNG - ok
    12:34:18.0454 1320 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    12:34:18.0478 1320 Compbatt - ok
    12:34:18.0512 1320 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    12:34:18.0550 1320 CompositeBus - ok
    12:34:18.0555 1320 COMSysApp - ok
    12:34:18.0577 1320 [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x64.sys
    12:34:18.0602 1320 cpuz134 - ok
    12:34:18.0658 1320 [ D0C2CAA17C7B6D2200E1B5AA9D07135E ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
    12:34:18.0672 1320 cpuz135 - ok
    12:34:18.0683 1320 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    12:34:18.0710 1320 crcdisk - ok
    12:34:18.0739 1320 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
    12:34:18.0799 1320 CryptSvc - ok
    12:34:18.0836 1320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    12:34:18.0895 1320 DcomLaunch - ok
    12:34:18.0931 1320 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    12:34:19.0001 1320 defragsvc - ok
    12:34:19.0045 1320 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    12:34:19.0119 1320 DfsC - ok
    12:34:19.0174 1320 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
    12:34:19.0189 1320 dg_ssudbus - ok
    12:34:19.0224 1320 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    12:34:19.0270 1320 Dhcp - ok
    12:34:19.0286 1320 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    12:34:19.0339 1320 discache - ok
    12:34:19.0365 1320 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    12:34:19.0397 1320 Disk - ok
    12:34:19.0434 1320 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    12:34:19.0468 1320 Dnscache - ok
    12:34:19.0501 1320 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    12:34:19.0560 1320 dot3svc - ok
    12:34:19.0585 1320 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    12:34:19.0640 1320 DPS - ok
    12:34:19.0659 1320 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    12:34:19.0700 1320 drmkaud - ok
    12:34:19.0741 1320 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    12:34:19.0778 1320 DXGKrnl - ok
    12:34:19.0810 1320 [ 52A482DC61F24B498C8268866B90BB44 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
    12:34:19.0830 1320 e1kexpress - ok
    12:34:19.0833 1320 EagleX64 - ok
    12:34:19.0857 1320 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    12:34:19.0901 1320 EapHost - ok
    12:34:19.0959 1320 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    12:34:20.0049 1320 ebdrv - ok
    12:34:20.0078 1320 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    12:34:20.0096 1320 EFS - ok
    12:34:20.0148 1320 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    12:34:20.0187 1320 ehRecvr - ok
    12:34:20.0225 1320 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    12:34:20.0261 1320 ehSched - ok
    12:34:20.0282 1320 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    12:34:20.0326 1320 elxstor - ok
    12:34:20.0356 1320 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    12:34:20.0398 1320 ErrDev - ok
    12:34:20.0420 1320 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    12:34:20.0483 1320 EventSystem - ok
    12:34:20.0505 1320 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    12:34:20.0571 1320 exfat - ok
    12:34:20.0588 1320 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    12:34:20.0647 1320 fastfat - ok
    12:34:20.0682 1320 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
  7. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    12:34:20.0725 1320 Fax - ok
    12:34:20.0747 1320 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    12:34:20.0782 1320 fdc - ok
    12:34:20.0805 1320 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    12:34:20.0850 1320 fdPHost - ok
    12:34:20.0869 1320 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    12:34:20.0922 1320 FDResPub - ok
    12:34:20.0943 1320 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    12:34:20.0969 1320 FileInfo - ok
    12:34:21.0039 1320 [ 060CC45CECAE2FEAFF9C8C52D8FAFAA8 ] FileMonitor C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
    12:34:21.0052 1320 FileMonitor - ok
    12:34:21.0069 1320 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    12:34:21.0132 1320 Filetrace - ok
    12:34:21.0159 1320 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    12:34:21.0194 1320 flpydisk - ok
    12:34:21.0225 1320 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    12:34:21.0246 1320 FltMgr - ok
    12:34:21.0293 1320 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    12:34:21.0332 1320 FontCache - ok
    12:34:21.0391 1320 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    12:34:21.0404 1320 FontCache3.0.0.0 - ok
    12:34:21.0415 1320 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    12:34:21.0431 1320 FsDepends - ok
    12:34:21.0461 1320 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
    12:34:21.0496 1320 fssfltr - ok
    12:34:21.0587 1320 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    12:34:21.0622 1320 fsssvc - ok
    12:34:21.0674 1320 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    12:34:21.0703 1320 Fs_Rec - ok
    12:34:21.0741 1320 [ BD8B74DA98783BCDB410461E65868A60 ] Futuremark SystemInfo Service C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
    12:34:21.0755 1320 Futuremark SystemInfo Service - ok
    12:34:21.0783 1320 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    12:34:21.0805 1320 fvevol - ok
    12:34:21.0834 1320 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    12:34:21.0850 1320 gagp30kx - ok
    12:34:21.0883 1320 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    12:34:21.0895 1320 GEARAspiWDM - ok
    12:34:21.0935 1320 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    12:34:22.0000 1320 gpsvc - ok
    12:34:22.0080 1320 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    12:34:22.0129 1320 Greg_Service - ok
    12:34:22.0228 1320 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    12:34:22.0240 1320 gupdate - ok
    12:34:22.0244 1320 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    12:34:22.0256 1320 gupdatem - ok
    12:34:22.0308 1320 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    12:34:22.0323 1320 gusvc - ok
    12:34:22.0360 1320 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
    12:34:22.0373 1320 hamachi - ok
    12:34:22.0385 1320 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    12:34:22.0434 1320 hcw85cir - ok
    12:34:22.0462 1320 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    12:34:22.0498 1320 HdAudAddService - ok
    12:34:22.0529 1320 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    12:34:22.0565 1320 HDAudBus - ok
    12:34:22.0598 1320 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
    12:34:22.0624 1320 HECIx64 - ok
    12:34:22.0639 1320 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    12:34:22.0656 1320 HidBatt - ok
    12:34:22.0674 1320 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    12:34:22.0711 1320 HidBth - ok
    12:34:22.0725 1320 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    12:34:22.0746 1320 HidIr - ok
    12:34:22.0785 1320 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
    12:34:22.0838 1320 hidserv - ok
    12:34:22.0861 1320 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    12:34:22.0880 1320 HidUsb - ok
    12:34:22.0941 1320 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
    12:34:22.0976 1320 HitmanProScheduler - ok
    12:34:23.0003 1320 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    12:34:23.0062 1320 hkmsvc - ok
    12:34:23.0101 1320 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    12:34:23.0121 1320 HomeGroupListener - ok
    12:34:23.0158 1320 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    12:34:23.0178 1320 HomeGroupProvider - ok
    12:34:23.0203 1320 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    12:34:23.0233 1320 HpSAMD - ok
    12:34:23.0271 1320 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    12:34:23.0338 1320 HTTP - ok
    12:34:23.0358 1320 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    12:34:23.0387 1320 hwpolicy - ok
    12:34:23.0411 1320 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    12:34:23.0429 1320 i8042prt - ok
    12:34:23.0504 1320 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    12:34:23.0531 1320 IAANTMON - ok
    12:34:23.0563 1320 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
    12:34:23.0580 1320 iaStor - ok
    12:34:23.0628 1320 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    12:34:23.0652 1320 iaStorV - ok
    12:34:23.0692 1320 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    12:34:23.0736 1320 idsvc - ok
    12:34:23.0762 1320 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    12:34:23.0778 1320 iirsp - ok
    12:34:23.0812 1320 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    12:34:23.0880 1320 IKEEXT - ok
    12:34:23.0939 1320 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    12:34:23.0974 1320 IMFservice - ok
    12:34:24.0071 1320 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    12:34:24.0214 1320 IntcAzAudAddService - ok
    12:34:24.0247 1320 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    12:34:24.0274 1320 intelide - ok
    12:34:24.0285 1320 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    12:34:24.0316 1320 intelppm - ok
    12:34:24.0337 1320 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    12:34:24.0396 1320 IPBusEnum - ok
    12:34:24.0427 1320 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    12:34:24.0480 1320 IpFilterDriver - ok
    12:34:24.0535 1320 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    12:34:24.0605 1320 iphlpsvc - ok
    12:34:24.0641 1320 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    12:34:24.0671 1320 IPMIDRV - ok
    12:34:24.0685 1320 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    12:34:24.0744 1320 IPNAT - ok
    12:34:24.0801 1320 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    12:34:24.0826 1320 iPod Service - ok
    12:34:24.0845 1320 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    12:34:24.0879 1320 IRENUM - ok
    12:34:24.0909 1320 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    12:34:24.0937 1320 isapnp - ok
    12:34:24.0965 1320 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    12:34:24.0994 1320 iScsiPrt - ok
    12:34:25.0037 1320 [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
    12:34:25.0069 1320 ISODrive - ok
    12:34:25.0104 1320 [ 75DDB94A2A24F9F7037D10A2DDA06D36 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
    12:34:25.0119 1320 JRAID - ok
    12:34:25.0149 1320 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    12:34:25.0164 1320 kbdclass - ok
    12:34:25.0197 1320 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    12:34:25.0244 1320 kbdhid - ok
    12:34:25.0255 1320 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    12:34:25.0272 1320 KeyIso - ok
    12:34:25.0300 1320 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    12:34:25.0317 1320 KSecDD - ok
    12:34:25.0332 1320 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    12:34:25.0363 1320 KSecPkg - ok
    12:34:25.0379 1320 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    12:34:25.0454 1320 ksthunk - ok
    12:34:25.0481 1320 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    12:34:25.0565 1320 KtmRm - ok
    12:34:25.0595 1320 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
    12:34:25.0650 1320 LanmanServer - ok
    12:34:25.0673 1320 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    12:34:25.0738 1320 LanmanWorkstation - ok
    12:34:25.0788 1320 [ 9DCB9D9BDB7E3C0F66F86EE09A392CBB ] LGDDCDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys
    12:34:25.0808 1320 LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
    12:34:25.0808 1320 LGDDCDevice - detected UnsignedFile.Multi.Generic (1)
    12:34:25.0832 1320 [ 21A62A7A95B1905634E7C12E5158EC32 ] LGII2CDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys
    12:34:25.0992 1320 LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
    12:34:25.0992 1320 LGII2CDevice - detected UnsignedFile.Multi.Generic (1)
    12:34:26.0014 1320 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    12:34:26.0077 1320 lltdio - ok
    12:34:26.0112 1320 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    12:34:26.0163 1320 lltdsvc - ok
    12:34:26.0181 1320 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    12:34:26.0226 1320 lmhosts - ok
    12:34:26.0281 1320 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    12:34:26.0733 1320 LMS ( UnsignedFile.Multi.Generic ) - warning
    12:34:26.0733 1320 LMS - detected UnsignedFile.Multi.Generic (1)
    12:34:26.0768 1320 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    12:34:26.0802 1320 LSI_FC - ok
    12:34:26.0818 1320 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    12:34:26.0837 1320 LSI_SAS - ok
    12:34:26.0854 1320 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    12:34:26.0871 1320 LSI_SAS2 - ok
    12:34:26.0885 1320 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    12:34:26.0919 1320 LSI_SCSI - ok
    12:34:26.0942 1320 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    12:34:27.0010 1320 luafv - ok
    12:34:27.0048 1320 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    12:34:27.0428 1320 MBAMProtector - ok
    12:34:27.0486 1320 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    12:34:27.0508 1320 MBAMService - ok
    12:34:27.0606 1320 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
    12:34:27.0624 1320 McComponentHostService - ok
    12:34:27.0658 1320 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    12:34:27.0678 1320 Mcx2Svc - ok
    12:34:27.0699 1320 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    12:34:27.0715 1320 megasas - ok
    12:34:27.0730 1320 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    12:34:27.0752 1320 MegaSR - ok
    12:34:27.0820 1320 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    12:34:27.0835 1320 Microsoft Office Groove Audit Service - ok
    12:34:27.0870 1320 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    12:34:27.0926 1320 MMCSS - ok
    12:34:27.0965 1320 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    12:34:28.0009 1320 Modem - ok
    12:34:28.0036 1320 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    12:34:28.0075 1320 monitor - ok
    12:34:28.0089 1320 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    12:34:28.0107 1320 mouclass - ok
    12:34:28.0122 1320 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    12:34:28.0152 1320 mouhid - ok
    12:34:28.0181 1320 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    12:34:28.0209 1320 mountmgr - ok
    12:34:28.0268 1320 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    12:34:28.0285 1320 MozillaMaintenance - ok
    12:34:28.0315 1320 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    12:34:28.0351 1320 mpio - ok
    12:34:28.0373 1320 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    12:34:28.0420 1320 mpsdrv - ok
    12:34:28.0474 1320 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    12:34:28.0527 1320 MpsSvc - ok
    12:34:28.0565 1320 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    12:34:28.0592 1320 MRxDAV - ok
    12:34:28.0627 1320 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    12:34:28.0661 1320 mrxsmb - ok
    12:34:28.0693 1320 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    12:34:28.0739 1320 mrxsmb10 - ok
    12:34:28.0763 1320 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    12:34:28.0783 1320 mrxsmb20 - ok
    12:34:28.0808 1320 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    12:34:28.0836 1320 msahci - ok
    12:34:28.0855 1320 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    12:34:28.0892 1320 msdsm - ok
    12:34:28.0907 1320 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    12:34:28.0960 1320 MSDTC - ok
    12:34:28.0996 1320 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    12:34:29.0048 1320 Msfs - ok
    12:34:29.0068 1320 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    12:34:29.0118 1320 mshidkmdf - ok
    12:34:29.0158 1320 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    12:34:29.0175 1320 msisadrv - ok
    12:34:29.0213 1320 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    12:34:29.0261 1320 MSiSCSI - ok
    12:34:29.0266 1320 msiserver - ok
    12:34:29.0283 1320 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    12:34:29.0360 1320 MSKSSRV - ok
    12:34:29.0364 1320 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    12:34:29.0424 1320 MSPCLOCK - ok
    12:34:29.0429 1320 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    12:34:29.0489 1320 MSPQM - ok
    12:34:29.0524 1320 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    12:34:29.0551 1320 MsRPC - ok
    12:34:29.0563 1320 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    12:34:29.0580 1320 mssmbios - ok
    12:34:29.0640 1320 MSSQL$SQLEXPRESS - ok
    12:34:29.0705 1320 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
    12:34:29.0719 1320 MSSQLServerADHelper100 - ok
    12:34:29.0729 1320 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    12:34:29.0796 1320 MSTEE - ok
    12:34:29.0936 1320 [ CB4A082AF58D1A0969F931816D5CFB05 ] msvsmon90 C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
    12:34:30.0020 1320 msvsmon90 - ok
    12:34:30.0032 1320 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    12:34:30.0066 1320 MTConfig - ok
    12:34:30.0081 1320 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    12:34:30.0097 1320 Mup - ok
    12:34:30.0131 1320 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
    12:34:30.0159 1320 mwlPSDFilter - ok
    12:34:30.0177 1320 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
    12:34:30.0207 1320 mwlPSDNServ - ok
    12:34:30.0222 1320 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
    12:34:30.0250 1320 mwlPSDVDisk - ok
    12:34:30.0302 1320 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
    12:34:30.0325 1320 MWLService - ok
    12:34:30.0362 1320 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    12:34:30.0421 1320 napagent - ok
    12:34:30.0456 1320 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    12:34:30.0512 1320 NativeWifiP - ok
    12:34:30.0557 1320 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
    12:34:30.0586 1320 NDIS - ok
    12:34:30.0604 1320 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    12:34:30.0664 1320 NdisCap - ok
    12:34:30.0686 1320 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    12:34:30.0748 1320 NdisTapi - ok
    12:34:30.0773 1320 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    12:34:30.0815 1320 Ndisuio - ok
    12:34:30.0849 1320 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    12:34:30.0908 1320 NdisWan - ok
    12:34:30.0936 1320 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    12:34:30.0994 1320 NDProxy - ok
    12:34:31.0052 1320 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    12:34:31.0096 1320 Nero BackItUp Scheduler 4.0 - ok
    12:34:31.0109 1320 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    12:34:31.0185 1320 NetBIOS - ok
    12:34:31.0224 1320 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    12:34:31.0271 1320 NetBT - ok
    12:34:31.0288 1320 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    12:34:31.0304 1320 Netlogon - ok
    12:34:31.0338 1320 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    12:34:31.0398 1320 Netman - ok
    12:34:31.0457 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    12:34:31.0472 1320 NetMsmqActivator - ok
    12:34:31.0477 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    12:34:31.0490 1320 NetPipeActivator - ok
    12:34:31.0509 1320 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    12:34:31.0573 1320 netprofm - ok
    12:34:31.0612 1320 [ D66596DB0A0739A89C25B590CE36D628 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
    12:34:31.0666 1320 netr28x - ok
    12:34:31.0672 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    12:34:31.0685 1320 NetTcpActivator - ok
    12:34:31.0705 1320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    12:34:31.0718 1320 NetTcpPortSharing - ok
    12:34:31.0738 1320 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    12:34:31.0753 1320 nfrd960 - ok
    12:34:31.0792 1320 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    12:34:31.0854 1320 NlaSvc - ok
    12:34:31.0901 1320 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
    12:34:31.0930 1320 NPF - ok
    12:34:31.0942 1320 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    12:34:31.0995 1320 Npfs - ok
    12:34:32.0021 1320 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    12:34:32.0065 1320 nsi - ok
    12:34:32.0078 1320 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    12:34:32.0132 1320 nsiproxy - ok
    12:34:32.0193 1320 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    12:34:32.0266 1320 Ntfs - ok
    12:34:32.0332 1320 [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    12:34:32.0365 1320 NTI IScheduleSvc - ok
    12:34:32.0376 1320 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
    12:34:32.0393 1320 NTIDrvr - ok
    12:34:32.0405 1320 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    12:34:32.0447 1320 Null - ok
    12:34:32.0479 1320 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
    12:34:32.0508 1320 NVHDA - ok
    12:34:32.0513 1320 nvlddmkm - ok
    12:34:32.0528 1320 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    12:34:32.0547 1320 nvraid - ok
    12:34:32.0572 1320 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    12:34:32.0598 1320 nvstor - ok
    12:34:32.0628 1320 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    12:34:32.0644 1320 nv_agp - ok
    12:34:32.0713 1320 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    12:34:32.0732 1320 odserv - ok
    12:34:32.0760 1320 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    12:34:32.0799 1320 ohci1394 - ok
    12:34:32.0836 1320 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    12:34:32.0852 1320 ose - ok
    12:34:32.0890 1320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    12:34:32.0925 1320 p2pimsvc - ok
    12:34:32.0959 1320 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    12:34:32.0981 1320 p2psvc - ok
    12:34:33.0028 1320 [ E55FDEDB0AC89B41970AAE0F44FC2DCA ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS
    12:34:33.0539 1320 PAC207 - ok
    12:34:33.0578 1320 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    12:34:33.0626 1320 Parport - ok
    12:34:33.0653 1320 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    12:34:33.0677 1320 partmgr - ok
    12:34:33.0713 1320 [ 8A0F8A9580D9F2FC512A35D5709088A9 ] pavboot C:\Windows\system32\drivers\pavboot64.sys
    12:34:33.0730 1320 pavboot - ok
    12:34:33.0821 1320 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
    12:34:33.0835 1320 pbfilter - ok
    12:34:33.0854 1320 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    12:34:33.0888 1320 PcaSvc - ok
    12:34:33.0923 1320 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    12:34:33.0940 1320 pci - ok
    12:34:33.0960 1320 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    12:34:33.0987 1320 pciide - ok
    12:34:34.0005 1320 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    12:34:34.0036 1320 pcmcia - ok
    12:34:34.0056 1320 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    12:34:34.0072 1320 pcw - ok
    12:34:34.0097 1320 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    12:34:34.0167 1320 PEAUTH - ok
    12:34:34.0252 1320 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    12:34:34.0283 1320 PerfHost - ok
    12:34:34.0344 1320 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    12:34:34.0427 1320 pla - ok
    12:34:34.0466 1320 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    12:34:34.0489 1320 PlugPlay - ok
    12:34:34.0502 1320 PnkBstrA - ok
    12:34:34.0532 1320 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    12:34:34.0550 1320 PNRPAutoReg - ok
    12:34:34.0567 1320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    12:34:34.0588 1320 PNRPsvc - ok
    12:34:34.0626 1320 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
    12:34:34.0658 1320 Point64 - ok
    12:34:34.0678 1320 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    12:34:34.0725 1320 PolicyAgent - ok
    12:34:34.0751 1320 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    12:34:34.0806 1320 Power - ok
    12:34:34.0831 1320 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    12:34:34.0891 1320 PptpMiniport - ok
    12:34:34.0918 1320 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    12:34:34.0964 1320 Processor - ok
    12:34:34.0982 1320 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
    12:34:35.0042 1320 ProfSvc - ok
    12:34:35.0056 1320 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    12:34:35.0072 1320 ProtectedStorage - ok
    12:34:35.0106 1320 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    12:34:35.0147 1320 Psched - ok
    12:34:35.0197 1320 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    12:34:35.0256 1320 ql2300 - ok
    12:34:35.0275 1320 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    12:34:35.0305 1320 ql40xx - ok
    12:34:35.0339 1320 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    12:34:35.0377 1320 QWAVE - ok
    12:34:35.0398 1320 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    12:34:35.0436 1320 QWAVEdrv - ok
    12:34:35.0460 1320 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    12:34:35.0520 1320 RasAcd - ok
    12:34:35.0549 1320 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    12:34:35.0597 1320 RasAgileVpn - ok
    12:34:35.0618 1320 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    12:34:35.0677 1320 RasAuto - ok
    12:34:35.0709 1320 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    12:34:35.0769 1320 Rasl2tp - ok
    12:34:35.0804 1320 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    12:34:35.0850 1320 RasMan - ok
    12:34:35.0870 1320 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    12:34:35.0915 1320 RasPppoe - ok
    12:34:35.0934 1320 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    12:34:35.0990 1320 RasSstp - ok
    12:34:36.0035 1320 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    12:34:36.0081 1320 rdbss - ok
    12:34:36.0105 1320 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    12:34:36.0143 1320 rdpbus - ok
    12:34:36.0162 1320 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    12:34:36.0218 1320 RDPCDD - ok
    12:34:36.0252 1320 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    12:34:36.0296 1320 RDPENCDD - ok
    12:34:36.0332 1320 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    12:34:36.0389 1320 RDPREFMP - ok
    12:34:36.0426 1320 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    12:34:36.0456 1320 RDPWD - ok
    12:34:36.0487 1320 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    12:34:36.0506 1320 rdyboost - ok
    12:34:36.0635 1320 [ C7DE6F41B1A734EA70BD2DC67235BECC ] RegFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
    12:34:36.0649 1320 RegFilter - ok
    12:34:36.0684 1320 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    12:34:36.0751 1320 RemoteAccess - ok
    12:34:36.0784 1320 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    12:34:36.0831 1320 RemoteRegistry - ok
    12:34:36.0854 1320 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    12:34:36.0903 1320 RFCOMM - ok
    12:34:36.0987 1320 [ A10B40CF9EB57D24E44717A2D38A00F4 ] RivaTuner64 C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
    12:34:37.0003 1320 RivaTuner64 - ok
    12:34:37.0057 1320 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
    12:34:37.0070 1320 rpcapd - ok
    12:34:37.0089 1320 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    12:34:37.0151 1320 RpcEptMapper - ok
    12:34:37.0170 1320 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    12:34:37.0206 1320 RpcLocator - ok
    12:34:37.0236 1320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    12:34:37.0281 1320 RpcSs - ok
    12:34:37.0315 1320 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
    12:34:37.0352 1320 RsFx0103 - ok
    12:34:37.0380 1320 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    12:34:37.0437 1320 rspndr - ok
    12:34:37.0455 1320 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    12:34:37.0472 1320 SamSs - ok
    12:34:37.0536 1320 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    12:34:37.0569 1320 SASDIFSV - ok
    12:34:37.0597 1320 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    12:34:37.0612 1320 SASKUTIL - ok
    12:34:37.0712 1320 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    12:34:37.0777 1320 SBAMSvc - ok
    12:34:37.0811 1320 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys
    12:34:37.0839 1320 sbapifs - ok
    12:34:37.0867 1320 [ 19954328DDA3D656F8A879B3A46FFED6 ] SbFw C:\Windows\system32\drivers\SbFw.sys
    12:34:37.0892 1320 SbFw - ok
    12:34:37.0928 1320 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
    12:34:37.0943 1320 SBFWIMCL - ok
    12:34:37.0949 1320 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
    12:34:37.0963 1320 SBFWIMCLMP - ok
    12:34:37.0992 1320 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys
    12:34:38.0014 1320 sbhips - ok
    12:34:38.0041 1320 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    12:34:38.0070 1320 sbp2port - ok
    12:34:38.0096 1320 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys
    12:34:38.0109 1320 SBRE - ok
    12:34:38.0151 1320 [ EAB54ADCCECA64B2F38CD859FB494895 ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys
    12:34:38.0164 1320 sbwtis - ok
    12:34:38.0199 1320 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    12:34:38.0264 1320 SCardSvr - ok
    12:34:38.0292 1320 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
    12:34:38.0716 1320 SCDEmu - ok
    12:34:38.0746 1320 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    12:34:38.0790 1320 scfilter - ok
    12:34:38.0839 1320 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    12:34:38.0901 1320 Schedule - ok
    12:34:38.0939 1320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    12:34:38.0981 1320 SCPolicySvc - ok
    12:34:39.0035 1320 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
    12:34:39.0065 1320 ScreamBAudioSvc - ok
    12:34:39.0095 1320 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    12:34:39.0125 1320 SDRSVC - ok
    12:34:39.0149 1320 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    12:34:39.0214 1320 secdrv - ok
    12:34:39.0240 1320 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    12:34:39.0295 1320 seclogon - ok
    12:34:39.0327 1320 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
    12:34:39.0374 1320 SENS - ok
    12:34:39.0392 1320 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    12:34:39.0424 1320 SensrSvc - ok
    12:34:39.0438 1320 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    12:34:39.0484 1320 Serenum - ok
    12:34:39.0507 1320 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    12:34:39.0542 1320 Serial - ok
    12:34:39.0580 1320 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    12:34:39.0620 1320 sermouse - ok
    12:34:39.0663 1320 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    12:34:39.0724 1320 SessionEnv - ok
    12:34:39.0744 1320 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    12:34:39.0764 1320 sffdisk - ok
    12:34:39.0785 1320 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    12:34:39.0815 1320 sffp_mmc - ok
    12:34:39.0829 1320 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    12:34:39.0876 1320 sffp_sd - ok
    12:34:39.0897 1320 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    12:34:39.0929 1320 sfloppy - ok
    12:34:40.0017 1320 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    12:34:40.0093 1320 SharedAccess - ok
    12:34:40.0145 1320 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    12:34:40.0192 1320 ShellHWDetection - ok
    12:34:40.0232 1320 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    12:34:40.0248 1320 SiSRaid2 - ok
    12:34:40.0265 1320 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    12:34:40.0296 1320 SiSRaid4 - ok
    12:34:40.0330 1320 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
    12:34:40.0342 1320 SmartDefragDriver - ok
    12:34:40.0365 1320 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    12:34:40.0410 1320 Smb - ok
    12:34:40.0447 1320 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    12:34:40.0481 1320 SNMPTRAP - ok
    12:34:40.0502 1320 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    12:34:40.0528 1320 spldr - ok
    12:34:40.0573 1320 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
    12:34:40.0648 1320 Spooler - ok
    12:34:40.0720 1320 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    12:34:40.0814 1320 sppsvc - ok
    12:34:40.0834 1320 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    12:34:40.0881 1320 sppuinotify - ok
    12:34:40.0912 1320 [ 34F974F8B3C86DE03A30DCBE79091C97 ] sptd C:\Windows\system32\Drivers\sptd.sys
    12:34:40.0928 1320 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34F974F8B3C86DE03A30DCBE79091C97
    12:34:40.0944 1320 sptd ( LockedFile.Multi.Generic ) - warning
    12:34:40.0945 1320 sptd - detected LockedFile.Multi.Generic (1)
    12:34:41.0038 1320 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
    12:34:41.0056 1320 SQLAgent$SQLEXPRESS - ok
    12:34:41.0097 1320 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    12:34:41.0112 1320 SQLBrowser - ok
    12:34:41.0165 1320 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    12:34:41.0195 1320 SQLWriter - ok
    12:34:41.0235 1320 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    12:34:41.0283 1320 srv - ok
    12:34:41.0308 1320 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    12:34:41.0353 1320 srv2 - ok
    12:34:41.0370 1320 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    12:34:41.0401 1320 srvnet - ok
    12:34:41.0427 1320 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    12:34:41.0473 1320 SSDPSRV - ok
    12:34:41.0491 1320 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    12:34:41.0537 1320 SstpSvc - ok
    12:34:41.0585 1320 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
    12:34:41.0600 1320 ssudmdm - ok
    12:34:41.0702 1320 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    12:34:41.0738 1320 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
    12:34:41.0738 1320 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
    12:34:41.0758 1320 Steam Client Service - ok
    12:34:41.0786 1320 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    12:34:41.0817 1320 stexstor - ok
    12:34:41.0860 1320 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    12:34:41.0900 1320 stisvc - ok
    12:34:41.0933 1320 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    12:34:41.0947 1320 swenum - ok
    12:34:41.0981 1320 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    12:34:42.0065 1320 swprv - ok
    12:34:42.0111 1320 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    12:34:42.0164 1320 SysMain - ok
    12:34:42.0191 1320 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    12:34:42.0240 1320 TabletInputService - ok
    12:34:42.0272 1320 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    12:34:42.0331 1320 TapiSrv - ok
    12:34:42.0362 1320 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    12:34:42.0409 1320 TBS - ok
    12:34:42.0457 1320 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    12:34:42.0503 1320 Tcpip - ok
    12:34:42.0546 1320 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    12:34:42.0587 1320 TCPIP6 - ok
    12:34:42.0627 1320 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    12:34:42.0683 1320 tcpipreg - ok
    12:34:42.0719 1320 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    12:34:42.0767 1320 TDPIPE - ok
    12:34:42.0795 1320 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    12:34:42.0820 1320 TDTCP - ok
    12:34:42.0853 1320 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    12:34:42.0895 1320 tdx - ok
    12:34:42.0992 1320 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    12:34:43.0070 1320 TeamViewer7 - ok
    12:34:43.0096 1320 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    12:34:43.0129 1320 TermDD - ok
    12:34:43.0160 1320 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    12:34:43.0220 1320 TermService - ok
    12:34:43.0252 1320 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    12:34:43.0291 1320 Themes - ok
    12:34:43.0325 1320 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    12:34:43.0369 1320 THREADORDER - ok
    12:34:43.0402 1320 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    12:34:43.0449 1320 TrkWks - ok
    12:34:43.0508 1320 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    12:34:43.0550 1320 TrustedInstaller - ok
    12:34:43.0578 1320 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    12:34:43.0641 1320 tssecsrv - ok
    12:34:43.0675 1320 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    12:34:43.0718 1320 TsUsbFlt - ok
    12:34:43.0753 1320 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    12:34:43.0809 1320 tunnel - ok
    12:34:43.0850 1320 [ C45A3E051C65106A28982CAED125F855 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
    12:34:44.0243 1320 TurboB - ok
    12:34:44.0275 1320 [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    12:34:44.0288 1320 TurboBoost - ok
    12:34:44.0327 1320 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    12:34:44.0343 1320 uagp35 - ok
    12:34:44.0358 1320 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
    12:34:44.0373 1320 UBHelper - ok
    12:34:44.0409 1320 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    12:34:44.0486 1320 udfs - ok
    12:34:44.0524 1320 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    12:34:44.0571 1320 UI0Detect - ok
    12:34:44.0586 1320 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    12:34:44.0602 1320 uliagpkx - ok
    12:34:44.0635 1320 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    12:34:44.0660 1320 umbus - ok
    12:34:44.0678 1320 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    12:34:44.0704 1320 UmPass - ok
    12:34:44.0821 1320 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    12:34:44.0872 1320 UNS ( UnsignedFile.Multi.Generic ) - warning
    12:34:44.0872 1320 UNS - detected UnsignedFile.Multi.Generic (1)
    12:34:44.0922 1320 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    12:34:44.0939 1320 Updater Service - ok
    12:34:44.0960 1320 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    12:34:45.0027 1320 upnphost - ok
    12:34:45.0051 1320 [ 82520FE7A49765E76281DCC7D90C09F6 ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
    12:34:45.0064 1320 UrlFilter - ok
    12:34:45.0091 1320 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    12:34:45.0127 1320 usbaudio - ok
    12:34:45.0151 1320 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    12:34:45.0181 1320 usbccgp - ok
    12:34:45.0212 1320 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    12:34:45.0247 1320 usbcir - ok
    12:34:45.0278 1320 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    12:34:45.0315 1320 usbehci - ok
    12:34:45.0334 1320 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    12:34:45.0380 1320 usbhub - ok
    12:34:45.0398 1320 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    12:34:45.0425 1320 usbohci - ok
    12:34:45.0454 1320 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    12:34:45.0486 1320 usbprint - ok
    12:34:45.0558 1320 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
    12:34:45.0576 1320 USBS3S4Detection - ok
    12:34:45.0591 1320 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    12:34:45.0628 1320 USBSTOR - ok
    12:34:45.0651 1320 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    12:34:45.0687 1320 usbuhci - ok
    12:34:45.0720 1320 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    12:34:45.0787 1320 UxSms - ok
    12:34:45.0810 1320 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    12:34:45.0827 1320 VaultSvc - ok
    12:34:45.0848 1320 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    12:34:45.0871 1320 vdrvroot - ok
    12:34:45.0912 1320 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    12:34:45.0982 1320 vds - ok
    12:34:46.0006 1320 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    12:34:46.0026 1320 vga - ok
    12:34:46.0045 1320 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    12:34:46.0112 1320 VgaSave - ok
    12:34:46.0140 1320 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    12:34:46.0160 1320 vhdmp - ok
    12:34:46.0194 1320 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    12:34:46.0226 1320 viaide - ok
    12:34:46.0250 1320 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    12:34:46.0278 1320 volmgr - ok
    12:34:46.0308 1320 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    12:34:46.0331 1320 volmgrx - ok
    12:34:46.0354 1320 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    12:34:46.0375 1320 volsnap - ok
    12:34:46.0391 1320 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    12:34:46.0427 1320 vsmraid - ok
    12:34:46.0478 1320 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    12:34:46.0583 1320 VSS - ok
  8. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    12:34:46.0605 1320 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    12:34:46.0639 1320 vwifibus - ok
    12:34:46.0658 1320 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    12:34:46.0683 1320 vwififlt - ok
    12:34:46.0704 1320 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    12:34:46.0726 1320 vwifimp - ok
    12:34:46.0773 1320 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    12:34:46.0821 1320 W32Time - ok
    12:34:46.0840 1320 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    12:34:46.0882 1320 WacomPen - ok
    12:34:46.0913 1320 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    12:34:46.0971 1320 WANARP - ok
    12:34:46.0977 1320 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    12:34:47.0019 1320 Wanarpv6 - ok
    12:34:47.0064 1320 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    12:34:47.0117 1320 WatAdminSvc - ok
    12:34:47.0162 1320 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    12:34:47.0222 1320 wbengine - ok
    12:34:47.0252 1320 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    12:34:47.0297 1320 WbioSrvc - ok
    12:34:47.0326 1320 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    12:34:47.0370 1320 wcncsvc - ok
    12:34:47.0393 1320 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    12:34:47.0420 1320 WcsPlugInService - ok
    12:34:47.0434 1320 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    12:34:47.0448 1320 Wd - ok
    12:34:47.0482 1320 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
    12:34:47.0822 1320 WDC_SAM - ok
    12:34:47.0856 1320 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    12:34:47.0886 1320 Wdf01000 - ok
    12:34:47.0903 1320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    12:34:47.0941 1320 WdiServiceHost - ok
    12:34:47.0948 1320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    12:34:47.0974 1320 WdiSystemHost - ok
    12:34:48.0010 1320 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    12:34:48.0051 1320 WebClient - ok
    12:34:48.0071 1320 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    12:34:48.0130 1320 Wecsvc - ok
    12:34:48.0148 1320 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    12:34:48.0208 1320 wercplsupport - ok
    12:34:48.0226 1320 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    12:34:48.0272 1320 WerSvc - ok
    12:34:48.0295 1320 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    12:34:48.0345 1320 WfpLwf - ok
    12:34:48.0368 1320 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    12:34:48.0397 1320 WIMMount - ok
    12:34:48.0428 1320 WinDefend - ok
    12:34:48.0444 1320 WinHttpAutoProxySvc - ok
    12:34:48.0518 1320 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    12:34:48.0575 1320 Winmgmt - ok
    12:34:48.0631 1320 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    12:34:48.0724 1320 WinRM - ok
    12:34:48.0778 1320 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    12:34:48.0798 1320 WinUsb - ok
    12:34:48.0825 1320 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    12:34:48.0860 1320 Wlansvc - ok
    12:34:48.0920 1320 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    12:34:48.0934 1320 wlcrasvc - ok
    12:34:49.0024 1320 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    12:34:49.0072 1320 wlidsvc - ok
    12:34:49.0094 1320 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    12:34:49.0112 1320 WmiAcpi - ok
    12:34:49.0143 1320 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    12:34:49.0188 1320 wmiApSrv - ok
    12:34:49.0223 1320 WMPNetworkSvc - ok
    12:34:49.0246 1320 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    12:34:49.0265 1320 WPCSvc - ok
    12:34:49.0293 1320 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    12:34:49.0314 1320 WPDBusEnum - ok
    12:34:49.0343 1320 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    12:34:49.0400 1320 ws2ifsl - ok
    12:34:49.0431 1320 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
    12:34:49.0469 1320 wscsvc - ok
    12:34:49.0476 1320 WSearch - ok
    12:34:49.0561 1320 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
    12:34:49.0639 1320 wuauserv - ok
    12:34:49.0666 1320 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    12:34:49.0711 1320 WudfPf - ok
    12:34:49.0739 1320 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    12:34:49.0798 1320 WUDFRd - ok
    12:34:49.0839 1320 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    12:34:49.0884 1320 wudfsvc - ok
    12:34:49.0901 1320 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    12:34:49.0948 1320 WwanSvc - ok
    12:34:49.0990 1320 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
    12:34:50.0249 1320 xusb21 - ok
    12:34:50.0323 1320 ================ Scan global ===============================
    12:34:50.0363 1320 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    12:34:50.0398 1320 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    12:34:50.0408 1320 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
    12:34:50.0442 1320 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    12:34:50.0481 1320 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    12:34:50.0485 1320 [Global] - ok
    12:34:50.0485 1320 ================ Scan MBR ==================================
    12:34:50.0502 1320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    12:34:50.0743 1320 \Device\Harddisk0\DR0 - ok
    12:34:50.0743 1320 ================ Scan VBR ==================================
    12:34:50.0746 1320 [ FF39E7A196BEAC47F469D4367F35D735 ] \Device\Harddisk0\DR0\Partition1
    12:34:50.0747 1320 \Device\Harddisk0\DR0\Partition1 - ok
    12:34:50.0765 1320 [ 40EE53372D57DFD4659186158D54BE27 ] \Device\Harddisk0\DR0\Partition2
    12:34:50.0766 1320 \Device\Harddisk0\DR0\Partition2 - ok
    12:34:50.0782 1320 [ F6D9D2DBFA23E3D65A8319B32C6D5741 ] \Device\Harddisk0\DR0\Partition3
    12:34:50.0783 1320 \Device\Harddisk0\DR0\Partition3 - ok
    12:34:50.0784 1320 ============================================================
    12:34:50.0784 1320 Scan finished
    12:34:50.0784 1320 ============================================================
    12:34:50.0793 3476 Detected object count: 6
    12:34:50.0793 3476 Actual detected object count: 6
    12:40:33.0629 3476 LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
    12:40:33.0629 3476 LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:40:33.0630 3476 LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
    12:40:33.0630 3476 LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:40:33.0632 3476 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
    12:40:33.0632 3476 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:40:33.0634 3476 sptd ( LockedFile.Multi.Generic ) - skipped by user
    12:40:33.0634 3476 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
    12:40:33.0635 3476 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
    12:40:33.0635 3476 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:40:33.0637 3476 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
    12:40:33.0637 3476 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:43:16.0129 2096 Deinitialize success
  9. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    ESET Online Scan

    Please run a free online scan with the ESET Online Scanner
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
    • Click Start or wait for the scanner to load.
    • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
    • Click Scan (This scan can take several hours, so please be patient)
    • Once the scan is completed, there are a couple of things to keep in mind:
    • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
    • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
    • Open the logfile from wherever you saved it
    • Copy and paste the contents in your next reply.
  10. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    When I attempt to scan it tells me that im not connected and proxy must be configured, the trojan must be the reason
  11. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Scan for malware

    [​IMG] Please download Malwarebytes Anti-Malware from HERE.


    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
    • Copy and paste the entire report in your next reply.
     
  12. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    I was unable to update due to the proxy issue but here is my scan log, I dont believe it found anything

    Malwarebytes Anti-Malware (PRO) 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.03.05

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    owner :: OWNER-PC [administrator]

    Protection: Enabled

    07/09/2012 21:14:02
    mbam-log-2012-09-07 (21-14-02).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 241449
    Time elapsed: 8 minute(s), 9 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  13. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in

      msconfig
      safebootminimal
      activex
      drivers32
      netsvcs
      CreateRestorePoint
      %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5
      %AppData%\Local\
      %systemroot%\system32\sysprep
      *.xpi /md5
      %systemroot%\Downloaded Program Files\
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
      hklm\software\clients\startmenuinternet|command /rs
      hklm\software\clients\startmenuinternet|command /64 /rs
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\system32\drivers\*.sys /90
      %systemroot%\System32\config\*.sav
      %SYSTEMDRIVE%\*.exe /md5
      "%WinDir%\$NtUninstallKB*$." /30
      %systemdrive%\Program Files\Common Files\ComObjects\*.* /s
      %systemroot%\*. /mp /s
      %systemroot%\*. /rp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\Installer\ /s
      %systemroot%\system32\Cache\ /s
      %systemroot%\system32\config\systemprofile\Application Data /s
      %PROGRAMFILES%\*.
      %appdata%\*.*
      /md5start
      volsnap.sys
      services.exe
      userinit.exe
      afd.sys
      tcpip.sys
      netbt.sys
      ipsec.sys
      dnsrslvr.dll
      ipnathlp.dll
      netman.dll
      WMIsvc.dll
      srsvc.dll
      sr.sys
      wscsvc.dll
      wuauserv.dll
      qmgr.dll
      es.dll
      cryptsvc.dll
      svchost.exe
      rpcss.dll
      tdx.sys
      wininit.exe
      winlogon.exe
      atapi.sys
      explorer.exe
      /md5stop
    • Click the Run Scanbutton. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time
    Note: in the event that OTL fails to run, please use alternate download links to try again:

    http://oldtimer.geekstogo.com/OTL.com
    http://oldtimer.geekstogo.com/OTL.scr
  14. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    OTL.txt

    OTL logfile created on: 08/09/2012 20:35:29 - Run 2
    OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\owner\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    5.93 Gb Total Physical Memory | 3.92 Gb Available Physical Memory | 66.18% Memory free
    11.86 Gb Paging File | 9.13 Gb Available in Paging File | 77.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 458.45 Gb Total Space | 156.28 Gb Free Space | 34.09% Space Free | Partition Type: NTFS
    Drive D: | 458.96 Gb Total Space | 281.88 Gb Free Space | 61.42% Space Free | Partition Type: NTFS

    Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\owner\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
    PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
    PRC - C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe (Binary Fortress Software)
    PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
    PRC - C:\Program Files (x86)\IObit\Game Booster\gbtray.exe (IObit)
    PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
    PRC - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
    PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
    PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
    PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
    PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
    PRC - C:\OEM\USBDECTION\USBS3S4Detection.exe ()
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
    PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
    PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
    PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
    PRC - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\Monitor.exe ()
    PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll ()
    MOD - C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll ()
    MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\Monitor.exe ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\MonitorEngRes.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\ApplicationManager.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\ACRHook.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\ProtocolEngine.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\DeviceManager.dll ()
    MOD - C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\ErrorHandler.dll ()


    ========== Services (SafeList) ==========

    SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
    SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
    SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
    SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
    SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
    SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
    SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
    SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
    SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
    SRV - (AdvancedSystemCareService5) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
    SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
    SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
    SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
    SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
    SRV - (USBS3S4Detection) -- C:\OEM\USBDECTION\USBS3S4Detection.exe ()
    SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
    SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
    SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
    DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
    DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
    DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
    DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
    DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
    DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
    DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
    DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
    DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
    DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
    DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
    DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
    DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
    DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
    DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
    DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
    DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
    DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
    DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (GFI Software)
    DRV:64bit: - (sbwtis) -- C:\Windows\SysNative\drivers\sbwtis.sys (GFI Software)
    DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software)
    DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
    DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (GFI Software)
    DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software)
    DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software)
    DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
    DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
    DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
    DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
    DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
    DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
    DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
    DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
    DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
    DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
    DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
    DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
    DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
    DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
    DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
    DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
    DRV - (cpuz135) -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys (CPUID)
    DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
    DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (GFI Software)
    DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
    DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
    DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (LGII2CDevice) -- C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\PII2CDriver.sys ()
    DRV - (LGDDCDevice) -- C:\Program Files (x86)\LG SOFT INDIA\FORTEMANAGER\BIN\I2CDriver.sys ()


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aspire_m5811&r=17360810m506pe405v115w5511u385
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
    IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com/?sp=hp
    IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://www.plusnetwork.com/?sp=ctbar&q={searchTerms}&dp=MessengerPlus
    IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=S...0000070f1a17004b9&tlver=1.4.19.19&affID=17159
    IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = http://plusnetwork.com/?sp=brw&q={searchTerms}
    IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...ding}&oe={outputEncoding}&rlz=1I7ACAW_enGB391
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: newtaburl@sogame.cat:2.2.3
    FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827
    FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
    FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
    FF - prefs.js..extensions.enabledAddons: {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4
    FF - prefs.js..keyword.URL: "http://www.plusnetwork.com/?sp=addr&q="
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
    FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
    FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/02 17:40:24 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/09/02 17:40:24 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/30 10:39:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/31 16:21:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/31 16:21:41 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  15. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    [2011/03/18 00:25:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
    [2010/09/23 10:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2012/09/04 14:43:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\drdespqo.default\extensions
    [2012/08/29 16:51:28 | 000,000,000 | ---D | M] (WOT) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\drdespqo.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2011/12/14 05:17:21 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\drdespqo.default\extensions\bbrs_002@blabbers.com
    [2012/05/14 03:05:19 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\drdespqo.default\extensions\firefox@tvunetworks.com
    [2012/05/19 13:36:58 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\drdespqo.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
    [2011/08/19 20:01:53 | 000,051,994 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\newtaburl@sogame.cat.xpi
    [2012/08/05 19:24:37 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2012/08/29 16:51:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
    [2012/08/13 00:22:52 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0a873367cddf1ef5ece6572d8ae6c631_expire
    [2012/07/12 01:22:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0fce1d6fe77d2c1ed586bea2fcc439ec_expire
    [2012/05/27 15:29:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1cae717a609d46190f77658ee7768d03_expire
    [2012/07/03 08:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21d2bb231d3c04f5b6434220b2b1cb9e_expire
    [2012/05/27 15:29:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2800659db32f1a307bd9575f27a4bce9_expire
    [2012/09/01 01:50:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
    [2012/08/12 11:42:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
    [2012/07/09 03:53:31 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\34ee935ddf02e8177cf55c616a4be122_expire
    [2012/09/01 01:51:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\35be5402f067ffc68e907e81a84fb1f3_expire
    [2012/06/06 13:32:11 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3ee6bbef623a0ac7077352d3a4953dd7_expire
    [2012/07/08 11:07:28 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\409dc4ca65bcc01439d855c7dd3360ea_expire
    [2012/07/09 03:53:31 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\47c8e93101435074defa1a58122ad1c7_expire
    [2012/08/28 18:03:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire
    [2012/07/24 23:50:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4cd5198c52cbe33c5404cfbfb327a907_expire
    [2012/08/31 01:20:34 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
    [2012/09/01 09:56:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4dab10770afe71f3a2a914e93f8a870e_expire
    [2012/08/19 14:52:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4fe1ba8be0bb11be09e06b7a8a71dd22_expire
    [2012/09/01 01:51:11 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire
    [2012/09/01 01:51:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\64f2ffe99c9841c0ce284e2ab27fd525_expire
    [2012/07/03 08:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\680670b86f0b67567a12d8162b67b978_expire
    [2012/09/01 09:56:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\712c46454ce7a9ba511c8f02a771e538_expire
    [2012/09/01 01:51:12 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\796927c1a39bcbf1576bb477218bc699_expire
    [2012/07/24 23:50:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\7acafe2d3e4c14a116bde4e028813ba7_expire
    [2012/09/01 01:51:05 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\80bdd74895296ba59ed249e55290d5c8_expire
    [2012/04/10 05:45:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\845d35a3845a6b81af290ebab09006a3_expire
    [2012/07/12 01:22:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\87b21290866cab00a1fea6ecf40c1918_expire
    [2012/05/27 15:29:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8a9418c23c13a5a04c34bec8df5352c8_expire
    [2012/09/01 21:05:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\97a6046e6ca5298bbbd3fb28aedc8be5_expire
    [2012/06/06 13:32:11 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a23e1f6222a19f9afa70d4d19198b1f4_expire
    [2012/07/10 09:12:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a9defea13b080dc25203768fbec45e1a_expire
    [2012/07/10 09:12:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\acf1266707f20bbb676d16ae40f3f12d_expire
    [2012/09/01 21:05:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b1cef8b954664ff3c2089270ce596a61_expire
    [2012/08/27 17:59:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b5bc7084382de95cb69790e5d10db338_expire
    [2012/08/02 12:07:13 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\b7758205261250c203183c5bda6332ce_expire
    [2012/09/01 01:51:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ba5a261c6565bfb443aa6cbf828a753d_expire
    [2012/08/19 14:52:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire
    [2012/08/13 00:22:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbd69ce2c759c997e97ff23fe2afd07c_expire
    [2012/05/19 21:51:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d783adec343f8a6c4312f369220dcebf_expire
    [2012/08/26 17:13:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d83bb387de1d7c4401815e133de06c6b_expire
    [2012/08/28 18:03:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
    [2012/08/16 13:44:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e030b7cbddb497c9ee7224b7909bf4d0_expire
    [2012/09/01 09:56:57 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e3d0cf0d14d2e30505e2786e48906be4_expire
    [2012/08/23 14:04:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire
    [2012/09/01 01:51:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
    [2012/05/27 15:29:08 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ea15f46b68de3232a26cfd2fe6a67eb7_expire
    [2012/09/01 01:51:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
    [2012/08/21 20:45:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f5e88c09fcdc0e3431e2a4de63acf740_expire
    [2012/05/27 15:29:09 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f7c63b13407f14f24c0e3a83e0b48e5c_expire
    [2012/08/31 01:20:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
    [2012/07/08 11:07:28 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fd2c7cc8d016692e3593f7d629441035_expire
    [2012/08/31 01:20:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
    [2012/02/26 04:46:15 | 000,002,770 | ---- | M] () -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\drdespqo.default\searchplugins\Plusnetwork.xml
    [2012/05/04 18:44:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/08/30 10:39:04 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2012/09/02 17:40:24 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
    [2012/08/31 16:21:41 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/04/04 23:17:24 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2012/08/31 16:21:39 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/08/31 16:21:39 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - homepage: http://www.google.co.uk/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
    CHR - homepage: http://www.google.co.uk/
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll
    CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
    CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
    CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
    CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
    CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
    CHR - Extension: Mickey Mouse sleepwalking = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amakdcbmkhcnnemenoopfahelnmaplca\1.0_0\
    CHR - Extension: Crash Bandicoot = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amnpncghlnejfpimdakkifgmkknhedfm\7.5.9_0\
    CHR - Extension: Metal Slug 3 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\beafndjalpielgnonldihinipggldehk\1.3.1_0\
    CHR - Extension: WOT = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.1_0\
    CHR - Extension: Iron Man Combat = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbiccdkjmnhldblmdfbdfdicpfkcbfa\1.0.2_0\
    CHR - Extension: Adblock Plus (Beta) = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
    CHR - Extension: Formula Racer = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chooingfdakhmafecmhhfiipfopmjjeg\1.0.3_0\
    CHR - Extension: Blue House Hidden Objects = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjkofglhndcichhlheonalkcfgnggpio\1.0.3_0\
    CHR - Extension: Gaia Online = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcejlakbncmhdpijmpdepcjfjodfeljj\1.0_0\
    CHR - Extension: Call Of Duty 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\delndplkpacidnmaelagoadffdipjbma\1.0_0\
    CHR - Extension: Half life city = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhmgjpkbloghiihoiicfgnkddpjiehb\1.0_0\
    CHR - Extension: DragonBall Kart = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopbdgonkbodcjoinbhcoanfomeohdai\1.0_0\
    CHR - Extension: Avatar Arena = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecgjejafjcoeieecbgglogmfgekfkibd\1.0_0\
    CHR - Extension: Beyblade Rip One = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eddpkmmcmoahmkkmdioklcjabemmbobg\1.0_0\
    CHR - Extension: Bad Teacher = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjbipoojcmaleganolkccjagfckflbf\1.0.2_0\
    CHR - Extension: Grand Prix Go = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\epnicgnbjegnhjebajkldomnlcbegnpf\1.0.1_0\
    CHR - Extension: Kiss Racer = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\faflpkgicpnnccepfjnfldiiofgemaap\0.0.0.1_0\
    CHR - Extension: Sudoku = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbldalicehmlaalddffibogeplifangc\1.0.3_0\
    CHR - Extension: Sonic the hedgehog = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\figdainoeibmgacdbekajdhcddnpjnil\1.3.4_0\
    CHR - Extension: Escaping The Prison = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbbbnigjflljngjdincgoahmhbmmiimi\1.0_0\
    CHR - Extension: Bowman 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnodoocgdgpmgecbploaichbephhlia\2.4.1_0\
    CHR - Extension: WSOP 2011 POKER = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibhmdjffbnlgfiaabeelnhldjnmonjj\1.0.2_0\
    CHR - Extension: Street Fighter 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\goejhghiikcgamgbfjophlbijnodnefd\2.2.2_0\
    CHR - Extension: Tetris = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjchgcihcbkchhojloicogbffceplpg\1.0.1_0\
    CHR - Extension: Zombieland = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\heaagkbpbhiejlennopopcfmfblgigjn\1.9_0\
    CHR - Extension: Marvel Comics = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0\
    CHR - Extension: KahRahTay Contest = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlacdodcjlbihlmpbkkjijfojkkmipee\3.5_0\
    CHR - Extension: Totem Breaker = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlffpiiabmdgalaoebphhpkhadofhgmd\1.0.4_0\
    CHR - Extension: Super Mario = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icbllakladiobhjbkdekopceopiedkgg\1.0_0\
    CHR - Extension: avast! WebRep = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
    CHR - Extension: BATMAN 3 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifflidfhcmbellnfpghjmjghobjnombi\1.3.1_0\
    CHR - Extension: Pumpkin Master = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdfjcighmbjpadecicioaldlbknibap\1.0.4_0\
    CHR - Extension: Angry Sonic = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\imhhfoepoainfbdanhkmklhaihcaangc\1.0_0\
    CHR - Extension: Angry Animals = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\infdddiloihkaljpbdeinahefaaldjkf\1.0.3_0\
    CHR - Extension: Prince of Persia 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jahbdnncnelnpcacfhfggniimgpophoj\1.1.1_0\
    CHR - Extension: Jelly Pop = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpgecolacpfleghbgekhbcieikbakfk\1.0.4_0\
    CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
    CHR - Extension: combat tournament = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdckpmfipeigjkmjghehibblcmlfddof\1.0_0\
    CHR - Extension: MAD: Mutually Assured Destruction = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgddahnkgpeejfbdopdpdmenfagacoja\1.0.2_0\
    CHR - Extension: Multifragger = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfdfapbikoddgnghpjfglbhejgocfjd\1_0\
    CHR - Extension: Spider Man World = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpadlcjemnndkoaandnahjheehbpblac\1.0.2_0\
    CHR - Extension: Dynamite Blast 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpamckncboejngcchjbmkllafngcaocf\1.0_0\
    CHR - Extension: The Axe Ninja = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbjpadgfciplggknhfheciphdccmgii\1.0.4_0\
    CHR - Extension: ice Age 3 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lddikebknneekodppjkncjeblfpooble\1.7.9_0\
    CHR - Extension: Naruto Gg = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnjppbepnehfmabfoihjbhmfdabceigb\1.0_0\
    CHR - Extension: My Little Pony = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppgnaglgmadponlhcgjnnakkiendbli\1.0.3_0\
    CHR - Extension: Batman Difference Detector = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibinidcahocihbphlipahbmpeemifdj\1.0_0\
    CHR - Extension: Fruity Shot = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmdgdbjgkboikobgafcefoimjnpbedbo\1.0.2_0\
    CHR - Extension: Sticky Ninja Academy = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\naboafaoppaahcbclhhndefcdghlonlf\1.0.2_0\
    CHR - Extension: Electricman 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepgaabgdoiljdmlpmhledbhioalhebe\1.0.3_0\
    CHR - Extension: Better Pop Up Blocker = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
    CHR - Extension: King of Fighters = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdkkdjgjkdommkhbclkniepkohdjgck\1.0.1_0\
    CHR - Extension: Bikini Bottom Bust Up = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oegmojedkddlkjagnfmagmfcolmidmea\3.5_0\
    CHR - Extension: Superman = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeibnalhbpggamilabdblgmlbahhigne\1.0.2_0\
    CHR - Extension: SpongeBob SquarePants: Skater Sponge = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflcnigcamplhbjheipnppciabnahkan\1.0.1_0\
    CHR - Extension: Castle Wars 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogajgbpkelicioginfkjccjifafgepho\1.0.3_0\
    CHR - Extension: Naruto Bomb = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohldogjlaibbnbhdklbcemjeakoaeokk\1.0_0\
    CHR - Extension: Wrestling = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknbclkcgadghohhnbmikkhifapmigcf\1.0_0\
    CHR - Extension: Brazzers - The World's Best Porn Site = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlobmnmnbaaglkghjafaokejfffdofa\2012.7.21.34520_0\
    CHR - Extension: Naruto Battle For Leaf Village = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\opdbggfplbanbbghkaickimdcbpgnclj\1.0.2_0\
    CHR - Extension: Dora Strawberry World = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\palgjmldpmedlbjglkclboacehimmjof\1.0.1_0\
    CHR - Extension: Alien Bike = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdonjokkgaggdhepcfgmgianbkfgidmm\1.0.2_0\
    CHR - Extension: Ben 10 Dragon Blaze = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\peioenjjcgdbpljdcpnkookfjecofbml\1.0.2_0\
    CHR - Extension: Tron 2 = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfgcbfkcninofnjpmeahnafeephcokg\2.0.1_0\

    O1 HOSTS File: ([2012/09/03 21:12:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
    O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll File not found
    O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Ad-Aware Security Toolbar) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
    O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\tbVeoh.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
    O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
    O4:64bit: - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [SBRegRebootCleaner] C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe (GFI Software)
    O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
    O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
    O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
    O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
    O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10025E36-BB0F-407F-90F7-0C5343F17F07}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3D044E1-E3D0-48D1-8577-2265655A51D3}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB812218-B102-47F4-820A-98A26C382CF1}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\vsharechrome - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  16. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
    SafeBootMin:64bit: Base - Driver Group
    SafeBootMin:64bit: Boot Bus Extender - Driver Group
    SafeBootMin:64bit: Boot file system - Driver Group
    SafeBootMin:64bit: File system - Driver Group
    SafeBootMin:64bit: Filter - Driver Group
    SafeBootMin:64bit: HelpSvc - Service
    SafeBootMin:64bit: hitmanpro36 - Reg Error: Value error.
    SafeBootMin:64bit: hitmanpro36.sys - Reg Error: Value error.
    SafeBootMin:64bit: HitmanPro36Crusader - Reg Error: Value error.
    SafeBootMin:64bit: HitmanPro36CrusaderBoot - Reg Error: Value error.
    SafeBootMin:64bit: MCODS - Reg Error: Value error.
    SafeBootMin:64bit: PCI Configuration - Driver Group
    SafeBootMin:64bit: PNP Filter - Driver Group
    SafeBootMin:64bit: Primary disk - Driver Group
    SafeBootMin:64bit: sacsvr - Service
    SafeBootMin:64bit: SCSI Class - Driver Group
    SafeBootMin:64bit: System Bus Extender - Driver Group
    SafeBootMin:64bit: vmms - Service
    SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootMin: Ad-Aware Service - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: hitmanpro36 - Reg Error: Value error.
    SafeBootMin: hitmanpro36.sys - Reg Error: Value error.
    SafeBootMin: HitmanPro36Crusader - Reg Error: Value error.
    SafeBootMin: HitmanPro36CrusaderBoot - Reg Error: Value error.
    SafeBootMin: IMFservice - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
    SafeBootMin: MCODS - Reg Error: Value error.
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SBAMSvc - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vmms - Service
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {416B171D-0E56-2DE5-2CEE-2BE9366E8CDD} - Themes Setup
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {A48BFE46-01BE-1E43-7D43-F56062C48D75} - Themes Setup
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /I:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /I:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
    Drivers32:64bit: VIDC.KGV1 - File not found
    Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
    Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
    Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
    Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.divx - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
    Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
    Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
    Drivers32: VIDC.KGV1 - C:\Windows\SysWow64\KGV1-VFW.dll ()
    Drivers32: vidc.vp60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
    Drivers32: vidc.vp61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
    Drivers32: vidc.vp62 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
    Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
    Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
    Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)


    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/09/07 03:59:31 | 002,322,184 | ---- | C] (ESET) -- C:\Users\owner\Desktop\esetsmartinstaller_enu.exe
    [2012/09/06 12:33:41 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\owner\Desktop\tdsskiller.exe
    [2012/09/04 20:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
    [2012/09/04 20:41:29 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
    [2012/09/04 20:41:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
    [2012/09/04 20:40:57 | 078,983,560 | ---- | C] (Sophos Limited) -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.exe
    [2012/09/04 20:07:21 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
    [2012/09/04 20:07:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
    [2012/09/04 20:07:04 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
    [2012/09/04 15:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
    [2012/09/04 15:32:58 | 000,693,235 | ---- | C] (Farbar) -- C:\Users\owner\Desktop\FSS.exe
    [2012/09/04 15:28:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/09/04 15:14:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/09/03 21:18:59 | 001,614,752 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\owner\Desktop\rkill.exe
    [2012/09/03 20:58:26 | 004,742,930 | R--- | C] (Swearware) -- C:\Users\owner\Desktop\ComboFix.exe
    [2012/09/03 20:29:39 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
    [2012/09/03 08:05:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/09/03 01:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
    [2012/09/03 01:12:55 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\TestApp
    [2012/09/03 01:00:09 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.com
    [2012/09/03 00:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2012/09/03 00:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2012/09/03 00:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2012/09/03 00:41:22 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{CB7DB69D-D4BC-4F57-9798-CFCEC8900E20}
    [2012/09/03 00:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
    [2012/09/03 00:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
    [2012/09/03 00:21:18 | 002,322,184 | ---- | C] (ESET) -- C:\Users\owner\Documents\esetsmartinstaller_enu.exe
    [2012/09/02 23:09:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/09/02 23:09:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/09/02 23:09:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/09/02 22:52:53 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/09/02 22:51:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/09/02 21:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2012/09/02 21:38:46 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2012/09/02 17:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
    [2012/09/02 14:08:21 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{A6E0F39F-2637-4963-B0A6-488A400C645A}
    [2012/09/01 21:08:13 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{1F16932E-2FEC-413F-B694-A85ADE50BFD1}
    [2012/09/01 20:51:52 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{1B4B54AF-DCBF-4BBB-93C2-B92B61920230}
    [2012/09/01 17:47:57 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{0AE79E1A-5149-4B30-A917-383A4207160E}
    [2012/09/01 04:01:00 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{ED060056-60CF-49C4-AC47-1D26469D037D}
    [2012/08/31 16:00:26 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{40FDEECA-26FA-43D7-B1E3-D627712BDDB6}
    [2012/08/31 03:59:53 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{DFC93C66-BE2E-4816-ABFA-1CCACA099087}
    [2012/08/31 01:46:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PakkISO
    [2012/08/30 15:59:17 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{6EAC9184-60EB-47CE-9FBB-E8F6728B1DCD}
    [2012/08/30 10:39:21 | 000,142,128 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
    [2012/08/30 10:39:08 | 000,266,776 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
    [2012/08/30 10:39:08 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
    [2012/08/30 10:39:05 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
    [2012/08/30 10:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
    [2012/08/30 03:58:41 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{0EEB2363-9B29-45C9-AD25-596EAC60DE62}
    [2012/08/29 15:58:07 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{D2CEF9DE-7339-471D-B79F-9431340DDE82}
    [2012/08/29 03:57:33 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{50EFC638-2AD8-49A8-9022-95FA54B70B4E}
    [2012/08/28 15:56:58 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{A5B3A41B-7B15-47DE-BC40-EC7835AA8D2F}
    [2012/08/28 03:56:24 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{5958BDBD-3A26-488A-9C4F-92B80FF18D9F}
    [2012/08/27 15:55:50 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{25E46652-6F0A-4AFC-8F8D-9C27866D4BC0}
    [2012/08/27 03:55:06 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\{889AAE54-47C2-49A8-9E07-89CB265EECA2}
    [2012/08/26 21:37:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TimeGate Studios
    [2012/08/20 14:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
    [2012/08/18 23:43:56 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
    [2012/08/18 23:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
    [2012/08/18 17:13:12 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
    [2012/08/18 05:31:05 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Systweak
    [2012/08/18 05:30:44 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\SysWow64\PCWizard.cpl
    [2012/08/18 05:30:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPUID
    [2012/08/16 09:12:38 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    [2012/08/15 21:45:33 | 000,000,000 | ---D | C] -- C:\found.005
    [2012/08/15 19:27:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    [2009/11/18 22:40:11 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
    [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/09/08 20:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/09/08 20:33:32 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-700293270-161366171-2932116839-1001UA.job
    [2012/09/08 20:25:32 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
    [2012/09/08 19:49:31 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/09/08 17:00:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 488803fe-d510-4280-a33a-0223580c273a.job
    [2012/09/08 02:00:00 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 481c02d1-09b8-4646-a482-b214cc228ca1.job
    [2012/09/08 00:49:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/09/08 00:33:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-700293270-161366171-2932116839-1001Core.job
    [2012/09/07 21:18:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/09/07 21:18:20 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/09/07 21:05:25 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
    [2012/09/07 21:04:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/09/07 21:04:35 | 479,510,527 | -HS- | M] () -- C:\hiberfil.sys
    [2012/09/07 03:46:20 | 002,322,184 | ---- | M] (ESET) -- C:\Users\owner\Desktop\esetsmartinstaller_enu.exe
    [2012/09/06 12:31:42 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\owner\Desktop\tdsskiller.exe
    [2012/09/04 20:41:29 | 000,003,205 | ---- | M] () -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
    [2012/09/04 20:07:04 | 000,001,268 | ---- | M] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
    [2012/09/04 20:06:21 | 078,983,560 | ---- | M] (Sophos Limited) -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.exe
    [2012/09/04 16:06:41 | 000,002,701 | ---- | M] () -- C:\Users\Public\Desktop\PX5 Advanced Sound Editor.lnk
    [2012/09/04 15:24:33 | 000,693,235 | ---- | M] (Farbar) -- C:\Users\owner\Desktop\FSS.exe
    [2012/09/03 21:30:30 | 000,854,156 | ---- | M] () -- C:\Users\owner\Desktop\SecurityCheck.exe
    [2012/09/03 21:12:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/09/03 20:29:20 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
    [2012/09/03 18:58:33 | 000,147,456 | ---- | M] () -- C:\Users\owner\Documents\catchme.exe
    [2012/09/03 00:59:55 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2012/09/03 00:20:26 | 002,322,184 | ---- | M] (ESET) -- C:\Users\owner\Documents\esetsmartinstaller_enu.exe
    [2012/09/02 23:17:10 | 000,157,639 | ---- | M] () -- C:\Users\owner\Documents\perfectttly.wma
    [2012/09/02 23:16:14 | 000,085,799 | ---- | M] () -- C:\Users\owner\Documents\dark side test.wma
    [2012/09/02 23:13:54 | 000,121,719 | ---- | M] () -- C:\Users\owner\Documents\Untitled (2).wma
    [2012/09/02 22:47:34 | 004,742,930 | R--- | M] (Swearware) -- C:\Users\owner\Desktop\ComboFix.exe
    [2012/09/02 22:45:56 | 001,614,752 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\owner\Desktop\rkill.exe
    [2012/09/02 22:40:50 | 000,080,384 | ---- | M] () -- C:\Users\owner\Desktop\MBRCheck.exe
    [2012/09/02 21:38:46 | 000,002,975 | ---- | M] () -- C:\Users\owner\Desktop\HiJackThis.lnk
    [2012/09/02 18:05:52 | 001,402,880 | ---- | M] () -- C:\Users\owner\Documents\HiJackThis.msi
    [2012/09/02 10:01:45 | 000,729,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/09/02 10:01:45 | 000,149,670 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/09/02 10:01:44 | 000,870,928 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/09/02 00:04:35 | 000,000,496 | ---- | M] () -- C:\Users\owner\AppData\Roaming\UserMetrics.osl
    [2012/09/02 00:03:21 | 000,162,129 | ---- | M] () -- C:\Users\owner\Documents\Untitled.wma
    [2012/08/30 10:39:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
    [2012/08/30 10:37:40 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
    [2012/08/22 00:34:02 | 000,002,453 | ---- | M] () -- C:\Users\owner\Desktop\Google Chrome.lnk
    [2012/08/21 10:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
    [2012/08/21 10:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
    [2012/08/21 10:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
    [2012/08/21 10:13:12 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
    [2012/08/21 10:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
    [2012/08/21 10:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
    [2012/08/21 10:13:11 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
    [2012/08/21 10:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
    [2012/08/21 10:13:11 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
    [2012/08/21 10:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2012/08/21 10:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
    [2012/08/21 10:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
    [2012/08/18 05:30:44 | 000,001,188 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2012.lnk
    [2012/08/15 22:42:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/08/15 22:42:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/09/04 20:41:29 | 000,003,205 | ---- | C] () -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
    [2012/09/04 20:07:04 | 000,001,268 | ---- | C] () -- C:\Users\owner\Desktop\Revo Uninstaller.lnk
    [2012/09/03 22:12:27 | 000,854,156 | ---- | C] () -- C:\Users\owner\Desktop\SecurityCheck.exe
    [2012/09/03 21:19:06 | 000,080,384 | ---- | C] () -- C:\Users\owner\Desktop\MBRCheck.exe
    [2012/09/03 18:59:41 | 000,147,456 | ---- | C] () -- C:\Users\owner\Documents\catchme.exe
    [2012/09/03 01:00:24 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 488803fe-d510-4280-a33a-0223580c273a.job
    [2012/09/03 01:00:15 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 481c02d1-09b8-4646-a482-b214cc228ca1.job
    [2012/09/03 00:59:55 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    [2012/09/02 23:17:10 | 000,157,639 | ---- | C] () -- C:\Users\owner\Documents\perfectttly.wma
    [2012/09/02 23:16:14 | 000,085,799 | ---- | C] () -- C:\Users\owner\Documents\dark side test.wma
    [2012/09/02 23:13:54 | 000,121,719 | ---- | C] () -- C:\Users\owner\Documents\Untitled (2).wma
    [2012/09/02 23:09:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/09/02 23:09:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/09/02 23:09:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/09/02 23:09:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/09/02 23:09:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/09/02 21:38:46 | 000,002,975 | ---- | C] () -- C:\Users\owner\Desktop\HiJackThis.lnk
    [2012/09/02 21:37:35 | 001,402,880 | ---- | C] () -- C:\Users\owner\Documents\HiJackThis.msi
    [2012/09/02 00:03:21 | 000,162,129 | ---- | C] () -- C:\Users\owner\Documents\Untitled.wma
    [2012/08/30 10:37:40 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
    [2012/08/18 05:30:58 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe
    [2012/08/18 05:30:44 | 000,001,188 | ---- | C] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2012.lnk
    [2012/05/22 20:04:01 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
    [2012/05/18 17:15:59 | 000,994,500 | ---- | C] () -- C:\Users\owner\AppData\Local\census.cache
    [2012/05/18 17:13:24 | 000,199,373 | ---- | C] () -- C:\Users\owner\AppData\Local\ars.cache
    [2012/05/17 09:00:33 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Roaming\KS51Ssetup.exe
    [2012/05/17 08:57:34 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Roaming\0WMTZ4TXP0setup.exe
    [2012/05/17 04:50:28 | 000,083,887 | ---- | C] () -- C:\Users\owner\AppData\Roaming\keyboard
    [2012/05/13 21:46:51 | 000,000,617 | ---- | C] () -- C:\Windows\wininit.ini
    [2012/04/11 17:50:21 | 000,000,040 | ---- | C] () -- C:\Users\owner\jagex_cl_runescape_LIVE.dat
    [2012/03/20 20:11:30 | 000,000,496 | ---- | C] () -- C:\Users\owner\AppData\Roaming\UserMetrics.osl
    [2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
    [2012/02/15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
    [2012/02/15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
    [2011/12/21 13:24:11 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
    [2011/11/13 07:22:32 | 000,000,699 | ---- | C] () -- C:\Windows\kaillera.ini
    [2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
    [2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2011/08/07 13:31:39 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
    [2011/07/30 17:44:24 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2011/04/06 23:37:56 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
    [2011/03/26 03:51:56 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
    [2011/03/18 00:25:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2011/02/26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
    [2010/12/17 17:47:47 | 000,000,083 | ---- | C] () -- C:\Windows\wwp.INI
    [2010/11/20 18:58:00 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI
    [2010/11/11 15:29:09 | 000,081,920 | -H-- | C] () -- C:\Windows\SysWow64\v3shrtkgn.dll
    [2010/10/27 07:23:26 | 000,270,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2010/10/27 07:23:25 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
    [2010/10/27 07:23:25 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2010/10/14 17:17:14 | 000,000,036 | ---- | C] () -- C:\Users\owner\AppData\Local\housecall.guid.cache
    [2010/10/03 19:06:57 | 000,000,000 | ---- | C] () -- C:\Users\owner\jagex__preferences3.dat
    [2010/10/03 19:06:50 | 000,000,099 | ---- | C] () -- C:\Users\owner\jagex_runescape_preferences2.dat
    [2010/10/03 19:05:47 | 000,000,046 | ---- | C] () -- C:\Users\owner\jagex_runescape_preferences.dat
    [2010/09/18 09:51:58 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
    [2010/08/28 20:46:47 | 000,000,026 | ---- | C] () -- C:\Users\owner\AppData\Roaming\.dolphinx64wd
    [2010/08/05 14:20:04 | 000,007,601 | ---- | C] () -- C:\Users\owner\AppData\Local\Resmon.ResmonCfg
  17. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    ========== Custom Scans ==========

    < %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

    < %AppData%\Local\ >

    < %systemroot%\system32\sysprep >

    < *.xpi /md5 >

    < %systemroot%\Downloaded Program Files\ >

    < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: firefox.exe
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/08/31 16:21:41 | 000,917,984 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: firefox.exe
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\owner\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/05/25 08:15:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/05/25 08:15:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ShowIconsCommand [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /HideIconsCommand [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ReInstallBrowser [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files (x86)\Opera\Opera.exe" [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)

    < hklm\software\clients\startmenuinternet|command /64 /rs >
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/08/31 16:21:39 | 000,883,864 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: FIREFOX.EXE
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/08/31 16:21:41 | 000,917,984 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: FIREFOX.EXE
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/08/17 23:28:57 | 001,229,848 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/05/25 08:15:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/05/25 08:15:13 | 000,748,336 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /SHOWICONSCOMMAND [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /HIDEICONSCOMMAND [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /REINSTALLBROWSER [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" [2011/05/23 17:09:36 | 000,941,936 | ---- | M] (Opera Software)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/03/08 17:30:50 | 002,388,336 | ---- | M] (Apple Inc.)

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /90 >

    < %systemroot%\System32\config\*.sav >

    < %SYSTEMDRIVE%\*.exe /md5 >

    < "%WinDir%\$NtUninstallKB*$." /30 >

    < %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

    < %systemroot%\*. /mp /s >

    < %systemroot%\*. /rp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\Installer\ /s >

    < %systemroot%\system32\Cache\ /s >

    < %systemroot%\system32\config\systemprofile\Application Data /s >

    < %PROGRAMFILES%\*. >
    [2010/04/22 08:00:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer
    [2010/04/22 07:53:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Arcade Deluxe
    [2009/11/18 22:46:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer GameZone
    [2011/08/07 13:46:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
    [2012/09/02 17:40:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ad-Aware Antivirus
    [2012/05/19 13:37:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\adawaretb
    [2012/09/04 18:24:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2011/02/26 19:05:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Media Player
    [2010/09/09 17:15:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Alcohol Soft
    [2012/05/13 21:56:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
    [2012/08/05 07:49:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD APP
    [2012/05/20 14:20:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD AVT
    [2011/05/31 19:21:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AnalogX
    [2011/05/31 10:41:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Antares Audio Technologies
    [2011/12/20 13:31:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
    [2011/06/11 18:23:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASIO4ALL v2
    [2010/08/22 16:16:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Aspyr
    [2011/07/30 18:28:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
    [2011/05/20 20:21:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Audacity
    [2012/05/19 13:36:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
    [2011/07/21 14:49:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bejeweled 3
    [2012/03/16 08:33:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
    [2010/09/27 19:28:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BRS
    [2011/08/07 12:44:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Call of Duty
    [2012/05/12 14:56:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CAPCOM
    [2012/09/03 00:31:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CheckPoint
    [2012/09/04 15:09:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2011/02/22 15:22:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConduitEngine
    [2012/08/18 05:30:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CPUID
    [2010/04/22 07:52:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
    [2010/12/12 22:42:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
    [2010/08/04 15:59:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DirectX
    [2012/05/11 20:28:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DisplayFusion
    [2010/11/18 14:18:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DownloadToolz
    [2011/09/21 22:53:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Duke Nukem Forever
    [2010/09/09 16:56:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DVD Decrypter
    [2012/06/14 17:35:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EA Games
    [2009/11/18 22:56:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EgisTec
    [2009/11/18 22:56:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EgisTec Egis Software Update
    [2010/12/07 21:00:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Emicsoft Studio
    [2012/05/18 17:46:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ESET
    [2009/11/18 23:08:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eSobi
    [2011/03/26 03:51:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Audio Pack
    [2010/11/13 17:45:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FrostWire
    [2012/05/20 13:53:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GameSpy Arcade
    [2012/05/13 21:07:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GIMP-2.0
    [2012/09/02 17:40:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Glary Utilities
    [2011/10/28 14:03:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
    [2012/08/18 23:43:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GPU-Z
    [2010/12/13 21:47:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Graboid
    [2010/08/28 01:59:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HooTech WAV MP3 Converter
    [2010/08/03 11:46:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HTML Help Workshop
    [2010/08/03 11:49:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IIS
    [2011/06/11 18:19:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Image-Line
    [2010/09/09 16:54:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ImgBurn
    [2012/08/20 14:39:17 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2010/04/22 07:49:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
    [2012/04/15 11:19:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2012/03/01 14:56:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
    [2012/03/16 08:36:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
    [2012/09/03 20:25:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2011/05/15 23:51:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JDownloader
    [2010/10/13 23:51:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JRE
    [2011/07/20 13:11:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LG SOFT INDIA
    [2011/04/19 15:58:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LucasArts
    [2010/09/12 21:55:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MagicISO
    [2012/03/20 21:17:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
    [2012/09/07 21:04:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012/08/03 14:32:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee Security Scan
    [2010/11/01 23:45:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Messenger Plus! Live
    [2010/08/03 11:50:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft ASP.NET
    [2010/12/03 04:03:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    [2010/08/03 11:47:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft F#
    [2011/11/05 18:52:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
    [2011/05/07 03:00:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
    [2011/07/08 20:08:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2009/11/18 22:51:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
    [2010/08/03 11:53:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SDKs
    [2012/05/11 11:28:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010/08/03 11:57:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server
    [2010/08/03 11:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    [2010/08/03 11:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Synchronization Services
    [2010/11/21 23:58:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/08/03 11:52:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
    [2010/11/21 23:57:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
    [2011/03/08 18:19:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
    [2010/12/18 04:03:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
    [2012/01/18 16:55:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
    [2010/08/03 11:56:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
    [2010/12/03 22:33:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla ActiveX Control v1.7.12
    [2012/08/31 16:21:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2012/09/01 16:47:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2010/11/21 23:58:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/05/04 07:00:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NCH Swift Sound
    [2009/11/18 23:04:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
    [2009/11/18 22:47:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems
    [2011/07/20 16:17:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
    [2010/08/02 20:35:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OEM
    [2010/09/27 19:28:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenAL
    [2010/10/13 23:51:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
    [2011/07/30 17:42:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Opera
    [2011/06/11 18:19:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Outsim
    [2012/08/31 01:46:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PakkISO
    [2012/05/18 17:38:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Panda Security
    [2010/09/07 23:58:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PowerArchiver
    [2011/02/21 07:12:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PowerISO
    [2010/08/16 21:52:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Project64 1.6
    [2012/03/16 08:32:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2012/05/19 12:15:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
    [2011/09/23 23:58:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
    [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2012/08/16 09:12:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    [2012/05/20 20:32:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ROCCAT
    [2012/03/16 08:37:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Safari
    [2012/06/03 12:50:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Screaming Bee
    [2012/06/03 10:47:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Screaming Bee LLC
    [2011/03/18 01:46:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SDA
    [2012/05/17 04:51:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sonic the Hedgehog 4 - Episode II
    [2012/09/04 20:41:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sophos
    [2012/08/03 14:58:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
    [2011/05/31 10:41:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steinberg
    [2011/09/03 18:34:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StepMania
    [2011/05/29 20:47:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\StreamTorrent 1.0
    [2011/04/15 17:34:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2010/11/16 23:16:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamSpeak 3 Client
    [2012/06/03 12:54:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
    [2010/11/14 11:30:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TechSmith
    [2011/10/09 15:41:18 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
    [2012/05/19 13:36:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Toolbar Cleaner
    [2012/09/02 21:38:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
    [2012/05/16 03:43:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TripleA
    [2012/08/05 17:42:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trojan Remover
    [2010/11/20 18:58:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trust
    [2012/07/20 23:11:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
    [2010/08/03 00:40:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UltraISO
    [2012/05/19 13:28:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
    [2010/09/13 03:53:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Veetle
    [2010/11/14 11:26:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Veoh Networks
    [2011/01/29 13:55:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Veoh_Web_Player
    [2010/12/02 05:30:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
    [2012/09/04 20:07:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group
    [2011/01/01 15:20:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\vShare
    [2011/06/11 18:25:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VstPlugins
    [2009/07/14 06:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
    [2012/04/04 10:23:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
    [2010/09/18 09:29:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
    [2011/07/09 03:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
    [2011/07/09 03:10:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2011/07/09 03:10:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
    [2011/07/09 03:10:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
    [2011/07/09 03:10:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
    [2012/08/14 12:04:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinPcap
    [2010/08/21 21:22:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinZip
    [2012/08/07 18:34:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Wolfenstein 3D
    [2011/04/10 09:19:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xfire
    [2011/01/13 11:41:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid
    [2011/04/04 23:17:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yuna Software

    < %appdata%\*.* >
    [2010/08/28 20:46:47 | 000,000,026 | ---- | M] () -- C:\Users\owner\AppData\Roaming\.dolphinx64wd
    [2012/05/17 08:57:34 | 000,000,000 | ---- | M] () -- C:\Users\owner\AppData\Roaming\0WMTZ4TXP0setup.exe
    [2012/05/18 21:01:55 | 000,083,887 | ---- | M] () -- C:\Users\owner\AppData\Roaming\keyboard
    [2012/05/17 09:00:33 | 000,000,000 | ---- | M] () -- C:\Users\owner\AppData\Roaming\KS51Ssetup.exe
    [2012/05/17 04:49:58 | 000,000,000 | ---- | M] () -- C:\Users\owner\AppData\Roaming\Ogwon.txt
    [2012/05/17 10:32:09 | 000,000,000 | ---- | M] () -- C:\Users\owner\AppData\Roaming\RHMho.txt
    [2012/09/02 00:04:35 | 000,000,496 | ---- | M] () -- C:\Users\owner\AppData\Roaming\UserMetrics.osl

    < MD5 for: AFD.SYS >
    [2011/12/28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
    [2011/12/28 04:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
    [2011/12/28 05:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
    [2010/11/20 10:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
    [2011/04/25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
    [2011/04/25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys

    < MD5 for: ATAPI.SYS >
    [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
    [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
    [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
    [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

    < MD5 for: CRYPTSVC.DLL >
    [2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\erdnt\cache64\cryptsvc.dll
    [2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\SysNative\cryptsvc.dll
    [2010/11/20 14:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
    [2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\erdnt\cache86\cryptsvc.dll
    [2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\SysWOW64\cryptsvc.dll
    [2010/11/20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

    < MD5 for: DNSRSLVR.DLL >
    [2011/03/03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\SysNative\dnsrslvr.dll
    [2011/03/03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
    [2011/03/03 07:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
    [2010/11/20 14:26:07 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll

    < MD5 for: ES.DLL >
    [2012/03/23 10:57:06 | 000,002,560 | ---- | M] () MD5=27F2B13383636E0ED87C0E4DB0059EC7 -- C:\Program Files\AVAST Software\Avast\sfzone\locales\es.dll
    [2012/08/17 23:27:53 | 000,008,728 | ---- | M] () MD5=328868A14EB90E6A8EA9F3FC59FC49BB -- C:\Users\owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\Locales\es.dll
    [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\erdnt\cache64\es.dll
    [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
    [2009/07/14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
    [2012/08/14 05:29:58 | 000,008,728 | ---- | M] () MD5=7AD37261A349BE597C2E4C58B093B63D -- C:\Users\owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\Locales\es.dll
    [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\erdnt\cache86\es.dll
    [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
    [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

    < MD5 for: EXPLORER.EXE >
    [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

    < MD5 for: IPNATHLP.DLL >
    [2009/07/14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
    [2009/07/14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

    < MD5 for: NETBT.SYS >
    [2010/11/20 10:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
    [2010/11/20 10:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys

    < MD5 for: NETMAN.DLL >
    [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\erdnt\cache64\netman.dll
    [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
    [2009/07/14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

    < MD5 for: QMGR.DLL >
    [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\erdnt\cache64\qmgr.dll
    [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
    [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

    < MD5 for: RPCSS.DLL >
    [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\erdnt\cache64\rpcss.dll
    [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
    [2010/11/20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

    < MD5 for: SERVICES.EXE >
    [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
    [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
    [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

    < MD5 for: SVCHOST.EXE >
    [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
    [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
    [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
    [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

    < MD5 for: TCPIP.SYS >
    [2011/09/29 18:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
    [2010/11/20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
    [2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
    [2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
    [2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
    [2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\erdnt\cache64\tcpip.sys
    [2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
    [2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
    [2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
    [2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
    [2011/09/29 17:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

    < MD5 for: TDX.SYS >
    [2010/11/20 10:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\erdnt\cache64\tdx.sys
    [2010/11/20 10:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
    [2010/11/20 10:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

    < MD5 for: USERINIT.EXE >
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

    < MD5 for: VOLSNAP.SYS >
    [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
    [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
    [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys

    < MD5 for: WININIT.EXE >
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
    [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

    < MD5 for: WMISVC.DLL >
    [2009/07/14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
    [2009/07/14 02:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

    < MD5 for: WSCSVC.DLL >
    [2009/07/14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\SysNative\wscsvc.dll
    [2009/07/14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

    ========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
    [C:\Windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
    [C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
    [C:\Windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
    [C:\Windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
    [C:\Windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
    [C:\Windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
    [C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\Windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
    [C:\Windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
    [C:\Windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
    [C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
    [C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
    [C:\Windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
    [C:\Windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
    [C:\Windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:1CE11B51
    @Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:0B4227B4
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:CB0AACC9
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:C8B8CEBD

    < End of report >
  18. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    Extras.txt

    OTL Extras logfile created on: 04/09/2012 20:24:09 - Run 1
    OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\owner\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
    5.93 Gb Total Physical Memory | 4.23 Gb Available Physical Memory | 71.40% Memory free
    11.86 Gb Paging File | 9.66 Gb Available in Paging File | 81.49% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 458.45 Gb Total Space | 156.55 Gb Free Space | 34.15% Space Free | Partition Type: NTFS
    Drive D: | 458.96 Gb Total Space | 281.88 Gb Free Space | 61.42% Space Free | Partition Type: NTFS
    Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    ========== Extra Registry (SafeList) ==========
    ========== File Associations ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
    ========== Shell Spawning ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- Reg Error: Key error.
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- Reg Error: Key error.
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    ========== Security Center Settings ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    ========== System Restore Settings ==========
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0
    ========== Firewall Settings ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    ========== Authorized Applications List ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    ========== Vista Active Open Ports Exception List ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
    "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
    "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
    "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
    "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
    "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
    "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
    "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    ========== Vista Active Application Exception List ==========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
    "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "TCP Query User{3B121D2D-C294-4F22-A8F2-C1CDFF08533E}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    "UDP Query User{F81816A7-06E1-4C7A-95E0-4E2D6B6B935E}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
    "{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
    "{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
    "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
    "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
    "{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
    "{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
    "{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
    "{23170F69-40C1-2702-0916-000001000000}" = 7-Zip 9.16 (x64 edition)
    "{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
    "{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
    "{495ADF2E-6DDD-7C45-E02A-F9B4AF6F2175}" = AMD Drag and Drop Transcoding
    "{4A85E8AD-6CF6-D3D1-2280-420452F5E1EE}" = ATI AVIVO64 Codecs
    "{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
    "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
    "{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
    "{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
    "{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
    "{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
    "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
    "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
    "{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
    "{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    "{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
    "{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
    "{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
    "{EF5948BA-589D-4BE7-B993-C45DC1A77E24}" = MobileMe Control Panel
    "{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
    "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
    "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
    "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
    "524FB58AAB1C34915E5DAE6F9A7ABD1AA8C96614" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
    "6A044848DB955BAB41313E7878DE4E2C68715F24" = Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (03/16/2012 6.5.1.2600)
    "73EBF284DDB186EC3E526FEE77E2325097703596" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
    "765E3A42F1EB7BB642F073A20918B588DC4D1193" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
    "CPUID CPU-Z_is1" = CPUID CPU-Z 1.55
    "HardlinkShellExt" = Link Shell Extension
    "HitmanPro36" = HitmanPro 3.6
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
    "Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
    "Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
    "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
    "Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
    "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    "WinRAR archiver" = WinRAR archiver
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{05B72679-C923-4E87-80F9-4EB775451773}" = spongebobrainbowss
    "{06ACD0D6-537A-4831-9608-AA74A5795698}" = Fantasy Sound Pack
    "{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
    "{09DF00E6-520C-49D5-B7E0-9612165CACA8}" = OpenOffice.org 3.2
  19. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
    "{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life
    "{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
    "{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
    "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
    "{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
    "{12A00DC2-1226-D9F2-13DA-F974111D439E}" = Catalyst Control Center
    "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
    "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "{15EB20D6-5F13-41D0-BEF9-C9C44D6AC620}" = SDFormatter
    "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{20052CA0-FF43-4901-8261-E6DBF0A09ED1}" = Farm Animal Sounds
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
    "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
    "{216E21F4-0489-4311-92D6-20D1FB950FCE}" = Sci-Fi Voice Pack
    "{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
    "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
    "{276B495F-9DB0-4FC6-BEB0-85C91FC0F5E2}" = PX5 Advanced Sound Editor
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
    "{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
    "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
    "{2CBE667E-1193-47DC-852E-2CB4747C12E3}" = Blazing Angels Squadrons of WWII
    "{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
    "{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{336E1A2D-E3EB-4846-B7D0-BD75BBBBC0A4}" = Deep Space Voices
    "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
    "{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
    "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
    "{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
    "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
    "{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
    "{4343080E-448E-4E2C-B27F-B91000028201}" = Dead Rising 2
    "{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
    "{43430FA5-AF68-4A2D-A7D4-891000008200}" = Street Fighter X Tekken
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{45BF4F8E-7BE7-4384-94C6-60AC70C401C6}" = Male Voice Pack
    "{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
    "{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
    "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
    "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
    "{5B616A3F-43D9-4F0B-9F49-D39342A98592}" = Creatures of Darkness
    "{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
    "{602A1471-063B-4E03-9DCE-0210B914EFF5}" = Translator Fun Voice Pack
    "{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
    "{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
    "{69FDD4EA-9D68-11D5-8A28-005004D37F93}" = Wolfenstein 3D
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
    "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
    "{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{71F8C486-8A13-468E-8B73-06051075556A}" = Female Voice Pack
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
    "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
    "{79A743FA-FF99-42DF-8C35-BA40EAEA6668}" = Comic Sound Pack
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
    "{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
    "{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
    "{83030E21-76C9-4EFB-8182-EBC9B851B631}" = PX3 Presets Manager
    "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
    "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
    "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
    "{965ef942-36c2-4f92-b60f-c75cd1dcde2f}" = Nero 9 Essentials
    "{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
    "{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
    "{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
    "{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1" = WAV MP3 Converter v4.2 build 1259
    "{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
    "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
    "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
    "{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
    "{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
    "{B0C00181-ECF5-4124-A6DE-14EA663D4799}" = Blue Satin Skin
    "{B21FE826-AA64-4437-9F85-0EA01CB9BA47}" = Panda ActiveScan Cleaner
    "{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
    "{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
    "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
    "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
    "{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
    "{C79CB9C7-10A4-4814-8402-F574672C2192}" = Star Wars Battlefront
    "{CAA36239-C550-451E-B645-9CFC946F6144}" = PowerArchiver 2010
    "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
    "{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D13F2D95-1CE0-4147-846F-89ECB2E9A5CD}" = Sci-Fi Sound Pack
    "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
    "{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
    "{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
    "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
    "{D813EF9B-69CF-4996-893C-B400AE7292FA}" = Spooky Sounds
    "{D91802D9-6A42-4563-BC37-B3E2D04DC95B}" = Ancient Weapon Sounds
    "{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}" = forteManager
    "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
    "{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
    "{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
    "{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}" = MorphVOX Pro
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DF3FE308-58F2-45E2-9BB0-6A993794AD5C}" = Galactic Voices
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
    "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
    "{E7E76513-335F-4995-86CF-A85B77D8D975}" = Sci-Fi 2 Sound Pack
    "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
    "{E8B708FF-D116-0D4D-DC14-72827A219D54}" = HydraVision
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
    "{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
    "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
    "{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
    "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
  20. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    "Acer Registration" = Acer Registration
    "Acer Screensaver" = Acer ScreenSaver
    "Acer Welcome Center" = Welcome Center
    "ActiveScan 2.0" = Panda ActiveScan 2.0
    "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
    "adawaretb" = Ad-Aware Security Toolbar
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Advanced SystemCare 5_is1" = Advanced SystemCare 5
    "AnalogX AutoTune" = AnalogX AutoTune
    "Antares Autotune Evo VST RTAS_is1" = Antares Autotune Evo VST RTAS v6.0.9
    "ASIO4ALL" = ASIO4ALL
    "Audacity_is1" = Audacity 1.2.6
    "avast" = avast! Internet Security
    "B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 4.0
    "Bejeweled 31.0" = Bejeweled 3
    "Call of Duty" = Call of Duty
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "conduitEngine" = Conduit Engine
    "Deckadance" = Deckadance
    "DVD Decrypter" = DVD Decrypter (Remove Only)
    "Emicsoft Video Converter_is1" = Emicsoft Video Converter
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "ESET Online Scanner" = ESET Online Scanner v3
    "Express" = Express Dictate
    "FL Studio 10" = FL Studio 10
    "Fraps" = Fraps (remove only)
    "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.94
    "FrostWire" = FrostWire 4.21.1
    "Game Booster_is1" = Game Booster 3
    "GameSpy Arcade" = GameSpy Arcade
    "GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
    "Glary Utilities_is1" = Glary Utilities 2.47.0.1539
    "Graboid Video" = Graboid Video 2.0
    "Half-Life" = Half-Life
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "Hotkey Utility" = Hotkey Utility
    "Identity Card" = Identity Card
    "IL Download Manager" = IL Download Manager
    "ImgBurn" = ImgBurn
    "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
    "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
    "InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
    "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    "InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
    "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
    "IObit Malware Fighter_is1" = IObit Malware Fighter
    "JDownloader" = JDownloader
    "KegaGameVideo" = Kega Game Video Decoder (32 Bit)
    "Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
    "Messenger Plus!" = Messenger Plus! 5
    "Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
    "Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
    "Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
    "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
    "Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "OpenAL" = OpenAL
    "Opera 11.11.2109" = Opera 11.11
    "PakkISO_is1" = PakkISO 0.4
    "PC Wizard 2012_is1" = PC Wizard 2012.2.11
    "PowerISO" = PowerISO
    "PunkBusterSvc" = PunkBuster Services
    "RealPlayer 15.0" = RealPlayer
    "Revo Uninstaller" = Revo Uninstaller 1.94
    "RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
    "SCRABBLE(R) 2007 EDITION" = SCRABBLE® Interactive 2007 EDITION Uninstall
    "Scribe" = Express Scribe
    "Smart Defrag 2_is1" = Smart Defrag 2
    "Sonic the Hedgehog 4 - Episode II (c) SEGA_is1" = Sonic the Hedgehog 4 - Episode II (c) SEGA version 1
    "Steam App 105600" = Terraria
    "Steam App 107900" = War Inc. Battlezone
    "Steam App 113200" = The Binding of Isaac
    "Steam App 13200" = Unreal II: The Awakening
    "Steam App 13210" = Unreal Tournament 3: Black Edition
    "Steam App 13230" = Unreal Tournament 2004
    "Steam App 13240" = Unreal Tournament: Game of the Year Edition
    "Steam App 13250" = Unreal Gold
    "Steam App 17430" = Need for Speed: Undercover
    "Steam App 17710" = Nuclear Dawn
    "Steam App 200900" = Cave Story+
    "Steam App 200940" = Sonic CD
    "Steam App 204060" = Superbrothers: Sword & Sworcery EP
    "Steam App 20500" = Red Faction: Guerrilla
    "Steam App 20530" = Red Faction
    "Steam App 21100" = F.E.A.R. 3
    "Steam App 2200" = Quake III Arena
    "Steam App 22230" = Rock of Ages
    "Steam App 2310" = Quake
    "Steam App 2320" = Quake II
    "Steam App 2330" = Quake II: The Reckoning
    "Steam App 2340" = Quake II: Ground Zero
    "Steam App 2350" = Quake III: Team Arena
    "Steam App 25890" = Hearts of Iron III
    "Steam App 35140" = Batman: Arkham Asylum GOTY Edition
    "Steam App 36630" = Rusty Hearts
    "Steam App 3830" = Psychonauts
    "Steam App 38700" = Toki Tori
    "Steam App 38720" = RUSH
    "Steam App 38740" = EDGE
    "Steam App 38830" = CrimeCraft GangWars
    "Steam App 4010" = Garry's Mod 13
    "Steam App 40800" = Super Meat Boy
    "Steam App 41210" = Eufloria
    "Steam App 420" = Half-Life 2: Episode Two
    "Steam App 42640" = Blur
    "Steam App 42680" = Call of Duty: Modern Warfare 3
    "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
    "Steam App 44100" = Super Laser Racer
    "Steam App 45770" = Dead Rising 2: Off the Record
    "Steam App 46540" = Trapped Dead
    "Steam App 47870" = Need for Speed: Hot Pursuit
    "Steam App 48000" = LIMBO
    "Steam App 48190" = Assassin's Creed Brotherhood
    "Steam App 55110" = Red Faction: Armageddon
    "Steam App 57300" = Amnesia: The Dark Descent
    "Steam App 57400" = Batman: Arkham City™
    "Steam App 60" = Ricochet
    "Steam App 6910" = Deus Ex: Game of the Year Edition
    "Steam App 6920" = Deus Ex: Invisible War
    "Steam App 70600" = Worms Ultimate Mayhem
    "Steam App 730" = Counter-Strike: Global Offensive Beta
    "Steam App 8850" = BioShock 2
    "Steam App 9030" = Quake Mission Pack 2: Dissolution of Eternity
    "Steam App 9040" = Quake Mission Pack 1: Scourge of Armagon
    "Steam App 90530" = Rise of Immortals
    "Steam App 91310" = Dead Island
    "Steam App 97100" = Section 8: Prejudice
    "Steam App 99810" = Bulletstorm
    "StepMania" = StepMania v5.0 Preview 3 (remove only)
    "StreamTorrent 1.0" = StreamTorrent 1.0
    "SystemRequirementsLab" = System Requirements Lab
    "TeamSpeak 3 Client" = TeamSpeak 3 Client
    "TeamViewer 7" = TeamViewer 7
    "TechPowerUp GPU-Z" = TechPowerUp GPU-Z
    "TripleAVersion1_2_5_5" = TripleA Version 1_2_5_5
    "TripleAVersion1_5_2_1" = TripleA Version 1_5_2_1
    "Trojan Remover_is1" = Trojan Remover 6.8.4
    "UltraISO_is1" = UltraISO Premium V9.36
    "uTorrent" = µTorrent
    "Veetle TV" = Veetle TV 0.9.18
    "Veoh Video Downloader_is1" = Veoh Video Downloader 3.18
    "Veoh Web Player Beta" = Veoh Web Player
    "Veoh_Web_Player Toolbar" = Veoh Web Player Toolbar
    "VLC media player" = VLC media player 1.0.1
    "vShare" = vShare Plugin
    "WBFS Manager 3.0" = WBFS Manager 3.0
    "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
    "WinGimp-2.0_is1" = GIMP 2.6.11
    "WinLiveSuite" = Windows Live Essentials
    "WinPcapInst" = WinPcap 4.1.2
    "Wireshark" = Wireshark 1.6.5
    "Xfire" = Xfire (remove only)
    "Xvid_is1" = Xvid 1.2.1 final uninstall
    "ZoneAlarm Internet Security Suite" = ZoneAlarm Internet Security Suite
    ========== HKEY_CURRENT_USER Uninstall List ==========
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    ========== Last 20 Event Log Errors ==========
    [ Application Events ]
    Error - 03/09/2012 13:59:49 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Documents\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 13:59:49 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Documents\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 14:02:47 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Downloads\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 14:43:58 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Downloads\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 14:44:44 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Documents\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 19:03:24 | Computer Name = owner-PC | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files (x86)\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
    "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
    "version" in element "assemblyIdentity" is invalid.
    Error - 03/09/2012 19:09:36 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "c:\Users\owner\documents\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 03/09/2012 22:00:07 | Computer Name = owner-PC | Source = SideBySide | ID = 16842832
    Description = Activation context generation failed for "C:\Users\owner\Documents\esetsmartinstaller_enu.exe".Error
    in manifest or policy file "" on line . A component version required by the application
    conflicts with another component version already active. Conflicting components
    are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
    Component
    2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
    Error - 04/09/2012 10:01:06 | Computer Name = owner-PC | Source = VSS | ID = 18
    Description =
    Error - 04/09/2012 10:01:06 | Computer Name = owner-PC | Source = VSS | ID = 8193
    Description =
    Error - 04/09/2012 11:19:20 | Computer Name = owner-PC | Source = Application Error | ID = 1000
    Description = Faulting application name: SBAMSvc.exe, version: 5.0.5116.0, time
    stamp: 0x4eef7ad0 Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting process
    id: 0x15c4 Faulting application start time: 0x01cd8aa9bc308643 Faulting application
    path: C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe Faulting module path:
    C:\Windows\SysWOW64\ntdll.dll Report Id: e5c43f94-f6a3-11e1-8151-90fba686d5b9
    [ System Events ]
    Error - 04/09/2012 10:22:04 | Computer Name = owner-PC | Source = DCOM | ID = 10005
    Description =
    Error - 04/09/2012 10:22:04 | Computer Name = owner-PC | Source = DCOM | ID = 10005
    Description =
    Error - 04/09/2012 10:22:07 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068
    Error - 04/09/2012 10:22:07 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068
    Error - 04/09/2012 10:22:07 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068
    Error - 04/09/2012 10:28:47 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the SQL
    Server (SQLEXPRESS) service to connect.
    Error - 04/09/2012 10:28:47 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7000
    Description = The SQL Server (SQLEXPRESS) service failed to start due to the following
    error: %%1053
    Error - 04/09/2012 10:29:06 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    Beep
    Error - 04/09/2012 11:24:41 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7034
    Description = The Ad-Aware service terminated unexpectedly. It has done this 1
    time(s).
    Error - 04/09/2012 14:43:16 | Computer Name = owner-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    Beep
    < End of report >

  21. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Let's switch to this tool here...

    Please download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
  22. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    # AdwCleaner v2.001 - Logfile created 09/09/2012 at 13:03:45
    # Updated 09/09/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : owner - OWNER-PC
    # Boot Mode : Normal
    # Running from : C:\Users\owner\Desktop\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    File Found : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\searchplugins\Plusnetwork.xml
    Folder Found : C:\Program Files (x86)\ConduitEngine
    Folder Found : C:\Program Files (x86)\Veoh_Web_Player
    Folder Found : C:\Program Files (x86)\vShare
    Folder Found : C:\ProgramData\Partner
    Folder Found : C:\Users\owner\AppData\Local\Conduit
    Folder Found : C:\Users\owner\AppData\Local\Linkury
    Folder Found : C:\Users\owner\AppData\Local\OpenCandy
    Folder Found : C:\Users\owner\AppData\LocalLow\BabylonToolbar
    Folder Found : C:\Users\owner\AppData\LocalLow\bbrs_002.tb
    Folder Found : C:\Users\owner\AppData\LocalLow\Conduit
    Folder Found : C:\Users\owner\AppData\LocalLow\ConduitEngine
    Folder Found : C:\Users\owner\AppData\LocalLow\PriceGong
    Folder Found : C:\Users\owner\AppData\LocalLow\Toolbar4
    Folder Found : C:\Users\owner\AppData\LocalLow\Veoh_Web_Player
    Folder Found : C:\Users\owner\AppData\LocalLow\vShare
    Folder Found : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\extensions\bbrs_002@blabbers.com
    Folder Found : C:\Users\owner\AppData\Roaming\OpenCandy

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\Veoh_Web_Player
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\BrowserCompanion
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Found : HKCU\Software\vShare
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\Software\BrowserCompanion
    Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
    Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
    Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
    Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
    Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\conduitEngine
    Key Found : HKLM\Software\conduitEngine
    Key Found : HKLM\Software\Iminent
    Key Found : HKLM\Software\Messenger Plus!\OpenCandy
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Found : HKLM\Software\Veoh_Web_Player
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28912070-AE8B-4C0B-804D-DFC8454F2E84}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Veoh_Web_Player Toolbar
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\vShare
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Found : HKLM\SOFTWARE\Software
    Key Found : HKU\S-1-5-21-700293270-161366171-2932116839-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKU\S-1-5-21-700293270-161366171-2932116839-1001\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
    Key Found : HKU\S-1-5-21-700293270-161366171-2932116839-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Key Found : HKU\S-1-5-21-700293270-161366171-2932116839-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.plusnetwork.com/?sp=hp

    -\\ Mozilla Firefox v15.0 (en-US)

    Profile name : default
    File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\prefs.js

    Found : user_pref("keyword.URL", "hxxp://www.plusnetwork.com/?sp=addr&q=");

    -\\ Google Chrome v21.0.1180.83

    File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v11.11.2109.0

    File : C:\Users\owner\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [9320 octets] - [09/09/2012 13:03:45]

    ########## EOF - C:\AdwCleaner[R1].txt - [9380 octets] ##########
  23. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    AdwCleaner Fix
    • Please close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with OK.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
    Please post the log.
  24. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    # AdwCleaner v2.001 - Logfile created 09/10/2012 at 15:49:17
    # Updated 09/09/2012 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : owner - OWNER-PC
    # Boot Mode : Normal
    # Running from : C:\Users\owner\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\searchplugins\Plusnetwork.xml
    Folder Deleted : C:\Program Files (x86)\ConduitEngine
    Folder Deleted : C:\Program Files (x86)\Veoh_Web_Player
    Folder Deleted : C:\Program Files (x86)\vShare
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\Users\owner\AppData\Local\Conduit
    Folder Deleted : C:\Users\owner\AppData\Local\Linkury
    Folder Deleted : C:\Users\owner\AppData\Local\OpenCandy
    Folder Deleted : C:\Users\owner\AppData\LocalLow\BabylonToolbar
    Folder Deleted : C:\Users\owner\AppData\LocalLow\bbrs_002.tb
    Folder Deleted : C:\Users\owner\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\owner\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\owner\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\owner\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\owner\AppData\LocalLow\Veoh_Web_Player
    Folder Deleted : C:\Users\owner\AppData\LocalLow\vShare
    Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\extensions\bbrs_002@blabbers.com
    Folder Deleted : C:\Users\owner\AppData\Roaming\OpenCandy

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\Veoh_Web_Player
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\BrowserCompanion
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Deleted : HKCU\Software\vShare
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\Software\BrowserCompanion
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
    Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
    Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\conduitEngine
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\Software\Messenger Plus!\OpenCandy
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Deleted : HKLM\Software\Veoh_Web_Player
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8D1083C-0E25-4F27-B653-A472DF656396}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28912070-AE8B-4C0B-804D-DFC8454F2E84}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Veoh_Web_Player Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\vShare
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Software
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{CD90BF73-20F6-44EF-993D-BB920303BD2E}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.plusnetwork.com/?sp=hp --> hxxp://www.google.com

    -\\ Mozilla Firefox v15.0 (en-US)

    Profile name : default
    File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\drdespqo.default\prefs.js

    Deleted : user_pref("keyword.URL", "hxxp://www.plusnetwork.com/?sp=addr&q=");

    -\\ Google Chrome v21.0.1180.83

    File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v11.11.2109.0

    File : C:\Users\owner\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [9419 octets] - [09/09/2012 13:03:45]
    AdwCleaner[S2].txt - [8855 octets] - [10/09/2012 15:49:17]

    ########## EOF - C:\AdwCleaner[S2].txt - [8915 octets] ##########
  25. Miles54321

    Miles54321 TS Rookie Topic Starter Posts: 34

    It still will not allow me to update as I can't get access to the internet still, there is therefore still a problem
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.