Solved Startpins opening on Chrome/NSIS error

B

BobDylan

Posts: 114   +0
Hi,

When I open Chrome, something called "startpins.com/?" is my opening page - even though I have instructed Google to be my homepage. For extra info - this does not happen when I open firefox, but firefox is slower than usual.

When I try to download something, such as the latest version of Flash (amongst other things), a 'NSIS Error' pops up, saying:

"Installer interity check has failed. Common causes include incomplete download and damaged media. Conact the installer's author to obtain a new copy. More information at: http://nsis.sf.net/NSIS_Error".

I apologise, bit I get the impression I have done the GMER task incorrectly. When I click on the icon on the desktop it says: c:\users\ownerzdesktop\gmer.exe is not a valid win32 application.

Am I required to do GMER again?

The other logs:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
owner :: OWNER-PC [administrator]

29/09/2012 19:48:56
mbam-log-2012-09-29 (19-48-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205789
Time elapsed: 3 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.5.1
Run by owner at 21:30:23 on 2012-09-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2812.1089 [GMT 1:00]
.
AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\lxdjcoms.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\owner\AppData\Local\Temp\install_flashplayer11x32_mssd_aih_1.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Spotify Web Helper] "C:\Users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45} : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\244584F6D65684572623D2937583B4 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\2445F40756E6A7F6E656 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\2445F40756E6A7F6E656D284 : DhcpNameServer = 192.168.22.22 192.168.22.23
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\557554D2E4544505C45535 : DhcpNameServer = 164.11.133.20 164.11.132.35 194.168.4.123 194.168.8.123
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\6796277696E6D65646961603635303734303 : DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}\E4544574541425 : DhcpNameServer = 192.168.0.1
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
BHO-X64: BitTorrentBar - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coIEPlg.dll
TB-X64: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-9-20 1385120]
R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120928.001\IDSviA64.sys [2012-9-29 513184]
R1 RapportCerberus_32029;RapportCerberus_32029;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys [2011-10-18 396816]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-8-21 52496]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-8-21 61200]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2010-11-28 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccsvchst.exe [2012-9-8 138272]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-8-21 870200]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-15 227896]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-9-9 138912]
R3 NetillaVPN;AEP VPN Adapter;C:\Windows\system32\DRIVERS\Netva.sys --> C:\Windows\system32\DRIVERS\Netva.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-24 135664]
S2 lxdjCATSCustConnectService;lxdjCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdjserv.exe [2007-6-12 34224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250288]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-24 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 114144]
S3 NetillaVPNService;AEP SSL Tunnel Helper Service;C:\Program Files\AEP\SSLTunnel\nvpns.exe [2011-5-10 18944]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-09-29 16:49:20 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-29 16:49:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-29 16:28:19 -------- d-----w- C:\Windows\pss
2012-09-27 19:20:11 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-09-19 19:12:45 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-17 23:04:19 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-17 23:04:19 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-17 23:04:18 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-17 23:04:18 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-17 23:04:16 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-17 23:04:16 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-17 23:04:16 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-08 09:53:04 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtsp64.sys
2012-09-08 09:53:04 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symds64.sys
2012-09-08 09:53:04 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\symnets.sys
2012-09-08 09:53:04 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\srtspx64.sys
2012-09-08 09:53:04 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\symefa64.sys
2012-09-08 09:53:03 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0603000.00E\ironx64.sys
2012-09-08 09:53:03 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0603000.00E\ccsetx64.sys
2012-09-08 09:52:28 -------- d-----w- C:\Windows\System32\drivers\N360x64\0603000.00E
2012-09-08 09:44:16 503808 ----a-w- C:\Windows\System32\srcore.dll
2012-09-08 09:44:16 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2012-09-08 09:44:03 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-09-08 09:44:03 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-09-08 09:44:03 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-09-08 09:44:02 67072 ----a-w- C:\Windows\splwow64.exe
2012-09-08 09:43:56 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-09-08 09:43:56 136704 ----a-w- C:\Windows\System32\browser.dll
2012-09-08 09:43:55 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-09-08 09:43:51 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-09-08 09:43:48 956928 ----a-w- C:\Windows\System32\localspl.dll
.
==================== Find3M ====================
.
2012-09-27 19:20:34 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-27 19:20:34 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 21:31:17.89 ===============
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
\

================================

I still need Attach.txt part of DDS.

Next...

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

==================================

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

====================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 22/12/2009 16:10:07
System Uptime: 29/09/2012 17:32:40 (4 hours ago)
.
Motherboard: Hewlett-Packard | | 3635
Processor: AMD Athlon(tm) II Dual-Core M320 | Socket S1G3 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 219 GiB total, 120.778 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 2.224 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP355: 22/07/2012 19:00:32 - Windows Backup
RP356: 17/08/2012 21:45:31 - Windows Backup
RP357: 25/08/2012 17:40:28 - Windows Backup
RP358: 08/09/2012 10:45:29 - Windows Backup
RP359: 08/09/2012 10:47:53 - Installed Java(TM) 6 Update 35
RP360: 08/09/2012 11:13:27 - Windows Update
RP361: 10/09/2012 20:53:42 - Windows Backup
RP362: 17/09/2012 13:36:18 - Windows Backup
RP363: 18/09/2012 07:22:28 - Windows Update
RP364: 27/09/2012 20:23:47 - Windows Backup
RP365: 27/09/2012 21:36:54 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
1ClickDownloader
Acrobat.com
Activate Norton Online Backup
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
AMD USB Filter Driver
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
BitTorrent
BitTorrentBar Toolbar
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite
Efficient WMA MP3 Converter v0.99.7
ESET Online Scanner v3
FileZilla Client 3.4.0
Football Manager 2012
Football Manager 2012 Editor
Football Manager 2012 Resource Archiver
GadgetBox
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Live TV
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP Quick Launch Buttons
HP Setup
HP Support Assistant
HP Update
HP User Guides 0154
HP Wireless Assistant
IDT Audio
Java Auto Updater
Java(TM) 6 Update 35
Java(TM) 7 Update 5
JavaFX 2.1.1
LabelPrint
LightScribe System Software
Magic Desktop
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 15.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton 360 Premier Edition
PCFriendly
Power2Go
PowerDirector
PowerRecover
QLBCASL
QuickTime
Rapport
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Serif PagePlus X4
Serif PagePlus X4 Resources
Spotify
Steam
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
vShare.tv plugin 1.3
WildTangent Games App (HP Games)
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinRAR archiver
WinZip 15.0
Xvid 1.2.1 final uninstall
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
29/09/2012 21:29:16, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
29/09/2012 21:29:16, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
29/09/2012 21:29:16, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
29/09/2012 17:33:09, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdjCATSCustConnectService service to connect.
29/09/2012 17:33:09, Error: Service Control Manager [7000] - The lxdjCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/09/2012 17:30:07, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:30:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
29/09/2012 17:30:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
29/09/2012 17:30:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
29/09/2012 17:30:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
29/09/2012 17:30:05, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
29/09/2012 17:29:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
29/09/2012 17:29:53, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched RapportKE64 rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
29/09/2012 17:29:53, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
29/09/2012 07:56:18, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: After starting, the service hung in a start-pending state.
29/09/2012 07:56:14, Error: Service Control Manager [7022] - The Peer Name Resolution Protocol service hung on starting.
.
==== End Of File ===========================
 
[FONT=Lucida Console]07:36:54.0555 1704 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24[/FONT]
[FONT=Lucida Console]07:36:55.0490 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 Current date / time: 2012/09/30 07:36:55.0490[/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 SystemInfo:[/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 [/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 OS Version: 6.1.7601 ServicePack: 1.0[/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 Product type: Workstation[/FONT]
[FONT=Lucida Console]07:36:55.0491 1704 ComputerName: OWNER-PC[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 UserName: owner[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Windows directory: C:\Windows[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 System windows directory: C:\Windows[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Running under WOW64[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Processor architecture: Intel x64[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Number of processors: 2[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Page size: 0x1000[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 Boot type: Normal boot[/FONT]
[FONT=Lucida Console]07:36:55.0492 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:36:57.0465 1704 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 \Device\Harddisk0\DR0:[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 MBR partitions:[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B677000[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1B6DB000, BlocksNum 0x1AB6800[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970[/FONT]
[FONT=Lucida Console]07:36:57.0472 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:36:57.0497 1704 C: <-> \Device\Harddisk0\DR0\Partition2[/FONT]
[FONT=Lucida Console]07:36:57.0542 1704 D: <-> \Device\Harddisk0\DR0\Partition3[/FONT]
[FONT=Lucida Console]07:36:57.0542 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:36:57.0542 1704 Initialize success[/FONT]
[FONT=Lucida Console]07:36:57.0542 1704 ============================================================[/FONT]
[FONT=Lucida Console]07:37:04.0018 4172 ============================================================[/FONT]
[FONT=Lucida Console]07:37:04.0018 4172 Scan started[/FONT]
[FONT=Lucida Console]07:37:04.0018 4172 Mode: Manual; [/FONT]
[FONT=Lucida Console]07:37:04.0018 4172 ============================================================[/FONT]
[FONT=Lucida Console]07:37:05.0020 4172 ================ Scan system memory ========================[/FONT]
[FONT=Lucida Console]07:37:05.0020 4172 System memory - ok[/FONT]
[FONT=Lucida Console]07:37:05.0022 4172 ================ Scan services =============================[/FONT]
[FONT=Lucida Console]07:37:05.0222 4172 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys[/FONT]
[FONT=Lucida Console]07:37:05.0238 4172 1394ohci - ok[/FONT]
[FONT=Lucida Console]07:37:05.0268 4172 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys[/FONT]
[FONT=Lucida Console]07:37:05.0270 4172 Accelerometer - ok[/FONT]
[FONT=Lucida Console]07:37:05.0321 4172 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys[/FONT]
[FONT=Lucida Console]07:37:05.0334 4172 ACPI - ok[/FONT]
[FONT=Lucida Console]07:37:05.0373 4172 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys[/FONT]
[FONT=Lucida Console]07:37:05.0376 4172 AcpiPmi - ok[/FONT]
[FONT=Lucida Console]07:37:05.0478 4172 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[/FONT]
[FONT=Lucida Console]07:37:05.0480 4172 AdobeARMservice - ok[/FONT]
[FONT=Lucida Console]07:37:05.0621 4172 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[/FONT]
[FONT=Lucida Console]07:37:05.0628 4172 AdobeFlashPlayerUpdateSvc - ok[/FONT]
[FONT=Lucida Console]07:37:05.0687 4172 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys[/FONT]
[FONT=Lucida Console]07:37:05.0705 4172 adp94xx - ok[/FONT]
[FONT=Lucida Console]07:37:05.0742 4172 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys[/FONT]
[FONT=Lucida Console]07:37:05.0759 4172 adpahci - ok[/FONT]
[FONT=Lucida Console]07:37:05.0783 4172 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys[/FONT]
[FONT=Lucida Console]07:37:05.0788 4172 adpu320 - ok[/FONT]
[FONT=Lucida Console]07:37:05.0814 4172 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll[/FONT]
[FONT=Lucida Console]07:37:05.0816 4172 AeLookupSvc - ok[/FONT]
[FONT=Lucida Console]07:37:05.0928 4172 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe[/FONT]
[FONT=Lucida Console]07:37:05.0932 4172 AESTFilters - ok[/FONT]
[FONT=Lucida Console]07:37:05.0992 4172 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys[/FONT]
[FONT=Lucida Console]07:37:06.0018 4172 AFD - ok[/FONT]
[FONT=Lucida Console]07:37:06.0059 4172 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys[/FONT]
[FONT=Lucida Console]07:37:06.0095 4172 AgereSoftModem - ok[/FONT]
[FONT=Lucida Console]07:37:06.0164 4172 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys[/FONT]
[FONT=Lucida Console]07:37:06.0169 4172 agp440 - ok[/FONT]
[FONT=Lucida Console]07:37:06.0189 4172 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe[/FONT]
[FONT=Lucida Console]07:37:06.0192 4172 ALG - ok[/FONT]
[FONT=Lucida Console]07:37:06.0214 4172 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys[/FONT]
[FONT=Lucida Console]07:37:06.0217 4172 aliide - ok[/FONT]
[FONT=Lucida Console]07:37:06.0256 4172 [ D0D8877969011D1B0ED9C3C55A9A9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe[/FONT]
[FONT=Lucida Console]07:37:06.0261 4172 AMD External Events Utility - ok[/FONT]
[FONT=Lucida Console]07:37:06.0272 4172 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys[/FONT]
[FONT=Lucida Console]07:37:06.0274 4172 amdide - ok[/FONT]
[FONT=Lucida Console]07:37:06.0296 4172 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys[/FONT]
[FONT=Lucida Console]07:37:06.0299 4172 AmdK8 - ok[/FONT]
[FONT=Lucida Console]07:37:06.0323 4172 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys[/FONT]
[FONT=Lucida Console]07:37:06.0326 4172 AmdPPM - ok[/FONT]
[FONT=Lucida Console]07:37:06.0367 4172 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys[/FONT]
[FONT=Lucida Console]07:37:06.0370 4172 amdsata - ok[/FONT]
[FONT=Lucida Console]07:37:06.0394 4172 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys[/FONT]
[FONT=Lucida Console]07:37:06.0399 4172 amdsbs - ok[/FONT]
[FONT=Lucida Console]07:37:06.0415 4172 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys[/FONT]
[FONT=Lucida Console]07:37:06.0418 4172 amdxata - ok[/FONT]
[FONT=Lucida Console]07:37:06.0460 4172 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys[/FONT]
[FONT=Lucida Console]07:37:06.0462 4172 AppID - ok[/FONT]
[FONT=Lucida Console]07:37:06.0514 4172 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll[/FONT]
[FONT=Lucida Console]07:37:06.0532 4172 AppIDSvc - ok[/FONT]
[FONT=Lucida Console]07:37:06.0624 4172 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll[/FONT]
[FONT=Lucida Console]07:37:06.0628 4172 Appinfo - ok[/FONT]
[FONT=Lucida Console]07:37:06.0706 4172 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[/FONT]
[FONT=Lucida Console]07:37:06.0710 4172 Apple Mobile Device - ok[/FONT]
[FONT=Lucida Console]07:37:06.0743 4172 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys[/FONT]
[FONT=Lucida Console]07:37:06.0748 4172 arc - ok[/FONT]
[FONT=Lucida Console]07:37:06.0767 4172 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys[/FONT]
[FONT=Lucida Console]07:37:06.0770 4172 arcsas - ok[/FONT]
[FONT=Lucida Console]07:37:06.0802 4172 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys[/FONT]
[FONT=Lucida Console]07:37:06.0804 4172 AsyncMac - ok[/FONT]
[FONT=Lucida Console]07:37:06.0835 4172 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys[/FONT]
[FONT=Lucida Console]07:37:06.0836 4172 atapi - ok[/FONT]
[FONT=Lucida Console]07:37:06.0910 4172 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys[/FONT]
[FONT=Lucida Console]07:37:06.0945 4172 athr - ok[/FONT]
[FONT=Lucida Console]07:37:06.0995 4172 [ 38467FF83C2B4265D51F418812A91E3C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys[/FONT]
[FONT=Lucida Console]07:37:06.0999 4172 AtiHdmiService - ok[/FONT]
[FONT=Lucida Console]07:37:07.0202 4172 [ C5758BF1DFD762A5B17041FF061B7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys[/FONT]
[FONT=Lucida Console]07:37:07.0332 4172 atikmdag - ok[/FONT]
[FONT=Lucida Console]07:37:07.0356 4172 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys[/FONT]
[FONT=Lucida Console]07:37:07.0357 4172 AtiPcie - ok[/FONT]
[FONT=Lucida Console]07:37:07.0415 4172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll[/FONT]
[FONT=Lucida Console]07:37:07.0441 4172 AudioEndpointBuilder - ok[/FONT]
[FONT=Lucida Console]07:37:07.0460 4172 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll[/FONT]
[FONT=Lucida Console]07:37:07.0467 4172 AudioSrv - ok[/FONT]
[FONT=Lucida Console]07:37:07.0509 4172 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll[/FONT]
[FONT=Lucida Console]07:37:07.0512 4172 AxInstSV - ok[/FONT]
[FONT=Lucida Console]07:37:07.0542 4172 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys[/FONT]
[FONT=Lucida Console]07:37:07.0549 4172 b06bdrv - ok[/FONT]
[FONT=Lucida Console]07:37:07.0578 4172 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys[/FONT]
[FONT=Lucida Console]07:37:07.0583 4172 b57nd60a - ok[/FONT]
[FONT=Lucida Console]07:37:07.0612 4172 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll[/FONT]
[FONT=Lucida Console]07:37:07.0614 4172 BDESVC - ok[/FONT]
[FONT=Lucida Console]07:37:07.0642 4172 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys[/FONT]
[FONT=Lucida Console]07:37:07.0644 4172 Beep - ok[/FONT]
[FONT=Lucida Console]07:37:07.0711 4172 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll[/FONT]
[FONT=Lucida Console]07:37:07.0734 4172 BFE - ok[/FONT]
[FONT=Lucida Console]07:37:07.0955 4172 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys[/FONT]
[FONT=Lucida Console]07:37:07.0987 4172 BHDrvx64 - ok[/FONT]
[FONT=Lucida Console]07:37:08.0096 4172 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll[/FONT]
[FONT=Lucida Console]07:37:08.0131 4172 BITS - ok[/FONT]
[FONT=Lucida Console]07:37:08.0161 4172 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys[/FONT]
[FONT=Lucida Console]07:37:08.0163 4172 blbdrive - ok[/FONT]
[FONT=Lucida Console]07:37:08.0221 4172 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe[/FONT]
[FONT=Lucida Console]07:37:08.0236 4172 Bonjour Service - ok[/FONT]
[FONT=Lucida Console]07:37:08.0283 4172 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys[/FONT]
[FONT=Lucida Console]07:37:08.0286 4172 bowser - ok[/FONT]
[FONT=Lucida Console]07:37:08.0309 4172 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys[/FONT]
[FONT=Lucida Console]07:37:08.0311 4172 BrFiltLo - ok[/FONT]
[FONT=Lucida Console]07:37:08.0322 4172 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys[/FONT]
[FONT=Lucida Console]07:37:08.0324 4172 BrFiltUp - ok[/FONT]
[FONT=Lucida Console]07:37:08.0349 4172 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll[/FONT]
[FONT=Lucida Console]07:37:08.0352 4172 Browser - ok[/FONT]
[FONT=Lucida Console]07:37:08.0382 4172 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys[/FONT]
[FONT=Lucida Console]07:37:08.0387 4172 Brserid - ok[/FONT]
[FONT=Lucida Console]07:37:08.0400 4172 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys[/FONT]
[FONT=Lucida Console]07:37:08.0403 4172 BrSerWdm - ok[/FONT]
[FONT=Lucida Console]07:37:08.0410 4172 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys[/FONT]
[FONT=Lucida Console]07:37:08.0412 4172 BrUsbMdm - ok[/FONT]
[FONT=Lucida Console]07:37:08.0440 4172 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys[/FONT]
[FONT=Lucida Console]07:37:08.0442 4172 BrUsbSer - ok[/FONT]
[FONT=Lucida Console]07:37:08.0466 4172 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys[/FONT]
[FONT=Lucida Console]07:37:08.0469 4172 BTHMODEM - ok[/FONT]
[FONT=Lucida Console]07:37:08.0500 4172 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll[/FONT]
[FONT=Lucida Console]07:37:08.0503 4172 bthserv - ok[/FONT]
[FONT=Lucida Console]07:37:08.0572 4172 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys[/FONT]
[FONT=Lucida Console]07:37:08.0579 4172 ccSet_N360 - ok[/FONT]
[FONT=Lucida Console]07:37:08.0613 4172 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys[/FONT]
[FONT=Lucida Console]07:37:08.0616 4172 cdfs - ok[/FONT]
[FONT=Lucida Console]07:37:08.0662 4172 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys[/FONT]
[FONT=Lucida Console]07:37:08.0667 4172 cdrom - ok[/FONT]
[FONT=Lucida Console]07:37:08.0703 4172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll[/FONT]
[FONT=Lucida Console]07:37:08.0705 4172 CertPropSvc - ok[/FONT]
[FONT=Lucida Console]07:37:08.0731 4172 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys[/FONT]
[FONT=Lucida Console]07:37:08.0734 4172 circlass - ok[/FONT]
[FONT=Lucida Console]07:37:08.0751 4172 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys[/FONT]
[FONT=Lucida Console]07:37:08.0765 4172 CLFS - ok[/FONT]
[FONT=Lucida Console]07:37:08.0820 4172 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Lucida Console]07:37:08.0824 4172 clr_optimization_v2.0.50727_32 - ok[/FONT]
[FONT=Lucida Console]07:37:08.0885 4172 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Lucida Console]07:37:08.0890 4172 clr_optimization_v2.0.50727_64 - ok[/FONT]
[FONT=Lucida Console]07:37:08.0992 4172 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Lucida Console]07:37:08.0997 4172 clr_optimization_v4.0.30319_32 - ok[/FONT]
[FONT=Lucida Console]07:37:09.0037 4172 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Lucida Console]07:37:09.0040 4172 clr_optimization_v4.0.30319_64 - ok[/FONT]
[FONT=Lucida Console]07:37:09.0053 4172 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys[/FONT]
[FONT=Lucida Console]07:37:09.0055 4172 CmBatt - ok[/FONT]
[FONT=Lucida Console]07:37:09.0081 4172 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys[/FONT]
[FONT=Lucida Console]07:37:09.0083 4172 cmdide - ok[/FONT]
[FONT=Lucida Console]07:37:09.0130 4172 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys[/FONT]
[FONT=Lucida Console]07:37:09.0137 4172 CNG - ok[/FONT]
[FONT=Lucida Console]07:37:09.0203 4172 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe[/FONT]
[FONT=Lucida Console]07:37:09.0209 4172 Com4QLBEx - ok[/FONT]
[FONT=Lucida Console]07:37:09.0243 4172 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys[/FONT]
[FONT=Lucida Console]07:37:09.0246 4172 Compbatt - ok[/FONT]
[FONT=Lucida Console]07:37:09.0279 4172 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys[/FONT]
[FONT=Lucida Console]07:37:09.0281 4172 CompositeBus - ok[/FONT]
[FONT=Lucida Console]07:37:09.0296 4172 COMSysApp - ok[/FONT]
[FONT=Lucida Console]07:37:09.0375 4172 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys[/FONT]
[FONT=Lucida Console]07:37:09.0378 4172 crcdisk - ok[/FONT]
[FONT=Lucida Console]07:37:09.0421 4172 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll[/FONT]
[FONT=Lucida Console]07:37:09.0425 4172 CryptSvc - ok[/FONT]
[FONT=Lucida Console]07:37:09.0480 4172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll[/FONT]
[FONT=Lucida Console]07:37:09.0504 4172 DcomLaunch - ok[/FONT]
[FONT=Lucida Console]07:37:09.0551 4172 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll[/FONT]
[FONT=Lucida Console]07:37:09.0556 4172 defragsvc - ok[/FONT]
[FONT=Lucida Console]07:37:09.0590 4172 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys[/FONT]
[FONT=Lucida Console]07:37:09.0593 4172 DfsC - ok[/FONT]
[FONT=Lucida Console]07:37:09.0643 4172 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll[/FONT]
[FONT=Lucida Console]07:37:09.0647 4172 Dhcp - ok[/FONT]
[FONT=Lucida Console]07:37:09.0672 4172 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys[/FONT]
[FONT=Lucida Console]07:37:09.0674 4172 discache - ok[/FONT]
[FONT=Lucida Console]07:37:09.0720 4172 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys[/FONT]
[FONT=Lucida Console]07:37:09.0723 4172 Disk - ok[/FONT]
[FONT=Lucida Console]07:37:09.0760 4172 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll[/FONT]
[FONT=Lucida Console]07:37:09.0763 4172 Dnscache - ok[/FONT]
[FONT=Lucida Console]07:37:09.0806 4172 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll[/FONT]
[FONT=Lucida Console]07:37:09.0824 4172 dot3svc - ok[/FONT]
[FONT=Lucida Console]07:37:09.0872 4172 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll[/FONT]
[FONT=Lucida Console]07:37:09.0877 4172 DPS - ok[/FONT]
[FONT=Lucida Console]07:37:09.0901 4172 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys[/FONT]
[FONT=Lucida Console]07:37:09.0904 4172 drmkaud - ok[/FONT]
[FONT=Lucida Console]07:37:09.0967 4172 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys[/FONT]
[FONT=Lucida Console]07:37:09.0994 4172 DXGKrnl - ok[/FONT]
[FONT=Lucida Console]07:37:10.0058 4172 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll[/FONT]
[FONT=Lucida Console]07:37:10.0061 4172 EapHost - ok[/FONT]
[FONT=Lucida Console]07:37:10.0143 4172 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys[/FONT]
[FONT=Lucida Console]07:37:10.0224 4172 ebdrv - ok[/FONT]
[FONT=Lucida Console]07:37:10.0282 4172 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys[/FONT]
[FONT=Lucida Console]07:37:10.0289 4172 eeCtrl - ok[/FONT]
[FONT=Lucida Console]07:37:10.0312 4172 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:10.0314 4172 EFS - ok[/FONT]
[FONT=Lucida Console]07:37:10.0357 4172 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe[/FONT]
[FONT=Lucida Console]07:37:10.0374 4172 ehRecvr - ok[/FONT]
[FONT=Lucida Console]07:37:10.0397 4172 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe[/FONT]
[FONT=Lucida Console]07:37:10.0400 4172 ehSched - ok[/FONT]
[FONT=Lucida Console]07:37:10.0443 4172 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys[/FONT]
[FONT=Lucida Console]07:37:10.0456 4172 elxstor - ok[/FONT]
[FONT=Lucida Console]07:37:10.0499 4172 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys[/FONT]
[FONT=Lucida Console]07:37:10.0501 4172 enecir - ok[/FONT]
[FONT=Lucida Console]07:37:10.0545 4172 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys[/FONT]
[FONT=Lucida Console]07:37:10.0548 4172 EraserUtilRebootDrv - ok[/FONT]
[FONT=Lucida Console]07:37:10.0557 4172 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys[/FONT]
[FONT=Lucida Console]07:37:10.0558 4172 ErrDev - ok[/FONT]
[FONT=Lucida Console]07:37:10.0599 4172 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll[/FONT]
[FONT=Lucida Console]07:37:10.0606 4172 EventSystem - ok[/FONT]
[FONT=Lucida Console]07:37:10.0632 4172 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys[/FONT]
[FONT=Lucida Console]07:37:10.0636 4172 exfat - ok[/FONT]
[FONT=Lucida Console]07:37:10.0641 4172 ezSharedSvc - ok[/FONT]
[FONT=Lucida Console]07:37:10.0651 4172 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys[/FONT]
[FONT=Lucida Console]07:37:10.0654 4172 fastfat - ok[/FONT]
[FONT=Lucida Console]07:37:10.0710 4172 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe[/FONT]
[FONT=Lucida Console]07:37:10.0735 4172 Fax - ok[/FONT]
[FONT=Lucida Console]07:37:10.0757 4172 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys[/FONT]
[FONT=Lucida Console]07:37:10.0761 4172 fdc - ok[/FONT]
[FONT=Lucida Console]07:37:10.0776 4172 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll[/FONT]
[FONT=Lucida Console]07:37:10.0778 4172 fdPHost - ok[/FONT]
[FONT=Lucida Console]07:37:10.0792 4172 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll[/FONT]
[FONT=Lucida Console]07:37:10.0794 4172 FDResPub - ok[/FONT]
[FONT=Lucida Console]07:37:10.0806 4172 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys[/FONT]
[FONT=Lucida Console]07:37:10.0808 4172 FileInfo - ok[/FONT]
[FONT=Lucida Console]07:37:10.0817 4172 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys[/FONT]
[FONT=Lucida Console]07:37:10.0819 4172 Filetrace - ok[/FONT]
[FONT=Lucida Console]07:37:10.0827 4172 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys[/FONT]
[FONT=Lucida Console]07:37:10.0829 4172 flpydisk - ok[/FONT]
[FONT=Lucida Console]07:37:10.0867 4172 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys[/FONT]
[FONT=Lucida Console]07:37:10.0872 4172 FltMgr - ok[/FONT]
[FONT=Lucida Console]07:37:10.0937 4172 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll[/FONT]
[FONT=Lucida Console]07:37:10.0964 4172 FontCache - ok[/FONT]
[FONT=Lucida Console]07:37:11.0019 4172 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[/FONT]
[FONT=Lucida Console]07:37:11.0021 4172 FontCache3.0.0.0 - ok[/FONT]
[FONT=Lucida Console]07:37:11.0031 4172 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys[/FONT]
[FONT=Lucida Console]07:37:11.0033 4172 FsDepends - ok[/FONT]
[FONT=Lucida Console]07:37:11.0066 4172 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys[/FONT]
[FONT=Lucida Console]07:37:11.0068 4172 Fs_Rec - ok[/FONT]
[FONT=Lucida Console]07:37:11.0109 4172 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys[/FONT]
[FONT=Lucida Console]07:37:11.0114 4172 fvevol - ok[/FONT]
[FONT=Lucida Console]07:37:11.0138 4172 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys[/FONT]
[FONT=Lucida Console]07:37:11.0141 4172 gagp30kx - ok[/FONT]
[FONT=Lucida Console]07:37:11.0226 4172 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe[/FONT]
[FONT=Lucida Console]07:37:11.0230 4172 GamesAppService - ok[/FONT]
[FONT=Lucida Console]07:37:11.0258 4172 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys[/FONT]
[FONT=Lucida Console]07:37:11.0259 4172 GEARAspiWDM - ok[/FONT]
[FONT=Lucida Console]07:37:11.0309 4172 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll[/FONT]
[FONT=Lucida Console]07:37:11.0331 4172 gpsvc - ok[/FONT]
[FONT=Lucida Console]07:37:11.0441 4172 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Lucida Console]07:37:11.0446 4172 gupdate - ok[/FONT]
[FONT=Lucida Console]07:37:11.0474 4172 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Lucida Console]07:37:11.0478 4172 gupdatem - ok[/FONT]
[FONT=Lucida Console]07:37:11.0547 4172 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe[/FONT]
[FONT=Lucida Console]07:37:11.0554 4172 gusvc - ok[/FONT]
[FONT=Lucida Console]07:37:11.0584 4172 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys[/FONT]
[FONT=Lucida Console]07:37:11.0587 4172 hamachi - ok[/FONT]
[FONT=Lucida Console]07:37:11.0617 4172 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys[/FONT]
[FONT=Lucida Console]07:37:11.0619 4172 hcw85cir - ok[/FONT]
[FONT=Lucida Console]07:37:11.0658 4172 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys[/FONT]
[FONT=Lucida Console]07:37:11.0671 4172 HdAudAddService - ok[/FONT]
[FONT=Lucida Console]07:37:11.0700 4172 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys[/FONT]
[FONT=Lucida Console]07:37:11.0703 4172 HDAudBus - ok[/FONT]
[FONT=Lucida Console]07:37:11.0713 4172 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys[/FONT]
[FONT=Lucida Console]07:37:11.0716 4172 HidBatt - ok[/FONT]
[FONT=Lucida Console]07:37:11.0739 4172 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys[/FONT]
[FONT=Lucida Console]07:37:11.0743 4172 HidBth - ok[/FONT]
[FONT=Lucida Console]07:37:11.0776 4172 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys[/FONT]
[FONT=Lucida Console]07:37:11.0779 4172 HidIr - ok[/FONT]
[FONT=Lucida Console]07:37:11.0808 4172 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll[/FONT]
[FONT=Lucida Console]07:37:11.0811 4172 hidserv - ok[/FONT]
[FONT=Lucida Console]07:37:11.0837 4172 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys[/FONT]
[FONT=Lucida Console]07:37:11.0840 4172 HidUsb - ok[/FONT]
[FONT=Lucida Console]07:37:11.0883 4172 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll[/FONT]
[FONT=Lucida Console]07:37:11.0886 4172 hkmsvc - ok[/FONT]
[FONT=Lucida Console]07:37:11.0926 4172 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll[/FONT]
[FONT=Lucida Console]07:37:11.0931 4172 HomeGroupListener - ok[/FONT]
[FONT=Lucida Console]07:37:11.0968 4172 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll[/FONT]
[FONT=Lucida Console]07:37:11.0973 4172 HomeGroupProvider - ok[/FONT]
[FONT=Lucida Console]07:37:12.0046 4172 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[/FONT]
[FONT=Lucida Console]07:37:12.0048 4172 HP Support Assistant Service - ok[/FONT]
[FONT=Lucida Console]07:37:12.0110 4172 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe[/FONT]
[FONT=Lucida Console]07:37:12.0112 4172 HPDrvMntSvc.exe - ok[/FONT]
[FONT=Lucida Console]07:37:12.0143 4172 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys[/FONT]
[FONT=Lucida Console]07:37:12.0145 4172 hpdskflt - ok[/FONT]
[FONT=Lucida Console]07:37:12.0168 4172 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys[/FONT]
[FONT=Lucida Console]07:37:12.0170 4172 HpqKbFiltr - ok[/FONT]
[FONT=Lucida Console]07:37:12.0206 4172 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe[/FONT]
[FONT=Lucida Console]07:37:12.0227 4172 hpqwmiex - ok[/FONT]
[FONT=Lucida Console]07:37:12.0276 4172 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys[/FONT]
[FONT=Lucida Console]07:37:12.0279 4172 HpSAMD - ok[/FONT]
[FONT=Lucida Console]07:37:12.0332 4172 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe[/FONT]
[FONT=Lucida Console]07:37:12.0336 4172 hpsrv - ok[/FONT]
[FONT=Lucida Console]07:37:12.0395 4172 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys[/FONT]
[FONT=Lucida Console]07:37:12.0423 4172 HTTP - ok[/FONT]
[FONT=Lucida Console]07:37:12.0473 4172 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys[/FONT]
[FONT=Lucida Console]07:37:12.0476 4172 hwpolicy - ok[/FONT]
[FONT=Lucida Console]07:37:12.0526 4172 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys[/FONT]
[FONT=Lucida Console]07:37:12.0531 4172 i8042prt - ok[/FONT]
[FONT=Lucida Console]07:37:12.0561 4172 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys[/FONT]
[FONT=Lucida Console]07:37:12.0575 4172 iaStorV - ok[/FONT]
[FONT=Lucida Console]07:37:12.0640 4172 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[/FONT]
[FONT=Lucida Console]07:37:12.0667 4172 idsvc - ok[/FONT]
[FONT=Lucida Console]07:37:12.0747 4172 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120928.001\IDSvia64.sys[/FONT]
[FONT=Lucida Console]07:37:12.0765 4172 IDSVia64 - ok[/FONT]
[FONT=Lucida Console]07:37:12.0931 4172 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys[/FONT]
[FONT=Lucida Console]07:37:13.0061 4172 igfx - ok[/FONT]
[FONT=Lucida Console]07:37:13.0094 4172 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys[/FONT]
[FONT=Lucida Console]07:37:13.0097 4172 iirsp - ok[/FONT]
[FONT=Lucida Console]07:37:13.0148 4172 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll[/FONT]
[FONT=Lucida Console]07:37:13.0171 4172 IKEEXT - ok[/FONT]
[FONT=Lucida Console]07:37:13.0188 4172 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys[/FONT]
[FONT=Lucida Console]07:37:13.0190 4172 intelide - ok[/FONT]
[FONT=Lucida Console]07:37:13.0216 4172 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys[/FONT]
[FONT=Lucida Console]07:37:13.0219 4172 intelppm - ok[/FONT]
[FONT=Lucida Console]07:37:13.0244 4172 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll[/FONT]
[FONT=Lucida Console]07:37:13.0247 4172 IPBusEnum - ok[/FONT]
[FONT=Lucida Console]07:37:13.0286 4172 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys[/FONT]
[FONT=Lucida Console]07:37:13.0288 4172 IpFilterDriver - ok[/FONT]
[FONT=Lucida Console]07:37:13.0331 4172 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll[/FONT]
[FONT=Lucida Console]07:37:13.0345 4172 iphlpsvc - ok[/FONT]
[FONT=Lucida Console]07:37:13.0382 4172 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys[/FONT]
[FONT=Lucida Console]07:37:13.0385 4172 IPMIDRV - ok[/FONT]
[FONT=Lucida Console]07:37:13.0398 4172 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys[/FONT]
[FONT=Lucida Console]07:37:13.0401 4172 IPNAT - ok[/FONT]
[FONT=Lucida Console]07:37:13.0467 4172 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe[/FONT]
[FONT=Lucida Console]07:37:13.0484 4172 iPod Service - ok[/FONT]
[FONT=Lucida Console]07:37:13.0500 4172 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys[/FONT]
[FONT=Lucida Console]07:37:13.0502 4172 IRENUM - ok[/FONT]
[FONT=Lucida Console]07:37:13.0534 4172 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys[/FONT]
[FONT=Lucida Console]07:37:13.0536 4172 isapnp - ok[/FONT]
[FONT=Lucida Console]07:37:13.0569 4172 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys[/FONT]
[FONT=Lucida Console]07:37:13.0574 4172 iScsiPrt - ok[/FONT]
[FONT=Lucida Console]07:37:13.0586 4172 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys[/FONT]
[FONT=Lucida Console]07:37:13.0589 4172 kbdclass - ok[/FONT]
[FONT=Lucida Console]07:37:13.0610 4172 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys[/FONT]
[FONT=Lucida Console]07:37:13.0612 4172 kbdhid - ok[/FONT]
[FONT=Lucida Console]07:37:13.0625 4172 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:13.0626 4172 KeyIso - ok[/FONT]
[FONT=Lucida Console]07:37:13.0662 4172 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys[/FONT]
[FONT=Lucida Console]07:37:13.0665 4172 KSecDD - ok[/FONT]
[FONT=Lucida Console]07:37:13.0701 4172 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys[/FONT]
[FONT=Lucida Console]07:37:13.0704 4172 KSecPkg - ok[/FONT]
[FONT=Lucida Console]07:37:13.0714 4172 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys[/FONT]
[FONT=Lucida Console]07:37:13.0716 4172 ksthunk - ok[/FONT]
[FONT=Lucida Console]07:37:13.0752 4172 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll[/FONT]
[FONT=Lucida Console]07:37:13.0759 4172 KtmRm - ok[/FONT]
[FONT=Lucida Console]07:37:13.0799 4172 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll[/FONT]
[FONT=Lucida Console]07:37:13.0803 4172 LanmanServer - ok[/FONT]
[FONT=Lucida Console]07:37:13.0840 4172 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll[/FONT]
[FONT=Lucida Console]07:37:13.0843 4172 LanmanWorkstation - ok[/FONT]
[FONT=Lucida Console]07:37:13.0900 4172 [ C2E324014D54DAA2B5A4DE47CB696FD8 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[/FONT]
[FONT=Lucida Console]07:37:13.0901 4172 LightScribeService - ok[/FONT]
[FONT=Lucida Console]07:37:13.0931 4172 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys[/FONT]
[FONT=Lucida Console]07:37:13.0933 4172 lltdio - ok[/FONT]
[FONT=Lucida Console]07:37:13.0961 4172 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll[/FONT]
[FONT=Lucida Console]07:37:13.0966 4172 lltdsvc - ok[/FONT]
[FONT=Lucida Console]07:37:13.0986 4172 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll[/FONT]
[FONT=Lucida Console]07:37:13.0988 4172 lmhosts - ok[/FONT]
[FONT=Lucida Console]07:37:14.0009 4172 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys[/FONT]
[FONT=Lucida Console]07:37:14.0016 4172 LSI_FC - ok[/FONT]
[FONT=Lucida Console]07:37:14.0078 4172 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys[/FONT]
[FONT=Lucida Console]07:37:14.0084 4172 LSI_SAS - ok[/FONT]
[FONT=Lucida Console]07:37:14.0098 4172 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys[/FONT]
[FONT=Lucida Console]07:37:14.0103 4172 LSI_SAS2 - ok[/FONT]
[FONT=Lucida Console]07:37:14.0127 4172 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys[/FONT]
[FONT=Lucida Console]07:37:14.0130 4172 LSI_SCSI - ok[/FONT]
[FONT=Lucida Console]07:37:14.0151 4172 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys[/FONT]
 
[FONT=Lucida Console]07:37:14.0153 4172 luafv - ok[/FONT]
[FONT=Lucida Console]07:37:14.0215 4172 [ 6283AA23430A8F19050BEFC9139EFD02 ] lxdjCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdjserv.exe[/FONT]
[FONT=Lucida Console]07:37:14.0220 4172 lxdjCATSCustConnectService - ok[/FONT]
[FONT=Lucida Console]07:37:14.0235 4172 lxdj_device - ok[/FONT]
[FONT=Lucida Console]07:37:14.0273 4172 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll[/FONT]
[FONT=Lucida Console]07:37:14.0276 4172 Mcx2Svc - ok[/FONT]
[FONT=Lucida Console]07:37:14.0299 4172 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys[/FONT]
[FONT=Lucida Console]07:37:14.0301 4172 megasas - ok[/FONT]
[FONT=Lucida Console]07:37:14.0314 4172 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys[/FONT]
[FONT=Lucida Console]07:37:14.0319 4172 MegaSR - ok[/FONT]
[FONT=Lucida Console]07:37:14.0336 4172 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll[/FONT]
[FONT=Lucida Console]07:37:14.0339 4172 MMCSS - ok[/FONT]
[FONT=Lucida Console]07:37:14.0351 4172 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys[/FONT]
[FONT=Lucida Console]07:37:14.0353 4172 Modem - ok[/FONT]
[FONT=Lucida Console]07:37:14.0376 4172 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys[/FONT]
[FONT=Lucida Console]07:37:14.0377 4172 monitor - ok[/FONT]
[FONT=Lucida Console]07:37:14.0418 4172 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys[/FONT]
[FONT=Lucida Console]07:37:14.0420 4172 mouclass - ok[/FONT]
[FONT=Lucida Console]07:37:14.0438 4172 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys[/FONT]
[FONT=Lucida Console]07:37:14.0440 4172 mouhid - ok[/FONT]
[FONT=Lucida Console]07:37:14.0470 4172 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys[/FONT]
[FONT=Lucida Console]07:37:14.0473 4172 mountmgr - ok[/FONT]
[FONT=Lucida Console]07:37:14.0530 4172 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe[/FONT]
[FONT=Lucida Console]07:37:14.0532 4172 MozillaMaintenance - ok[/FONT]
[FONT=Lucida Console]07:37:14.0568 4172 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys[/FONT]
[FONT=Lucida Console]07:37:14.0571 4172 mpio - ok[/FONT]
[FONT=Lucida Console]07:37:14.0581 4172 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys[/FONT]
[FONT=Lucida Console]07:37:14.0584 4172 mpsdrv - ok[/FONT]
[FONT=Lucida Console]07:37:14.0629 4172 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll[/FONT]
[FONT=Lucida Console]07:37:14.0645 4172 MpsSvc - ok[/FONT]
[FONT=Lucida Console]07:37:14.0696 4172 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys[/FONT]
[FONT=Lucida Console]07:37:14.0702 4172 MRxDAV - ok[/FONT]
[FONT=Lucida Console]07:37:14.0745 4172 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys[/FONT]
[FONT=Lucida Console]07:37:14.0751 4172 mrxsmb - ok[/FONT]
[FONT=Lucida Console]07:37:14.0798 4172 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys[/FONT]
[FONT=Lucida Console]07:37:14.0814 4172 mrxsmb10 - ok[/FONT]
[FONT=Lucida Console]07:37:14.0836 4172 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys[/FONT]
[FONT=Lucida Console]07:37:14.0840 4172 mrxsmb20 - ok[/FONT]
[FONT=Lucida Console]07:37:14.0853 4172 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys[/FONT]
[FONT=Lucida Console]07:37:14.0855 4172 msahci - ok[/FONT]
[FONT=Lucida Console]07:37:14.0871 4172 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys[/FONT]
[FONT=Lucida Console]07:37:14.0874 4172 msdsm - ok[/FONT]
[FONT=Lucida Console]07:37:14.0888 4172 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe[/FONT]
[FONT=Lucida Console]07:37:14.0892 4172 MSDTC - ok[/FONT]
[FONT=Lucida Console]07:37:14.0915 4172 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys[/FONT]
[FONT=Lucida Console]07:37:14.0917 4172 Msfs - ok[/FONT]
[FONT=Lucida Console]07:37:14.0929 4172 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys[/FONT]
[FONT=Lucida Console]07:37:14.0931 4172 mshidkmdf - ok[/FONT]
[FONT=Lucida Console]07:37:14.0964 4172 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys[/FONT]
[FONT=Lucida Console]07:37:14.0966 4172 msisadrv - ok[/FONT]
[FONT=Lucida Console]07:37:15.0000 4172 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll[/FONT]
[FONT=Lucida Console]07:37:15.0004 4172 MSiSCSI - ok[/FONT]
[FONT=Lucida Console]07:37:15.0008 4172 msiserver - ok[/FONT]
[FONT=Lucida Console]07:37:15.0036 4172 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys[/FONT]
[FONT=Lucida Console]07:37:15.0037 4172 MSKSSRV - ok[/FONT]
[FONT=Lucida Console]07:37:15.0042 4172 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys[/FONT]
[FONT=Lucida Console]07:37:15.0044 4172 MSPCLOCK - ok[/FONT]
[FONT=Lucida Console]07:37:15.0052 4172 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys[/FONT]
[FONT=Lucida Console]07:37:15.0054 4172 MSPQM - ok[/FONT]
[FONT=Lucida Console]07:37:15.0111 4172 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys[/FONT]
[FONT=Lucida Console]07:37:15.0127 4172 MsRPC - ok[/FONT]
[FONT=Lucida Console]07:37:15.0145 4172 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys[/FONT]
[FONT=Lucida Console]07:37:15.0148 4172 mssmbios - ok[/FONT]
[FONT=Lucida Console]07:37:15.0163 4172 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys[/FONT]
[FONT=Lucida Console]07:37:15.0166 4172 MSTEE - ok[/FONT]
[FONT=Lucida Console]07:37:15.0178 4172 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys[/FONT]
[FONT=Lucida Console]07:37:15.0180 4172 MTConfig - ok[/FONT]
[FONT=Lucida Console]07:37:15.0203 4172 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys[/FONT]
[FONT=Lucida Console]07:37:15.0205 4172 Mup - ok[/FONT]
[FONT=Lucida Console]07:37:15.0260 4172 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe[/FONT]
[FONT=Lucida Console]07:37:15.0264 4172 N360 - ok[/FONT]
[FONT=Lucida Console]07:37:15.0319 4172 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll[/FONT]
[FONT=Lucida Console]07:37:15.0335 4172 napagent - ok[/FONT]
[FONT=Lucida Console]07:37:15.0358 4172 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys[/FONT]
[FONT=Lucida Console]07:37:15.0364 4172 NativeWifiP - ok[/FONT]
[FONT=Lucida Console]07:37:15.0455 4172 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120929.018\ENG64.SYS[/FONT]
[FONT=Lucida Console]07:37:15.0459 4172 NAVENG - ok[/FONT]
[FONT=Lucida Console]07:37:15.0550 4172 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120929.018\EX64.SYS[/FONT]
[FONT=Lucida Console]07:37:15.0568 4172 NAVEX15 - ok[/FONT]
[FONT=Lucida Console]07:37:15.0614 4172 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys[/FONT]
[FONT=Lucida Console]07:37:15.0640 4172 NDIS - ok[/FONT]
[FONT=Lucida Console]07:37:15.0659 4172 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys[/FONT]
[FONT=Lucida Console]07:37:15.0661 4172 NdisCap - ok[/FONT]
[FONT=Lucida Console]07:37:15.0680 4172 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys[/FONT]
[FONT=Lucida Console]07:37:15.0682 4172 NdisTapi - ok[/FONT]
[FONT=Lucida Console]07:37:15.0712 4172 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys[/FONT]
[FONT=Lucida Console]07:37:15.0714 4172 Ndisuio - ok[/FONT]
[FONT=Lucida Console]07:37:15.0757 4172 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys[/FONT]
[FONT=Lucida Console]07:37:15.0761 4172 NdisWan - ok[/FONT]
[FONT=Lucida Console]07:37:15.0794 4172 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys[/FONT]
[FONT=Lucida Console]07:37:15.0796 4172 NDProxy - ok[/FONT]
[FONT=Lucida Console]07:37:15.0817 4172 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys[/FONT]
[FONT=Lucida Console]07:37:15.0821 4172 NetBIOS - ok[/FONT]
[FONT=Lucida Console]07:37:15.0865 4172 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys[/FONT]
[FONT=Lucida Console]07:37:15.0870 4172 NetBT - ok[/FONT]
[FONT=Lucida Console]07:37:15.0912 4172 [ E3A05F4FC84538E732913C166A01D786 ] NetillaVPN C:\Windows\system32\DRIVERS\Netva.sys[/FONT]
[FONT=Lucida Console]07:37:15.0913 4172 NetillaVPN - ok[/FONT]
[FONT=Lucida Console]07:37:15.0959 4172 [ 434017B07E9E68F92A3C36DBB93D1E42 ] NetillaVPNService C:\Program Files\AEP\SSLTunnel\nvpns.exe[/FONT]
[FONT=Lucida Console]07:37:15.0962 4172 NetillaVPNService - ok[/FONT]
[FONT=Lucida Console]07:37:15.0979 4172 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:15.0983 4172 Netlogon - ok[/FONT]
[FONT=Lucida Console]07:37:16.0026 4172 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll[/FONT]
[FONT=Lucida Console]07:37:16.0043 4172 Netman - ok[/FONT]
[FONT=Lucida Console]07:37:16.0103 4172 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll[/FONT]
[FONT=Lucida Console]07:37:16.0129 4172 netprofm - ok[/FONT]
[FONT=Lucida Console]07:37:16.0158 4172 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe[/FONT]
[FONT=Lucida Console]07:37:16.0163 4172 NetTcpPortSharing - ok[/FONT]
[FONT=Lucida Console]07:37:16.0296 4172 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys[/FONT]
[FONT=Lucida Console]07:37:16.0416 4172 netw5v64 - ok[/FONT]
[FONT=Lucida Console]07:37:16.0469 4172 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys[/FONT]
[FONT=Lucida Console]07:37:16.0471 4172 nfrd960 - ok[/FONT]
[FONT=Lucida Console]07:37:16.0516 4172 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll[/FONT]
[FONT=Lucida Console]07:37:16.0520 4172 NlaSvc - ok[/FONT]
[FONT=Lucida Console]07:37:16.0529 4172 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys[/FONT]
[FONT=Lucida Console]07:37:16.0531 4172 Npfs - ok[/FONT]
[FONT=Lucida Console]07:37:16.0544 4172 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll[/FONT]
[FONT=Lucida Console]07:37:16.0546 4172 nsi - ok[/FONT]
[FONT=Lucida Console]07:37:16.0559 4172 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys[/FONT]
[FONT=Lucida Console]07:37:16.0561 4172 nsiproxy - ok[/FONT]
[FONT=Lucida Console]07:37:16.0644 4172 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys[/FONT]
[FONT=Lucida Console]07:37:16.0696 4172 Ntfs - ok[/FONT]
[FONT=Lucida Console]07:37:16.0712 4172 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys[/FONT]
[FONT=Lucida Console]07:37:16.0714 4172 Null - ok[/FONT]
[FONT=Lucida Console]07:37:16.0740 4172 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys[/FONT]
[FONT=Lucida Console]07:37:16.0743 4172 nvraid - ok[/FONT]
[FONT=Lucida Console]07:37:16.0782 4172 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys[/FONT]
[FONT=Lucida Console]07:37:16.0785 4172 nvstor - ok[/FONT]
[FONT=Lucida Console]07:37:16.0801 4172 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys[/FONT]
[FONT=Lucida Console]07:37:16.0805 4172 nv_agp - ok[/FONT]
[FONT=Lucida Console]07:37:16.0877 4172 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE[/FONT]
[FONT=Lucida Console]07:37:16.0894 4172 odserv - ok[/FONT]
[FONT=Lucida Console]07:37:16.0927 4172 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys[/FONT]
[FONT=Lucida Console]07:37:16.0930 4172 ohci1394 - ok[/FONT]
[FONT=Lucida Console]07:37:16.0967 4172 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE[/FONT]
[FONT=Lucida Console]07:37:16.0971 4172 ose - ok[/FONT]
[FONT=Lucida Console]07:37:16.0999 4172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0005 4172 p2pimsvc - ok[/FONT]
[FONT=Lucida Console]07:37:17.0056 4172 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0071 4172 p2psvc - ok[/FONT]
[FONT=Lucida Console]07:37:17.0083 4172 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys[/FONT]
[FONT=Lucida Console]07:37:17.0087 4172 Parport - ok[/FONT]
[FONT=Lucida Console]07:37:17.0107 4172 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys[/FONT]
[FONT=Lucida Console]07:37:17.0110 4172 partmgr - ok[/FONT]
[FONT=Lucida Console]07:37:17.0125 4172 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0129 4172 PcaSvc - ok[/FONT]
[FONT=Lucida Console]07:37:17.0143 4172 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys[/FONT]
[FONT=Lucida Console]07:37:17.0147 4172 pci - ok[/FONT]
[FONT=Lucida Console]07:37:17.0184 4172 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys[/FONT]
[FONT=Lucida Console]07:37:17.0185 4172 pciide - ok[/FONT]
[FONT=Lucida Console]07:37:17.0208 4172 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys[/FONT]
[FONT=Lucida Console]07:37:17.0212 4172 pcmcia - ok[/FONT]
[FONT=Lucida Console]07:37:17.0239 4172 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys[/FONT]
[FONT=Lucida Console]07:37:17.0241 4172 pcw - ok[/FONT]
[FONT=Lucida Console]07:37:17.0266 4172 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys[/FONT]
[FONT=Lucida Console]07:37:17.0280 4172 PEAUTH - ok[/FONT]
[FONT=Lucida Console]07:37:17.0367 4172 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe[/FONT]
[FONT=Lucida Console]07:37:17.0369 4172 PerfHost - ok[/FONT]
[FONT=Lucida Console]07:37:17.0445 4172 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll[/FONT]
[FONT=Lucida Console]07:37:17.0480 4172 pla - ok[/FONT]
[FONT=Lucida Console]07:37:17.0528 4172 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll[/FONT]
[FONT=Lucida Console]07:37:17.0543 4172 PlugPlay - ok[/FONT]
[FONT=Lucida Console]07:37:17.0559 4172 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll[/FONT]
[FONT=Lucida Console]07:37:17.0563 4172 PNRPAutoReg - ok[/FONT]
[FONT=Lucida Console]07:37:17.0581 4172 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0584 4172 PNRPsvc - ok[/FONT]
[FONT=Lucida Console]07:37:17.0638 4172 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0655 4172 PolicyAgent - ok[/FONT]
[FONT=Lucida Console]07:37:17.0685 4172 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll[/FONT]
[FONT=Lucida Console]07:37:17.0690 4172 Power - ok[/FONT]
[FONT=Lucida Console]07:37:17.0734 4172 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys[/FONT]
[FONT=Lucida Console]07:37:17.0738 4172 PptpMiniport - ok[/FONT]
[FONT=Lucida Console]07:37:17.0764 4172 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys[/FONT]
[FONT=Lucida Console]07:37:17.0767 4172 Processor - ok[/FONT]
[FONT=Lucida Console]07:37:17.0815 4172 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll[/FONT]
[FONT=Lucida Console]07:37:17.0820 4172 ProfSvc - ok[/FONT]
[FONT=Lucida Console]07:37:17.0835 4172 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:17.0837 4172 ProtectedStorage - ok[/FONT]
[FONT=Lucida Console]07:37:17.0872 4172 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys[/FONT]
[FONT=Lucida Console]07:37:17.0875 4172 Psched - ok[/FONT]
[FONT=Lucida Console]07:37:17.0929 4172 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys[/FONT]
[FONT=Lucida Console]07:37:17.0973 4172 ql2300 - ok[/FONT]
[FONT=Lucida Console]07:37:17.0989 4172 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys[/FONT]
[FONT=Lucida Console]07:37:17.0992 4172 ql40xx - ok[/FONT]
[FONT=Lucida Console]07:37:18.0025 4172 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll[/FONT]
[FONT=Lucida Console]07:37:18.0030 4172 QWAVE - ok[/FONT]
[FONT=Lucida Console]07:37:18.0058 4172 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys[/FONT]
[FONT=Lucida Console]07:37:18.0060 4172 QWAVEdrv - ok[/FONT]
[FONT=Lucida Console]07:37:18.0232 4172 [ 68B15A9A2A35D7AFA3BDA1FB9EDB84D0 ] RapportCerberus_32029 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys[/FONT]
[FONT=Lucida Console]07:37:18.0249 4172 RapportCerberus_32029 - ok[/FONT]
[FONT=Lucida Console]07:37:18.0383 4172 [ 8648B4268DFB90536E02DCB800991BE8 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys[/FONT]
[FONT=Lucida Console]07:37:18.0386 4172 RapportEI64 - ok[/FONT]
[FONT=Lucida Console]07:37:18.0427 4172 [ 0B6DAB824EA1A0B1728395EE69AA31E9 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys[/FONT]
[FONT=Lucida Console]07:37:18.0430 4172 RapportKE64 - ok[/FONT]
[FONT=Lucida Console]07:37:18.0488 4172 [ AF91CEB3A00F4B4D02C452E4C9E12F53 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[/FONT]
[FONT=Lucida Console]07:37:18.0502 4172 RapportMgmtService - ok[/FONT]
[FONT=Lucida Console]07:37:18.0529 4172 [ 2DDC808AA69EC47465F4D13D16E4FE66 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys[/FONT]
[FONT=Lucida Console]07:37:18.0532 4172 RapportPG64 - ok[/FONT]
[FONT=Lucida Console]07:37:18.0548 4172 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys[/FONT]
[FONT=Lucida Console]07:37:18.0551 4172 RasAcd - ok[/FONT]
[FONT=Lucida Console]07:37:18.0581 4172 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys[/FONT]
[FONT=Lucida Console]07:37:18.0584 4172 RasAgileVpn - ok[/FONT]
[FONT=Lucida Console]07:37:18.0609 4172 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll[/FONT]
[FONT=Lucida Console]07:37:18.0613 4172 RasAuto - ok[/FONT]
[FONT=Lucida Console]07:37:18.0653 4172 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys[/FONT]
[FONT=Lucida Console]07:37:18.0659 4172 Rasl2tp - ok[/FONT]
[FONT=Lucida Console]07:37:18.0701 4172 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll[/FONT]
[FONT=Lucida Console]07:37:18.0719 4172 RasMan - ok[/FONT]
[FONT=Lucida Console]07:37:18.0743 4172 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys[/FONT]
[FONT=Lucida Console]07:37:18.0748 4172 RasPppoe - ok[/FONT]
[FONT=Lucida Console]07:37:18.0769 4172 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys[/FONT]
[FONT=Lucida Console]07:37:18.0774 4172 RasSstp - ok[/FONT]
[FONT=Lucida Console]07:37:18.0820 4172 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys[/FONT]
[FONT=Lucida Console]07:37:18.0837 4172 rdbss - ok[/FONT]
[FONT=Lucida Console]07:37:18.0861 4172 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys[/FONT]
[FONT=Lucida Console]07:37:18.0864 4172 rdpbus - ok[/FONT]
[FONT=Lucida Console]07:37:18.0889 4172 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys[/FONT]
[FONT=Lucida Console]07:37:18.0891 4172 RDPCDD - ok[/FONT]
[FONT=Lucida Console]07:37:18.0906 4172 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys[/FONT]
[FONT=Lucida Console]07:37:18.0908 4172 RDPENCDD - ok[/FONT]
[FONT=Lucida Console]07:37:18.0925 4172 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys[/FONT]
[FONT=Lucida Console]07:37:18.0927 4172 RDPREFMP - ok[/FONT]
[FONT=Lucida Console]07:37:18.0968 4172 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys[/FONT]
 
[FONT=Lucida Console]07:37:18.0971 4172 RDPWD - ok[/FONT]
[FONT=Lucida Console]07:37:19.0007 4172 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys[/FONT]
[FONT=Lucida Console]07:37:19.0026 4172 rdyboost - ok[/FONT]
[FONT=Lucida Console]07:37:19.0087 4172 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll[/FONT]
[FONT=Lucida Console]07:37:19.0094 4172 RemoteAccess - ok[/FONT]
[FONT=Lucida Console]07:37:19.0113 4172 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll[/FONT]
[FONT=Lucida Console]07:37:19.0121 4172 RemoteRegistry - ok[/FONT]
[FONT=Lucida Console]07:37:19.0183 4172 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe[/FONT]
[FONT=Lucida Console]07:37:19.0189 4172 RichVideo - ok[/FONT]
[FONT=Lucida Console]07:37:19.0243 4172 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys[/FONT]
[FONT=Lucida Console]07:37:19.0247 4172 RimUsb - ok[/FONT]
[FONT=Lucida Console]07:37:19.0278 4172 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys[/FONT]
[FONT=Lucida Console]07:37:19.0282 4172 RimVSerPort - ok[/FONT]
[FONT=Lucida Console]07:37:19.0300 4172 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys[/FONT]
[FONT=Lucida Console]07:37:19.0303 4172 ROOTMODEM - ok[/FONT]
[FONT=Lucida Console]07:37:19.0317 4172 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll[/FONT]
[FONT=Lucida Console]07:37:19.0320 4172 RpcEptMapper - ok[/FONT]
[FONT=Lucida Console]07:37:19.0337 4172 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe[/FONT]
[FONT=Lucida Console]07:37:19.0339 4172 RpcLocator - ok[/FONT]
[FONT=Lucida Console]07:37:19.0386 4172 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll[/FONT]
[FONT=Lucida Console]07:37:19.0391 4172 RpcSs - ok[/FONT]
[FONT=Lucida Console]07:37:19.0416 4172 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys[/FONT]
[FONT=Lucida Console]07:37:19.0419 4172 rspndr - ok[/FONT]
[FONT=Lucida Console]07:37:19.0430 4172 RSUSBSTOR - ok[/FONT]
[FONT=Lucida Console]07:37:19.0466 4172 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys[/FONT]
[FONT=Lucida Console]07:37:19.0470 4172 RTL8167 - ok[/FONT]
[FONT=Lucida Console]07:37:19.0475 4172 RtsUIR - ok[/FONT]
[FONT=Lucida Console]07:37:19.0490 4172 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:19.0492 4172 SamSs - ok[/FONT]
[FONT=Lucida Console]07:37:19.0528 4172 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys[/FONT]
[FONT=Lucida Console]07:37:19.0531 4172 sbp2port - ok[/FONT]
[FONT=Lucida Console]07:37:19.0548 4172 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll[/FONT]
[FONT=Lucida Console]07:37:19.0552 4172 SCardSvr - ok[/FONT]
[FONT=Lucida Console]07:37:19.0587 4172 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys[/FONT]
[FONT=Lucida Console]07:37:19.0589 4172 scfilter - ok[/FONT]
[FONT=Lucida Console]07:37:19.0651 4172 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll[/FONT]
[FONT=Lucida Console]07:37:19.0680 4172 Schedule - ok[/FONT]
[FONT=Lucida Console]07:37:19.0711 4172 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll[/FONT]
[FONT=Lucida Console]07:37:19.0713 4172 SCPolicySvc - ok[/FONT]
[FONT=Lucida Console]07:37:19.0756 4172 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys[/FONT]
[FONT=Lucida Console]07:37:19.0759 4172 sdbus - ok[/FONT]
[FONT=Lucida Console]07:37:19.0800 4172 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll[/FONT]
[FONT=Lucida Console]07:37:19.0805 4172 SDRSVC - ok[/FONT]
[FONT=Lucida Console]07:37:19.0831 4172 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys[/FONT]
[FONT=Lucida Console]07:37:19.0834 4172 secdrv - ok[/FONT]
[FONT=Lucida Console]07:37:19.0865 4172 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll[/FONT]
[FONT=Lucida Console]07:37:19.0868 4172 seclogon - ok[/FONT]
[FONT=Lucida Console]07:37:19.0881 4172 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll[/FONT]
[FONT=Lucida Console]07:37:19.0883 4172 SENS - ok[/FONT]
[FONT=Lucida Console]07:37:19.0907 4172 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll[/FONT]
[FONT=Lucida Console]07:37:19.0910 4172 SensrSvc - ok[/FONT]
[FONT=Lucida Console]07:37:19.0932 4172 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys[/FONT]
[FONT=Lucida Console]07:37:19.0934 4172 Serenum - ok[/FONT]
[FONT=Lucida Console]07:37:19.0946 4172 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys[/FONT]
[FONT=Lucida Console]07:37:19.0949 4172 Serial - ok[/FONT]
[FONT=Lucida Console]07:37:19.0992 4172 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys[/FONT]
[FONT=Lucida Console]07:37:19.0994 4172 sermouse - ok[/FONT]
[FONT=Lucida Console]07:37:20.0035 4172 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll[/FONT]
[FONT=Lucida Console]07:37:20.0039 4172 SessionEnv - ok[/FONT]
[FONT=Lucida Console]07:37:20.0078 4172 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys[/FONT]
[FONT=Lucida Console]07:37:20.0080 4172 sffdisk - ok[/FONT]
[FONT=Lucida Console]07:37:20.0090 4172 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys[/FONT]
[FONT=Lucida Console]07:37:20.0092 4172 sffp_mmc - ok[/FONT]
[FONT=Lucida Console]07:37:20.0106 4172 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys[/FONT]
[FONT=Lucida Console]07:37:20.0108 4172 sffp_sd - ok[/FONT]
[FONT=Lucida Console]07:37:20.0121 4172 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys[/FONT]
[FONT=Lucida Console]07:37:20.0123 4172 sfloppy - ok[/FONT]
[FONT=Lucida Console]07:37:20.0146 4172 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll[/FONT]
[FONT=Lucida Console]07:37:20.0152 4172 SharedAccess - ok[/FONT]
[FONT=Lucida Console]07:37:20.0224 4172 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll[/FONT]
[FONT=Lucida Console]07:37:20.0237 4172 ShellHWDetection - ok[/FONT]
[FONT=Lucida Console]07:37:20.0274 4172 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys[/FONT]
[FONT=Lucida Console]07:37:20.0278 4172 SiSRaid2 - ok[/FONT]
[FONT=Lucida Console]07:37:20.0295 4172 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys[/FONT]
[FONT=Lucida Console]07:37:20.0299 4172 SiSRaid4 - ok[/FONT]
[FONT=Lucida Console]07:37:20.0332 4172 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys[/FONT]
[FONT=Lucida Console]07:37:20.0335 4172 Smb - ok[/FONT]
[FONT=Lucida Console]07:37:20.0361 4172 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe[/FONT]
[FONT=Lucida Console]07:37:20.0363 4172 SNMPTRAP - ok[/FONT]
[FONT=Lucida Console]07:37:20.0376 4172 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys[/FONT]
[FONT=Lucida Console]07:37:20.0378 4172 spldr - ok[/FONT]
[FONT=Lucida Console]07:37:20.0408 4172 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe[/FONT]
[FONT=Lucida Console]07:37:20.0422 4172 Spooler - ok[/FONT]
[FONT=Lucida Console]07:37:20.0546 4172 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe[/FONT]
[FONT=Lucida Console]07:37:20.0636 4172 sppsvc - ok[/FONT]
[FONT=Lucida Console]07:37:20.0649 4172 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll[/FONT]
[FONT=Lucida Console]07:37:20.0652 4172 sppuinotify - ok[/FONT]
[FONT=Lucida Console]07:37:20.0732 4172 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS[/FONT]
[FONT=Lucida Console]07:37:20.0758 4172 SRTSP - ok[/FONT]
[FONT=Lucida Console]07:37:20.0776 4172 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS[/FONT]
[FONT=Lucida Console]07:37:20.0779 4172 SRTSPX - ok[/FONT]
[FONT=Lucida Console]07:37:20.0818 4172 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys[/FONT]
[FONT=Lucida Console]07:37:20.0832 4172 srv - ok[/FONT]
[FONT=Lucida Console]07:37:20.0851 4172 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys[/FONT]
[FONT=Lucida Console]07:37:20.0864 4172 srv2 - ok[/FONT]
[FONT=Lucida Console]07:37:20.0892 4172 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS[/FONT]
[FONT=Lucida Console]07:37:20.0897 4172 SrvHsfHDA - ok[/FONT]
[FONT=Lucida Console]07:37:20.0934 4172 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS[/FONT]
[FONT=Lucida Console]07:37:20.0968 4172 SrvHsfV92 - ok[/FONT]
[FONT=Lucida Console]07:37:21.0002 4172 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0019 4172 SrvHsfWinac - ok[/FONT]
[FONT=Lucida Console]07:37:21.0043 4172 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys[/FONT]
[FONT=Lucida Console]07:37:21.0046 4172 srvnet - ok[/FONT]
[FONT=Lucida Console]07:37:21.0078 4172 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll[/FONT]
[FONT=Lucida Console]07:37:21.0083 4172 SSDPSRV - ok[/FONT]
[FONT=Lucida Console]07:37:21.0095 4172 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll[/FONT]
[FONT=Lucida Console]07:37:21.0098 4172 SstpSvc - ok[/FONT]
[FONT=Lucida Console]07:37:21.0236 4172 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe[/FONT]
[FONT=Lucida Console]07:37:21.0243 4172 STacSV - ok[/FONT]
[FONT=Lucida Console]07:37:21.0291 4172 Steam Client Service - ok[/FONT]
[FONT=Lucida Console]07:37:21.0313 4172 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys[/FONT]
[FONT=Lucida Console]07:37:21.0317 4172 stexstor - ok[/FONT]
[FONT=Lucida Console]07:37:21.0358 4172 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys[/FONT]
[FONT=Lucida Console]07:37:21.0376 4172 STHDA - ok[/FONT]
[FONT=Lucida Console]07:37:21.0429 4172 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll[/FONT]
[FONT=Lucida Console]07:37:21.0447 4172 stisvc - ok[/FONT]
[FONT=Lucida Console]07:37:21.0484 4172 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys[/FONT]
[FONT=Lucida Console]07:37:21.0487 4172 swenum - ok[/FONT]
[FONT=Lucida Console]07:37:21.0505 4172 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll[/FONT]
[FONT=Lucida Console]07:37:21.0521 4172 swprv - ok[/FONT]
[FONT=Lucida Console]07:37:21.0569 4172 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0586 4172 SymDS - ok[/FONT]
[FONT=Lucida Console]07:37:21.0633 4172 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0659 4172 SymEFA - ok[/FONT]
[FONT=Lucida Console]07:37:21.0692 4172 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0697 4172 SymEvent - ok[/FONT]
[FONT=Lucida Console]07:37:21.0715 4172 SYMFW - ok[/FONT]
[FONT=Lucida Console]07:37:21.0738 4172 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0743 4172 SymIRON - ok[/FONT]
[FONT=Lucida Console]07:37:21.0750 4172 SYMNDISV - ok[/FONT]
[FONT=Lucida Console]07:37:21.0787 4172 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS[/FONT]
[FONT=Lucida Console]07:37:21.0802 4172 SymNetS - ok[/FONT]
[FONT=Lucida Console]07:37:21.0837 4172 [ 924D711941956F7420A4925592BE8253 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys[/FONT]
[FONT=Lucida Console]07:37:21.0843 4172 SynTP - ok[/FONT]
[FONT=Lucida Console]07:37:21.0914 4172 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll[/FONT]
[FONT=Lucida Console]07:37:21.0957 4172 SysMain - ok[/FONT]
[FONT=Lucida Console]07:37:21.0994 4172 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll[/FONT]
[FONT=Lucida Console]07:37:21.0999 4172 TabletInputService - ok[/FONT]
[FONT=Lucida Console]07:37:22.0042 4172 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll[/FONT]
[FONT=Lucida Console]07:37:22.0059 4172 TapiSrv - ok[/FONT]
[FONT=Lucida Console]07:37:22.0117 4172 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll[/FONT]
[FONT=Lucida Console]07:37:22.0120 4172 TBS - ok[/FONT]
[FONT=Lucida Console]07:37:22.0198 4172 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys[/FONT]
[FONT=Lucida Console]07:37:22.0241 4172 Tcpip - ok[/FONT]
[FONT=Lucida Console]07:37:22.0297 4172 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys[/FONT]
[FONT=Lucida Console]07:37:22.0309 4172 TCPIP6 - ok[/FONT]
[FONT=Lucida Console]07:37:22.0349 4172 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys[/FONT]
[FONT=Lucida Console]07:37:22.0351 4172 tcpipreg - ok[/FONT]
[FONT=Lucida Console]07:37:22.0375 4172 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys[/FONT]
[FONT=Lucida Console]07:37:22.0377 4172 TDPIPE - ok[/FONT]
[FONT=Lucida Console]07:37:22.0414 4172 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys[/FONT]
[FONT=Lucida Console]07:37:22.0416 4172 TDTCP - ok[/FONT]
[FONT=Lucida Console]07:37:22.0464 4172 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys[/FONT]
[FONT=Lucida Console]07:37:22.0467 4172 tdx - ok[/FONT]
[FONT=Lucida Console]07:37:22.0501 4172 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys[/FONT]
[FONT=Lucida Console]07:37:22.0504 4172 TermDD - ok[/FONT]
[FONT=Lucida Console]07:37:22.0560 4172 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll[/FONT]
[FONT=Lucida Console]07:37:22.0586 4172 TermService - ok[/FONT]
[FONT=Lucida Console]07:37:22.0609 4172 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll[/FONT]
[FONT=Lucida Console]07:37:22.0611 4172 Themes - ok[/FONT]
[FONT=Lucida Console]07:37:22.0631 4172 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll[/FONT]
[FONT=Lucida Console]07:37:22.0633 4172 THREADORDER - ok[/FONT]
[FONT=Lucida Console]07:37:22.0646 4172 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll[/FONT]
[FONT=Lucida Console]07:37:22.0650 4172 TrkWks - ok[/FONT]
[FONT=Lucida Console]07:37:22.0717 4172 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe[/FONT]
[FONT=Lucida Console]07:37:22.0723 4172 TrustedInstaller - ok[/FONT]
[FONT=Lucida Console]07:37:22.0762 4172 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys[/FONT]
[FONT=Lucida Console]07:37:22.0766 4172 tssecsrv - ok[/FONT]
[FONT=Lucida Console]07:37:22.0803 4172 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys[/FONT]
[FONT=Lucida Console]07:37:22.0807 4172 TsUsbFlt - ok[/FONT]
[FONT=Lucida Console]07:37:22.0867 4172 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys[/FONT]
[FONT=Lucida Console]07:37:22.0872 4172 tunnel - ok[/FONT]
[FONT=Lucida Console]07:37:22.0905 4172 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys[/FONT]
[FONT=Lucida Console]07:37:22.0909 4172 uagp35 - ok[/FONT]
[FONT=Lucida Console]07:37:22.0949 4172 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys[/FONT]
[FONT=Lucida Console]07:37:22.0956 4172 udfs - ok[/FONT]
[FONT=Lucida Console]07:37:22.0974 4172 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe[/FONT]
[FONT=Lucida Console]07:37:22.0977 4172 UI0Detect - ok[/FONT]
[FONT=Lucida Console]07:37:22.0986 4172 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys[/FONT]
[FONT=Lucida Console]07:37:22.0989 4172 uliagpkx - ok[/FONT]
[FONT=Lucida Console]07:37:23.0030 4172 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys[/FONT]
[FONT=Lucida Console]07:37:23.0032 4172 umbus - ok[/FONT]
[FONT=Lucida Console]07:37:23.0058 4172 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys[/FONT]
[FONT=Lucida Console]07:37:23.0060 4172 UmPass - ok[/FONT]
[FONT=Lucida Console]07:37:23.0074 4172 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll[/FONT]
[FONT=Lucida Console]07:37:23.0080 4172 upnphost - ok[/FONT]
[FONT=Lucida Console]07:37:23.0165 4172 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys[/FONT]
[FONT=Lucida Console]07:37:23.0169 4172 USBAAPL64 - ok[/FONT]
[FONT=Lucida Console]07:37:23.0211 4172 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys[/FONT]
[FONT=Lucida Console]07:37:23.0217 4172 usbccgp - ok[/FONT]
[FONT=Lucida Console]07:37:23.0226 4172 USBCCID - ok[/FONT]
[FONT=Lucida Console]07:37:23.0272 4172 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys[/FONT]
[FONT=Lucida Console]07:37:23.0277 4172 usbcir - ok[/FONT]
[FONT=Lucida Console]07:37:23.0295 4172 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys[/FONT]
[FONT=Lucida Console]07:37:23.0299 4172 usbehci - ok[/FONT]
[FONT=Lucida Console]07:37:23.0336 4172 [ 44D9C773FEBFF10593B50DDFC2D6BC27 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys[/FONT]
[FONT=Lucida Console]07:37:23.0339 4172 usbfilter - ok[/FONT]
[FONT=Lucida Console]07:37:23.0354 4172 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys[/FONT]
[FONT=Lucida Console]07:37:23.0360 4172 usbhub - ok[/FONT]
[FONT=Lucida Console]07:37:23.0373 4172 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys[/FONT]
[FONT=Lucida Console]07:37:23.0375 4172 usbohci - ok[/FONT]
[FONT=Lucida Console]07:37:23.0394 4172 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys[/FONT]
[FONT=Lucida Console]07:37:23.0396 4172 usbprint - ok[/FONT]
[FONT=Lucida Console]07:37:23.0407 4172 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS[/FONT]
[FONT=Lucida Console]07:37:23.0410 4172 USBSTOR - ok[/FONT]
[FONT=Lucida Console]07:37:23.0421 4172 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys[/FONT]
[FONT=Lucida Console]07:37:23.0423 4172 usbuhci - ok[/FONT]
[FONT=Lucida Console]07:37:23.0444 4172 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys[/FONT]
[FONT=Lucida Console]07:37:23.0448 4172 usbvideo - ok[/FONT]
[FONT=Lucida Console]07:37:23.0460 4172 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll[/FONT]
[FONT=Lucida Console]07:37:23.0463 4172 UxSms - ok[/FONT]
[FONT=Lucida Console]07:37:23.0475 4172 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe[/FONT]
[FONT=Lucida Console]07:37:23.0477 4172 VaultSvc - ok[/FONT]
[FONT=Lucida Console]07:37:23.0499 4172 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys[/FONT]
[FONT=Lucida Console]07:37:23.0501 4172 vdrvroot - ok[/FONT]
[FONT=Lucida Console]07:37:23.0544 4172 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe[/FONT]
[FONT=Lucida Console]07:37:23.0569 4172 vds - ok[/FONT]
[FONT=Lucida Console]07:37:23.0598 4172 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys[/FONT]
[FONT=Lucida Console]07:37:23.0600 4172 vga - ok[/FONT]
[FONT=Lucida Console]07:37:23.0606 4172 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys[/FONT]
[FONT=Lucida Console]07:37:23.0609 4172 VgaSave - ok[/FONT]
[FONT=Lucida Console]07:37:23.0631 4172 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys[/FONT]
[FONT=Lucida Console]07:37:23.0635 4172 vhdmp - ok[/FONT]
[FONT=Lucida Console]07:37:23.0669 4172 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys[/FONT]
[FONT=Lucida Console]07:37:23.0671 4172 viaide - ok[/FONT]
[FONT=Lucida Console]07:37:23.0679 4172 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys[/FONT]
[FONT=Lucida Console]07:37:23.0682 4172 volmgr - ok[/FONT]
[FONT=Lucida Console]07:37:23.0728 4172 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys[/FONT]
[FONT=Lucida Console]07:37:23.0746 4172 volmgrx - ok[/FONT]
[FONT=Lucida Console]07:37:23.0768 4172 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys[/FONT]
[FONT=Lucida Console]07:37:23.0782 4172 volsnap - ok[/FONT]
[FONT=Lucida Console]07:37:23.0815 4172 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys[/FONT]
[FONT=Lucida Console]07:37:23.0820 4172 vsmraid - ok[/FONT]
[FONT=Lucida Console]07:37:23.0979 4172 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe[/FONT]
[FONT=Lucida Console]07:37:24.0007 4172 VSS - ok[/FONT]
[FONT=Lucida Console]07:37:24.0021 4172 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys[/FONT]
[FONT=Lucida Console]07:37:24.0023 4172 vwifibus - ok[/FONT]
[FONT=Lucida Console]07:37:24.0045 4172 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys[/FONT]
[FONT=Lucida Console]07:37:24.0047 4172 vwififlt - ok[/FONT]
[FONT=Lucida Console]07:37:24.0080 4172 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll[/FONT]
[FONT=Lucida Console]07:37:24.0095 4172 W32Time - ok[/FONT]
[FONT=Lucida Console]07:37:24.0145 4172 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys[/FONT]
[FONT=Lucida Console]07:37:24.0149 4172 WacomPen - ok[/FONT]
[FONT=Lucida Console]07:37:24.0182 4172 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Lucida Console]07:37:24.0187 4172 WANARP - ok[/FONT]
[FONT=Lucida Console]07:37:24.0200 4172 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Lucida Console]07:37:24.0202 4172 Wanarpv6 - ok[/FONT]
[FONT=Lucida Console]07:37:24.0263 4172 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe[/FONT]
[FONT=Lucida Console]07:37:24.0298 4172 WatAdminSvc - ok[/FONT]
[FONT=Lucida Console]07:37:24.0362 4172 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe[/FONT]
[FONT=Lucida Console]07:37:24.0397 4172 wbengine - ok[/FONT]
[FONT=Lucida Console]07:37:24.0415 4172 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll[/FONT]
[FONT=Lucida Console]07:37:24.0420 4172 WbioSrvc - ok[/FONT]
[FONT=Lucida Console]07:37:24.0463 4172 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll[/FONT]
[FONT=Lucida Console]07:37:24.0476 4172 wcncsvc - ok[/FONT]
[FONT=Lucida Console]07:37:24.0510 4172 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll[/FONT]
[FONT=Lucida Console]07:37:24.0513 4172 WcsPlugInService - ok[/FONT]
[FONT=Lucida Console]07:37:24.0535 4172 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys[/FONT]
[FONT=Lucida Console]07:37:24.0565 4172 Wd - ok[/FONT]
[FONT=Lucida Console]07:37:24.0646 4172 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys[/FONT]
[FONT=Lucida Console]07:37:24.0696 4172 Wdf01000 - ok[/FONT]
[FONT=Lucida Console]07:37:24.0741 4172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll[/FONT]
[FONT=Lucida Console]07:37:24.0772 4172 WdiServiceHost - ok[/FONT]
[FONT=Lucida Console]07:37:24.0798 4172 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll[/FONT]
[FONT=Lucida Console]07:37:24.0804 4172 WdiSystemHost - ok[/FONT]
[FONT=Lucida Console]07:37:24.0898 4172 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll[/FONT]
[FONT=Lucida Console]07:37:24.0925 4172 WebClient - ok[/FONT]
[FONT=Lucida Console]07:37:24.0949 4172 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll[/FONT]
[FONT=Lucida Console]07:37:24.0981 4172 Wecsvc - ok[/FONT]
[FONT=Lucida Console]07:37:25.0007 4172 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll[/FONT]
[FONT=Lucida Console]07:37:25.0043 4172 wercplsupport - ok[/FONT]
[FONT=Lucida Console]07:37:25.0127 4172 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll[/FONT]
[FONT=Lucida Console]07:37:25.0157 4172 WerSvc - ok[/FONT]
[FONT=Lucida Console]07:37:25.0240 4172 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys[/FONT]
[FONT=Lucida Console]07:37:25.0261 4172 WfpLwf - ok[/FONT]
[FONT=Lucida Console]07:37:25.0294 4172 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys[/FONT]
[FONT=Lucida Console]07:37:25.0297 4172 WIMMount - ok[/FONT]
[FONT=Lucida Console]07:37:25.0336 4172 WinDefend - ok[/FONT]
[FONT=Lucida Console]07:37:25.0344 4172 WinHttpAutoProxySvc - ok[/FONT]
[FONT=Lucida Console]07:37:25.0493 4172 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll[/FONT]
[FONT=Lucida Console]07:37:25.0522 4172 Winmgmt - ok[/FONT]
[FONT=Lucida Console]07:37:25.0879 4172 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll[/FONT]
[FONT=Lucida Console]07:37:25.0967 4172 WinRM - ok[/FONT]
[FONT=Lucida Console]07:37:26.0157 4172 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys[/FONT]
[FONT=Lucida Console]07:37:26.0187 4172 WinUsb - ok[/FONT]
[FONT=Lucida Console]07:37:26.0308 4172 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll[/FONT]
[FONT=Lucida Console]07:37:26.0342 4172 Wlansvc - ok[/FONT]
[FONT=Lucida Console]07:37:26.0447 4172 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys[/FONT]
[FONT=Lucida Console]07:37:26.0519 4172 WmiAcpi - ok[/FONT]
[FONT=Lucida Console]07:37:26.0624 4172 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe[/FONT]
[FONT=Lucida Console]07:37:26.0671 4172 wmiApSrv - ok[/FONT]
[FONT=Lucida Console]07:37:26.0741 4172 WMPNetworkSvc - ok[/FONT]
[FONT=Lucida Console]07:37:26.0779 4172 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll[/FONT]
[FONT=Lucida Console]07:37:26.0807 4172 WPCSvc - ok[/FONT]
[FONT=Lucida Console]07:37:26.0904 4172 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll[/FONT]
[FONT=Lucida Console]07:37:26.0936 4172 WPDBusEnum - ok[/FONT]
[FONT=Lucida Console]07:37:27.0017 4172 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys[/FONT]
[FONT=Lucida Console]07:37:27.0064 4172 ws2ifsl - ok[/FONT]
[FONT=Lucida Console]07:37:27.0121 4172 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll[/FONT]
[FONT=Lucida Console]07:37:27.0149 4172 wscsvc - ok[/FONT]
[FONT=Lucida Console]07:37:27.0158 4172 WSearch - ok[/FONT]
[FONT=Lucida Console]07:37:27.0576 4172 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll[/FONT]
[FONT=Lucida Console]07:37:27.0608 4172 wuauserv - ok[/FONT]
[FONT=Lucida Console]07:37:27.0634 4172 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys[/FONT]
[FONT=Lucida Console]07:37:27.0668 4172 WudfPf - ok[/FONT]
[FONT=Lucida Console]07:37:27.0752 4172 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys[/FONT]
[FONT=Lucida Console]07:37:27.0775 4172 WUDFRd - ok[/FONT]
[FONT=Lucida Console]07:37:27.0820 4172 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll[/FONT]
[FONT=Lucida Console]07:37:27.0825 4172 wudfsvc - ok[/FONT]
[FONT=Lucida Console]07:37:27.0846 4172 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll[/FONT]
[FONT=Lucida Console]07:37:27.0862 4172 WwanSvc - ok[/FONT]
[FONT=Lucida Console]07:37:27.0902 4172 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys[/FONT]
[FONT=Lucida Console]07:37:27.0918 4172 yukonw7 - ok[/FONT]
[FONT=Lucida Console]07:37:27.0949 4172 ================ Scan global ===============================[/FONT]
[FONT=Lucida Console]07:37:27.0969 4172 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll[/FONT]
[FONT=Lucida Console]07:37:28.0048 4172 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll[/FONT]
[FONT=Lucida Console]07:37:28.0061 4172 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll[/FONT]
[FONT=Lucida Console]07:37:28.0137 4172 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll[/FONT]
[FONT=Lucida Console]07:37:28.0164 4172 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe[/FONT]
[FONT=Lucida Console]07:37:28.0170 4172 [Global] - ok[/FONT]
[FONT=Lucida Console]07:37:28.0170 4172 ================ Scan MBR ==================================[/FONT]
[FONT=Lucida Console]07:37:28.0184 4172 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0[/FONT]
[FONT=Lucida Console]07:37:28.0514 4172 \Device\Harddisk0\DR0 - ok[/FONT]
[FONT=Lucida Console]07:37:28.0515 4172 ================ Scan VBR ==================================[/FONT]
[FONT=Lucida Console]07:37:28.0518 4172 [ 7C5676968B700FFF0022AFBCE15F08A0 ] \Device\Harddisk0\DR0\Partition1[/FONT]
[FONT=Lucida Console]07:37:28.0519 4172 \Device\Harddisk0\DR0\Partition1 - ok[/FONT]
[FONT=Lucida Console]07:37:28.0554 4172 [ 4A77035595B391DFC87A2EB09D0475DF ] \Device\Harddisk0\DR0\Partition2[/FONT]
[FONT=Lucida Console]07:37:28.0557 4172 \Device\Harddisk0\DR0\Partition2 - ok[/FONT]
[FONT=Lucida Console]07:37:28.0608 4172 [ 304BCB1387604B1821D501C6143BF974 ] \Device\Harddisk0\DR0\Partition3[/FONT]
[FONT=Lucida Console]07:37:28.0610 4172 \Device\Harddisk0\DR0\Partition3 - ok[/FONT]
[FONT=Lucida Console]07:37:28.0621 4172 [ E86ECF7541DED43EF4E4BCEECCE21BB4 ] \Device\Harddisk0\DR0\Partition4[/FONT]
[FONT=Lucida Console]07:37:28.0622 4172 \Device\Harddisk0\DR0\Partition4 - ok[/FONT]
[FONT=Lucida Console]07:37:28.0622 4172 ============================================================[/FONT]
[FONT=Lucida Console]07:37:28.0622 4172 Scan finished[/FONT]
[FONT=Lucida Console]07:37:28.0622 4172 ============================================================[/FONT]
[FONT=Lucida Console]07:37:28.0639 6020 Detected object count: 0[/FONT]
[FONT=Lucida Console]07:37:28.0639 6020 Actual detected object count: 0[/FONT]
 
[FONT=Lucida Console]RogueKiller V8.1.0 [09/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : owner [Admin rights]
Mode : Remove -- Date : 09/30/2012 07:49:16

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] install_flashplayer11x32_mssd_aih_1.exe -- C:\Users\owner\AppData\Local\Temp\install_flashplayer11x32_mssd_aih_1.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 edgefcs.net
127.0.0.1 cp72511.edgefcs.net


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD2500BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] ebc895a504698fcfc9a0ae785bb8d45d
[BSP] a4b575ff1011e32bd964a6766a0ab3a8 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 224494 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 460173312 | Size: 13677 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 488183808 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt[/FONT]









[FONT=Lucida Console]

[/FONT]
Last one -

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-30 07:50:46
-----------------------------
07:50:46.664 OS Version: Windows x64 6.1.7601 Service Pack 1
07:50:46.664 Number of processors: 2 586 0x602
07:50:46.664 ComputerName: OWNER-PC UserName: owner
07:50:48.708 Initialize success
07:51:19.664 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:51:19.680 Disk 0 Vendor: WDC_WD2500BEKT-60F3T1 12.01A12 Size: 238475MB BusType: 11
07:51:19.726 Disk 0 MBR read successfully
07:51:19.726 Disk 0 MBR scan
07:51:19.726 Disk 0 Windows 7 default MBR code
07:51:19.742 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
07:51:19.758 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 224494 MB offset 409600
07:51:19.789 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13677 MB offset 460173312
07:51:19.820 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 488183808
07:51:19.851 Disk 0 scanning C:\Windows\system32\drivers
07:51:27.963 Service scanning
07:51:48.571 Modules scanning
07:51:48.586 Disk 0 trace - called modules:
07:51:48.602 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
07:51:48.618 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003162060]
07:51:48.618 3 CLASSPNP.SYS[fffff8800108843f] -> nt!IofCallDriver -> [0xfffffa800315da10]
07:51:48.633 5 hpdskflt.sys[fffff880022bc289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003036060]
07:51:48.633 Scan finished successfully
07:52:30.339 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
07:52:30.354 The log file has been saved successfully to "C:\Users\owner\Desktop\copy and paste - aswMBR.txt"



Apologies for doing it in so many different posts, but it kept telling me that my post was too big.

Hope I have followed your instructions correctly. Thanks.
 
Create new restore point before proceeding with the next step....
How to:
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

=================================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If restarting doesn't help use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
I thought I disabled all of Norton, but 360 popped up during the last task saying it was going to do some background scans or something. Really sorry about that, thought you should know.

ComboFix 12-09-30.01 - owner 30/09/2012 17:51:42.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2812.1367 [GMT 1:00]
Running from: c:\users\owner\Downloads\ComboFix.exe
AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\QuestScan
c:\programdata\QuestScan
c:\programdata\SPL4E0.tmp
c:\programdata\SPL59B4.tmp
c:\programdata\SPL6A94.tmp
c:\programdata\SPL7712.tmp
c:\programdata\SPL784A.tmp
c:\programdata\SPL7CDC.tmp
c:\programdata\SPLC98D.tmp
c:\programdata\SPLFF44.tmp
c:\users\Public\videos\HP MediaSmart Demo.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-28 to 2012-09-30 )))))))))))))))))))))))))))))))
.
.
2012-09-30 17:07 . 2012-09-30 17:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-29 16:49 . 2012-09-29 16:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-29 16:49 . 2012-09-07 16:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-27 19:20 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-19 19:12 . 2012-09-19 19:12 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-17 23:04 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-17 23:04 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-17 23:04 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-17 23:04 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-17 23:04 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-17 23:04 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-17 23:04 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-08 09:52 . 2012-09-27 19:27 -------- d-----w- c:\windows\system32\drivers\N360x64\0603000.00E
2012-09-08 09:44 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-09-08 09:44 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-09-08 09:44 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-09-08 09:44 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-09-08 09:44 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-09-08 09:44 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-09-08 09:43 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-09-08 09:43 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-09-08 09:43 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-09-08 09:43 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-09-08 09:43 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-09-08 09:43 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-27 19:20 . 2012-04-01 17:21 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-27 19:20 . 2011-09-23 15:40 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-18 06:23 . 2010-01-29 17:40 64462936 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-11-20 2363392]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-27 39408]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-10-25 1668664]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-09-08 1353080]
"Spotify Web Helper"="c:\users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-09-18 1193176]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 323640]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-07 766536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-24 135664]
R2 lxdjCATSCustConnectService;lxdjCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdjserv.exe [2007-06-11 34224]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-27 250288]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-24 135664]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-19 114144]
R3 NetillaVPNService;AEP SSL Tunnel Helper Service;c:\program files\AEP\SSLTunnel\nvpns.exe [2011-05-10 18944]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys [2011-04-28 64272]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [2012-03-29 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [2012-09-04 1385120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120928.001\IDSvia64.sys [2012-09-07 513184]
S1 RapportCerberus_32029;RapportCerberus_32029;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys [2011-10-18 396816]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-08-21 52496]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-08-21 61200]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [2012-03-29 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [2012-03-29 405624]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2010-11-28 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-02 203264]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-08-21 870200]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-09 138912]
S3 NetillaVPN;AEP VPN Adapter;c:\windows\system32\DRIVERS\Netva.sys [2011-05-10 20824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-03-09 36408]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 95460031
*NewlyCreated* - ASWMBR
*Deregistered* - 95460031
*Deregistered* - aswMBR
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-11-20 13:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 19:20]
.
2012-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-24 11:36]
.
2012-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-24 11:36]
.
2012-09-29 c:\windows\Tasks\HPCeeScheduleForowner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-11-28 487424]
"lxdjamon"="c:\program files (x86)\Lexmark 1400 Series\lxdjamon.exe" [2007-04-30 20480]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-lxdjmon.exe - c:\program files (x86)\Lexmark 1400 Series\lxdjmon.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]
"value"="?\09\01\1a\0d\1f'?"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-09-30 18:14:35
ComboFix-quarantined-files.txt 2012-09-30 17:14
.
Pre-Run: 129,421,639,680 bytes free
Post-Run: 129,047,674,880 bytes free
.
- - End Of File - - FC13949FA5C55E23F9D2CF7987C2AA8E
 
Looks good.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL logfile created on: 9/30/2012 7:31:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 54.41% Memory free
5.49 Gb Paging File | 3.71 Gb Available in Paging File | 67.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.23 Gb Total Space | 120.20 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
Drive D: | 13.36 Gb Total Space | 2.22 Gb Free Space | 16.65% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/30 19:30:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL(1).exe
PRC - [2012/09/19 20:12:44 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/09/18 12:59:19 | 001,193,176 | ---- | M] () -- C:\Users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/09 12:20:46 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccsvchst.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/09/01 18:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/08/21 10:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009/07/24 04:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 19:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2007/04/30 21:19:53 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/19 20:12:43 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/09/18 12:59:19 | 001,193,176 | ---- | M] () -- C:\Users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/09/09 12:20:46 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012/06/17 09:16:21 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/16 23:34:36 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/16 23:34:11 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/16 23:34:04 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/31 13:30:14 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/31 11:49:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/31 11:48:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/31 11:48:30 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/31 11:47:50 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
MOD - [2012/05/31 11:47:37 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/31 11:47:31 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/31 11:47:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/31 11:47:26 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/31 11:47:19 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/01/21 20:51:24 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/11/19 10:20:44 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/11/19 10:20:42 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/11/19 10:20:42 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/10/25 23:27:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/10/25 23:27:54 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/10/25 23:27:46 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/10/25 23:27:46 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/10/25 23:27:46 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/10/25 23:27:44 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/10/25 23:27:38 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/10/25 23:27:20 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/07/23 19:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2007/05/30 18:12:16 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.Monitor.Core.dll
MOD - [2007/05/30 18:12:15 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.Monitor.Common.dll
MOD - [2007/05/30 18:11:21 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.DevMons.MCMDevMon.dll
MOD - [2007/04/30 21:20:25 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
MOD - [2007/04/30 21:19:53 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe
MOD - [2007/04/30 21:19:51 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.DevMons.ScanDevMon.dll
MOD - [2007/04/30 21:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Lexmark 1400 Series\App4R.DevMons.NetworkCardDevMon.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/10 17:32:31 | 000,018,944 | ---- | M] (AEP Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\AEP\SSLTunnel\nvpns.exe -- (NetillaVPNService)
SRV:64bit: - [2010/11/28 13:05:09 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/11/28 13:05:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 21:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/07/02 19:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2007/06/12 00:18:19 | 000,567,216 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdjcoms.exe -- (lxdj_device)
SRV:64bit: - [2007/06/12 00:18:05 | 000,034,224 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdjserv.exe -- (lxdjCATSCustConnectService)
SRV - [2012/09/27 20:20:36 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/19 20:12:44 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/09 11:42:40 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe -- (N360)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/21 10:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/11/28 13:05:09 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe -- (STacSV)
SRV - [2010/11/28 13:05:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe -- (AESTFilters)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/06/12 00:18:05 | 000,034,224 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdjserv.exe -- (lxdjCATSCustConnectService)
SRV - [2007/06/12 00:18:00 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdjcoms.exe -- (lxdj_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/06 03:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/06 03:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 05:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/06/05 20:25:25 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/05/22 02:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/29 07:28:38 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/03/29 07:28:25 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2012/03/29 07:06:25 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/25 18:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/07/20 15:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 17:32:31 | 000,020,824 | ---- | M] (AEP Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netva.sys -- (NetillaVPN)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/28 14:34:54 | 000,064,272 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/28 13:05:10 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/18 15:39:17 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/02 16:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/08 21:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 21:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/07/02 19:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/29 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/05/23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/03/09 14:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2012/09/30 07:29:57 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120929.018\ex64.sys -- (NAVEX15)
DRV - [2012/09/30 07:29:57 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120929.018\eng64.sys -- (NAVENG)
DRV - [2012/09/09 12:04:50 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/09/09 12:04:50 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/07 16:36:06 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120928.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/05 00:23:56 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120919.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/10/18 22:08:56 | 000,396,816 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys -- (RapportCerberus_32029)
DRV - [2011/08/21 10:00:42 | 000,061,200 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/08/21 10:00:42 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_GB&c=94&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{04E1BA75-34C0-44F7-8836-5BACE11E5CC2}: "URL" = http://uk.kelkoopartners.net/ctl/do...e&x=true&y=true&partner=hp&partnerId=96913936
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{96E5210E-5DAE-47C4-9CA9-8CA2733F7CAB}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{E4BDCA51-BE15-467C-A52C-B57BB3A81BEC}: "URL" = http://slirsredirect.search.aol.com...archTerms}&invocationType=tb50hpcnnbie7-en-gb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6AEDEF49-079B-4EBB-867D-6E28E9B58058}
IE - HKLM\..\SearchScopes\{04E1BA75-34C0-44F7-8836-5BACE11E5CC2}: "URL" = http://uk.kelkoopartners.net/ctl/do...e&x=true&y=true&partner=hp&partnerId=96913936
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=c86b81b6-4f40-11e1-8fd4-003070000001&q={searchTerms}
IE - HKLM\..\SearchScopes\{6AEDEF49-079B-4EBB-867D-6E28E9B58058}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{96E5210E-5DAE-47C4-9CA9-8CA2733F7CAB}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKLM\..\SearchScopes\{E4BDCA51-BE15-467C-A52C-B57BB3A81BEC}: "URL" = http://slirsredirect.search.aol.com...archTerms}&invocationType=tb50hpcnnbie7-en-gb


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{04E1BA75-34C0-44F7-8836-5BACE11E5CC2}: "URL" = http://uk.kelkoopartners.net/ctl/do...e&x=true&y=true&partner=hp&partnerId=96913936
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_en
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{6AEDEF49-079B-4EBB-867D-6E28E9B58058}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_en
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{96E5210E-5DAE-47C4-9CA9-8CA2733F7CAB}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\SearchScopes\{E4BDCA51-BE15-467C-A52C-B57BB3A81BEC}: "URL" = http://slirsredirect.search.aol.com...archTerms}&invocationType=tb50hpcnnbie7-en-gb
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q="
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
Continued....

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPlgn\ [2012/06/06 20:19:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\coFFPlgn\ [2012/09/30 18:24:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/19 20:12:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/08 10:38:19 | 000,000,000 | ---D | M]

[2009/12/27 14:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Extensions
[2012/09/28 20:35:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\Firefox\Profiles\tjsh4d9s.default\extensions
[2012/09/28 20:35:34 | 000,529,316 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tjsh4d9s.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/07/25 21:06:03 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tjsh4d9s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010/04/02 13:40:27 | 000,000,911 | ---- | M] () -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tjsh4d9s.default\searchplugins\conduit.xml
[2012/02/04 15:59:24 | 000,000,792 | ---- | M] () -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tjsh4d9s.default\searchplugins\startsear.xml
[2010/08/28 15:18:33 | 000,001,583 | ---- | M] () -- C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tjsh4d9s.default\searchplugins\web-search.xml
[2012/09/08 10:50:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/08 10:50:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/06/06 20:19:41 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\IPSFFPLGN
[2012/09/19 20:12:44 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012/06/16 18:12:54 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/19 20:12:39 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/16 18:12:54 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2007/07/26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\crawlersrch.xml
[2012/06/16 18:12:54 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/09/19 20:12:35 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/06/16 18:12:54 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - homepage: http://www.google.co.uk/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: vshare plugin = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Norton Identity Protection = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: Gmail = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/30 18:07:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [lxdjamon] C:\Program Files (x86)\Lexmark 1400 Series\lxdjamon.exe ()
O4:64bit: - HKLM..\Run: [lxdjmon.exe] "C:\Program Files (x86)\Lexmark 1400 Series\lxdjmon.exe" File not found
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000..\Run: [Spotify Web Helper] C:\Users\owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6783E9E-93A1-4441-966B-DE9409A50D45}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/30 18:22:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/30 18:14:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/30 17:49:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/30 17:49:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/30 17:49:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/30 17:49:05 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/09/30 17:46:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/30 17:46:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/30 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\RK_Quarantine
[2012/09/30 07:36:38 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\owner\Desktop\TDSSKiller.exe
[2012/09/29 17:28:19 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/09/22 13:46:09 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\specs
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/30 19:20:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/30 19:18:43 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 19:09:58 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 19:09:58 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 19:08:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/30 18:22:13 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/30 18:21:55 | 2211,598,336 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/30 18:07:11 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/30 07:52:30 | 000,000,512 | ---- | M] () -- C:\Users\owner\Desktop\MBR.dat
[2012/09/30 07:23:37 | 002,193,278 | ---- | M] () -- C:\Users\owner\Desktop\tdsskiller.zip
[2012/09/29 21:28:56 | 000,000,000 | ---- | M] () -- C:\Users\owner\Desktop\gmer.exe
[2012/09/29 16:48:25 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForowner.job
[2012/09/28 20:32:13 | 001,958,534 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\Cat.DB
[2012/09/27 20:26:20 | 000,008,888 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0603000.00E\VT20120921.034
[2012/09/22 21:27:56 | 000,745,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/22 21:27:56 | 000,641,320 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/22 21:27:56 | 000,116,878 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/19 20:13:00 | 000,002,044 | ---- | M] () -- C:\Users\owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/17 19:25:14 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\owner\Desktop\TDSSKiller.exe
[2012/09/09 11:41:54 | 000,525,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/09 11:40:02 | 000,002,270 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/30 17:49:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/30 17:49:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/30 17:49:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/30 17:49:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/30 17:49:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/30 07:52:30 | 000,000,512 | ---- | C] () -- C:\Users\owner\Desktop\MBR.dat
[2012/09/30 07:23:36 | 002,193,278 | ---- | C] () -- C:\Users\owner\Desktop\tdsskiller.zip
[2012/09/29 21:28:56 | 000,000,000 | ---- | C] () -- C:\Users\owner\Desktop\gmer.exe
[2012/02/01 21:34:40 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Local\{BBDE32F4-7466-4BDE-9F03-3012A5F48112}
[2011/12/28 17:48:42 | 000,007,680 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/31 19:47:28 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Local\{6F40F1AD-7ADD-4ECE-82D0-E2FA693E0B20}
[2011/10/20 21:21:03 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Local\{C8BD97DF-4435-4B84-AA9F-ED20922C6BB9}
[2011/08/24 08:26:22 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Local\{429E1E2B-9819-4B37-948D-44B73FEFC346}
[2011/08/22 18:37:03 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdjcomx.dll
[2011/08/22 18:37:03 | 000,286,720 | ---- | C] () -- C:\Windows\SysWow64\lxdjinst.dll
[2011/08/22 18:37:02 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjinpa.dll
[2011/08/22 18:37:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjiesc.dll
[2011/08/22 18:37:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpmui.dll
[2011/08/22 18:36:59 | 000,999,424 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjusb1.dll
[2011/08/22 18:36:58 | 001,232,896 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjserv.dll
[2011/08/22 18:36:57 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjlmpm.dll
[2011/08/22 18:36:57 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjppls.exe
[2011/08/22 18:36:57 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjprox.dll
[2011/08/22 18:36:57 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjpplc.dll
[2011/08/22 18:36:56 | 000,700,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjhbn3.dll
[2011/08/22 18:36:56 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcoms.exe
[2011/08/22 18:36:56 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjih.exe
[2011/08/22 18:36:55 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomc.dll
[2011/08/22 18:36:55 | 000,425,984 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcomm.dll
[2011/08/22 18:36:55 | 000,394,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdjcfg.exe
[2011/06/24 19:32:00 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Local\{0461EF14-31E4-4967-B70F-06FD1DD69197}
[2011/05/19 19:51:20 | 000,001,940 | ---- | C] () -- C:\Users\owner\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/02/12 01:10:54 | 000,001,854 | ---- | C] () -- C:\Users\owner\AppData\Roaming\GhostObjGAFix.xml
[2010/10/13 19:04:12 | 002,768,896 | ---- | C] () -- C:\Users\owner\s-1-5-21-417765125-1604902435-2956440555-1000.rrr
[2010/10/10 21:12:56 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/10/10 21:12:56 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/02/28 11:36:48 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2010/02/28 11:36:48 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2012/06/16 20:09:46 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Azureus
[2012/06/16 20:57:38 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\BitTorrent
[2011/12/28 18:01:46 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Blackberry Desktop
[2011/07/04 12:08:37 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\CheckPoint
[2011/05/08 22:42:07 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\FileZilla
[2010/07/07 11:21:35 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\GrabPro
[2012/05/23 10:06:05 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\JAM Software
[2011/08/26 12:45:27 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Lexmark Productivity Studio
[2010/07/07 11:35:47 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Orbit
[2011/09/26 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Participatory Culture Foundation
[2011/09/26 17:42:33 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\PCF-VLC
[2011/12/28 17:40:57 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Research In Motion
[2010/10/28 15:03:45 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Serif
[2011/10/29 15:23:07 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Sports Interactive
[2012/09/18 16:22:20 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Spotify
[2011/06/29 20:16:10 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Tific
[2010/02/09 14:43:00 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Trusteer
[2009/12/27 14:53:28 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >
 
OTL Extras logfile created on: 9/30/2012 7:31:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 54.41% Memory free
5.49 Gb Paging File | 3.71 Gb Available in Paging File | 67.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.23 Gb Total Space | 120.20 Gb Free Space | 54.83% Space Free | Partition Type: NTFS
Drive D: | 13.36 Gb Total Space | 2.22 Gb Free Space | 16.65% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0651D8BF-256E-4913-A8C8-EA94511A6F6B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E46C8D4-D932-46B4-A692-E3DD91441DAD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16720C22-AB3E-473E-AF0D-461AD8F5CD27}" = rport=138 | protocol=17 | dir=out | app=system |
"{18E6212D-7EC4-49F6-86A4-0BA37D77BF79}" = rport=137 | protocol=17 | dir=out | app=system |
"{25EF5AE1-761D-492F-8EE8-905A0C7BA11A}" = lport=139 | protocol=6 | dir=in | app=system |
"{3815CD63-8E62-4BE9-B211-3EDB2611A2CF}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{3E6C63FE-63BF-43DD-BDEF-30A03F10EF00}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{426F87A0-D1EB-4394-B43D-9EDA36516D82}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45951B1A-0BF2-48C5-93BF-CAB4FA506C6F}" = lport=137 | protocol=17 | dir=in | app=system |
"{47498F45-23ED-4437-90CB-F733473DE21A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4823B855-BD2C-4C8E-A6B5-E5952D11DBFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6E26C959-E8F7-41B8-95C2-483F9C45185C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{74F7371B-3AEA-461D-83BE-42E46AA51551}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75E602FB-AD5C-4C4C-BC2A-08C2F0793451}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{7FC352FC-5EAA-4E00-A90F-3E8481FC4E69}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8AEAE99B-5B1A-4484-9810-BBCF98F952C7}" = rport=445 | protocol=6 | dir=out | app=system |
"{9AA931FB-89FF-4801-9852-433A0CA3062E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A7FE7BDA-1036-47A8-8546-BFA501F97A67}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{AF275066-C8B3-4C14-B337-6A5810610ADC}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B30F2AC8-2B06-4C78-BBA8-2594C5AE2BEF}" = rport=139 | protocol=6 | dir=out | app=system |
"{C01B7EE1-1A7D-40F8-A648-4599ABA3846F}" = lport=138 | protocol=17 | dir=in | app=system |
"{C1C620DF-C0A5-4827-BB61-FBF2A41A6074}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3C5D5C9-848B-4959-B8A1-FDCD3B92AD90}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F9B24507-9CFF-4DE7-ABDC-8C9702688CC4}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA0BE702-380C-4D5F-8822-8F6523EECA2F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00379045-F998-429A-BEFF-55FF690A6A7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{003FCAE0-4E14-44FA-B794-450C57471162}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{0249A322-266E-4DF7-86B5-77A63E045532}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{06FAAE4F-90BE-42EC-A120-D74AB9CD2359}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0803EF3D-0F60-47BB-9635-9575FF85EC7E}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{0DCF8BA5-5227-4772-A63F-4481E0E1AF95}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{160B31BE-F45A-4C36-921D-2252D9889780}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qp.exe |
"{167E79A6-7195-43F2-BC76-DC51DECCB1D3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{17430437-A5B6-4AB4-A8DB-915709B24D40}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 1400 series\wireless\lxdjwpss.exe |
"{1B654763-C87B-4D67-AF07-0BA6D19D0C6C}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{1DF9AE7D-AEE6-45E8-B29A-3E87E0809E94}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{21724A2F-63AD-464E-B88B-36BE59032328}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\lxdj\wireless\english\lxdjwpss.exe |
"{2251E1B8-4A2E-4D77-96BB-A7CB9A651FAD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 resource archiver\resource archiver.exe |
"{235BCF93-A7A4-4541-A55F-CB1CE33518E7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{2A6B6B25-67B7-46CF-A302-73383C5E09AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E8C0D55-02E5-40C7-8223-3818313738DF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{3A531675-60B5-44AE-92C3-3C3438746BA4}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"{3B3AC711-CB25-4027-8856-BC6F11F9EB42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3EFAED92-8274-4B58-A658-671CC216B459}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{44206470-0DBF-4E8E-BD4E-69CE64C2F0C1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{459D2FC0-A944-410E-90B4-B7CEA767BBB4}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{46F99E36-A85E-43B1-B4E7-2C8848BDF247}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{48AD2BBE-655B-438E-A671-8357B8EB6EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A7DDC29-5B32-47FA-8B26-F2A56B021F2A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4C08CB0E-B616-41BC-A2A8-970E3D1BC508}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{4C7D9DD6-CAC0-4DB0-9912-9A73AA4063CA}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{54837175-37CF-43EB-B37D-B3D70C77C471}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{56D4EC2E-1417-44CD-9B2A-81C5A671C513}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D5B2251-4436-456D-B86F-990960307F13}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{5EBEA66B-4D3F-469B-9569-30B1F9E1C065}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 resource archiver\resource archiver.exe |
"{5FB07877-4E34-4EEE-A25C-1796741ED4BF}" = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{6417767E-58F1-4E94-847E-3D645A71065D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{64D7516F-15B0-41FB-91B7-2EC26DCCBB65}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{70B00D1C-CB02-4705-840B-0DDE4B8600C9}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{756FB0AD-93C9-4131-BC18-25779F7EB00B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qpservice.exe |
"{789D7729-4AB4-432A-B3F3-5D65F94AF971}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdjcoms.exe |
"{79C31204-34F4-40A4-9785-F27A92BC5954}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7A0D6A98-5FD4-4C2F-8E6A-FF82921A8B3E}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"{7BBBBA0D-1480-424F-A16A-8EB9CE9800DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{7BDDBAA3-B2D0-441D-AF2F-22186CE3664F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7C0A988F-4869-42C8-BA83-69792A6CB8A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{7F10507D-290D-4422-B799-AF36E93801A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84B8E946-5B3E-4DFE-8644-79850083B8C9}" = protocol=6 | dir=in | app=c:\windows\system32\lxdjcfg.exe |
"{85B852F3-01C4-42F7-B2D2-49350F1BE310}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjwbgw.exe |
"{865458AC-5BCF-493A-A99F-709CA146071A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{886135BC-A763-44C1-842E-B296AA925801}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8EE0EB60-3DEC-4F61-8B47-343A4B0F1C7D}" = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
"{90941D49-DB8E-4573-B6C8-073D9F1967F9}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{956784AB-E9DC-4BB0-AEDC-74D53DE4037C}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 1400 series\wireless\lxdjwpss.exe |
"{97481EA3-8FB4-40E9-B271-A2ED8C7BA20D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{9CAB6A7F-7504-4806-9B6C-FD78B0FA2015}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9DF914CA-3696-4BA4-9179-49A5ED4EBD32}" = protocol=6 | dir=in | app=c:\windows\system32\lxdjcoms.exe |
"{9F9C1DB3-51D4-4BC2-B74B-B7B0D6CDDA2C}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdjcoms.exe |
"{A0CCDA10-1D5F-4278-A612-AB087A63003F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{A4B6CFAC-5ECD-4A05-8E8D-A81D720A500E}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{A733401D-7697-4E28-91D1-DE6DE2DC6B10}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{A772B82A-4D9A-4616-9271-7F5A44FD6339}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjwbgw.exe |
"{AA0473B2-5067-43F8-BE78-4BB5100A2553}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{AAA164F4-41C9-4C32-9F03-C0A597559824}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AC76869C-B2BE-44B8-A3F8-938538BBC62D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE4460DA-A145-4A79-AE8C-052470893FC9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{AF604308-E8D3-4FF5-8928-AA4FBB7059A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{AFC9D0E1-1DBD-4FDB-95F6-6ABB825B7428}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{B1A24A8A-4DD9-4C3C-B910-35B2752C064B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB0D1C1D-7C97-4822-A7EC-8811E29831A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012 editor\editor.exe |
"{BC069749-EB41-471B-841D-F9405CFA8C49}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{C1F40CAB-7F1C-456D-BB07-85575D2ADE23}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{C2034F88-F9ED-4D3F-81B8-B8EC9104BB80}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{C287E5C0-4378-48D5-A5B1-1A47B4382A49}" = protocol=17 | dir=in | app=c:\windows\system32\lxdjcfg.exe |
"{C4A21E29-2B11-4FAE-B068-C4ACEA50ECB8}" = protocol=6 | dir=out | app=system |
"{C4B9641E-FF3D-4EDD-BD3F-E785B1C1FEEA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8725C16-6540-4098-A80E-9E70AA71B9DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAE7B461-1435-42DA-AFE1-74028DDA5B05}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\lxdj\wireless\english\lxdjwpss.exe |
"{CB15A53A-1E54-4562-8DDF-0C295530ACD3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjjswx.exe |
"{CE399102-FCFE-4A4B-BFAC-3DAA752D5974}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjpswx.exe |
"{D0585E15-9806-437B-A06D-0257A7FD591A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{D65D0FD8-6A90-4A40-B2F2-08BE135F91C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DA5509C7-D511-4051-84EC-E876FFFAF9FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DCC99C16-194D-42CA-8388-B7FB3E72F4AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3D75752-62BB-445D-8FEA-4E41FD3343E3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E468B42F-0E95-4D46-97A2-5FFD850D4149}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{E704BB96-FE54-42A3-B9C9-F0B6D0B80B53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8828868-D33E-41A8-B74A-F389B8C292E3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdjtime.exe |
"{F7AD2B78-516C-403F-BCD3-DE8B0E825B64}" = protocol=17 | dir=in | app=c:\windows\system32\lxdjcoms.exe |
"{F7D6A5C5-FF51-4217-99E1-89C319120D03}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F946EE1A-2B3F-458F-B469-5AF0C5C5DD3C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FE7E5190-D390-4EDB-AC37-FAE5A37145DE}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{FEB17C0D-AAEE-4816-B494-981A4471D724}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2012\fm.exe |
"{FF4B7564-74AB-4965-8BFD-DED805603436}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{55A9FE1F-5C3F-4C82-952F-709D21E842AA}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{819F9E61-337F-46DD-BF66-283B48925188}C:\program files (x86)\lexmark 1400 series\lxdjamon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |
"TCP Query User{974C0604-DEC6-43E2-AEF2-CA54C2D09CA1}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{BC233F93-C257-4660-BA82-57116DED5787}C:\program files (x86)\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"UDP Query User{107A7680-047D-4655-AFC7-BFEEEACFDE61}C:\program files (x86)\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"UDP Query User{C076BA08-7B7C-4AB6-8BFB-4904B8C52C1B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{D3B5F757-6C2D-4ECE-BF0E-BB8668B9CE88}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{EF3E776F-2A7F-4E25-A217-A6A1796DFCB5}C:\program files (x86)\lexmark 1400 series\lxdjamon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 1400 series\lxdjamon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Lexmark 1400 Series" = Lexmark 1400 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Netilla VPN Client" = AEP SSL Tunnel Client 2.7.0.14
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2DC240EA-51B1-4CC4-A0E5-4E4399CD7302}" = Serif PagePlus X4
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver
"{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese
"{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New
"{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek
"{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7EACD74C-147F-478C-9389-F9F52EE3C88A}" = LightScribe System Software
"{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish
"{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian
"{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93EC091-461F-46EE-BAE1-327EB608AA60}" = Serif PagePlus X4 Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish
"{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Activate Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish
"{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light
"{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English
"{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation
"{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional
"{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}" = BlackBerry Desktop Software 6.1
"{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = 1ClickDownloader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"EasyBits Magic Desktop" = Magic Desktop
"Efficient WMA MP3 Converter_is1" = Efficient WMA MP3 Converter v0.99.7
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.4.0
"GadgetBox" = GadgetBox
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"Mozilla Firefox 15.0.1 (x86 en-GB)" = Mozilla Firefox 15.0.1 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360 Premier Edition
"PCFriendly" = PCFriendly
"Rapport_msi" = Rapport
"Spotify" = Spotify
"Steam App 71270" = Football Manager 2012
"Steam App 71400" = Football Manager 2012 Editor
"Steam App 71410" = Football Manager 2012 Resource Archiver
"vShare.tv plugin" = vShare.tv plugin 1.3
"WildTangent hp Master Uninstall" = HP Games
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-417765125-1604902435-2956440555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/8/2011 8:03:22 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/8/2011 8:03:22 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1424898

Error - 9/8/2011 8:03:22 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1424898

Error - 9/8/2011 8:03:23 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/8/2011 8:03:23 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1425912

Error - 9/8/2011 8:03:23 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1425912

Error - 9/8/2011 8:03:24 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 9/8/2011 8:03:24 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1426941

Error - 9/8/2011 8:03:24 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1426941

Error - 9/8/2011 8:03:25 AM | Computer Name = owner-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ Hewlett-Packard Events ]
Error - 5/5/2012 11:57:06 AM | Computer Name = owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/e97fc0e2_007f_47f6_af73_fc9407c9978f/tnrk4gv1dym7avrol8jeds39_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2812 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 5/29/2012 3:55:46 PM | Computer Name = owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/4b565416_9862_4f71_ad58_0f61bc94df5e/wonqwa833oxv5mmtwtwz52cp_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 2812 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 6/23/2012 8:07:30 AM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 6/23/2012 8:10:43 AM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 6/26/2012 2:14:48 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 7/9/2012 4:20:14 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 7/9/2012 4:20:33 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 7/9/2012 4:20:33 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 7/9/2012 4:20:33 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 7/20/2012 5:42:02 PM | Computer Name = owner-PC | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 2812 Ram Utilization: 30 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

[ Media Center Events ]
Error - 6/17/2010 7:30:47 PM | Computer Name = owner-PC | Source = MCUpdate | ID = 0
Description = 00:30:47 - Error connecting to the internet. 00:30:47 - Unable
to contact server..

Error - 6/17/2010 7:30:58 PM | Computer Name = owner-PC | Source = MCUpdate | ID = 0
Description = 00:30:52 - Error connecting to the internet. 00:30:52 - Unable
to contact server..

[ System Events ]
Error - 9/30/2012 1:22:43 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = PNRPSvc | ID = 102
Description =

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = PNRPSvc | ID = 102
Description =

Error - 9/30/2012 2:08:27 PM | Computer Name = owner-PC | Source = PNRPSvc | ID = 102
Description =

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 9/30/2012 2:08:26 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535

Error - 9/30/2012 2:08:27 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Name Resolution
Protocol service which failed to start because of the following error: %%-2140993535

Error - 9/30/2012 2:08:27 PM | Computer Name = owner-PC | Source = Service Control Manager | ID = 7023
Description = The Peer Name Resolution Protocol service terminated with the following
error: %%-2140993535


< End of report >
 
Just to keep you informed, the startpins opening page is still happening in chrome and firefox still seems slightly slow.

Thanks for all your help so far...
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

===================================

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

3. Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next...

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

4. Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

5. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
C:\Windows\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
ADS C:\ProgramData\Temp:5C321E34 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: owner
->Temp folder emptied: 17417 bytes
->Temporary Internet Files folder emptied: 540940 bytes
->Java cache emptied: 1053 bytes
->FireFox cache emptied: 1140939854 bytes
->Google Chrome cache emptied: 356624934 bytes
->Flash cache emptied: 58461 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,429.00 mb


[EMPTYJAVA]

User: All Users

User: AppData

User: Default

User: Default User

User: owner
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: owner
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09302012_201340

Files\Folders moved on Reboot...
C:\Users\owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton 360 Premier Edition
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java(TM) 6 Update 35
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (15.0.1)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 19-09-2012
Ran by owner (administrator) on 30-09-2012 at 20:29:55
Running from "C:\Users\owner\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
 
# AdwCleaner v2.003 - Logfile created 09/30/2012 at 20:31:41
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : owner - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\owner\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\searchplugins\Conduit.xml
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\searchplugins\Startsear.xml
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\searchplugins\web-search.xml
Folder Deleted : C:\Program Files (x86)\BitTorrentBar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\vShare.tv plugin
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\Users\owner\AppData\Local\Conduit
Folder Deleted : C:\Users\owner\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\owner\AppData\LocalLow\BitTorrentBar
Folder Deleted : C:\Users\owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\Conduit
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\ConduitEngine
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\ShopperReports3
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B8F8D89-3E63-4D84-B14A-E061896CA346}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B178FCF-7718-4ED6-B878-2C20622715E3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-GB)

Profile name : default
File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tjsh4d9s.default\prefs.js

Deleted : user_pref("CT2504091..clientLogIsEnabled", true);
Deleted : user_pref("CT2504091..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2504091..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2504091.CTID", "CT2504091");
Deleted : user_pref("CT2504091.CurrentServerDate", "26-9-2011");
Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2504091.DialogsGetterLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT2504091.DownloadReferralCookieData", "");
Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Wed Oct 13 2010 20:07:54 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 14);
Deleted : user_pref("CT2504091.FeedPollDate128891351169457132", "Fri Apr 02 2010 13:40:27 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Oct 13 2010 21:07:55 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Oct 13 2010 18:19:36 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("CT2504091.FeedTTL128891351169457132", 40);
Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Deleted : user_pref("CT2504091.FirstServerDate", "2-4-2010");
Deleted : user_pref("CT2504091.FirstTime", true);
Deleted : user_pref("CT2504091.FirstTimeFF3", true);
Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2504091.HasUserGlobalKeys", true);
Deleted : user_pref("CT2504091.Initialize", true);
Deleted : user_pref("CT2504091.InitializeCommonPrefs", true);
Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2504091.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT2504091.InstalledDate", "Fri Apr 02 2010 13:40:27 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2504091.IsGrouping", false);
Deleted : user_pref("CT2504091.IsMulticommunity", false);
Deleted : user_pref("CT2504091.IsOpenThankYouPage", false);
Deleted : user_pref("CT2504091.IsOpenUninstallPage", false);
Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2504091.LastLogin_2.5.8.6", "Fri Apr 02 2010 13:40:27 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2504091.LastLogin_2.7.2.0", "Wed Oct 13 2010 18:19:36 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2504091.LastLogin_3.6.0.10", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2504091.LatestVersion", "3.6.0.10");
Deleted : user_pref("CT2504091.Locale", "en-us");
Deleted : user_pref("CT2504091.LoginCache", 4);
Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2504091.ServiceMapLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT2504091.SettingsLastUpdate", "1315002176");
Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2504091.Uninstall", true);
Deleted : user_pref("CT2504091.UserID", "UN23416468462354223");
Deleted : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2504091.alertChannelId", "897164");
Deleted : user_pref("CT2504091.autoDisableScopes", -1);
Deleted : user_pref("CT2504091.clientLogIsEnabled", true);
Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2504091.defaultSearch", "false");
Deleted : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2504091.enableAlerts", "false");
Deleted : user_pref("CT2504091.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2504091.firstTimeDialogOpened", true);
Deleted : user_pref("CT2504091.fixPageNotFoundError", "true");
Deleted : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2504091.fixUrls", true);
Deleted : user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Dayl[...]
Deleted : user_pref("CT2504091.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2504091.initDone", true);
Deleted : user_pref("CT2504091.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT2504091.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT2504091.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.isNewTabEnabled", true);
Deleted : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2504091.myStuffEnabled", true);
Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2504091.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.libdemvoic[...]
Deleted : user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129[...]
Deleted : user_pref("CT2504091.openThankYouPage", "false");
Deleted : user_pref("CT2504091.openUninstallPage", "false");
Deleted : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2504091.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2504091.serviceLayer_services_login_10.10.20.14_lastUpdate", "1347098626384");
Deleted : user_pref("CT2504091.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348316686685");
Deleted : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1348316685982");
Deleted : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1348316686409");
Deleted : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1348316686317");
Deleted : user_pref("CT2504091.settingsINI", true);
Deleted : user_pref("CT2504091.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2504091.smartbar.CTID", "CT2504091");
Deleted : user_pref("CT2504091.smartbar.Uninstall", "1");
Deleted : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
Deleted : user_pref("CT2504091.startPage", "false");
Deleted : user_pref("CT2504091.testingCtid", "");
Deleted : user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2504091.toolbarBornServerTime", "2-4-2010");
Deleted : user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Mon Sep 26 2011 19:04:11 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT2504091.toolbarCurrentServerTime", "22-9-2012");
Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/UK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/UK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2790392&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\owner\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 30 2011 19:21:58 GMT+01[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 28 2011 18:17:16 GMT+0100 (GMT D[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 29 2011 17:11:25 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "060ba435-6102-4d40-b256-49c8bb94ecd9");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Sep 26 2011 18:44:48 GMT+0100 (GMT[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "d8dd39ff-f8f6-4ed1-86f5-a3906e0ac475");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Sep 26 2011 18:44:4[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Sep 26 2011 18:44:57 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Sep 26 2011 18:44:46 GMT+0100 (G[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "59e2671a-0084-475a-8a0a-66f2b3b57ad1");
Deleted : user_pref("CommunityToolbar.originalHomepage", "www.google.com");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun May 22 2011 13:20:32 GMT+0100 (GMT Daylight[...]
Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri May 06 2011 19:21:56 GMT+0100 (GMT Daylig[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "04/30/2011 21");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Apr 30 2011 19:21:58 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat May 07 2011 21:35:04 GMT+0100 (GMT Dayligh[...]
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat May 07 2011 21:57:21 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat May 07 2011 21:57:21 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("ConduitEngine.UserID", "UN09802361277801708");
Deleted : user_pref("ConduitEngine.componentAlertEnabled", false);
Deleted : user_pref("ConduitEngine.engineLocale", "en-GB");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat May 07 2011 21:57:21 GMT+0100 (GMT D[...]
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun May 08 2011 01:35:04 GMT+0100 (GMT [...]
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2504091");
Deleted : user_pref("browser.search.defaultengine", "Web Search");
Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&Sea[...]
Deleted : user_pref("browser.search.order.1", "Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=");
Deleted : user_pref("vshare.install.fresh", "true");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.15] : urls_to_restore_on_startup = [ "hxxp://startsear.ch/?aff=1&cf=c86b81b6-4f40-11e1-8fd4-003070000001" ]
Deleted [l.1652] : urls_to_restore_on_startup = [ "hxxp://startsear.ch/?aff=1&cf=c86b81b6-4f40-11e1-8fd4-003070000001" ]

*************************

AdwCleaner[S1].txt - [28815 octets] - [30/09/2012 20:31:41]

########## EOF - C:\AdwCleaner[S1].txt - [28876 octets] ##########
 
The ESET task is taking a little while, so am going to have to stop it and continue another day. Will keep you informed, thanks....
 
Hi,

Have you any idea how long the ESET task should take? I'm currently 46 mins in but it's only 30% complete.

I only get an hour or so each night to do this, will I damage the computer if I keep cancelling it?

I only ask because since I cancelled the last job I now get a greenish line that appears through my computer screen, it comes and goes.

Is likely that I'll have to do the task on the weekend when I have more time.

Once again, thanks for your help!

Tom
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
792
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back