Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

both logs are here..adnxs removal help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

both logs are here..adnxs removal help

Unread postby riley532 » September 22nd, 2012, 2:41 pm

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Riley at 14:32:09 on 2012-09-22
Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.8125.6149 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbucoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Tether\TBService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Dell Photo AIO Printer 942\DLBUmon.exe
C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\WORDsearch 8\ZipScript.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: {68DD98BF-9DE8-418C-89F0-E37AC61CC2D9} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Facebook Update] "C:\Users\Riley\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [ZipScript] C:\Program Files (x86)\WORDsearch 8\ZipScript.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
StartupFolder: C:\Users\Riley\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TimeLeft.lnk - C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-explorer: StartMenuLogOff = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: DisableStartupSound = 1 (0x1)
IE: Free YouTube Download - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/device ... Loader.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/Juni ... Client.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{0A0CC991-5970-43DD-941B-0DB4CCE50932} : DhcpNameServer = 206.248.154.22 206.248.154.170
TCP: Interfaces\{28570AC8-7FF2-4B9E-A45F-9CAB59F821B6} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\2454C4C4636333 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\25F6765627370234570702548736964756D656E647 : DhcpNameServer = 192.168.128.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\358656271647F6E602D456564796E67637 : DhcpNameServer = 208.67.222.222 208.67.220.220 4.2.2.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\443374E4F53535944403 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\74271616E637D616 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}\86574637F6E6 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: {68DD98BF-9DE8-418C-89F0-E37AC61CC2D9} - No File
BHO-X64: BHO_PROJECT - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.startsearcher.com/?q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.startsearcher.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Riley\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdflt.sys --> C:\Windows\system32\DRIVERS\stdflt.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 cputemperature;cputemperature;C:\Windows\system32\Drivers\cputemperature.sys --> C:\Windows\system32\Drivers\cputemperature.sys [?]
R1 RapportCerberus_32029;RapportCerberus_32029;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys [2011-10-18 396816]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-8-21 52496]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-8-21 61200]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2010-6-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-8-18 60928]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-8-21 870200]
R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-18 673088]
R2 Tether;Tether;C:\Program Files (x86)\Tether\TBService.exe [2011-3-29 50416]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-18 2320920]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-30 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-6-15 130976]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-30 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-3-20 113120]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-8-17 25584]
S3 qrkis;Tether Miniport;C:\Windows\system32\DRIVERS\qrkis.sys --> C:\Windows\system32\DRIVERS\qrkis.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-1-19 909152]
.
=============== Created Last 30 ================
.
2012-09-13 21:32:31 -------- d-----w- C:\Users\Riley\AppData\Local\ZipScript 8
2012-09-13 19:52:16 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-09-13 19:36:36 -------- d-----w- C:\Users\Riley\AppData\Roaming\Malwarebytes
2012-09-13 19:36:27 -------- d-----w- C:\ProgramData\Malwarebytes
2012-09-13 19:36:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-13 19:36:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-13 15:06:08 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-13 15:06:08 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-13 15:06:04 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-13 15:06:03 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-13 15:06:02 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-13 15:06:02 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-13 15:06:02 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-04 14:12:39 44032 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2012-09-04 14:12:12 413696 ----a-r- C:\Users\Riley\AppData\Roaming\Microsoft\Installer\{97B70991-5002-4241-8B0C-D74B8ADEB2B5}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe
2012-09-04 14:12:11 69632 ----a-r- C:\Users\Riley\AppData\Roaming\Microsoft\Installer\{97B70991-5002-4241-8B0C-D74B8ADEB2B5}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe
2012-09-04 14:12:11 413696 ----a-r- C:\Users\Riley\AppData\Roaming\Microsoft\Installer\{97B70991-5002-4241-8B0C-D74B8ADEB2B5}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe
2012-09-04 14:12:11 413696 ----a-r- C:\Users\Riley\AppData\Roaming\Microsoft\Installer\{97B70991-5002-4241-8B0C-D74B8ADEB2B5}\ARPPRODUCTICON.exe
2012-09-04 14:12:03 -------- d-----w- C:\ProgramData\Research In Motion
2012-09-04 14:11:32 -------- d-----w- C:\Program Files (x86)\Common Files\XCPCSync.OEM
2012-09-03 15:24:04 -------- d-----w- C:\ProgramData\{57C74E1D-2F54-4E57-A0AC-537AA84A5318}
2012-09-03 15:19:02 -------- d-----w- C:\ProgramData\wsc
2012-09-03 15:19:01 -------- d-----w- C:\Program Files (x86)\WSfonts
2012-09-03 15:18:58 -------- d-----w- C:\Users\Riley\AppData\Local\WORDsearch 8
2012-09-03 15:18:58 -------- d-----w- C:\ProgramData\WORDsearch
2012-09-03 15:18:58 -------- d-----w- C:\Program Files (x86)\WORDsearch 8
2012-09-03 15:18:58 -------- d-----w- C:\Program Files (x86)\Common Files\WORDsearch
2012-08-27 03:04:15 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-08-25 23:29:40 -------- d-----w- C:\Users\Riley\AppData\Local\{5BF47DD6-8F62-49A0-8AEA-FE49A695E338}
2012-08-25 23:19:30 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2012-08-24 20:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
.
==================== Find3M ====================
.
2012-09-10 14:45:22 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-10 14:45:22 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-31 22:59:48 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-07-28 17:43:04 1095592 ----a-w- C:\ProgramData\SPLF7AD.tmp
2012-07-26 08:21:28 291680 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-10 17:37:14 184886 ----a-w- C:\torrent.exe
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-27 07:06:53 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-06-27 05:53:07 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-27 04:53:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-27 04:10:55 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2007-03-11 23:31:30 3164160 ----a-w- C:\Program Files (x86)\BIBLEA.exe
2007-03-10 17:42:34 48128 ----a-w- C:\Program Files (x86)\folder.exe
2001-02-10 09:16:30 38400 ----a-w- C:\Program Files (x86)\OTBMK.EXE
2001-02-10 09:16:30 38400 ----a-w- C:\Program Files (x86)\NTBMK.EXE
.
============= FINISH: 14:37:16.99 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 24/08/2010 12:15:34 PM
System Uptime: 22/09/2012 2:28:18 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0874P6
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz | U2E1 | 928/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 448 GiB total, 199.236 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Photosmart C4700 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Tether Ethernet Adapter
Device ID: ROOT\ROOT&QRKIS\0000
Manufacturer: Tether
Name: Tether Ethernet Adapter
PNP Device ID: ROOT\ROOT&QRKIS\0000
Service: qrkis
.
==== System Restore Points ===================
.
RP235: 26/07/2012 9:09:10 PM - Scheduled Checkpoint
RP236: 06/08/2012 11:38:16 AM - Scheduled Checkpoint
RP237: 20/08/2012 10:32:22 PM - Scheduled Checkpoint
RP238: 26/08/2012 9:56:16 PM - Windows Update
RP239: 03/09/2012 1:29:25 PM - Scheduled Checkpoint
RP240: 13/09/2012 11:52:43 AM - Windows Update
.
==== Installed Programs ======================
.
Accelerometer
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Advanced Audio FX Engine
Alarm
Anki
Apple Application Support
Apple Software Update
ATI Catalyst Control Center
µTorrent
Audacity 2.0
Audio MP3 Sound Recorder
AVG PC Tuneup 2011
AVG Security Toolbar
Aya AVI WMV DVD FLV RM MKV MP4 Video Splitter Cutter V1.3.5
Bible Database 5.1
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 7.1
BlackBerry Device Software Updater
BS.Player FREE
CamStudio
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CNET TechTracker
Cozi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Getting Started Guide
Dell Webcam Central
DivX Setup
Dropbox
Easy Video Splitter 1.28
eReg
eXPert PDF 6
Facebook Video Calling 1.2.0.159
Focus MP3 Recorder Splitter 3.4
Free Audio CD Burner version 1.4.7
Free FLV Converter V 7.1.0
Free M4a to MP3 Converter 7.0
Free YouTube Download version 3.0.22.221
Free YouTube to MP3 Converter version 3.10.17.221
Futuremark SystemInfo
Genie Backup Assistant
Google Earth Plug-in
Google Update Helper
GoToAssist 8.0.0.514
HydraVision
iLivid
Intel(R) Management Engine Components
InterActual Player
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 26
Juniper Networks Cache Cleaner 6.5.0
Juniper Networks Host Checker
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
Junk Mail filter update
Live! Cam Avatar Creator
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Home and Student 2010 - English
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OpenOffice.org 3.1
PDF Viewer for Windows 7
project dogwaffle
Project64 1.6
PS_AIO_06_C4700_SW_Min
QuickTime
Rapport
Realtek Ethernet Controller Driver
Roxio Burn
Scan
Screen VidShot
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Skins
Skype™ 5.10
StarCraft II
swMSM
Tether 1.4.3.7
The Extractor
The Holy Bible KJV Ver.8
TimeLeft
Toolbox
TweakNow RegCleaner
TweakNow RegCleaner 2011
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
VideoFileDownload
Virtual DJ Home - Atomix Productions
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
VLC media player 2.0.1
WeatherEye
WildTangent Games
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WORDsearch 8 POSB NT Edition
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
22/09/2012 2:30:08 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm
Advertisement
Register to Remove

Re: both logs are here..adnxs removal help

Unread postby Gary R » September 24th, 2012, 10:51 am

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: both logs are here..adnxs removal help

Unread postby Gary R » September 24th, 2012, 11:14 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Malware Removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi riley532

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

I'd also recommend that you create a System Restore Point that we can restore to if necessary.

  • Click Start, and type Create a restore point into the Search programs and files box.
  • Now click on the Create a restore point icon at the top of the find list.
  • This will open a System Properties box, with the System Protection tab open ...
    • Click on the Create button in the lower part of the window.
    • Type Pre Malware Cleanup into the description box, then click Create.
    • Windows will now create a Restore Point and notify you when finished.
    • Exit any open windows.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

µTorrent
AVG PC Tuneup 2011
Java(TM) 6 Update 16
Java(TM) 6 Update 26


Use of P2P programs is the single easiest way to contract an infection that I know of, in return for our help this forum insists on their removal.

PC "Tune Up" programs are a complete and utter waste of time. So called "Registry Cleaners" just do nothing to improve your computer's performance, and most cause more problems than they ever resolve. The Registry is extremely tolerant of orphans, and will happily run with thousands of them without any discernible loss of performance. However, remove the wrong key or value, and you can easily turn your computer into an expensive paperweight. The risk/gain equation is not a good one.

Old versions of java can be exploited.

Reboot your computer once they're all removed

Next

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING IT MAY FIND

Next

Please right-click on the filename link below and select "Save target as..." or "Save Link as...", choose the Desktop location, and choose to save as the filename :Fix.txt
Vista or Win 7, 64 bit: SQW7-Vista_x64.TXT

---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.

---------------------------------------------
Perform a Custom Fix with OTL
Double Click the OTL icon (Right click and choose "Run as administrator" in Vista/Win7)
  • Click the Run Fix button at the top.
  • You will see a popup dialog reporting "No fix has been provided. Click OK to load from a file or Cancel". Click on OK
  • When the Open dialog comes up, Navigate to the Desktop, scroll to find the file named Fix.txt and click Open
  • Some text will appear in the Custom scans/Fixes box.
  • Click the Run Fix button.
  • Let the program run unhindered and reboot the PC when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply. The file will also appear on your desktop as OTL.txt

Next

Please download SystemLook from one of the links below and save it to your Desktop.
For 64 bit Systems:
Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchnu*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*
    
    :Regfind
    Fun4IM
    Bandoo
    Searchnu
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Summary of the logs I need from you in your next post:
  • TDSSKiller log
  • OTL.txt
  • Extras.txt
  • SystemLook.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 24th, 2012, 9:24 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\DataMngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 406 MediaBar\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\menuorder\start menu2\programs\bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DataMngr_Toolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\ilivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\searchqutoolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Bandoo\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BandooCore.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFBD6D47-F5E5-49E4-8157-8BCFF11F3CC3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBD6D47-F5E5-49E4-8157-8BCFF11F3CC3}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Save video on Savevid.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ilivid.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI 32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMAN CS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SearchquMediabarTb\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\currentversion\app management\arpcache\searchqu 406 mediabar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{cc1ac828-bb47-4361-afb5-96eee259dd87}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{fefd3af5-a346-4451-aa23-a3ad54915515}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{5b4144e1-b61d-495a-9a50-cd1a95d86d15}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{6a4bcaba-c437-4c76-a54e-af31b8a76cb9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{841d5a49-e48d-413c-9c28-eb3d9081d705}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\shared tools\msconfig\startupreg\datamngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqu.com\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\WhiteSmoke\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA942DEC3AFA384B94ECC932BD3DC5A\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFE82A48FED40644C984C808A1785C7F\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFB5D9F3E46440D4A9C379467CEADEBB\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toobar not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B0118C8-8D12-46CD-A083-2116D587A11F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B0118C8-8D12-46CD-A083-2116D587A11F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C39DB3DF-7935-4821-9BD7-170D277DA935} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C39DB3DF-7935-4821-9BD7-170D277DA935}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B2163BE-A595-4E6E-AAF0-E22A29D38262} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B2163BE-A595-4E6E-AAF0-E22A29D38262}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A49227EB-05C7-449A-9BB6-18F653936F32} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A49227EB-05C7-449A-9BB6-18F653936F32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B0118C8-8D12-46CD-A083-2116D587A11F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B0118C8-8D12-46CD-A083-2116D587A11F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C39DB3DF-7935-4821-9BD7-170D277DA935} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C39DB3DF-7935-4821-9BD7-170D277DA935}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B2163BE-A595-4E6E-AAF0-E22A29D38262} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B2163BE-A595-4E6E-AAF0-E22A29D38262}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A49227EB-05C7-449A-9BB6-18F653936F32} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A49227EB-05C7-449A-9BB6-18F653936F32}\ not found.
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\@|"ISearchQueryHelper" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
========== FILES ==========
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\SearchquWebSearch.xml not found.
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\searchqutoolbar not found.
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\*@sweetim[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@ilivid[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@ilivid[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@searchqu[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@searchqu[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@stats.ilivid[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@sweetim[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@www.sweetim[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@www.sweetim[3].txt not found.
C:\Users\Riley\AppData\Local\Ilivid Player folder moved successfully.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\iLividSetupV1.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ilivid[1].7z not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SetupDataMngr_Searchqu[1].exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BandooV6[1].exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\searchqu_net[1].htm not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\BandooFiles not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\BandooV6.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SetupDataMngr_Searchqu.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SweetIMReinstall not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\ilivid.7z not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\searchqu.ini not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\searchqutoolbar-manifest.xml not found.
File/Folder C:\Users\Riley\AppData\LocalLow\searchquband not found.
File/Folder C:\Users\Riley\AppData\LocalLow\searchqutoolbar not found.
File/Folder C:\Users\Riley\Downloads\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\Downloads\iLividSetupV1.exe not found.
File/Folder C:\Users\Riley\AppData\LocalLow\DataMngr not found.
File/Folder C:\Users\Riley\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\3AJVC1WF\www.ilivid[1].xml not found.
File/Folder C:\Users\Riley\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\TYBUQFS4\www.searchqu[1].xml not found.
File\Folder C:\Windows\Prefetch\SEARCHQU TOOLBAR UNINSTALL.EX-4EFDDDEA.pf not found.
File\Folder C:\Program Files\Windows iLivid Toolbar not found.
File\Folder C:\Program Files\iLivid not found.
File\Folder C:\Windows\Prefetch\ILIVID* not found.
File\Folder C:\Windows\Prefetch\SEARCHQUMEDIABAR* not found.
File\Folder C:\Windows\Prefetch\SETUPDATAMNGR* not found.
C:\Program Files (x86)\iLivid\imageformats folder moved successfully.
C:\Program Files (x86)\iLivid folder moved successfully.
File\Folder C:\Program Files (x86)\Windows Savevid Toolbar not found.
File\Folder C:\Program Files (x86)\Savevid not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Riley\Desktop\cmd.bat deleted successfully.
C:\Users\Riley\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Riley
->Temp folder emptied: 327348 bytes
->Temporary Internet Files folder emptied: 34443 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 175953679 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1813 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30087 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 274892 bytes

Total Files Cleaned = 168.00 mb


OTL by OldTimer - Version 3.2.67.1 log created on 09242012_210500

Files\Folders moved on Reboot...
C:\Users\Riley\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\startupCache\startupCache.4.little not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_001_ not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_002_ not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_003_ not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL Extras logfile created on: 13/09/2012 8:34:30 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Riley\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.93 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 73.73% Memory free
15.87 Gb Paging File | 13.60 Gb Available in Paging File | 85.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.14 Gb Total Space | 199.53 Gb Free Space | 44.52% Space Free | Partition Type: NTFS

Computer Name: RILEYSLAPTOP | User Name: Riley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BF259AC-A9E6-4D4C-B0CB-ACE3EADC2E4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D500D79-39DD-42E1-8F8E-49CA6E450EFE}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{22042B80-36FE-4458-8477-A0D5C8CF0C6C}" = lport=137 | protocol=17 | dir=in | app=system |
"{237BBAAA-5370-41E3-8FD6-C87222EE654B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2788A2CE-EEBC-4489-A7AE-695753D37EB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{352FF333-52BD-456F-9A60-629582EF77D4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{514647DD-C72B-45CD-B493-8054557C4E7A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{52CE985D-2591-4D3C-ADCA-74C7EB84418A}" = lport=138 | protocol=17 | dir=in | app=system |
"{650DC92C-5229-402F-AD7A-6043A0EA8E08}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68E21402-A943-4911-BADC-16FA7A592682}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6C00E053-6849-428F-9417-FB7EF84E8912}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D4BBC9D-3C04-4AF9-8794-6B6E170AD46F}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{7AE28442-1C5D-4AB0-A71B-891FDD8A524C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8162F275-1C2C-475F-801C-7AC2D3121FA0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8587FB16-0062-4209-BA7C-4904B6ED5E60}" = rport=445 | protocol=6 | dir=out | app=system |
"{85D62576-E1C2-4091-B033-64EEDD3DCE85}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{8B03DEC9-5163-4840-8E71-A28812E61FD5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{92ED6452-B004-4F76-8AD7-60F0ECBCB8F7}" = rport=138 | protocol=17 | dir=out | app=system |
"{94E3051B-E36E-47C1-8B8D-584DD60D8E99}" = rport=139 | protocol=6 | dir=out | app=system |
"{9DEC7F95-3F27-4941-85E3-98CE4E273023}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{9F81BC9B-5544-4A71-BEAD-564D2A85C46C}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A6C17FDB-F6BE-4470-BBCC-A9B59943C74E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B0A8B7FC-FEFA-4423-9100-72E29F7D01FA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{B1C72875-1D05-4633-A17A-05DC19608C95}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{B9D43E8B-96C3-4337-A8A1-E6E21A16B38E}" = rport=137 | protocol=17 | dir=out | app=system |
"{BF9A2CCE-26A1-48A4-B7FC-2E55B3BE881C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C45B31D6-F771-4946-8B34-8B0F703772E4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C7BB1A3B-0BC0-4EB6-B46F-F955169ADB1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CD5931E0-A5C2-4009-822A-707291154613}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D07E4BDB-B74E-4C36-86BC-3067D08F50E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1D5378A-959E-4D37-AD43-189CED8788F1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E64735DD-FEF3-49A3-B623-C0C3D0CD5CA5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1FE29BC-EB65-48D4-AACB-DB00613ED89B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5093A05-593C-4EEF-8E23-3B19D65A3E11}" = lport=139 | protocol=6 | dir=in | app=system |
"{F9249DEE-2490-46E2-807D-09EFA204CFB0}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{F95C630C-23A3-4684-8AA5-843E51C23A45}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C844AB-57E1-4457-A5E6-B360BD355703}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{07200EA9-E7AB-43B2-83E1-E77A40A6CFD3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{07E80E2B-2B81-4BF0-86FA-8DAE2CC32B9A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{09B1396D-6392-4127-BAC7-A3C08938E01E}" = protocol=17 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{0B3EA1A4-2B59-4ACD-A31F-20D80A8981F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0D99CCF2-CD69-4219-9430-0B508F07969F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D9CC229-6ED9-4564-9C99-20F39948E127}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0F3A40A0-07AF-43B9-A9D8-E219D917ED3B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{12856A0F-79FA-4911-A655-5359169EDDD7}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbumon.exe |
"{133638F8-BB54-487B-8201-8BD1760ECD2D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{156B73CE-3EF5-4A16-8026-16E0BBD4FDAD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{18A3E992-BD24-4650-AA9A-FB6A16631F6C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{1939B13D-E859-47FD-A026-7B4566C876F1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D4275D7-0F17-458E-AF02-EC86891FBA62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21346181-B247-4E78-A825-B0C6AA75E268}" = protocol=6 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{29536C4C-2D4E-477D-B2F9-DF6174121C36}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{2BB92FD4-B13E-477A-B984-9AA7132519C7}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbumon.exe |
"{35767B7B-0B9D-4A9C-BBB4-723634DC3F92}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbupswx.exe |
"{3AB13166-089A-4FAB-9AF2-044801EECA6A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3BC6A20D-2BBE-49BE-A275-2D7C112529A3}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{3CB14719-5E7A-4BE5-95D2-6708233E2014}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3CE7B050-4F59-4CC5-9F16-412BAC539B74}" = protocol=6 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"{3D4FD768-2EF0-49C7-A85E-5DA316673E4D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbupswx.exe |
"{3E64FF24-A250-445E-9115-FA16DAE0A8BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3FFD9A14-FC9D-498F-BB43-0FFCC56F3C9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FDD7375-6ACE-4CCA-85C8-BB20489D7F71}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{535C0814-6BF3-4AAA-8190-7379EC768F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{53962309-DEF2-4606-BE21-D7D422A5A27C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54F0545D-4D88-4701-AA74-B62071E178DD}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlbucoms.exe |
"{576D4982-AF1D-4C6A-B3EB-E6C717CA4A73}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59A1B18B-842D-4F6B-8358-F43B77E8D28E}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{60B55E73-5F61-45CE-936F-5D39174891D2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673DC3CA-20CE-49AA-A21E-D760F6CFBF80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DFBA37B-DA10-4E72-8AA6-9745D68C5983}" = dir=in | app=c:\users\riley\appdata\local\temp\7zs11c2\setup\hpznui40.exe |
"{774DC098-E041-4995-BAC3-AD99EA0B522F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{789CE1B1-EBE1-44D8-A578-3719E559BC35}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{7E985DEF-56CD-408F-987C-BAA2D97E98B8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7F1418F2-CA2D-4CA5-80CF-91AC5ADFED75}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7F679FD7-8E9F-450D-AB8B-35939AD07908}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{812B7394-5EF4-451D-AD40-5D6490B15368}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{83A65720-6151-45C7-B998-DE67F4E84998}" = protocol=17 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"{85086005-85E0-4C2D-A978-80F0EC0AA0CC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{8F186BE8-B912-49F7-BD69-E44FF5E164EA}" = dir=in | app=c:\users\riley\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{9A24147D-810E-46E3-9CDC-68666E5FEDDD}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{A9B533D6-9554-4D7C-A308-DB85FC731820}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B9A8AA4F-1A32-426A-A7B1-968B23CE43A9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9F28AEF-51BE-417A-8299-849AAB19E468}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BFCAC998-2E43-459B-AE2B-E2F3BA92FC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C37D726E-85D5-4F3D-B706-30F534283D26}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C56A02B3-9487-4D7C-8951-D5FC575EDC68}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{C6711EF9-F956-4E45-8327-84CAB0196BEF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C71D00F3-C0A6-46F0-9433-3EF9CEF5792B}" = protocol=6 | dir=out | app=system |
"{C833A415-F1FE-410B-A7D7-6A1932C8781C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C837E19D-0781-48A2-8ADC-F1FFD45E6D2A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{CCF49B91-49B3-4F5A-AE8B-C3DEA655C8C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlbucoms.exe |
"{CCFF10FA-E5FA-4EC4-8DD2-2E6A0DDF96AF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{CD08C63D-854D-4003-9BD0-FD7C17D8DA44}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{D3DC7882-80BA-48EE-95B1-F5FD94895BB0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D65F3EEC-6232-4C9C-A2F3-38AD76609CF4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D94AD32F-68FE-4E41-92E9-1A013E782AC2}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{D95DE34B-0714-4793-9672-A0A4C83A10AC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{D97C053B-AA15-4EF6-AC03-68FC92DFD287}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB5F411C-6F26-46A7-9508-7FEC549B4FC4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DBD05C56-DAD3-4BDB-8DB2-CBBC56019699}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{E5EB095E-351A-41E1-8906-26A4060CEB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{E6C4EEB1-E49F-4F7C-8C4D-1A07CA647C8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EDE030BB-1052-4B89-AF6C-8557617BFDCF}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbuaiox.exe |
"{F048BAA3-A11A-4B4A-BCBC-F0C194DDA8F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3865D1A-BD0D-4D0F-B26B-15153713355D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{F412D304-CD6C-4552-9206-A44538778749}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbuaiox.exe |
"{F8E432CE-3F0A-4A84-8A21-ACE7DFBD4FFE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9FBE3A0-AB03-4527-BDA5-96AA63EAF632}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{FB150AE1-9A10-4589-8FBA-F70B11F720E1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FCA96F8D-72C3-45F0-B7AD-07FA3E7C0EBA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FFC783D7-D86C-4C78-AD69-57F561A14EAD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"TCP Query User{1A645055-0EB5-485E-8DC2-E6F7A3A8909E}C:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{28C67349-42F6-4714-90DC-06E3F2F723FB}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{30A9CC74-465D-4553-9F28-796CE88EF3CC}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{32490D85-FB61-474D-B89E-6B4BD1B04A56}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{4071F044-84B7-45BA-9022-4DEE0B148CEB}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"TCP Query User{4DB3CE95-376F-4AFE-B8B0-5DAC10D3A970}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{523F873B-5EBD-4CBC-B879-B37EAB76B073}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{569A101E-D2C9-4B95-9AC0-0ACEA154F79A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{57F809EA-B266-455C-87B2-3F32BADAB784}C:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe |
"TCP Query User{6B6E2D46-C39F-4FF6-8989-6A4D54A76DF9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{73DE1917-3D50-427A-8205-A8ACF9D38938}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{7BB44AB0-3704-4DDE-9655-B7164EB0C8ED}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{7DFA3D23-7F4B-4339-BDE6-D1ECEC7CACB7}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{91DE1168-FB72-468F-9019-DBAFD4C7953D}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{96B52C7A-BD0B-48C7-8B43-4A04BE16ED86}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{C113D850-77EF-4C5F-8E03-2D7C3ED181B5}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"TCP Query User{C5ECD634-2A49-4507-A3D4-CBD19ED4A7E9}C:\users\riley\downloads\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\riley\downloads\starcraft_2_na_en-us.exe |
"TCP Query User{DF8B9D22-8F1F-4C1F-BD8B-8556107B1418}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{FA701343-B31D-4F91-B494-C0499291F7B0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FEF9FCA5-7CEC-4B44-929B-2E967C5CAD68}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0F59E4CA-CB5A-4485-ADBB-CD1B98D84483}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{1FCF4DCD-D745-4F03-AECB-AD95605E7C49}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{230F85B7-EC7C-4C8D-9DE7-D35A9D48D288}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{231751B7-20D7-4023-B84C-7516B43BD7A4}C:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe |
"UDP Query User{2F99135D-28E0-4831-8A28-059697D41319}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{301D836F-CB5A-4A9D-A7B4-27BE40D92E1C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{347ABA59-6C57-482B-B7B9-E0F749269815}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{3E263D36-86D7-4381-8C73-E0F51DDC88D4}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{44601A4C-0C80-4185-B742-08A30F9AE76D}C:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{5CE82A7E-3256-4A83-B6F1-41AEFB80A4E7}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{69F8D2F6-32F9-40A5-B7BD-6AE35600C17E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{6B4AFFE7-AFF6-4F15-B5BB-23071C60D80D}C:\users\riley\downloads\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\riley\downloads\starcraft_2_na_en-us.exe |
"UDP Query User{7193B9AB-5273-4378-9C2D-35C47EB5A0F1}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{804A423C-B39C-4FED-8C37-D4B5FF62101B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{88427DFC-9AFC-4453-A218-349CD79C8B0C}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{88D266D8-7FCD-4BA6-B550-ED289D4A1396}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{DBA676F5-2E8B-44FD-AB4E-0CE7E7889ABC}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"UDP Query User{DC0950E7-2047-4316-96B5-90BF1CF9312B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DC6360D3-6CF8-4F71-B493-ED155CDA1455}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"UDP Query User{FA0E9229-0DA1-4317-82E5-6C730007ECA9}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{485867C4-605B-30FD-397E-CDBA21690855}" = ccc-utility64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AA05F911-A572-07CE-C205-EEF94562BF87}" = ATI AVIVO64 Codecs
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDAA17FB-9CDD-AA3B-ED37-FA6F0C052123}" = ATI Catalyst Install Manager
"0E26EBDDB36C0E4C591F22C7EE263FB6BC041FE3" = Windows Driver Package - Broadcom Corporation Bluetooth (02/06/2012 6.5.1.2310)
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Windows Driver Package - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"4AAFCA4E47F455BA6EB4FE93C32821F59F5873E3" = Windows Driver Package - Broadcom Corporation Bluetooth (02/07/2012 6.5.1.2312)
"524FB58AAB1C34915E5DAE6F9A7ABD1AA8C96614" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"6A044848DB955BAB41313E7878DE4E2C68715F24" = Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (03/16/2012 6.5.1.2600)
"73EBF284DDB186EC3E526FEE77E2325097703596" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"765E3A42F1EB7BB642F073A20918B588DC4D1193" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"77474885D7AEC63818C38D3CD3F18591895E994E" = Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (02/06/2012 6.5.1.2310)
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Dell Photo AIO Printer 942" = Dell Photo AIO Printer 942
"DW WLAN Card Utility" = DW WLAN Card Utility
"E2D6F2D66494484DBE706872D7EFADC4C894EF0F" = Windows Driver Package - Broadcom Corporation Bluetooth (02/07/2012 6.5.1.2312)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Dell Support Center
"SP6" = Logitech SetPoint 6.15
"SynTPDeinstKey" = Dell Touchpad
"TThrottle: Temperature Throttle_is1" = TThrottle (32/64 Bit): Temperature Throttle by eFMer V 3.1.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015D576B-F9CF-245E-2A67-13A22C49595D}" = CCC Help Portuguese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08DF75DF-FCA1-936E-6537-8B2355477A8A}" = CCC Help Spanish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German
"{2863C12B-2A02-4258-8495-6220605B2E5C}_is1" = Tether 1.4.3.7
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{2F12DD77-33BC-B9AA-7FCF-316920EB20B6}" = CCC Help Hungarian
"{2F2E45E2-5A38-616D-B747-6F8483074987}" = CCC Help French
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{32CD223A-FF52-43CF-9E24-F7618CD77891}" = WORDsearch 8 POSB NT Edition
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{335519D8-37B0-2C1A-8731-24BFA0AF0A82}" = CCC Help Norwegian
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A3152B9-70FA-8B91-44AC-3DB75A675344}" = CCC Help Russian
"{3E6B8013-6679-AE89-05B9-F540AF89A5A4}" = Catalyst Control Center Localization All
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F154E12-4E97-D0AB-27E2-874CFEFFE30A}" = CCC Help Finnish
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{54BAC286-63B1-C3D7-5371-10CE6B280D23}" = CCC Help Turkish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6DFAA-3FE8-0F59-02EC-8AEA5CE0659B}" = CCC Help Dutch
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian
"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{734C758F-E295-C25A-085A-37210AAFD459}" = CCC Help Greek
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADF69B6-B378-2D8C-C81C-DAA053E0D275}" = CCC Help English
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97B70991-5002-4241-8B0C-D74B8ADEB2B5}" = BlackBerry Desktop Software 7.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E31556D-C40E-D7EE-8936-6F442A063F68}" = CCC Help Swedish
"{A24CCFF4-1094-A1C6-756E-BD75FDA697F4}" = CCC Help Danish
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A34A8A48-44EC-1B46-EC9A-C0687C8AB505}" = HydraVision
"{A43190B6-D326-2870-22A5-F2416062ABA3}" = CCC Help German
"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish
"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 6
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF39A4BD-9088-D509-206B-024E5576D25C}" = CCC Help Korean
"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New
"{B5C2819F-BC4E-E31A-C2CE-A617A99A7EA0}" = CCC Help Czech
"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional
"{BCFF03A6-BADE-2C15-A90E-E8D0E26B8E6C}" = CCC Help Chinese Standard
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish
"{C2AF3BC5-ED8A-39A5-BDC6-6B514D7B8E18}" = CCC Help Japanese
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9A162C1-031F-4EBF-A3E6-C45F7FCCBB9E}_is1" = Genie Backup Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D876ED97-4876-ECE9-F988-D11B91CA84BB}" = CCC Help Polish
"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista
"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy
"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF150064-07EC-F3E1-7E24-8B76493F6C2D}" = CCC Help Thai
"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean
"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English
"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese
"{E3EB956C-C221-8F52-2063-CBF40AD8B558}" = CCC Help Italian
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E80F7B58-508F-2A71-50E6-49B56241C22B}" = ccc-core-static
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED2C01F5-FF07-21E7-4D80-E41486A5204E}" = CCC Help Chinese Traditional
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Alarm_is1" = Alarm
"Anki" = Anki
"Audacity_is1" = Audacity 2.0
"Audio MP3 Sound Recorder" = Audio MP3 Sound Recorder
"AVG Secure Search" = AVG Security Toolbar
"Aya AVI WMV DVD FLV RM MKV MP4 Video Splitter Cutter_is1" = Aya AVI WMV DVD FLV RM MKV MP4 Video Splitter Cutter V1.3.5
"Bible Database_is1" = Bible Database 5.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BSPlayerf" = BS.Player FREE
"CamStudio" = CamStudio
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"Focus MP3 Recorder Splitter_is1" = Focus MP3 Recorder Splitter 3.4
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 7.1.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube Download_is1" = Free YouTube Download version 3.0.22.221
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"GoToAssist" = GoToAssist 8.0.0.514
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Viewer for Windows_is1" = PDF Viewer for Windows 7
"Rapport_msi" = Rapport
"Screen VidShot_is1" = Screen VidShot
"ST5UNST #1" = The Holy Bible KJV Ver.8
"ST5UNST #2" = project dogwaffle
"StarCraft II" = StarCraft II
"The Extractor1.4.2" = The Extractor
"The Extractor1.4.2.2" = The Extractor
"The Extractor1.4.3" = The Extractor
"TIMELEFT3_is1" = TimeLeft
"TweakNow RegCleaner 2011_is1" = TweakNow RegCleaner 2011
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"vfd-ob" = VideoFileDownload
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 2.0.1
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WORDsearch 8 POSB NT Edition" = WORDsearch 8 POSB NT Edition
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"Dropbox" = Dropbox
"Juniper_Networks_Cache_Cleaner 6.5.0" = Juniper Networks Cache Cleaner 6.5.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"WeatherEye" = WeatherEye

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/09/2012 3:24:25 PM | Computer Name = RileysLaptop | Source = SignInAssistant | ID = 0
Description =

Error - 13/09/2012 3:24:28 PM | Computer Name = RileysLaptop | Source = SignInAssistant | ID = 0
Description =

Error - 13/09/2012 3:24:54 PM | Computer Name = RileysLaptop | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1984 Start
Time: 01cd91e538905ab6 Termination Time: 15 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: a27f34d0-fdd8-11e1-8264-f04da246af75

Error - 13/09/2012 4:49:25 PM | Computer Name = RileysLaptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 13/09/2012 4:49:26 PM | Computer Name = RileysLaptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 13/09/2012 7:36:49 PM | Computer Name = RileysLaptop | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 13/09/2012 8:17:08 PM | Computer Name = RileysLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: bcmwltry.exe, version: 5.60.48.18, time
stamp: 0x4b1e7b37 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x000007ff00409d78 Faulting process id: 0x7b4 Faulting
application start time: 0x01cd920e3a62e170 Faulting application path: C:\Program
Files\Dell\DW WLAN Card\bcmwltry.exe Faulting module path: unknown Report Id: 84ad97a4-fe01-11e1-be9d-f04da246af75

Error - 13/09/2012 8:50:05 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

Error - 13/09/2012 8:50:18 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

Error - 13/09/2012 8:50:43 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

[ Broadcom Wireless LAN Events ]
Error - 24/07/2012 3:53:55 PM | Computer Name = RileysLaptop | Source = WLAN-Tray | ID = 0
Description = 14:53:55, Tue, Jul 24, 12 Error - Unable to gain access to user store


[ System Events ]
Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:50:05 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10005
Description =

Error - 13/09/2012 8:54:45 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:09:18 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7034
Description = The Rapport Management Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 13/09/2012 9:09:52 PM | Computer Name = RileysLaptop | Source = BROWSER | ID = 8032
Description =

Error - 13/09/2012 9:13:52 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:24:29 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:39:17 PM | Computer Name = RileysLaptop | Source = BROWSER | ID = 8032
Description =


< End of report >
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 24th, 2012, 9:26 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\DataMngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 406 MediaBar\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\menuorder\start menu2\programs\bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DataMngr_Toolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\ilivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\searchqutoolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Bandoo\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BandooCore.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFBD6D47-F5E5-49E4-8157-8BCFF11F3CC3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBD6D47-F5E5-49E4-8157-8BCFF11F3CC3}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Save video on Savevid.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ilivid.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI 32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMAN CS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SearchquMediabarTb\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\currentversion\app management\arpcache\searchqu 406 mediabar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{cc1ac828-bb47-4361-afb5-96eee259dd87}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{fefd3af5-a346-4451-aa23-a3ad54915515}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{5b4144e1-b61d-495a-9a50-cd1a95d86d15}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{6a4bcaba-c437-4c76-a54e-af31b8a76cb9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{841d5a49-e48d-413c-9c28-eb3d9081d705}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\shared tools\msconfig\startupreg\datamngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqu.com\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160\ not found.
Registry key HKEY_CURRENT_USER\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\WhiteSmoke\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA942DEC3AFA384B94ECC932BD3DC5A\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFE82A48FED40644C984C808A1785C7F\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFB5D9F3E46440D4A9C379467CEADEBB\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160\InstallProperties\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toobar not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B0118C8-8D12-46CD-A083-2116D587A11F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B0118C8-8D12-46CD-A083-2116D587A11F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C39DB3DF-7935-4821-9BD7-170D277DA935} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C39DB3DF-7935-4821-9BD7-170D277DA935}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B2163BE-A595-4E6E-AAF0-E22A29D38262} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B2163BE-A595-4E6E-AAF0-E22A29D38262}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A49227EB-05C7-449A-9BB6-18F653936F32} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A49227EB-05C7-449A-9BB6-18F653936F32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B0118C8-8D12-46CD-A083-2116D587A11F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B0118C8-8D12-46CD-A083-2116D587A11F}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C39DB3DF-7935-4821-9BD7-170D277DA935} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C39DB3DF-7935-4821-9BD7-170D277DA935}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B2163BE-A595-4E6E-AAF0-E22A29D38262} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B2163BE-A595-4E6E-AAF0-E22A29D38262}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A49227EB-05C7-449A-9BB6-18F653936F32} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A49227EB-05C7-449A-9BB6-18F653936F32}\ not found.
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\@|"ISearchQueryHelper" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ProxyStubClsid32\\@|"{B056521A-9B10-425E-B616-1FCD828DB3B1}" /E!
========== FILES ==========
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\SearchquWebSearch.xml not found.
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\searchqutoolbar not found.
File/Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\*@sweetim[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@ilivid[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@ilivid[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@searchqu[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@searchqu[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@stats.ilivid[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@sweetim[1].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@www.sweetim[2].txt not found.
File/Folder C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Cookies\Low\*@www.sweetim[3].txt not found.
C:\Users\Riley\AppData\Local\Ilivid Player folder moved successfully.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\iLividSetupV1.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ilivid[1].7z not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SetupDataMngr_Searchqu[1].exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BandooV6[1].exe not found.
File/Folder C:\Users\Riley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\searchqu_net[1].htm not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\BandooFiles not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\BandooV6.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SetupDataMngr_Searchqu.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SweetIMReinstall not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\ilivid.7z not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\searchqu.ini not found.
File/Folder C:\Users\Riley\AppData\Local\Temp\searchqutoolbar-manifest.xml not found.
File/Folder C:\Users\Riley\AppData\LocalLow\searchquband not found.
File/Folder C:\Users\Riley\AppData\LocalLow\searchqutoolbar not found.
File/Folder C:\Users\Riley\Downloads\SweetImSetup.exe not found.
File/Folder C:\Users\Riley\Downloads\iLividSetupV1.exe not found.
File/Folder C:\Users\Riley\AppData\LocalLow\DataMngr not found.
File/Folder C:\Users\Riley\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\3AJVC1WF\www.ilivid[1].xml not found.
File/Folder C:\Users\Riley\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\TYBUQFS4\www.searchqu[1].xml not found.
File\Folder C:\Windows\Prefetch\SEARCHQU TOOLBAR UNINSTALL.EX-4EFDDDEA.pf not found.
File\Folder C:\Program Files\Windows iLivid Toolbar not found.
File\Folder C:\Program Files\iLivid not found.
File\Folder C:\Windows\Prefetch\ILIVID* not found.
File\Folder C:\Windows\Prefetch\SEARCHQUMEDIABAR* not found.
File\Folder C:\Windows\Prefetch\SETUPDATAMNGR* not found.
C:\Program Files (x86)\iLivid\imageformats folder moved successfully.
C:\Program Files (x86)\iLivid folder moved successfully.
File\Folder C:\Program Files (x86)\Windows Savevid Toolbar not found.
File\Folder C:\Program Files (x86)\Savevid not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Riley\Desktop\cmd.bat deleted successfully.
C:\Users\Riley\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Riley
->Temp folder emptied: 327348 bytes
->Temporary Internet Files folder emptied: 34443 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 175953679 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1813 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30087 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 274892 bytes

Total Files Cleaned = 168.00 mb


OTL by OldTimer - Version 3.2.67.1 log created on 09242012_210500

Files\Folders moved on Reboot...
C:\Users\Riley\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\startupCache\startupCache.4.little not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_001_ not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_002_ not found!
File\Folder C:\Users\Riley\AppData\Local\Mozilla\Firefox\Profiles\0ik16r9a.default\Cache\_CACHE_003_ not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 24th, 2012, 9:27 pm

OTL Extras logfile created on: 13/09/2012 8:34:30 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Riley\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.93 Gb Total Physical Memory | 5.85 Gb Available Physical Memory | 73.73% Memory free
15.87 Gb Paging File | 13.60 Gb Available in Paging File | 85.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.14 Gb Total Space | 199.53 Gb Free Space | 44.52% Space Free | Partition Type: NTFS

Computer Name: RILEYSLAPTOP | User Name: Riley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BF259AC-A9E6-4D4C-B0CB-ACE3EADC2E4A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D500D79-39DD-42E1-8F8E-49CA6E450EFE}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{22042B80-36FE-4458-8477-A0D5C8CF0C6C}" = lport=137 | protocol=17 | dir=in | app=system |
"{237BBAAA-5370-41E3-8FD6-C87222EE654B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2788A2CE-EEBC-4489-A7AE-695753D37EB1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{352FF333-52BD-456F-9A60-629582EF77D4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{514647DD-C72B-45CD-B493-8054557C4E7A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{52CE985D-2591-4D3C-ADCA-74C7EB84418A}" = lport=138 | protocol=17 | dir=in | app=system |
"{650DC92C-5229-402F-AD7A-6043A0EA8E08}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68E21402-A943-4911-BADC-16FA7A592682}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6C00E053-6849-428F-9417-FB7EF84E8912}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D4BBC9D-3C04-4AF9-8794-6B6E170AD46F}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{7AE28442-1C5D-4AB0-A71B-891FDD8A524C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8162F275-1C2C-475F-801C-7AC2D3121FA0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8587FB16-0062-4209-BA7C-4904B6ED5E60}" = rport=445 | protocol=6 | dir=out | app=system |
"{85D62576-E1C2-4091-B033-64EEDD3DCE85}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{8B03DEC9-5163-4840-8E71-A28812E61FD5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{92ED6452-B004-4F76-8AD7-60F0ECBCB8F7}" = rport=138 | protocol=17 | dir=out | app=system |
"{94E3051B-E36E-47C1-8B8D-584DD60D8E99}" = rport=139 | protocol=6 | dir=out | app=system |
"{9DEC7F95-3F27-4941-85E3-98CE4E273023}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{9F81BC9B-5544-4A71-BEAD-564D2A85C46C}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A6C17FDB-F6BE-4470-BBCC-A9B59943C74E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B0A8B7FC-FEFA-4423-9100-72E29F7D01FA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{B1C72875-1D05-4633-A17A-05DC19608C95}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{B9D43E8B-96C3-4337-A8A1-E6E21A16B38E}" = rport=137 | protocol=17 | dir=out | app=system |
"{BF9A2CCE-26A1-48A4-B7FC-2E55B3BE881C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C45B31D6-F771-4946-8B34-8B0F703772E4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C7BB1A3B-0BC0-4EB6-B46F-F955169ADB1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CD5931E0-A5C2-4009-822A-707291154613}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D07E4BDB-B74E-4C36-86BC-3067D08F50E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1D5378A-959E-4D37-AD43-189CED8788F1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E64735DD-FEF3-49A3-B623-C0C3D0CD5CA5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F1FE29BC-EB65-48D4-AACB-DB00613ED89B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5093A05-593C-4EEF-8E23-3B19D65A3E11}" = lport=139 | protocol=6 | dir=in | app=system |
"{F9249DEE-2490-46E2-807D-09EFA204CFB0}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{F95C630C-23A3-4684-8AA5-843E51C23A45}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C844AB-57E1-4457-A5E6-B360BD355703}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{07200EA9-E7AB-43B2-83E1-E77A40A6CFD3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{07E80E2B-2B81-4BF0-86FA-8DAE2CC32B9A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{09B1396D-6392-4127-BAC7-A3C08938E01E}" = protocol=17 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{0B3EA1A4-2B59-4ACD-A31F-20D80A8981F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0D99CCF2-CD69-4219-9430-0B508F07969F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D9CC229-6ED9-4564-9C99-20F39948E127}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0F3A40A0-07AF-43B9-A9D8-E219D917ED3B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{12856A0F-79FA-4911-A655-5359169EDDD7}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbumon.exe |
"{133638F8-BB54-487B-8201-8BD1760ECD2D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{156B73CE-3EF5-4A16-8026-16E0BBD4FDAD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{18A3E992-BD24-4650-AA9A-FB6A16631F6C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{1939B13D-E859-47FD-A026-7B4566C876F1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D4275D7-0F17-458E-AF02-EC86891FBA62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21346181-B247-4E78-A825-B0C6AA75E268}" = protocol=6 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{29536C4C-2D4E-477D-B2F9-DF6174121C36}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{2BB92FD4-B13E-477A-B984-9AA7132519C7}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbumon.exe |
"{35767B7B-0B9D-4A9C-BBB4-723634DC3F92}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbupswx.exe |
"{3AB13166-089A-4FAB-9AF2-044801EECA6A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3BC6A20D-2BBE-49BE-A275-2D7C112529A3}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{3CB14719-5E7A-4BE5-95D2-6708233E2014}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3CE7B050-4F59-4CC5-9F16-412BAC539B74}" = protocol=6 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"{3D4FD768-2EF0-49C7-A85E-5DA316673E4D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbupswx.exe |
"{3E64FF24-A250-445E-9115-FA16DAE0A8BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3FFD9A14-FC9D-498F-BB43-0FFCC56F3C9A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FDD7375-6ACE-4CCA-85C8-BB20489D7F71}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{535C0814-6BF3-4AAA-8190-7379EC768F0F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{53962309-DEF2-4606-BE21-D7D422A5A27C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54F0545D-4D88-4701-AA74-B62071E178DD}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlbucoms.exe |
"{576D4982-AF1D-4C6A-B3EB-E6C717CA4A73}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59A1B18B-842D-4F6B-8358-F43B77E8D28E}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{60B55E73-5F61-45CE-936F-5D39174891D2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673DC3CA-20CE-49AA-A21E-D760F6CFBF80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DFBA37B-DA10-4E72-8AA6-9745D68C5983}" = dir=in | app=c:\users\riley\appdata\local\temp\7zs11c2\setup\hpznui40.exe |
"{774DC098-E041-4995-BAC3-AD99EA0B522F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{789CE1B1-EBE1-44D8-A578-3719E559BC35}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{7E985DEF-56CD-408F-987C-BAA2D97E98B8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7F1418F2-CA2D-4CA5-80CF-91AC5ADFED75}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7F679FD7-8E9F-450D-AB8B-35939AD07908}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{812B7394-5EF4-451D-AD40-5D6490B15368}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{83A65720-6151-45C7-B998-DE67F4E84998}" = protocol=17 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"{85086005-85E0-4C2D-A978-80F0EC0AA0CC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{8F186BE8-B912-49F7-BD69-E44FF5E164EA}" = dir=in | app=c:\users\riley\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{9A24147D-810E-46E3-9CDC-68666E5FEDDD}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{A9B533D6-9554-4D7C-A308-DB85FC731820}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B9A8AA4F-1A32-426A-A7B1-968B23CE43A9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9F28AEF-51BE-417A-8299-849AAB19E468}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BFCAC998-2E43-459B-AE2B-E2F3BA92FC6B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C37D726E-85D5-4F3D-B706-30F534283D26}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{C56A02B3-9487-4D7C-8951-D5FC575EDC68}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{C6711EF9-F956-4E45-8327-84CAB0196BEF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C71D00F3-C0A6-46F0-9433-3EF9CEF5792B}" = protocol=6 | dir=out | app=system |
"{C833A415-F1FE-410B-A7D7-6A1932C8781C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C837E19D-0781-48A2-8ADC-F1FFD45E6D2A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{CCF49B91-49B3-4F5A-AE8B-C3DEA655C8C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlbucoms.exe |
"{CCFF10FA-E5FA-4EC4-8DD2-2E6A0DDF96AF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{CD08C63D-854D-4003-9BD0-FD7C17D8DA44}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{D3DC7882-80BA-48EE-95B1-F5FD94895BB0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D65F3EEC-6232-4C9C-A2F3-38AD76609CF4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D94AD32F-68FE-4E41-92E9-1A013E782AC2}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{D95DE34B-0714-4793-9672-A0A4C83A10AC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{D97C053B-AA15-4EF6-AC03-68FC92DFD287}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB5F411C-6F26-46A7-9508-7FEC549B4FC4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DBD05C56-DAD3-4BDB-8DB2-CBBC56019699}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{E5EB095E-351A-41E1-8906-26A4060CEB6A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{E6C4EEB1-E49F-4F7C-8C4D-1A07CA647C8D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EDE030BB-1052-4B89-AF6C-8557617BFDCF}" = protocol=17 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbuaiox.exe |
"{F048BAA3-A11A-4B4A-BCBC-F0C194DDA8F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3865D1A-BD0D-4D0F-B26B-15153713355D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{F412D304-CD6C-4552-9206-A44538778749}" = protocol=6 | dir=in | app=c:\program files (x86)\dell photo aio printer 942\dlbuaiox.exe |
"{F8E432CE-3F0A-4A84-8A21-ACE7DFBD4FFE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F9FBE3A0-AB03-4527-BDA5-96AA63EAF632}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{FB150AE1-9A10-4589-8FBA-F70B11F720E1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FCA96F8D-72C3-45F0-B7AD-07FA3E7C0EBA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{FFC783D7-D86C-4C78-AD69-57F561A14EAD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"TCP Query User{1A645055-0EB5-485E-8DC2-E6F7A3A8909E}C:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{28C67349-42F6-4714-90DC-06E3F2F723FB}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{30A9CC74-465D-4553-9F28-796CE88EF3CC}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{32490D85-FB61-474D-B89E-6B4BD1B04A56}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{4071F044-84B7-45BA-9022-4DEE0B148CEB}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"TCP Query User{4DB3CE95-376F-4AFE-B8B0-5DAC10D3A970}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{523F873B-5EBD-4CBC-B879-B37EAB76B073}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{569A101E-D2C9-4B95-9AC0-0ACEA154F79A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{57F809EA-B266-455C-87B2-3F32BADAB784}C:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe |
"TCP Query User{6B6E2D46-C39F-4FF6-8989-6A4D54A76DF9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{73DE1917-3D50-427A-8205-A8ACF9D38938}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{7BB44AB0-3704-4DDE-9655-B7164EB0C8ED}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"TCP Query User{7DFA3D23-7F4B-4339-BDE6-D1ECEC7CACB7}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{91DE1168-FB72-468F-9019-DBAFD4C7953D}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{96B52C7A-BD0B-48C7-8B43-4A04BE16ED86}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"TCP Query User{C113D850-77EF-4C5F-8E03-2D7C3ED181B5}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"TCP Query User{C5ECD634-2A49-4507-A3D4-CBD19ED4A7E9}C:\users\riley\downloads\starcraft_2_na_en-us.exe" = protocol=6 | dir=in | app=c:\users\riley\downloads\starcraft_2_na_en-us.exe |
"TCP Query User{DF8B9D22-8F1F-4C1F-BD8B-8556107B1418}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{FA701343-B31D-4F91-B494-C0499291F7B0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FEF9FCA5-7CEC-4B44-929B-2E967C5CAD68}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0F59E4CA-CB5A-4485-ADBB-CD1B98D84483}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{1FCF4DCD-D745-4F03-AECB-AD95605E7C49}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{230F85B7-EC7C-4C8D-9DE7-D35A9D48D288}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{231751B7-20D7-4023-B84C-7516B43BD7A4}C:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\plugin-container.exe |
"UDP Query User{2F99135D-28E0-4831-8A28-059697D41319}C:\program files (x86)\starcraft ii\versions\base16561\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16561\sc2.exe |
"UDP Query User{301D836F-CB5A-4A9D-A7B4-27BE40D92E1C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{347ABA59-6C57-482B-B7B9-E0F749269815}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{3E263D36-86D7-4381-8C73-E0F51DDC88D4}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{44601A4C-0C80-4185-B742-08A30F9AE76D}C:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\riley\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{5CE82A7E-3256-4A83-B6F1-41AEFB80A4E7}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{69F8D2F6-32F9-40A5-B7BD-6AE35600C17E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{6B4AFFE7-AFF6-4F15-B5BB-23071C60D80D}C:\users\riley\downloads\starcraft_2_na_en-us.exe" = protocol=17 | dir=in | app=c:\users\riley\downloads\starcraft_2_na_en-us.exe |
"UDP Query User{7193B9AB-5273-4378-9C2D-35C47EB5A0F1}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{804A423C-B39C-4FED-8C37-D4B5FF62101B}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{88427DFC-9AFC-4453-A218-349CD79C8B0C}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{88D266D8-7FCD-4BA6-B550-ED289D4A1396}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{DBA676F5-2E8B-44FD-AB4E-0CE7E7889ABC}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"UDP Query User{DC0950E7-2047-4316-96B5-90BF1CF9312B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{DC6360D3-6CF8-4F71-B493-ED155CDA1455}C:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox 4.0 beta 12\firefox.exe |
"UDP Query User{FA0E9229-0DA1-4317-82E5-6C730007ECA9}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{485867C4-605B-30FD-397E-CDBA21690855}" = ccc-utility64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{AA05F911-A572-07CE-C205-EEF94562BF87}" = ATI AVIVO64 Codecs
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE124EE9-EF32-69C5-60F9-FFA0FFF7F9B1}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDAA17FB-9CDD-AA3B-ED37-FA6F0C052123}" = ATI Catalyst Install Manager
"0E26EBDDB36C0E4C591F22C7EE263FB6BC041FE3" = Windows Driver Package - Broadcom Corporation Bluetooth (02/06/2012 6.5.1.2310)
"3366905E6EFF86120E12E2DB3F8F2EDC3B7F5003" = Windows Driver Package - Broadcom HIDClass (09/11/2009 6.3.0.1500)
"4AAFCA4E47F455BA6EB4FE93C32821F59F5873E3" = Windows Driver Package - Broadcom Corporation Bluetooth (02/07/2012 6.5.1.2312)
"524FB58AAB1C34915E5DAE6F9A7ABD1AA8C96614" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"6A044848DB955BAB41313E7878DE4E2C68715F24" = Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (03/16/2012 6.5.1.2600)
"73EBF284DDB186EC3E526FEE77E2325097703596" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"765E3A42F1EB7BB642F073A20918B588DC4D1193" = Windows Driver Package - Broadcom Corporation Bluetooth (03/16/2012 6.5.1.2600)
"77474885D7AEC63818C38D3CD3F18591895E994E" = Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth (02/06/2012 6.5.1.2310)
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Dell Photo AIO Printer 942" = Dell Photo AIO Printer 942
"DW WLAN Card Utility" = DW WLAN Card Utility
"E2D6F2D66494484DBE706872D7EFADC4C894EF0F" = Windows Driver Package - Broadcom Corporation Bluetooth (02/07/2012 6.5.1.2312)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PC-Doctor for Windows" = Dell Support Center
"SP6" = Logitech SetPoint 6.15
"SynTPDeinstKey" = Dell Touchpad
"TThrottle: Temperature Throttle_is1" = TThrottle (32/64 Bit): Temperature Throttle by eFMer V 3.1.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015D576B-F9CF-245E-2A67-13A22C49595D}" = CCC Help Portuguese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08DF75DF-FCA1-936E-6537-8B2355477A8A}" = CCC Help Spanish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DC7DFF9-2180-0E7E-DB49-817280EE4E93}" = Catalyst Control Center Graphics Light
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{27B94460-B1A6-BE42-D92A-4FCDCF4A719F}" = CCC Help German
"{2863C12B-2A02-4258-8495-6220605B2E5C}_is1" = Tether 1.4.3.7
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DA5F129-11AC-4F11-8188-B2F07EAAC20A}" = Cozi
"{2F12DD77-33BC-B9AA-7FCF-316920EB20B6}" = CCC Help Hungarian
"{2F2E45E2-5A38-616D-B747-6F8483074987}" = CCC Help French
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{32CD223A-FF52-43CF-9E24-F7618CD77891}" = WORDsearch 8 POSB NT Edition
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{335519D8-37B0-2C1A-8731-24BFA0AF0A82}" = CCC Help Norwegian
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A3152B9-70FA-8B91-44AC-3DB75A675344}" = CCC Help Russian
"{3E6B8013-6679-AE89-05B9-F540AF89A5A4}" = Catalyst Control Center Localization All
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F154E12-4E97-D0AB-27E2-874CFEFFE30A}" = CCC Help Finnish
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47BC5D36-B837-B2A8-FB46-F6EC602A7F9C}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B8C6616-F310-60D3-71FD-057C16DB3E8A}" = CCC Help Finnish
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{54BAC286-63B1-C3D7-5371-10CE6B280D23}" = CCC Help Turkish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6DFAA-3FE8-0F59-02EC-8AEA5CE0659B}" = CCC Help Dutch
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FEF1894-CF67-B16C-11B6-5818358B3FC9}" = CCC Help Russian
"{60E9E76A-FB31-67CB-8071-A1D38A499A86}" = CCC Help French
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6869DEA9-8FA6-E3E0-05B6-8187FEB71D52}" = Skins
"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding
"{6ED86F6F-7130-48F5-2AF7-5D693098057F}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{734C758F-E295-C25A-085A-37210AAFD459}" = CCC Help Greek
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ADF69B6-B378-2D8C-C81C-DAA053E0D275}" = CCC Help English
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}" = BlackBerry App World Browser Plugin
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0061-0409-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97B70991-5002-4241-8B0C-D74B8ADEB2B5}" = BlackBerry Desktop Software 7.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9F49A2-6791-761F-6077-22977B0FD03D}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E31556D-C40E-D7EE-8936-6F442A063F68}" = CCC Help Swedish
"{A24CCFF4-1094-A1C6-756E-BD75FDA697F4}" = CCC Help Danish
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A34A8A48-44EC-1B46-EC9A-C0687C8AB505}" = HydraVision
"{A43190B6-D326-2870-22A5-F2416062ABA3}" = CCC Help German
"{A697D62C-643B-5315-204B-D43055A86649}" = CCC Help Swedish
"{A6B483B0-E8E8-0EE1-D678-FEEBDF27FE15}" = Catalyst Control Center Localization All
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 6
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9316AC7-CAB2-C29B-F8B6-6239817B1B45}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF39A4BD-9088-D509-206B-024E5576D25C}" = CCC Help Korean
"{AFF254B3-ABBC-15E7-200E-FABF74314C13}" = ccc-core-static
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B27E389B-AE9B-BEB6-8FCF-BA293F884C70}" = CCC Help Japanese
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B5AB153E-59F3-AB56-F8A7-43E531368327}" = Catalyst Control Center Graphics Full New
"{B5C2819F-BC4E-E31A-C2CE-A617A99A7EA0}" = CCC Help Czech
"{BA214394-CDD8-BB3C-3FCC-8294C9A02ACA}" = CCC Help Chinese Traditional
"{BCFF03A6-BADE-2C15-A90E-E8D0E26B8E6C}" = CCC Help Chinese Standard
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BF8DC895-9CC3-E284-6ADF-67077E3FBCA2}" = CCC Help Danish
"{C2AF3BC5-ED8A-39A5-BDC6-6B514D7B8E18}" = CCC Help Japanese
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9A162C1-031F-4EBF-A3E6-C45F7FCCBB9E}_is1" = Genie Backup Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0016802-8E49-0DED-0B9C-F8946945998F}" = Catalyst Control Center Graphics Full Existing
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D876ED97-4876-ECE9-F988-D11B91CA84BB}" = CCC Help Polish
"{DC068C99-4AF6-C4B4-178F-790CC62B93ED}" = Catalyst Control Center Graphics Previews Vista
"{DD786529-8C5E-4C64-9FA6-D47FBF17C392}" = Catalyst Control Center InstallProxy
"{DDBBE693-E9E5-A743-4C11-D693F94A80D7}" = Catalyst Control Center Core Implementation
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF150064-07EC-F3E1-7E24-8B76493F6C2D}" = CCC Help Thai
"{DF6BCD20-50DC-4DE6-4798-948DF8CAC38A}" = CCC Help Korean
"{DF8F8A4A-C9EB-79EC-7597-166D3042EAA8}" = CCC Help Spanish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E19F161D-7FD0-FECB-41B1-A036862C3E47}" = CCC Help English
"{E393AA7A-33AE-1F62-0C33-D107BB03E74E}" = CCC Help Portuguese
"{E3EB956C-C221-8F52-2063-CBF40AD8B558}" = CCC Help Italian
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E80F7B58-508F-2A71-50E6-49B56241C22B}" = ccc-core-static
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED2C01F5-FF07-21E7-4D80-E41486A5204E}" = CCC Help Chinese Traditional
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EE7BEE99-4C13-DF3E-142B-5E4BA8D10CEC}" = CCC Help Italian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Alarm_is1" = Alarm
"Anki" = Anki
"Audacity_is1" = Audacity 2.0
"Audio MP3 Sound Recorder" = Audio MP3 Sound Recorder
"AVG Secure Search" = AVG Security Toolbar
"Aya AVI WMV DVD FLV RM MKV MP4 Video Splitter Cutter_is1" = Aya AVI WMV DVD FLV RM MKV MP4 Video Splitter Cutter V1.3.5
"Bible Database_is1" = Bible Database 5.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"BSPlayerf" = BS.Player FREE
"CamStudio" = CamStudio
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX Setup
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"Focus MP3 Recorder Splitter_is1" = Focus MP3 Recorder Splitter 3.4
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free FLV Converter_is1" = Free FLV Converter V 7.1.0
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free YouTube Download_is1" = Free YouTube Download version 3.0.22.221
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"GoToAssist" = GoToAssist 8.0.0.514
"iLivid" = iLivid
"InterActual Player" = InterActual Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Viewer for Windows_is1" = PDF Viewer for Windows 7
"Rapport_msi" = Rapport
"Screen VidShot_is1" = Screen VidShot
"ST5UNST #1" = The Holy Bible KJV Ver.8
"ST5UNST #2" = project dogwaffle
"StarCraft II" = StarCraft II
"The Extractor1.4.2" = The Extractor
"The Extractor1.4.2.2" = The Extractor
"The Extractor1.4.3" = The Extractor
"TIMELEFT3_is1" = TimeLeft
"TweakNow RegCleaner 2011_is1" = TweakNow RegCleaner 2011
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"vfd-ob" = VideoFileDownload
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 2.0.1
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WORDsearch 8 POSB NT Edition" = WORDsearch 8 POSB NT Edition
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"Dropbox" = Dropbox
"Juniper_Networks_Cache_Cleaner 6.5.0" = Juniper Networks Cache Cleaner 6.5.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"WeatherEye" = WeatherEye

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13/09/2012 3:24:25 PM | Computer Name = RileysLaptop | Source = SignInAssistant | ID = 0
Description =

Error - 13/09/2012 3:24:28 PM | Computer Name = RileysLaptop | Source = SignInAssistant | ID = 0
Description =

Error - 13/09/2012 3:24:54 PM | Computer Name = RileysLaptop | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1984 Start
Time: 01cd91e538905ab6 Termination Time: 15 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: a27f34d0-fdd8-11e1-8264-f04da246af75

Error - 13/09/2012 4:49:25 PM | Computer Name = RileysLaptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 13/09/2012 4:49:26 PM | Computer Name = RileysLaptop | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
Express\CoziExpress.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 13/09/2012 7:36:49 PM | Computer Name = RileysLaptop | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 13/09/2012 8:17:08 PM | Computer Name = RileysLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: bcmwltry.exe, version: 5.60.48.18, time
stamp: 0x4b1e7b37 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x000007ff00409d78 Faulting process id: 0x7b4 Faulting
application start time: 0x01cd920e3a62e170 Faulting application path: C:\Program
Files\Dell\DW WLAN Card\bcmwltry.exe Faulting module path: unknown Report Id: 84ad97a4-fe01-11e1-be9d-f04da246af75

Error - 13/09/2012 8:50:05 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

Error - 13/09/2012 8:50:18 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

Error - 13/09/2012 8:50:43 PM | Computer Name = RileysLaptop | Source = System Restore | ID = 8193
Description =

[ Broadcom Wireless LAN Events ]
Error - 24/07/2012 3:53:55 PM | Computer Name = RileysLaptop | Source = WLAN-Tray | ID = 0
Description = 14:53:55, Tue, Jul 24, 12 Error - Unable to gain access to user store


[ System Events ]
Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:48:08 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 13/09/2012 8:50:05 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10005
Description =

Error - 13/09/2012 8:54:45 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:09:18 PM | Computer Name = RileysLaptop | Source = Service Control Manager | ID = 7034
Description = The Rapport Management Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 13/09/2012 9:09:52 PM | Computer Name = RileysLaptop | Source = BROWSER | ID = 8032
Description =

Error - 13/09/2012 9:13:52 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:24:29 PM | Computer Name = RileysLaptop | Source = DCOM | ID = 10016
Description =

Error - 13/09/2012 9:39:17 PM | Computer Name = RileysLaptop | Source = BROWSER | ID = 8032
Description =


< End of report >
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 24th, 2012, 9:27 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 21:12 on 24/09/2012 by Riley
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM*"
No files found.

Searching for "*Bandoo*"
No files found.

Searching for "*Searchnu*"
No files found.

Searching for "*Searchqu*"
No files found.

Searching for "*iLivid*"
C:\Users\Riley\Videos\iLividSetupV1.exe --a---- 516136 bytes [19:49 13/05/2012] [19:49 13/05/2012] 221B6C7F9E92BB2E8456BD935A564F76
C:\_OTL\MovedFiles\09242012_210500\C_Program Files (x86)\iLivid\ilivid.exe --a---- 2033152 bytes [19:48 13/05/2012] [14:20 05/08/2011] A485B5376A7BD86E17DA042A64EE3E86
C:\_OTL\MovedFiles\09242012_210500\C_Program Files (x86)\iLivid\ilivid.ico --a---- 9662 bytes [19:48 13/05/2012] [09:41 04/11/2009] D64C36521A1839B54788D7D0A82DAF08

Searching for "*whitesmoke*"
No files found.

Searching for "*datamngr*"
No files found.

Searching for "*trolltech*"
No files found.

========== folderfind ==========

Searching for "*Fun4IM*"
No folders found.

Searching for "*Bandoo*"
No folders found.

Searching for "*Searchnu*"
No folders found.

Searching for "*Searchqu*"
No folders found.

Searching for "*iLivid*"
C:\_OTL\MovedFiles\09242012_210500\C_Program Files (x86)\iLivid d------ [19:48 13/05/2012]
C:\_OTL\MovedFiles\09242012_210500\C_Users\Riley\AppData\Local\Ilivid Player d------ [19:48 13/05/2012]

Searching for "*whitesmoke*"
No folders found.

Searching for "*datamngr*"
No folders found.

Searching for "*trolltech*"
No folders found.

========== Regfind ==========

Searching for "Fun4IM"
No data found.

Searching for "Bandoo"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
"Publisher"="Bandoo Media Inc"

Searching for "Searchnu"
No data found.

Searching for "Searchqu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
@="ISearchQueryHelper"

Searching for "iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid]
@="URL:ilivid Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid\shell\open\command]
@=""C:\Program Files (x86)\iLivid\ilivid.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid\player]
"InstallPath"="C:\Program Files (x86)\iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid\player\hosts\ilivid.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
"DisplayName"="iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
"InstallLocation"="C:\Program Files (x86)\iLivid"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
"UninstallString"="C:\Program Files (x86)\iLivid\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
"DisplayIcon"="C:\Program Files (x86)\iLivid\ilivid.exe"

Searching for "whitesmoke"
No data found.

Searching for "datamngr"
No data found.

Searching for "kelkoopartners"
No data found.

Searching for "trolltech"
[HKEY_USERS\.DEFAULT\Software\Trolltech]
[HKEY_USERS\.DEFAULT\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.5\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]
[HKEY_USERS\S-1-5-18\Software\Trolltech]
[HKEY_USERS\S-1-5-18\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.5\com.trolltech.Qt.QImageIOHandlerFactoryInterface:]

-= EOF =-

21:00:48.0118 6376 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:00:48.0458 6376 ============================================================
21:00:48.0458 6376 Current date / time: 2012/09/24 21:00:48.0458
21:00:48.0458 6376 SystemInfo:
21:00:48.0458 6376
21:00:48.0458 6376 OS Version: 6.1.7601 ServicePack: 1.0
21:00:48.0458 6376 Product type: Workstation
21:00:48.0458 6376 ComputerName: RILEYSLAPTOP
21:00:48.0458 6376 UserName: Riley
21:00:48.0458 6376 Windows directory: C:\Windows
21:00:48.0458 6376 System windows directory: C:\Windows
21:00:48.0458 6376 Running under WOW64
21:00:48.0458 6376 Processor architecture: Intel x64
21:00:48.0458 6376 Number of processors: 8
21:00:48.0458 6376 Page size: 0x1000
21:00:48.0458 6376 Boot type: Normal boot
21:00:48.0458 6376 ============================================================
21:00:50.0262 6376 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:00:50.0293 6376 ============================================================
21:00:50.0293 6376 \Device\Harddisk0\DR0:
21:00:50.0293 6376 MBR partitions:
21:00:50.0293 6376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x2328000
21:00:50.0293 6376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x233B9C5, BlocksNum 0x38049E6B
21:00:50.0293 6376 ============================================================
21:00:50.0324 6376 C: <-> \Device\Harddisk0\DR0\Partition2
21:00:50.0324 6376 ============================================================
21:00:50.0324 6376 Initialize success
21:00:50.0324 6376 ============================================================
21:00:53.0594 5872 ============================================================
21:00:53.0594 5872 Scan started
21:00:53.0594 5872 Mode: Manual;
21:00:53.0594 5872 ============================================================
21:00:56.0862 5872 ================ Scan system memory ========================
21:00:56.0862 5872 System memory - ok
21:00:56.0862 5872 ================ Scan services =============================
21:00:57.0245 5872 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:00:57.0255 5872 1394ohci - ok
21:00:57.0295 5872 [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
21:00:57.0295 5872 Acceler - ok
21:00:57.0345 5872 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:00:57.0355 5872 ACPI - ok
21:00:57.0385 5872 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:00:57.0395 5872 AcpiPmi - ok
21:00:57.0545 5872 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:00:57.0555 5872 AdobeARMservice - ok
21:00:57.0615 5872 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:00:57.0635 5872 adp94xx - ok
21:00:57.0655 5872 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:00:57.0665 5872 adpahci - ok
21:00:57.0685 5872 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:00:57.0695 5872 adpu320 - ok
21:00:57.0735 5872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:00:57.0735 5872 AeLookupSvc - ok
21:00:57.0885 5872 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
21:00:57.0885 5872 AESTFilters - ok
21:00:57.0945 5872 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:00:57.0965 5872 AFD - ok
21:00:57.0995 5872 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:00:58.0005 5872 agp440 - ok
21:00:58.0025 5872 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:00:58.0025 5872 ALG - ok
21:00:58.0055 5872 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:00:58.0065 5872 aliide - ok
21:00:58.0095 5872 [ 5989D711769200F0F3E145319250472B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:00:58.0105 5872 AMD External Events Utility - ok
21:00:58.0115 5872 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:00:58.0125 5872 amdide - ok
21:00:58.0165 5872 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:00:58.0165 5872 AmdK8 - ok
21:00:58.0225 5872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:00:58.0225 5872 AmdPPM - ok
21:00:58.0265 5872 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:00:58.0275 5872 amdsata - ok
21:00:58.0285 5872 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:00:58.0295 5872 amdsbs - ok
21:00:58.0315 5872 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:00:58.0315 5872 amdxata - ok
21:00:58.0355 5872 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:00:58.0365 5872 AppID - ok
21:00:58.0375 5872 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:00:58.0385 5872 AppIDSvc - ok
21:00:58.0415 5872 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:00:58.0415 5872 Appinfo - ok
21:00:58.0515 5872 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:00:58.0525 5872 Apple Mobile Device - ok
21:00:58.0565 5872 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:00:58.0575 5872 AppMgmt - ok
21:00:58.0615 5872 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:00:58.0615 5872 arc - ok
21:00:58.0635 5872 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:00:58.0645 5872 arcsas - ok
21:00:58.0665 5872 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:00:58.0675 5872 AsyncMac - ok
21:00:58.0705 5872 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:00:58.0705 5872 atapi - ok
21:00:58.0745 5872 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:00:58.0745 5872 AtiHdmiService - ok
21:00:58.0895 5872 [ B5FB227A09A9EC28163FA4B45487C3C7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:00:59.0025 5872 atikmdag - ok
21:00:59.0085 5872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:00:59.0085 5872 AudioEndpointBuilder - ok
21:00:59.0115 5872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:00:59.0125 5872 AudioSrv - ok
21:00:59.0588 5872 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
21:00:59.0650 5872 AVGIDSAgent - ok
21:00:59.0697 5872 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:00:59.0697 5872 AVGIDSDriver - ok
21:00:59.0713 5872 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
21:00:59.0713 5872 AVGIDSFilter - ok
21:00:59.0760 5872 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
21:00:59.0760 5872 AVGIDSHA - ok
21:00:59.0822 5872 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
21:00:59.0832 5872 Avgldx64 - ok
21:00:59.0862 5872 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
21:00:59.0872 5872 Avgmfx64 - ok
21:00:59.0912 5872 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
21:00:59.0912 5872 Avgrkx64 - ok
21:00:59.0932 5872 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
21:00:59.0942 5872 Avgtdia - ok
21:00:59.0972 5872 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
21:00:59.0972 5872 avgwd - ok
21:01:00.0012 5872 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:01:00.0022 5872 AxInstSV - ok
21:01:00.0072 5872 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:01:00.0092 5872 b06bdrv - ok
21:01:00.0142 5872 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:01:00.0152 5872 b57nd60a - ok
21:01:00.0192 5872 [ 5C0F919666954885D7760DFFE4B29A25 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
21:01:00.0192 5872 BCM42RLY - ok
21:01:00.0282 5872 [ 215DC2FD9CD0FD0BBD7905339779589E ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:01:00.0322 5872 BCM43XX - ok
21:01:00.0402 5872 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:01:00.0412 5872 BDESVC - ok
21:01:00.0422 5872 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:01:00.0422 5872 Beep - ok
21:01:00.0482 5872 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:01:00.0502 5872 BFE - ok
21:01:00.0542 5872 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:01:00.0572 5872 BITS - ok
21:01:00.0602 5872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:01:00.0612 5872 blbdrive - ok
21:01:00.0732 5872 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:01:00.0732 5872 Bonjour Service - ok
21:01:00.0772 5872 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:01:00.0772 5872 bowser - ok
21:01:00.0854 5872 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:01:00.0854 5872 BrFiltLo - ok
21:01:00.0870 5872 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:01:00.0870 5872 BrFiltUp - ok
21:01:00.0932 5872 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:01:00.0932 5872 Browser - ok
21:01:00.0964 5872 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:01:00.0979 5872 Brserid - ok
21:01:00.0995 5872 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:01:00.0995 5872 BrSerWdm - ok
21:01:01.0010 5872 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:01:01.0010 5872 BrUsbMdm - ok
21:01:01.0042 5872 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:01:01.0042 5872 BrUsbSer - ok
21:01:01.0104 5872 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:01:01.0104 5872 BthEnum - ok
21:01:01.0120 5872 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:01:01.0120 5872 BTHMODEM - ok
21:01:01.0151 5872 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:01:01.0151 5872 BthPan - ok
21:01:01.0182 5872 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
21:01:01.0213 5872 BTHPORT - ok
21:01:01.0260 5872 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:01:01.0276 5872 bthserv - ok
21:01:01.0291 5872 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
21:01:01.0307 5872 BTHUSB - ok
21:01:01.0338 5872 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:01:01.0354 5872 btwaudio - ok
21:01:01.0385 5872 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:01:01.0385 5872 btwavdt - ok
21:01:01.0463 5872 [ 6DDE1E97BE4D50253DFB9090A6A62524 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:01:01.0478 5872 btwdins - ok
21:01:01.0494 5872 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:01:01.0494 5872 btwl2cap - ok
21:01:01.0510 5872 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:01:01.0510 5872 btwrchid - ok
21:01:01.0525 5872 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:01:01.0541 5872 cdfs - ok
21:01:01.0588 5872 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:01:01.0603 5872 cdrom - ok
21:01:01.0666 5872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:01:01.0666 5872 CertPropSvc - ok
21:01:01.0712 5872 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:01:01.0728 5872 circlass - ok
21:01:01.0790 5872 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:01:01.0790 5872 CLFS - ok
21:01:01.0962 5872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:01.0978 5872 clr_optimization_v2.0.50727_32 - ok
21:01:02.0024 5872 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:01:02.0024 5872 clr_optimization_v2.0.50727_64 - ok
21:01:02.0102 5872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:01:02.0149 5872 clr_optimization_v4.0.30319_32 - ok
21:01:02.0180 5872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:01:02.0180 5872 clr_optimization_v4.0.30319_64 - ok
21:01:02.0212 5872 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:01:02.0212 5872 CmBatt - ok
21:01:02.0227 5872 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:01:02.0227 5872 cmdide - ok
21:01:02.0274 5872 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:01:02.0290 5872 CNG - ok
21:01:02.0305 5872 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:01:02.0305 5872 Compbatt - ok
21:01:02.0352 5872 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:01:02.0352 5872 CompositeBus - ok
21:01:02.0368 5872 COMSysApp - ok
21:01:02.0430 5872 [ 64D81219B4DFD24FFE8EB9FEA0465A7B ] cputemperature C:\Windows\system32\Drivers\cputemperature.sys
21:01:02.0430 5872 cputemperature - ok
21:01:02.0508 5872 cpuz135 - ok
21:01:02.0524 5872 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:01:02.0524 5872 crcdisk - ok
21:01:02.0570 5872 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:01:02.0570 5872 CryptSvc - ok
21:01:02.0602 5872 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:01:02.0617 5872 CSC - ok
21:01:02.0633 5872 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:01:02.0633 5872 CscService - ok
21:01:02.0664 5872 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:01:02.0680 5872 CtClsFlt - ok
21:01:02.0789 5872 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:01:02.0804 5872 cvhsvc - ok
21:01:02.0851 5872 [ 76E02DB615A03801D698199A2BC4A06A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
21:01:02.0851 5872 dc3d - ok
21:01:02.0898 5872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:01:02.0898 5872 DcomLaunch - ok
21:01:02.0945 5872 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:01:02.0945 5872 defragsvc - ok
21:01:02.0976 5872 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:01:02.0976 5872 DfsC - ok
21:01:03.0023 5872 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:01:03.0023 5872 Dhcp - ok
21:01:03.0054 5872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:01:03.0054 5872 discache - ok
21:01:03.0085 5872 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:01:03.0101 5872 Disk - ok
21:01:03.0116 5872 dlbu_device - ok
21:01:03.0148 5872 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:01:03.0148 5872 Dnscache - ok
21:01:03.0272 5872 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:01:03.0272 5872 DockLoginService - ok
21:01:03.0304 5872 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:01:03.0319 5872 dot3svc - ok
21:01:03.0366 5872 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:01:03.0366 5872 Dot4 - ok
21:01:03.0397 5872 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
21:01:03.0413 5872 Dot4Print - ok
21:01:03.0428 5872 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:01:03.0444 5872 dot4usb - ok
21:01:03.0460 5872 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:01:03.0460 5872 DPS - ok
21:01:03.0491 5872 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:01:03.0491 5872 drmkaud - ok
21:01:03.0553 5872 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:01:03.0569 5872 DXGKrnl - ok
21:01:03.0616 5872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:01:03.0616 5872 EapHost - ok
21:01:03.0709 5872 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:01:03.0803 5872 ebdrv - ok
21:01:03.0850 5872 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:01:03.0850 5872 EFS - ok
21:01:03.0928 5872 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:01:03.0943 5872 ehRecvr - ok
21:01:03.0990 5872 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:01:03.0990 5872 ehSched - ok
21:01:04.0084 5872 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:01:04.0130 5872 elxstor - ok
21:01:04.0162 5872 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:01:04.0177 5872 ErrDev - ok
21:01:04.0286 5872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:01:04.0286 5872 EventSystem - ok
21:01:04.0318 5872 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:01:04.0333 5872 exfat - ok
21:01:04.0349 5872 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:01:04.0349 5872 fastfat - ok
21:01:04.0411 5872 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:01:04.0427 5872 Fax - ok
21:01:04.0458 5872 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:01:04.0458 5872 fdc - ok
21:01:04.0489 5872 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:01:04.0489 5872 fdPHost - ok
21:01:04.0505 5872 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:01:04.0520 5872 FDResPub - ok
21:01:04.0536 5872 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:01:04.0536 5872 FileInfo - ok
21:01:04.0552 5872 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:01:04.0552 5872 Filetrace - ok
21:01:04.0567 5872 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:01:04.0567 5872 flpydisk - ok
21:01:04.0614 5872 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:01:04.0614 5872 FltMgr - ok
21:01:04.0676 5872 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:01:04.0708 5872 FontCache - ok
21:01:04.0770 5872 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:04.0786 5872 FontCache3.0.0.0 - ok
21:01:04.0801 5872 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:01:04.0801 5872 FsDepends - ok
21:01:04.0848 5872 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:01:04.0848 5872 Fs_Rec - ok
21:01:04.0926 5872 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
21:01:04.0926 5872 Futuremark SystemInfo Service - ok
21:01:04.0957 5872 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:01:04.0957 5872 fvevol - ok
21:01:04.0988 5872 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:01:05.0004 5872 gagp30kx - ok
21:01:05.0035 5872 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:01:05.0035 5872 GEARAspiWDM - ok
21:01:05.0082 5872 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
21:01:05.0082 5872 GoToAssist - ok
21:01:05.0144 5872 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:01:05.0144 5872 gpsvc - ok
21:01:05.0222 5872 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:05.0238 5872 gupdate - ok
21:01:05.0269 5872 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:05.0269 5872 gupdatem - ok
21:01:05.0285 5872 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:01:05.0285 5872 hcw85cir - ok
21:01:05.0332 5872 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:01:05.0332 5872 HDAudBus - ok
21:01:05.0363 5872 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:01:05.0363 5872 HECIx64 - ok
21:01:05.0378 5872 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:01:05.0378 5872 HidBatt - ok
21:01:05.0394 5872 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:01:05.0410 5872 HidBth - ok
21:01:05.0410 5872 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:01:05.0425 5872 HidIr - ok
21:01:05.0456 5872 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:01:05.0456 5872 hidserv - ok
21:01:05.0503 5872 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:01:05.0503 5872 HidUsb - ok
21:01:05.0534 5872 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:01:05.0550 5872 hkmsvc - ok
21:01:05.0597 5872 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:05.0597 5872 HomeGroupListener - ok
21:01:05.0628 5872 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:05.0628 5872 HomeGroupProvider - ok
21:01:05.0675 5872 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:01:05.0675 5872 HpSAMD - ok
21:01:05.0800 5872 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:01:05.0831 5872 HPSLPSVC - ok
21:01:05.0893 5872 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:01:05.0893 5872 HTTP - ok
21:01:05.0940 5872 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:01:05.0940 5872 hwpolicy - ok
21:01:05.0956 5872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:01:05.0956 5872 i8042prt - ok
21:01:05.0987 5872 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:01:06.0002 5872 iaStorV - ok
21:01:06.0065 5872 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:01:06.0065 5872 IDriverT - ok
21:01:06.0127 5872 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:01:06.0158 5872 idsvc - ok
21:01:06.0190 5872 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:01:06.0190 5872 iirsp - ok
21:01:06.0221 5872 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:01:06.0252 5872 IKEEXT - ok
21:01:06.0346 5872 [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
21:01:06.0346 5872 InstallFilterService - ok
21:01:06.0392 5872 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:01:06.0392 5872 intelide - ok
21:01:06.0408 5872 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:01:06.0424 5872 intelppm - ok
21:01:06.0470 5872 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:01:06.0470 5872 IPBusEnum - ok
21:01:06.0502 5872 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:06.0502 5872 IpFilterDriver - ok
21:01:06.0611 5872 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:01:06.0626 5872 iphlpsvc - ok
21:01:06.0673 5872 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:01:06.0673 5872 IPMIDRV - ok
21:01:06.0689 5872 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:01:06.0689 5872 IPNAT - ok
21:01:06.0767 5872 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:01:06.0782 5872 iPod Service - ok
21:01:06.0798 5872 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:01:06.0814 5872 IRENUM - ok
21:01:06.0829 5872 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:01:06.0845 5872 isapnp - ok
21:01:06.0860 5872 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:01:06.0907 5872 iScsiPrt - ok
21:01:06.0923 5872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:06.0923 5872 kbdclass - ok
21:01:06.0954 5872 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:06.0954 5872 kbdhid - ok
21:01:07.0001 5872 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:01:07.0001 5872 KeyIso - ok
21:01:07.0032 5872 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:01:07.0032 5872 KSecDD - ok
21:01:07.0063 5872 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:01:07.0063 5872 KSecPkg - ok
21:01:07.0079 5872 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:01:07.0079 5872 ksthunk - ok
21:01:07.0126 5872 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:01:07.0141 5872 KtmRm - ok
21:01:07.0172 5872 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:01:07.0188 5872 LanmanServer - ok
21:01:07.0219 5872 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:07.0219 5872 LanmanWorkstation - ok
21:01:07.0344 5872 [ 7447F069CE66633DAFA0B2DEEE7AF5BA ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:01:07.0360 5872 LBTServ - ok
21:01:07.0391 5872 [ 8817ABA3A9180F6C4B8938842925B1E1 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
21:01:07.0406 5872 LEqdUsb - ok
21:01:07.0406 5872 [ 8BCB069C2B6DA65B5F6F561293EE447C ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
21:01:07.0422 5872 LHidEqd - ok
21:01:07.0438 5872 [ 0A7D6ED578D85F0C35353424EE3F5245 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:01:07.0438 5872 LHidFilt - ok
21:01:07.0469 5872 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:01:07.0469 5872 lltdio - ok
21:01:07.0516 5872 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:01:07.0531 5872 lltdsvc - ok
21:01:07.0562 5872 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:01:07.0562 5872 lmhosts - ok
21:01:07.0562 5872 [ 6542E2E6DB58118FBB1B82A68CE3AFF9 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:01:07.0578 5872 LMouFilt - ok
21:01:07.0609 5872 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:01:07.0625 5872 LMS - ok
21:01:07.0656 5872 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:01:07.0672 5872 LSI_FC - ok
21:01:07.0687 5872 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:01:07.0687 5872 LSI_SAS - ok
21:01:07.0703 5872 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:01:07.0703 5872 LSI_SAS2 - ok
21:01:07.0718 5872 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:01:07.0718 5872 LSI_SCSI - ok
21:01:07.0750 5872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:01:07.0750 5872 luafv - ok
21:01:07.0781 5872 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:01:07.0796 5872 Mcx2Svc - ok
21:01:07.0796 5872 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:01:07.0812 5872 megasas - ok
21:01:07.0828 5872 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:01:07.0843 5872 MegaSR - ok
21:01:07.0859 5872 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:01:07.0859 5872 MMCSS - ok
21:01:07.0874 5872 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:01:07.0874 5872 Modem - ok
21:01:07.0906 5872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:01:07.0906 5872 monitor - ok
21:01:07.0952 5872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:01:07.0952 5872 mouclass - ok
21:01:07.0968 5872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:01:07.0968 5872 mouhid - ok
21:01:07.0999 5872 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:01:07.0999 5872 mountmgr - ok
21:01:08.0046 5872 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:08.0062 5872 MozillaMaintenance - ok
21:01:08.0093 5872 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:01:08.0093 5872 mpio - ok
21:01:08.0124 5872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:01:08.0124 5872 mpsdrv - ok
21:01:08.0171 5872 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:01:08.0171 5872 MpsSvc - ok
21:01:08.0218 5872 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:01:08.0233 5872 MRxDAV - ok
21:01:08.0249 5872 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:08.0264 5872 mrxsmb - ok
21:01:08.0296 5872 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:08.0311 5872 mrxsmb10 - ok
21:01:08.0327 5872 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:08.0327 5872 mrxsmb20 - ok
21:01:08.0358 5872 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:01:08.0358 5872 msahci - ok
21:01:08.0374 5872 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:01:08.0389 5872 msdsm - ok
21:01:08.0405 5872 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:01:08.0405 5872 MSDTC - ok
21:01:08.0420 5872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:01:08.0436 5872 Msfs - ok
21:01:08.0467 5872 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:01:08.0467 5872 mshidkmdf - ok
21:01:08.0498 5872 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:01:08.0498 5872 msisadrv - ok
21:01:08.0530 5872 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:01:08.0545 5872 MSiSCSI - ok
21:01:08.0545 5872 msiserver - ok
21:01:08.0576 5872 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:01:08.0576 5872 MSKSSRV - ok
21:01:08.0592 5872 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:08.0592 5872 MSPCLOCK - ok
21:01:08.0608 5872 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:01:08.0608 5872 MSPQM - ok
21:01:08.0649 5872 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:01:08.0659 5872 MsRPC - ok
21:01:08.0709 5872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:01:08.0709 5872 mssmbios - ok
21:01:08.0719 5872 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:01:08.0729 5872 MSTEE - ok
21:01:08.0739 5872 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:01:08.0749 5872 MTConfig - ok
21:01:08.0759 5872 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:01:08.0759 5872 Mup - ok
21:01:08.0829 5872 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:01:08.0849 5872 napagent - ok
21:01:08.0919 5872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:01:08.0919 5872 NativeWifiP - ok
21:01:09.0099 5872 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:01:09.0109 5872 NDIS - ok
21:01:09.0159 5872 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:09.0169 5872 NdisCap - ok
21:01:09.0209 5872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:09.0209 5872 NdisTapi - ok
21:01:09.0239 5872 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:09.0239 5872 Ndisuio - ok
21:01:09.0279 5872 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:09.0289 5872 NdisWan - ok
21:01:09.0319 5872 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:01:09.0329 5872 NDProxy - ok
21:01:09.0369 5872 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:01:09.0379 5872 Net Driver HPZ12 - ok
21:01:09.0399 5872 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:01:09.0409 5872 NetBIOS - ok
21:01:09.0449 5872 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:01:09.0449 5872 NetBT - ok
21:01:09.0479 5872 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:01:09.0479 5872 Netlogon - ok
21:01:09.0539 5872 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:01:09.0549 5872 Netman - ok
21:01:09.0569 5872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:01:09.0579 5872 netprofm - ok
21:01:09.0609 5872 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:01:09.0609 5872 NetTcpPortSharing - ok
21:01:09.0639 5872 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:01:09.0649 5872 nfrd960 - ok
21:01:09.0689 5872 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:01:09.0689 5872 NlaSvc - ok
21:01:09.0709 5872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:01:09.0719 5872 Npfs - ok
21:01:09.0729 5872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:01:09.0739 5872 nsi - ok
21:01:09.0749 5872 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:01:09.0749 5872 nsiproxy - ok
21:01:09.0809 5872 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:01:09.0829 5872 Ntfs - ok
21:01:09.0889 5872 [ 4C08A14D04E62963E96E0BB57BBC953B ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
21:01:09.0899 5872 NuidFltr - ok
21:01:09.0909 5872 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:01:09.0919 5872 Null - ok
21:01:09.0959 5872 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:01:09.0959 5872 nvraid - ok
21:01:09.0979 5872 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:01:09.0989 5872 nvstor - ok
21:01:10.0019 5872 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:01:10.0019 5872 nv_agp - ok
21:01:10.0049 5872 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:01:10.0059 5872 ohci1394 - ok
21:01:10.0099 5872 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:10.0099 5872 ose - ok
21:01:10.0269 5872 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:01:10.0359 5872 osppsvc - ok
21:01:10.0389 5872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:01:10.0399 5872 p2pimsvc - ok
21:01:10.0429 5872 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:01:10.0439 5872 p2psvc - ok
21:01:10.0459 5872 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:01:10.0459 5872 Parport - ok
21:01:10.0489 5872 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:01:10.0489 5872 partmgr - ok
21:01:10.0609 5872 pbfilter - ok
21:01:10.0619 5872 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:01:10.0619 5872 PcaSvc - ok
21:01:10.0731 5872 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
21:01:10.0872 5872 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
21:01:10.0918 5872 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:01:10.0918 5872 pci - ok
21:01:10.0934 5872 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:01:10.0950 5872 pciide - ok
21:01:10.0981 5872 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:01:10.0996 5872 pcmcia - ok
21:01:11.0012 5872 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:01:11.0012 5872 pcw - ok
21:01:11.0043 5872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:01:11.0043 5872 PEAUTH - ok
21:01:11.0121 5872 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:01:11.0168 5872 PeerDistSvc - ok
21:01:11.0558 5872 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:01:11.0558 5872 PerfHost - ok
21:01:11.0636 5872 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:01:11.0698 5872 pla - ok
21:01:11.0745 5872 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:01:11.0761 5872 PlugPlay - ok
21:01:11.0792 5872 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:01:11.0792 5872 Pml Driver HPZ12 - ok
21:01:11.0823 5872 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:01:11.0839 5872 PNRPAutoReg - ok
21:01:11.0854 5872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:01:11.0854 5872 PNRPsvc - ok
21:01:11.0901 5872 [ B8D8EC78B0F9ED8E220506181274F3D3 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
21:01:11.0901 5872 Point64 - ok
21:01:11.0932 5872 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:01:11.0948 5872 PolicyAgent - ok
21:01:11.0995 5872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:01:11.0995 5872 Power - ok
21:01:12.0026 5872 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:01:12.0042 5872 PptpMiniport - ok
21:01:12.0057 5872 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:01:12.0057 5872 Processor - ok
21:01:12.0088 5872 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:01:12.0104 5872 ProfSvc - ok
21:01:12.0120 5872 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:01:12.0120 5872 ProtectedStorage - ok
21:01:12.0151 5872 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:01:12.0166 5872 Psched - ok
21:01:12.0229 5872 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
21:01:12.0229 5872 PxHlpa64 - ok
21:01:12.0307 5872 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:01:12.0369 5872 ql2300 - ok
21:01:12.0369 5872 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:01:12.0385 5872 ql40xx - ok
21:01:12.0432 5872 [ E92CA234469CC386AD81B9DB924FE9D4 ] qrkis C:\Windows\system32\DRIVERS\qrkis.sys
21:01:12.0463 5872 qrkis - ok
21:01:12.0494 5872 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:01:12.0494 5872 QWAVE - ok
21:01:12.0510 5872 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:01:12.0525 5872 QWAVEdrv - ok
21:01:12.0650 5872 [ 68B15A9A2A35D7AFA3BDA1FB9EDB84D0 ] RapportCerberus_32029 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys
21:01:12.0650 5872 RapportCerberus_32029 - ok
21:01:12.0712 5872 [ 8648B4268DFB90536E02DCB800991BE8 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
21:01:12.0728 5872 RapportEI64 - ok
21:01:12.0759 5872 [ 344373AD5B420B41DAA74439F42A52E2 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
21:01:12.0759 5872 RapportKE64 - ok
21:01:12.0806 5872 [ AF91CEB3A00F4B4D02C452E4C9E12F53 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
21:01:12.0822 5872 RapportMgmtService - ok
21:01:12.0853 5872 [ 2DDC808AA69EC47465F4D13D16E4FE66 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
21:01:12.0868 5872 RapportPG64 - ok
21:01:12.0868 5872 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:01:12.0884 5872 RasAcd - ok
21:01:12.0915 5872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:12.0915 5872 RasAgileVpn - ok
21:01:12.0946 5872 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:01:12.0946 5872 RasAuto - ok
21:01:12.0993 5872 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:12.0993 5872 Rasl2tp - ok
21:01:13.0040 5872 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:01:13.0056 5872 RasMan - ok
21:01:13.0087 5872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:13.0102 5872 RasPppoe - ok
21:01:13.0134 5872 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:01:13.0134 5872 RasSstp - ok
21:01:13.0165 5872 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:01:13.0165 5872 rdbss - ok
21:01:13.0180 5872 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:01:13.0196 5872 rdpbus - ok
21:01:13.0227 5872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:01:13.0227 5872 RDPCDD - ok
21:01:13.0258 5872 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:01:13.0258 5872 RDPDR - ok
21:01:13.0274 5872 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:01:13.0274 5872 RDPENCDD - ok
21:01:13.0290 5872 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:01:13.0305 5872 RDPREFMP - ok
21:01:13.0341 5872 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:01:13.0361 5872 RDPWD - ok
21:01:13.0381 5872 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:01:13.0391 5872 rdyboost - ok
21:01:13.0411 5872 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:01:13.0421 5872 RemoteAccess - ok
21:01:13.0451 5872 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:01:13.0461 5872 RemoteRegistry - ok
21:01:13.0511 5872 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:01:13.0511 5872 RFCOMM - ok
21:01:13.0541 5872 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
21:01:13.0551 5872 rimmptsk - ok
21:01:13.0571 5872 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
21:01:13.0571 5872 rimspci - ok
21:01:13.0611 5872 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
21:01:13.0611 5872 rimsptsk - ok
21:01:13.0661 5872 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:01:13.0681 5872 RimUsb - ok
21:01:13.0751 5872 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
21:01:13.0771 5872 RimVSerPort - ok
21:01:13.0801 5872 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
21:01:13.0801 5872 risdpcie - ok
21:01:13.0811 5872 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
21:01:13.0811 5872 rismxdp - ok
21:01:13.0841 5872 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
21:01:13.0841 5872 rixdpcie - ok
21:01:13.0881 5872 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
21:01:13.0891 5872 ROOTMODEM - ok
21:01:14.0011 5872 RoxLiveShare9 - ok
21:01:14.0061 5872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:01:14.0061 5872 RpcEptMapper - ok
21:01:14.0081 5872 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:01:14.0081 5872 RpcLocator - ok
21:01:14.0111 5872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:01:14.0121 5872 RpcSs - ok
21:01:14.0141 5872 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:01:14.0151 5872 rspndr - ok
21:01:14.0181 5872 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:01:14.0191 5872 RTL8167 - ok
21:01:14.0221 5872 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:01:14.0221 5872 s3cap - ok
21:01:14.0241 5872 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:01:14.0241 5872 SamSs - ok
21:01:14.0261 5872 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:01:14.0261 5872 sbp2port - ok
21:01:14.0281 5872 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:01:14.0291 5872 SCardSvr - ok
21:01:14.0331 5872 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:01:14.0331 5872 scfilter - ok
21:01:14.0371 5872 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:01:14.0391 5872 Schedule - ok
21:01:14.0431 5872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:01:14.0431 5872 SCPolicySvc - ok
21:01:14.0441 5872 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:01:14.0451 5872 SDRSVC - ok
21:01:14.0531 5872 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:01:14.0531 5872 SeaPort - ok
21:01:14.0581 5872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:01:14.0581 5872 secdrv - ok
21:01:14.0611 5872 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:01:14.0621 5872 seclogon - ok
21:01:14.0651 5872 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:01:14.0651 5872 SENS - ok
21:01:14.0671 5872 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:01:14.0671 5872 SensrSvc - ok
21:01:14.0691 5872 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:01:14.0691 5872 Serenum - ok
21:01:14.0731 5872 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:01:14.0731 5872 Serial - ok
21:01:14.0771 5872 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:01:14.0781 5872 sermouse - ok
21:01:14.0841 5872 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:01:14.0841 5872 SessionEnv - ok
21:01:14.0881 5872 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:01:14.0881 5872 sffdisk - ok
21:01:14.0891 5872 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:01:14.0901 5872 sffp_mmc - ok
21:01:14.0911 5872 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:01:14.0911 5872 sffp_sd - ok
21:01:14.0921 5872 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:01:14.0931 5872 sfloppy - ok
21:01:14.0981 5872 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:01:14.0991 5872 Sftfs - ok
21:01:15.0081 5872 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:01:15.0091 5872 sftlist - ok
21:01:15.0111 5872 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:01:15.0121 5872 Sftplay - ok
21:01:15.0131 5872 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:01:15.0131 5872 Sftredir - ok
21:01:15.0201 5872 [ CF53DCCE55E500F51089774E851E7363 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
21:01:15.0211 5872 SftService - ok
21:01:15.0231 5872 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:01:15.0241 5872 Sftvol - ok
21:01:15.0261 5872 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:01:15.0261 5872 sftvsa - ok
21:01:15.0311 5872 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:01:15.0321 5872 SharedAccess - ok
21:01:15.0361 5872 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:15.0371 5872 ShellHWDetection - ok
21:01:15.0411 5872 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:01:15.0421 5872 SiSRaid2 - ok
21:01:15.0441 5872 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:01:15.0441 5872 SiSRaid4 - ok
21:01:15.0521 5872 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:01:15.0521 5872 SkypeUpdate - ok
21:01:15.0551 5872 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:01:15.0551 5872 Smb - ok
21:01:15.0591 5872 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:01:15.0601 5872 SNMPTRAP - ok
21:01:15.0621 5872 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:01:15.0621 5872 spldr - ok
21:01:15.0661 5872 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:01:15.0671 5872 Spooler - ok
21:01:15.0801 5872 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:01:15.0901 5872 sppsvc - ok
21:01:15.0931 5872 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:01:15.0941 5872 sppuinotify - ok
21:01:15.0971 5872 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:01:15.0991 5872 srv - ok
21:01:16.0021 5872 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:01:16.0031 5872 srv2 - ok
21:01:16.0051 5872 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:01:16.0051 5872 srvnet - ok
21:01:16.0101 5872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:01:16.0101 5872 SSDPSRV - ok
21:01:16.0131 5872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:01:16.0141 5872 SstpSvc - ok
21:01:16.0421 5872 [ DA7702025DFD169B909C4DA3126762CC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
21:01:16.0421 5872 STacSV - ok
21:01:16.0451 5872 [ C48E0745D33897C7A73394214F2B9B4F ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
21:01:16.0451 5872 stdflt - ok
21:01:16.0481 5872 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:01:16.0491 5872 stexstor - ok
21:01:16.0531 5872 [ CAF5A9708671B14B9670260735B22C4E ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:01:16.0551 5872 STHDA - ok
21:01:16.0591 5872 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:01:16.0601 5872 StillCam - ok
21:01:16.0641 5872 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:01:16.0661 5872 stisvc - ok
21:01:16.0701 5872 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:01:16.0701 5872 storflt - ok
21:01:16.0731 5872 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
21:01:16.0731 5872 StorSvc - ok
21:01:16.0751 5872 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:01:16.0751 5872 storvsc - ok
21:01:16.0781 5872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:01:16.0791 5872 swenum - ok
21:01:16.0821 5872 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:01:16.0831 5872 swprv - ok
21:01:16.0861 5872 [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:01:16.0861 5872 SynTP - ok
21:01:16.0931 5872 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:01:16.0981 5872 SysMain - ok
21:01:17.0011 5872 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:17.0021 5872 TabletInputService - ok
21:01:17.0051 5872 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:01:17.0061 5872 TapiSrv - ok
21:01:17.0081 5872 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:01:17.0091 5872 TBS - ok
21:01:17.0161 5872 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:01:17.0181 5872 Tcpip - ok
21:01:17.0261 5872 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:01:17.0281 5872 TCPIP6 - ok
21:01:17.0321 5872 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:01:17.0321 5872 tcpipreg - ok
21:01:17.0361 5872 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:01:17.0361 5872 TDPIPE - ok
21:01:17.0391 5872 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:01:17.0391 5872 TDTCP - ok
21:01:17.0431 5872 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:01:17.0441 5872 tdx - ok
21:01:17.0471 5872 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:01:17.0471 5872 TermDD - ok
21:01:17.0511 5872 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:01:17.0541 5872 TermService - ok
21:01:17.0621 5872 [ 18714F68B9AC635E6E6EBD08A04505A5 ] Tether C:\Program Files (x86)\Tether\TBService.exe
21:01:17.0631 5872 Tether - ok
21:01:17.0661 5872 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:01:17.0661 5872 Themes - ok
21:01:17.0701 5872 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:01:17.0701 5872 THREADORDER - ok
21:01:17.0721 5872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:01:17.0731 5872 TrkWks - ok
21:01:17.0791 5872 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:17.0801 5872 TrustedInstaller - ok
21:01:17.0831 5872 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:01:17.0841 5872 tssecsrv - ok
21:01:17.0871 5872 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:01:17.0881 5872 TsUsbFlt - ok
21:01:17.0931 5872 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:01:17.0931 5872 tunnel - ok
21:01:17.0961 5872 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:01:17.0961 5872 TurboB - ok
21:01:18.0021 5872 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:01:18.0051 5872 TurboBoost - ok
21:01:18.0091 5872 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:01:18.0101 5872 uagp35 - ok
21:01:18.0131 5872 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:01:18.0141 5872 udfs - ok
21:01:18.0201 5872 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:01:18.0201 5872 UI0Detect - ok
21:01:18.0241 5872 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:01:18.0251 5872 uliagpkx - ok
21:01:18.0281 5872 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:01:18.0281 5872 umbus - ok
21:01:18.0311 5872 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:01:18.0321 5872 UmPass - ok
21:01:18.0351 5872 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:01:18.0361 5872 UmRdpService - ok
21:01:18.0521 5872 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:01:18.0591 5872 UNS - ok
21:01:18.0651 5872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:01:18.0661 5872 upnphost - ok
21:01:18.0721 5872 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:01:18.0731 5872 USBAAPL64 - ok
21:01:18.0781 5872 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:01:18.0791 5872 usbccgp - ok
21:01:18.0831 5872 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:01:18.0831 5872 usbcir - ok
21:01:18.0861 5872 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:01:18.0871 5872 usbehci - ok
21:01:18.0901 5872 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:01:18.0911 5872 usbhub - ok
21:01:18.0931 5872 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:01:18.0931 5872 usbohci - ok
21:01:18.0961 5872 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:01:18.0971 5872 usbprint - ok
21:01:19.0011 5872 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:01:19.0011 5872 usbscan - ok
21:01:19.0031 5872 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:01:19.0041 5872 USBSTOR - ok
21:01:19.0051 5872 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:01:19.0071 5872 usbuhci - ok
21:01:19.0111 5872 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:01:19.0121 5872 usbvideo - ok
21:01:19.0161 5872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:01:19.0161 5872 UxSms - ok
21:01:19.0201 5872 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:01:19.0201 5872 VaultSvc - ok
21:01:19.0241 5872 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:01:19.0241 5872 vdrvroot - ok
21:01:19.0291 5872 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:01:19.0301 5872 vds - ok
21:01:19.0351 5872 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:01:19.0351 5872 vga - ok
21:01:19.0391 5872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:01:19.0391 5872 VgaSave - ok
21:01:19.0411 5872 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:01:19.0411 5872 vhdmp - ok
21:01:19.0431 5872 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:01:19.0441 5872 viaide - ok
21:01:19.0461 5872 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:01:19.0461 5872 vmbus - ok
21:01:19.0491 5872 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:01:19.0501 5872 VMBusHID - ok
21:01:19.0511 5872 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:01:19.0521 5872 volmgr - ok
21:01:19.0561 5872 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:01:19.0561 5872 volmgrx - ok
21:01:19.0591 5872 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:01:19.0591 5872 volsnap - ok
21:01:19.0631 5872 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:01:19.0641 5872 vsmraid - ok
21:01:19.0701 5872 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:01:19.0751 5872 VSS - ok
21:01:19.0851 5872 [ 980E45498392E6659D2E7C44E7DE2336 ] vToolbarUpdater C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
21:01:19.0871 5872 vToolbarUpdater - ok
21:01:19.0901 5872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:01:19.0901 5872 vwifibus - ok
21:01:19.0941 5872 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:01:19.0941 5872 vwififlt - ok
21:01:19.0981 5872 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:01:19.0981 5872 vwifimp - ok
21:01:20.0021 5872 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:01:20.0041 5872 W32Time - ok
21:01:20.0051 5872 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:01:20.0061 5872 WacomPen - ok
21:01:20.0091 5872 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:01:20.0101 5872 WANARP - ok
21:01:20.0101 5872 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:01:20.0101 5872 Wanarpv6 - ok
21:01:20.0161 5872 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:01:20.0191 5872 WatAdminSvc - ok
21:01:20.0231 5872 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:01:20.0301 5872 wbengine - ok
21:01:20.0371 5872 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:01:20.0381 5872 WbioSrvc - ok
21:01:20.0421 5872 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:01:20.0441 5872 wcncsvc - ok
21:01:20.0461 5872 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:01:20.0461 5872 WcsPlugInService - ok
21:01:20.0471 5872 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:01:20.0481 5872 Wd - ok
21:01:20.0511 5872 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:01:20.0521 5872 Wdf01000 - ok
21:01:20.0541 5872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:01:20.0541 5872 WdiServiceHost - ok
21:01:20.0551 5872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:01:20.0561 5872 WdiSystemHost - ok
21:01:20.0601 5872 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:01:20.0611 5872 WebClient - ok
21:01:20.0631 5872 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:01:20.0631 5872 Wecsvc - ok
21:01:20.0651 5872 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:01:20.0661 5872 wercplsupport - ok
21:01:20.0691 5872 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:01:20.0701 5872 WerSvc - ok
21:01:20.0711 5872 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:01:20.0721 5872 WfpLwf - ok
21:01:20.0761 5872 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
21:01:20.0761 5872 WimFltr - ok
21:01:20.0782 5872 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:01:20.0782 5872 WIMMount - ok
21:01:20.0812 5872 WinDefend - ok
21:01:20.0822 5872 WinHttpAutoProxySvc - ok
21:01:20.0942 5872 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:01:20.0942 5872 Winmgmt - ok
21:01:21.0182 5872 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:01:21.0252 5872 WinRM - ok
21:01:21.0312 5872 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:01:21.0322 5872 WinUsb - ok
21:01:21.0372 5872 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:01:21.0382 5872 Wlansvc - ok
21:01:21.0532 5872 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:01:21.0612 5872 wlidsvc - ok
21:01:21.0642 5872 [ A96D6C0613DCF84F2D07FAEB75663072 ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
21:01:21.0642 5872 wltrysvc - ok
21:01:21.0682 5872 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:01:21.0682 5872 WmiAcpi - ok
21:01:21.0722 5872 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:01:21.0722 5872 wmiApSrv - ok
21:01:21.0752 5872 WMPNetworkSvc - ok
21:01:21.0762 5872 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:01:21.0772 5872 WPCSvc - ok
21:01:21.0802 5872 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:01:21.0812 5872 WPDBusEnum - ok
21:01:21.0842 5872 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:01:21.0842 5872 ws2ifsl - ok
21:01:21.0862 5872 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:01:21.0872 5872 wscsvc - ok
21:01:21.0912 5872 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:01:21.0922 5872 WSDPrintDevice - ok
21:01:21.0922 5872 WSearch - ok
21:01:22.0022 5872 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:01:22.0092 5872 wuauserv - ok
21:01:22.0132 5872 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:01:22.0132 5872 WudfPf - ok
21:01:22.0172 5872 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:22.0172 5872 WUDFRd - ok
21:01:22.0212 5872 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:01:22.0212 5872 wudfsvc - ok
21:01:22.0232 5872 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:01:22.0242 5872 WwanSvc - ok
21:01:22.0272 5872 ================ Scan global ===============================
21:01:22.0292 5872 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:01:22.0332 5872 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:01:22.0352 5872 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:01:22.0392 5872 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:01:22.0412 5872 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:01:22.0422 5872 [Global] - ok
21:01:22.0422 5872 ================ Scan MBR ==================================
21:01:22.0442 5872 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:01:22.0734 5872 \Device\Harddisk0\DR0 - ok
21:01:22.0734 5872 ================ Scan VBR ==================================
21:01:22.0734 5872 [ B6B637B6121CE3E96930D1AC52232F58 ] \Device\Harddisk0\DR0\Partition1
21:01:22.0734 5872 \Device\Harddisk0\DR0\Partition1 - ok
21:01:22.0750 5872 [ E471480002A65896B6FF6DC8684391EF ] \Device\Harddisk0\DR0\Partition2
21:01:22.0750 5872 \Device\Harddisk0\DR0\Partition2 - ok
21:01:22.0765 5872 ============================================================
21:01:22.0765 5872 Scan finished
21:01:22.0765 5872 ============================================================
21:01:22.0781 1204 Detected object count: 0
21:01:22.0781 1204 Actual detected object count: 0
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby Gary R » September 25th, 2012, 2:00 am

Looking better, still things to do.

First

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:Files
C:\Users\Riley\Videos\iLividSetupV1.exe
ipconfig /flushdns /c

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid\player\hosts\ilivid.com]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid]
[-HKEY_USERS\.DEFAULT\Software\Trolltech]
[-HKEY_USERS\S-1-5-18\Software\Trolltech]

:Commands
[resethosts]
[emptytemp]
[createrestorepoint]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

Once the fix has finished ... Please reboot your computer.

Now run a scan for me with OTL please.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it should produce just one log.
    • OTL.txt (open on your desktop).
  • Please post me the log.

Next

Please run a scan with ESET Online Scanner (the scan make take a few hours to complete, so please be patient)

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • OTL Fix log
  • OTL Scan log (OTL.txt)
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 25th, 2012, 11:40 pm

OTL logfile created on: 25/09/2012 8:48:42 PM - Run 2
OTL by OldTimer - Version 3.2.67.1 Folder = C:\Users\Riley\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.93 Gb Total Physical Memory | 6.14 Gb Available Physical Memory | 77.37% Memory free
15.87 Gb Paging File | 13.91 Gb Available in Paging File | 87.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.14 Gb Total Space | 201.80 Gb Free Space | 45.03% Space Free | Partition Type: NTFS

Computer Name: RILEYSLAPTOP | User Name: Riley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/24 21:03:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Riley\Desktop\OTL.exe
PRC - [2012/09/10 09:45:22 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/19 17:07:28 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/03/12 20:28:30 | 001,940,264 | ---- | M] (NesterSoft Inc.) -- C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/19 02:46:38 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2011/11/02 02:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/29 13:29:12 | 000,050,416 | ---- | M] () -- C:\Program Files (x86)\Tether\TBService.exe
PRC - [2011/08/21 09:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/05/21 11:58:30 | 000,673,088 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2009/09/30 07:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 07:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/22 08:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/02/06 15:22:26 | 001,390,592 | ---- | M] (WORDsearch Corp.) -- C:\Program Files (x86)\WORDsearch 8\ZipScript.exe
PRC - [2007/02/28 17:37:56 | 000,304,624 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe
PRC - [2007/02/28 17:37:44 | 000,431,600 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Dell Photo AIO Printer 942\DLBUmon.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/10 09:45:22 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012/07/19 17:07:28 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/01/19 02:46:38 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2009/07/22 08:52:12 | 002,384,896 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
MOD - [2007/02/28 17:37:56 | 000,304,624 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe
MOD - [2007/01/22 01:19:00 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 942\DLBUcfg.dll
MOD - [2005/09/20 06:40:30 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Dell Photo AIO Printer 942\dlbudrec.dll
MOD - [2005/04/19 13:53:44 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\TimeLeft3\trayclock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/05/06 04:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/01/20 15:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/12/16 08:16:30 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/11/18 00:45:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/08/17 21:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2007/02/28 17:38:34 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbucoms.exe -- (dlbu_device)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/19 17:07:28 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/19 02:46:39 | 000,909,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/29 13:29:12 | 000,050,416 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tether\TBService.exe -- (Tether)
SRV - [2011/08/21 09:00:28 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/03/01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010/08/18 14:57:06 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/05/21 11:58:30 | 000,673,088 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/30 00:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/01/20 15:10:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe -- (STacSV)
SRV - [2009/09/30 07:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 07:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/23 16:02:42 | 000,060,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe -- (AESTFilters)
SRV - [2007/02/28 17:38:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dlbucoms.exe -- (dlbu_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/17 16:26:48 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
DRV:64bit: - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/21 09:00:42 | 000,064,272 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2011/07/25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 03:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/11 23:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/08/01 14:01:14 | 000,023,976 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cputemperature.sys -- (cputemperature)
DRV:64bit: - [2010/07/21 16:14:24 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2010/07/21 15:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/07/07 17:18:58 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/05/18 09:53:18 | 000,050,856 | ---- | M] (Tether) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qrkis.sys -- (qrkis)
DRV:64bit: - [2010/03/18 04:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 04:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010/03/18 03:59:52 | 000,013,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2010/03/18 03:59:44 | 000,074,320 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2010/01/20 15:10:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/12/16 08:16:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/12/16 08:16:12 | 003,053,560 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/11/18 01:21:20 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/11/02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/09/29 20:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/23 22:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/24 01:13:02 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)
DRV:64bit: - [2009/07/23 12:57:48 | 000,018,792 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdflt.sys -- (stdflt)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/07/04 06:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/01 19:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 05:31:58 | 000,080,896 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/06/30 23:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/06/30 23:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/06/30 23:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/25 04:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 03:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 03:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/07 02:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/10/18 14:45:06 | 000,396,816 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys -- (RapportCerberus_32029)
DRV - [2011/08/21 09:00:42 | 000,061,200 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/08/21 09:00:42 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{1D7F21CB-DA20-444F-B02E-4F76B3912009}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535290
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com
IE - HKLM\..\SearchScopes,DefaultScope = {8546F2CB-75FD-4663-9F68-E4D76630F80E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IETB
IE - HKLM\..\SearchScopes\{8546F2CB-75FD-4663-9F68-E4D76630F80E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/23
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?lang=en-ca&OCID=iehp
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 0A 1D 70 0E 63 CD 01 [binary data]
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IE
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{552419DF-F7FA-4E3D-AF96-CB65BA9BA4A5}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPB_en
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{73ccfd25-abe2-4bdf-ac5d-28a470a4d234}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B6D98A4E-2863-48F6-AB51-695032DA7F76}&mid=42c7745226764e2fbd37424052aac868-88095c05894c11c0fa9dbe48c01b365f72a4f205&lang=en&ds=AVG&pr=fr&d=2011-10-16 14:42:50&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Internet Search"
FF - prefs.js..browser.search.defaulturl: "http://www.startsearcher.com/?q="
FF - prefs.js..browser.search.order.1: "Internet Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.startsearcher.com"
FF - prefs.js..extensions.enabledAddons: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: foxfilter@inspiredeffect.net:7.6.4
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledAddons: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.11
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: plugin@startsearcher.com:1.3
FF - prefs.js..extensions.enabledAddons: plugin@videofiledownload.com:1.5
FF - prefs.js..extensions.enabledAddons: pbupload@photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: en-CA@dictionaries.addons.mozilla.org:2.0.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: {BAEBEF65-9289-47c5-8524-C345CC5D860D}:1.4.2
FF - prefs.js..extensions.enabledItems: {618D522B-652C-4e19-9194-048700B12ED6}:1.4
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
FF - prefs.js..extensions.enabledItems: en-CA@dictionaries.addons.mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1
FF - prefs.js..extensions.enabledItems: foxfilter@inspiredeffect.net:7.6.2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Riley\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/13 10:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/15 00:31:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/15 00:31:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012/01/19 02:46:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 21:09:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 17:07:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/13 20:09:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\components [2012/04/25 18:38:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\plugins [2012/04/18 11:53:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 17:07:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/13 20:09:19 | 000,000,000 | ---D | M]

[2010/08/25 11:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Extensions
[2012/08/25 18:19:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions
[2012/08/25 18:19:53 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011/02/13 21:28:26 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010/08/24 12:39:28 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{618D522B-652C-4e19-9194-048700B12ED6}
[2010/11/02 23:10:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/04/03 09:27:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/08/17 10:50:29 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\DeviceDetection@logitech.com
[2012/07/25 21:19:05 | 000,000,000 | ---D | M] (Canadian English Dictionary) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\en-CA@dictionaries.addons.mozilla.org
[2011/03/22 08:25:04 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com
[2012/02/11 22:35:46 | 000,000,000 | ---D | M] ("FoxFilter") -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\foxfilter@inspiredeffect.net
[2012/07/10 20:10:39 | 000,000,000 | ---D | M] (InternetSearch) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com
[2012/07/10 20:10:30 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@videofiledownload.com
[2011/02/16 23:14:48 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\tineye@ideeinc.com
[2012/07/15 09:30:35 | 000,025,950 | ---- | M] () (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\pbupload@photobucket.com.xpi
[2012/06/15 21:37:05 | 000,154,252 | ---- | M] () (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{BAEBEF65-9289-47c5-8524-C345CC5D860D}.xpi
[2011/05/04 17:33:14 | 000,005,214 | ---- | M] () (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\foxfilter@inspiredeffect.net\content\html\expirationNotice.htm
[2011/05/04 17:35:10 | 000,001,755 | ---- | M] () (No name found) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\foxfilter@inspiredeffect.net\content\js\expirationNotice.js
[2010/08/25 13:50:51 | 000,001,819 | ---- | M] () -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\searchplugins\bing.xml
[2012/07/11 20:21:36 | 000,000,324 | ---- | M] () -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\searchplugins\search.xml
[2012/05/04 11:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/25 06:32:51 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2012/07/03 21:09:33 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/07/19 17:07:28 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/19 02:46:38 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/25 07:53:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/25 07:53:15 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Riley\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Riley\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Riley\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: BlackBerry AppWorld (Enabled) = C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Riley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: TinEye Reverse Image Search (old version) = C:\Users\Riley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blkehhkdbdbaggkkapkcaoanffomhgjl\1.0.1_0\

O1 HOSTS File: ([2012/09/25 20:41:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {68DD98BF-9DE8-418C-89F0-E37AC61CC2D9} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [DLBUCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\DLBUtime.DLL ()
O4:64bit: - HKLM..\Run: [dlbumon.exe] C:\Program Files (x86)\Dell Photo AIO Printer 942\dlbumon.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MemoryCardManager] C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000..\Run: [Facebook Update] C:\Users\Riley\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000..\Run: [ZipScript] C:\Program Files (x86)\WORDsearch 8\ZipScript.exe (WORDsearch Corp.)
O4 - HKLM..\RunOnce: [OTL] C:\Users\Riley\Desktop\OTL.exe (OldTimer Tools)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Riley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O7 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 1
O7 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.blackberry.com/device ... Loader.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A0CC991-5970-43DD-941B-0DB4CCE50932}: DhcpNameServer = 206.248.154.22 206.248.154.170
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28570AC8-7FF2-4B9E-A45F-9CAB59F821B6}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61D168AB-C84D-4A8C-A1EB-E23B40848AE0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/24 21:06:25 | 000,000,000 | ---D | C] -- C:\Users\Riley\Desktop\originals
[2012/09/24 21:05:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/22 20:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012/09/22 14:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/09/22 14:39:28 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/22 14:39:26 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/22 14:39:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/22 14:39:26 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/22 14:39:26 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/22 14:39:25 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/22 14:39:25 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/13 20:44:52 | 000,000,000 | ---D | C] -- C:\Users\Riley\Desktop\tdsskiller
[2012/09/13 20:40:18 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Riley\Desktop\dds.scr
[2012/09/13 20:33:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Riley\Desktop\OTL.exe
[2012/09/13 16:32:31 | 000,000,000 | ---D | C] -- C:\Users\Riley\AppData\Local\ZipScript 8
[2012/09/13 14:52:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/09/13 14:36:36 | 000,000,000 | ---D | C] -- C:\Users\Riley\AppData\Roaming\Malwarebytes
[2012/09/13 14:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/13 14:36:26 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/13 14:36:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/13 13:31:39 | 000,000,000 | ---D | C] -- C:\Users\Riley\Documents\WORDsearch Backups
[2012/09/13 11:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/13 10:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/13 10:06:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/13 10:06:04 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/13 10:06:02 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/13 10:06:02 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/10 10:07:24 | 000,000,000 | ---D | C] -- C:\Users\Riley\Desktop\Weather & Climate
[2012/09/04 09:12:39 | 000,044,032 | ---- | C] (Research in Motion Ltd) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys
[2012/09/04 09:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2012/09/04 09:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\XCPCSync.OEM
[2012/09/03 10:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\{57C74E1D-2F54-4E57-A0AC-537AA84A5318}
[2012/09/03 10:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\wsc
[2012/09/03 10:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSfonts
[2012/09/03 10:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WORDsearch 8
[2012/09/03 10:18:58 | 000,000,000 | ---D | C] -- C:\Users\Riley\AppData\Local\WORDsearch 8
[2012/09/03 10:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WORDsearch 8
[2012/09/03 10:18:58 | 000,000,000 | ---D | C] -- C:\Users\Riley\Documents\WORDsearch
[2012/09/03 10:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WORDsearch
[2012/09/03 10:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\WORDsearch
[2010/11/02 23:24:45 | 003,164,160 | ---- | C] (Home) -- C:\Program Files (x86)\BIBLEA.exe
[2010/10/28 21:29:18 | 001,286,504 | ---- | C] (Microsoft Corporation) -- C:\Users\Riley\wlsetup-web.exe
[2010/10/28 21:14:53 | 000,367,942 | ---- | C] (Conduit) -- C:\Users\Riley\Brothersoftdownloader_for_Windows_Live_Messenger.exe
[2010/10/23 19:22:55 | 004,677,528 | ---- | C] (Yuna Software) -- C:\Users\Riley\MsgPlusLive-490.exe
[2010/10/21 17:27:56 | 007,462,536 | ---- | C] (AVG ) -- C:\Users\Riley\avg_pct_stf_all_2011_22_c5.exe
[2010/10/18 10:25:35 | 004,290,744 | ---- | C] (AVG Technologies) -- C:\Users\Riley\avg_free_stb_all_2011_1136_upgrade.exe
[2010/09/18 03:05:43 | 000,850,200 | ---- | C] (DivX, Inc. ) -- C:\Users\Riley\DivXInstaller.exe
[2010/09/18 02:58:02 | 000,652,794 | ---- | C] (Xvid team ) -- C:\Users\Riley\Xvid-1.2.2-07062009.exe
[2010/08/25 14:27:40 | 097,713,960 | ---- | C] (Apple Inc.) -- C:\Users\Riley\iTunes64Setup.exe
[2010/08/25 14:16:18 | 000,318,904 | ---- | C] (Microsoft Corporation) -- C:\Users\Riley\wmpfirefoxplugin.exe
[2010/05/09 12:41:58 | 000,321,328 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Riley\utorrent.exe
[2010/05/06 17:31:11 | 001,193,338 | ---- | C] (Escsoft ) -- C:\Users\Riley\iDump_Setup.exe
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Riley\*.tmp files -> C:\Users\Riley\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/25 20:53:01 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 20:53:01 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 20:52:29 | 000,727,398 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/25 20:52:29 | 000,629,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/25 20:52:29 | 000,111,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/25 20:45:30 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/25 20:45:21 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/09/25 20:45:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/25 20:45:13 | 2094,424,063 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/25 20:43:06 | 095,764,220 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/09/25 20:41:10 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/09/24 21:31:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/24 21:11:29 | 000,165,376 | ---- | M] () -- C:\Users\Riley\Desktop\SystemLook_x64.exe
[2012/09/24 21:03:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Riley\Desktop\OTL.exe
[2012/09/24 21:00:28 | 002,193,278 | ---- | M] () -- C:\Users\Riley\Desktop\tdsskiller.zip
[2012/09/24 20:53:01 | 000,000,088 | ---- | M] () -- C:\Users\Riley\Desktop\MalWare Removal • View topic - both logs are here..adnxs removal help.URL
[2012/09/22 20:00:22 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\GBM - Easy Layout Backup Job-Full.job
[2012/09/22 19:11:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1800031923-557482588-2345233677-1000UA.job
[2012/09/13 20:40:18 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Riley\Desktop\dds.scr
[2012/09/13 18:29:32 | 000,000,134 | ---- | M] () -- C:\Users\Riley\Desktop\MalWare Removal • View topic - help to remove ib.adnxs.com pop up advertising.URL
[2012/09/13 10:07:17 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/09/10 09:45:22 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/10 09:45:22 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/04 09:13:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
[2012/09/04 09:12:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
[2012/09/04 09:12:12 | 000,002,253 | ---- | M] () -- C:\Users\Riley\Desktop\BlackBerry Desktop Software.lnk
[2012/09/04 07:52:44 | 000,431,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/03 10:24:04 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\WORDsearch 8.lnk
[2012/08/31 17:59:48 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2012/08/30 23:20:12 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1800031923-557482588-2345233677-1000Core.job
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Riley\*.tmp files -> C:\Users\Riley\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/24 21:11:28 | 000,165,376 | ---- | C] () -- C:\Users\Riley\Desktop\SystemLook_x64.exe
[2012/09/24 20:53:01 | 000,000,088 | ---- | C] () -- C:\Users\Riley\Desktop\MalWare Removal • View topic - both logs are here..adnxs removal help.URL
[2012/09/13 20:44:44 | 002,193,278 | ---- | C] () -- C:\Users\Riley\Desktop\tdsskiller.zip
[2012/09/13 18:29:32 | 000,000,134 | ---- | C] () -- C:\Users\Riley\Desktop\MalWare Removal • View topic - help to remove ib.adnxs.com pop up advertising.URL
[2012/09/04 09:13:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimUsb_AMD64_01007.Wdf
[2012/09/04 09:12:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
[2012/09/04 09:12:12 | 000,002,253 | ---- | C] () -- C:\Users\Riley\Desktop\BlackBerry Desktop Software.lnk
[2012/09/03 10:24:04 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\WORDsearch 8.lnk
[2011/08/21 00:58:02 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuserv.dll
[2011/08/21 00:58:02 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuusb1.dll
[2011/08/21 00:58:02 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuhbn3.dll
[2011/08/21 00:58:02 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbucomc.dll
[2011/08/21 00:58:02 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbupmui.dll
[2011/08/21 00:58:02 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbulmpm.dll
[2011/08/21 00:58:02 | 000,538,096 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbucoms.exe
[2011/08/21 00:58:02 | 000,434,176 | ---- | C] () -- C:\Windows\SysWow64\dlbuutil.dll
[2011/08/21 00:58:02 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbucomm.dll
[2011/08/21 00:58:02 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuinpa.dll
[2011/08/21 00:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuiesc.dll
[2011/08/21 00:58:02 | 000,386,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuih.exe
[2011/08/21 00:58:02 | 000,382,448 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbucfg.exe
[2011/08/21 00:58:02 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\DLBUhcp.dll
[2011/08/21 00:58:02 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLBUinst.dll
[2011/08/21 00:58:02 | 000,181,744 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuppls.exe
[2011/08/21 00:58:02 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlbuinsb.dll
[2011/08/21 00:58:02 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbuprox.dll
[2011/08/21 00:58:02 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\dlbuins.dll
[2011/08/21 00:58:02 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\dlbujswr.dll
[2011/08/21 00:58:02 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dlbuinsr.dll
[2011/08/21 00:58:02 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbupplc.dll
[2011/08/21 00:58:02 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dlbucub.dll
[2011/08/21 00:58:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dlbucu.dll
[2011/08/21 00:58:02 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\DLBUcfg.dll
[2011/08/21 00:58:02 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dlbucur.dll
[2011/04/26 02:06:12 | 000,000,565 | ---- | C] () -- C:\Windows\Spidey.ini
[2011/03/05 22:27:28 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011/02/16 12:56:30 | 002,469,055 | ---- | C] () -- C:\Users\Riley\extractor_setup_1.4.3.exe
[2011/02/07 02:13:03 | 000,735,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/26 17:15:37 | 000,174,467 | ---- | C] () -- C:\Windows\hpoins43.dat
[2010/12/26 17:15:37 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2010/11/02 23:24:46 | 004,768,592 | ---- | C] () -- C:\Program Files (x86)\OLDTSMS.ASC
[2010/11/02 23:24:46 | 003,461,990 | ---- | C] () -- C:\Program Files (x86)\OLDTSMT.ASC
[2010/11/02 23:24:46 | 001,997,995 | ---- | C] () -- C:\Program Files (x86)\NAVE.DAT
[2010/11/02 23:24:46 | 001,790,966 | ---- | C] () -- C:\Program Files (x86)\NWTSMTS.ASC
[2010/11/02 23:24:46 | 001,475,985 | ---- | C] () -- C:\Program Files (x86)\strongheb.asc
[2010/11/02 23:24:46 | 001,231,396 | ---- | C] () -- C:\Program Files (x86)\TORRY.DAT
[2010/11/02 23:24:46 | 001,048,574 | ---- | C] () -- C:\Program Files (x86)\stronggrk.asc
[2010/11/02 23:24:46 | 001,035,398 | ---- | C] () -- C:\Program Files (x86)\NWTSMT.ASC
[2010/11/02 23:24:46 | 000,483,405 | ---- | C] () -- C:\Program Files (x86)\PSMHC.rtf
[2010/11/02 23:24:46 | 000,228,292 | ---- | C] () -- C:\Program Files (x86)\MTMHC.rtf
[2010/11/02 23:24:46 | 000,148,314 | ---- | C] () -- C:\Program Files (x86)\LUMHC.rtf
[2010/11/02 23:24:46 | 000,135,425 | ---- | C] () -- C:\Program Files (x86)\NUMHC.rtf
[2010/11/02 23:24:46 | 000,132,913 | ---- | C] () -- C:\Program Files (x86)\PRMHC.rtf
[2010/11/02 23:24:46 | 000,114,352 | ---- | C] () -- C:\Program Files (x86)\ROMHC.rtf
[2010/11/02 23:24:46 | 000,112,542 | ---- | C] () -- C:\Program Files (x86)\REMHC.rtf
[2010/11/02 23:24:46 | 000,098,922 | ---- | C] () -- C:\Program Files (x86)\NAVES.IDX
[2010/11/02 23:24:46 | 000,085,224 | ---- | C] () -- C:\Program Files (x86)\LEMHC.rtf
[2010/11/02 23:24:46 | 000,084,546 | ---- | C] () -- C:\Program Files (x86)\MRMHC.rtf
[2010/11/02 23:24:46 | 000,076,549 | ---- | C] () -- C:\Program Files (x86)\JOSMHC.rtf
[2010/11/02 23:24:46 | 000,074,881 | ---- | C] () -- C:\Program Files (x86)\kjvpref.rtf
[2010/11/02 23:24:46 | 000,071,084 | ---- | C] () -- C:\Program Files (x86)\JUDMHC.rtf
[2010/11/02 23:24:46 | 000,054,171 | ---- | C] () -- C:\Program Files (x86)\ZECMHC.rtf
[2010/11/02 23:24:46 | 000,048,128 | ---- | C] ( ) -- C:\Program Files (x86)\folder.exe
[2010/11/02 23:24:46 | 000,041,448 | ---- | C] () -- C:\Program Files (x86)\SOMHC.rtf
[2010/11/02 23:24:46 | 000,039,261 | ---- | C] () -- C:\Program Files (x86)\1CHMHC.rtf
[2010/11/02 23:24:46 | 000,038,400 | ---- | C] () -- C:\Program Files (x86)\OTBMK.EXE
[2010/11/02 23:24:46 | 000,038,400 | ---- | C] () -- C:\Program Files (x86)\NTBMK.EXE
[2010/11/02 23:24:46 | 000,034,883 | ---- | C] () -- C:\Program Files (x86)\NEMHC.rtf
[2010/11/02 23:24:46 | 000,027,061 | ---- | C] () -- C:\Program Files (x86)\PHPMHC.rtf
[2010/11/02 23:24:46 | 000,023,134 | ---- | C] () -- C:\Program Files (x86)\MICMHC.rtf
[2010/11/02 23:24:46 | 000,019,451 | ---- | C] () -- C:\Program Files (x86)\JONMHC.rtf
[2010/11/02 23:24:46 | 000,018,758 | ---- | C] () -- C:\Program Files (x86)\MALMHC.rtf
[2010/11/02 23:24:46 | 000,018,640 | ---- | C] () -- C:\Program Files (x86)\RUMHC.rtf
[2010/11/02 23:24:46 | 000,016,807 | ---- | C] () -- C:\Program Files (x86)\TITMHC.rtf
[2010/11/02 23:24:46 | 000,015,602 | ---- | C] () -- C:\Program Files (x86)\LAMHC.rtf
[2010/11/02 23:24:46 | 000,015,286 | ---- | C] () -- C:\Program Files (x86)\TORRY.IDX
[2010/11/02 23:24:46 | 000,014,250 | ---- | C] () -- C:\Program Files (x86)\JUDEMHC.rtf
[2010/11/02 23:24:46 | 000,009,307 | ---- | C] () -- C:\Program Files (x86)\PHMMHC.rtf
[2010/11/02 23:24:46 | 000,009,119 | ---- | C] () -- C:\Program Files (x86)\NAMHC.rtf
[2010/11/02 23:24:46 | 000,006,466 | ---- | C] () -- C:\Program Files (x86)\OBMHC.rtf
[2010/11/02 23:24:46 | 000,005,550 | ---- | C] () -- C:\Program Files (x86)\WEIGHT.rtf
[2010/11/02 23:24:46 | 000,003,043 | ---- | C] () -- C:\Program Files (x86)\OT.VRB
[2010/11/02 23:24:46 | 000,000,185 | ---- | C] () -- C:\Program Files (x86)\Newfold.fld
[2010/11/02 23:24:46 | 000,000,136 | ---- | C] () -- C:\Program Files (x86)\webfold.ini
[2010/11/02 23:24:46 | 000,000,095 | ---- | C] () -- C:\Program Files (x86)\OCREATE.BMK
[2010/11/02 23:24:46 | 000,000,095 | ---- | C] () -- C:\Program Files (x86)\NBORN.BMK
[2010/11/02 23:24:45 | 002,693,106 | ---- | C] () -- C:\Program Files (x86)\EASTON.DAT
[2010/11/02 23:24:45 | 000,324,006 | ---- | C] () -- C:\Program Files (x86)\GEMHC.rtf
[2010/11/02 23:24:45 | 000,231,693 | ---- | C] () -- C:\Program Files (x86)\ISAMHC.rtf
[2010/11/02 23:24:45 | 000,176,867 | ---- | C] () -- C:\Program Files (x86)\EXMHC.rtf
[2010/11/02 23:24:45 | 000,172,882 | ---- | C] () -- C:\Program Files (x86)\ACMHC.rtf
[2010/11/02 23:24:45 | 000,157,444 | ---- | C] () -- C:\Program Files (x86)\JOHMHC.rtf
[2010/11/02 23:24:45 | 000,144,139 | ---- | C] () -- C:\Program Files (x86)\JERMHC.rtf
[2010/11/02 23:24:45 | 000,143,677 | ---- | C] () -- C:\Program Files (x86)\JOBMHC.rtf
[2010/11/02 23:24:45 | 000,125,779 | ---- | C] () -- C:\Program Files (x86)\DEMHC.rtf
[2010/11/02 23:24:45 | 000,101,179 | ---- | C] () -- C:\Program Files (x86)\1SAMHC.rtf
[2010/11/02 23:24:45 | 000,095,389 | ---- | C] () -- C:\Program Files (x86)\EZEMHC.rtf
[2010/11/02 23:24:45 | 000,088,843 | ---- | C] () -- C:\Program Files (x86)\1COMHC.rtf
[2010/11/02 23:24:45 | 000,086,738 | ---- | C] () -- C:\Program Files (x86)\BNDIC.DAT
[2010/11/02 23:24:45 | 000,086,440 | ---- | C] () -- C:\Program Files (x86)\2KIMHC.rtf
[2010/11/02 23:24:45 | 000,083,126 | ---- | C] () -- C:\Program Files (x86)\HEBMHC.rtf
[2010/11/02 23:24:45 | 000,082,237 | ---- | C] () -- C:\Program Files (x86)\1KIMHC.rtf
[2010/11/02 23:24:45 | 000,074,251 | ---- | C] () -- C:\Program Files (x86)\EASTON.IDX
[2010/11/02 23:24:45 | 000,070,126 | ---- | C] () -- C:\Program Files (x86)\2SAMHC.rtf
[2010/11/02 23:24:45 | 000,062,284 | ---- | C] () -- C:\Program Files (x86)\2CHMHC.rtf
[2010/11/02 23:24:45 | 000,053,221 | ---- | C] () -- C:\Program Files (x86)\2COMHC.rtf
[2010/11/02 23:24:45 | 000,049,993 | ---- | C] () -- C:\Program Files (x86)\DAMHC.rtf
[2010/11/02 23:24:45 | 000,047,094 | ---- | C] () -- C:\Program Files (x86)\GAMHC.rtf
[2010/11/02 23:24:45 | 000,046,037 | ---- | C] () -- C:\Program Files (x86)\ECMHC.rtf
[2010/11/02 23:24:45 | 000,044,702 | ---- | C] () -- C:\Program Files (x86)\HOMHC.rtf
[2010/11/02 23:24:45 | 000,040,958 | ---- | C] () -- C:\Program Files (x86)\EPHMHC.rtf
[2010/11/02 23:24:45 | 000,040,180 | ---- | C] () -- C:\Program Files (x86)\1JOMHC.rtf
[2010/11/02 23:24:45 | 000,036,217 | ---- | C] () -- C:\Program Files (x86)\DICTION.DAT
[2010/11/02 23:24:45 | 000,034,569 | ---- | C] () -- C:\Program Files (x86)\1PEMHC.rtf
[2010/11/02 23:24:45 | 000,034,527 | ---- | C] () -- C:\Program Files (x86)\JASMHC.rtf
[2010/11/02 23:24:45 | 000,026,893 | ---- | C] () -- C:\Program Files (x86)\ESMHC.rtf
[2010/11/02 23:24:45 | 000,026,205 | ---- | C] () -- C:\Program Files (x86)\1TIMHC.rtf
[2010/11/02 23:24:45 | 000,025,368 | ---- | C] () -- C:\Program Files (x86)\COLMHC.rtf
[2010/11/02 23:24:45 | 000,024,839 | ---- | C] () -- C:\Program Files (x86)\EZRMHC.rtf
[2010/11/02 23:24:45 | 000,024,145 | ---- | C] () -- C:\Program Files (x86)\AMMHC.rtf
[2010/11/02 23:24:45 | 000,024,026 | ---- | C] () -- C:\Program Files (x86)\1THMHC.rtf
[2010/11/02 23:24:45 | 000,021,843 | ---- | C] () -- C:\Program Files (x86)\2TIMHC.rtf
[2010/11/02 23:24:45 | 000,021,047 | ---- | C] () -- C:\Program Files (x86)\2PEMHC.rtf
[2010/11/02 23:24:45 | 000,019,603 | ---- | C] () -- C:\Program Files (x86)\2THMHC.rtf
[2010/11/02 23:24:45 | 000,015,103 | ---- | C] () -- C:\Program Files (x86)\HABMHC.rtf
[2010/11/02 23:24:45 | 000,011,716 | ---- | C] () -- C:\Program Files (x86)\HAGMHC.rtf
[2010/11/02 23:24:45 | 000,011,653 | ---- | C] () -- C:\Program Files (x86)\JOEMHC.rtf
[2010/11/02 23:24:45 | 000,011,388 | ---- | C] () -- C:\Program Files (x86)\ZEPMHC.rtf
[2010/11/02 23:24:45 | 000,007,620 | ---- | C] () -- C:\Program Files (x86)\2JOMHC.rtf
[2010/11/02 23:24:45 | 000,007,200 | ---- | C] () -- C:\Program Files (x86)\3JOMHC.rtf
[2010/11/02 23:24:45 | 000,007,070 | ---- | C] () -- C:\Program Files (x86)\CALENDR.rtf
[2010/11/02 23:24:45 | 000,005,330 | ---- | C] () -- C:\Program Files (x86)\DROP.WAV
[2010/11/02 23:24:45 | 000,002,607 | ---- | C] () -- C:\Program Files (x86)\Help.rtf
[2010/11/02 23:24:45 | 000,001,648 | ---- | C] () -- C:\Program Files (x86)\General.fld
[2010/11/02 23:24:45 | 000,000,980 | ---- | C] () -- C:\Program Files (x86)\BIBLEA.INI
[2010/10/17 13:03:21 | 000,027,649 | ---- | C] () -- C:\Users\Riley\N1NRS.torrent
[2010/08/31 00:56:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/17 03:32:23 | 010,734,058 | ---- | C] () -- C:\Users\Riley\swfdec.zip
[2010/06/15 19:35:44 | 277,794,671 | ---- | C] () -- C:\Users\Riley\iPod2,1_3.1.2_7D11_Restore.ipsw
[2010/05/09 12:07:12 | 001,295,892 | ---- | C] () -- C:\Users\Riley\extractor_setup.exe
[2010/05/06 04:34:30 | 263,275,211 | ---- | C] () -- C:\Users\Riley\iPod2,1_3.1.3_7E18_Restore.ipsw
[2010/05/06 04:29:42 | 000,180,224 | ---- | C] () -- C:\Users\Riley\QTCF.dll

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/08/24 11:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2011/08/24 11:02:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2012/02/13 12:58:17 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\.anki
[2011/04/25 14:03:01 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\.minecraft
[2012/07/26 23:44:17 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Audacity
[2011/10/16 13:41:57 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\AVG2012
[2012/02/29 01:47:54 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Blackberry Desktop
[2011/01/22 20:48:34 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\BSplayer
[2011/01/22 20:46:58 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\BSplayer Pro
[2011/04/24 14:02:13 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\CBS Interactive
[2011/11/10 12:57:42 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Dropbox
[2012/03/08 14:02:52 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\DVDVideoSoft
[2012/03/08 13:58:45 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/12/27 00:09:32 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\eFMer
[2011/06/29 15:02:50 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\eXPert PDF 6
[2011/02/11 12:00:00 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\FixCleaner
[2011/02/08 03:15:44 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\foobar2000
[2011/10/20 07:55:37 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\FreeFLVConverter
[2011/02/02 23:11:27 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\FrostWire
[2011/07/26 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Genie-Soft
[2010/12/21 02:12:52 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\GeoVid
[2010/11/04 09:10:15 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\GetRightToGo
[2011/04/24 17:33:58 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\GrabPro
[2011/02/02 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Juniper Networks
[2010/10/02 19:46:03 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Leadertech
[2012/04/18 12:02:36 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\NesterSoft
[2011/04/24 14:02:13 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\OpenCandy
[2011/07/19 16:31:33 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\OpenOffice.org
[2012/05/13 14:40:33 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Orbit
[2011/06/15 00:01:41 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\PCDr
[2011/04/24 17:34:01 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\ProgSense
[2010/10/26 19:29:27 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Research In Motion
[2012/08/31 18:27:31 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\SoftGrid Client
[2011/03/29 10:52:28 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Tether
[2011/02/07 02:14:10 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\TP
[2011/07/29 05:56:14 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Trusteer
[2010/12/03 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\TweakNow RegCleaner
[2011/04/24 17:29:07 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\TweakNow RegCleaner 2011
[2011/04/24 14:02:43 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Uniblue
[2012/09/24 20:51:10 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\uTorrent
[2010/12/04 21:29:16 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 25th, 2012, 11:41 pm

All processes killed
========== FILES ==========
C:\Users\Riley\Videos\iLividSetupV1.exe moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Riley\Desktop\cmd.bat deleted successfully.
C:\Users\Riley\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ilivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ilivid\player\hosts\ilivid.com\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Trolltech\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Trolltech\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Riley
->Temp folder emptied: 185879 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 43332973 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 903 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8204 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.67.1 log created on 09252012_204057

Files\Folders moved on Reboot...
C:\Users\Riley\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\ not found.
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 25th, 2012, 11:41 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=679cc7e71059e54899a9a522f44f200b
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-09-26 04:41:54
# local_time=2012-09-25 11:41:54 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 37396220 100169255 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=157288
# found=10
# cleaned=0
# scan_time=8729
C:\torrent.exe Win32/BundleInstaller application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe a variant of Win32/HiddenStart.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\MsgPlusLive-490.exe a variant of Win32/MessengerPlus application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.3.windows.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\content\sudoku.js Win32/StartSearcher application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23Wrapped.exe a variant of Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Riley\Desktop\Church Clothes\gdfgdfg.exe Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby Gary R » September 26th, 2012, 2:16 am

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
IE:64bit: - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2535290
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IETB
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IE
FF - prefs.js..browser.search.defaultenginename: "Internet Search"
FF - prefs.js..browser.search.defaulturl: "http://www.startsearcher.com/?q="
FF - prefs.js..browser.startup.homepage: "http://www.startsearcher.com"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: plugin@startsearcher.com:1.3
FF - prefs.js..extensions.enabledItems: {618D522B-652C-4e19-9194-048700B12ED6}:1.4
FF - prefs.js..extensions.enabledItems: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
[2012/08/25 18:19:53 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011/03/22 08:25:04 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com
[2012/07/10 20:10:39 | 000,000,000 | ---D | M] (InternetSearch) -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com
[2012/07/11 20:21:36 | 000,000,324 | ---- | M] () -- C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\searchplugins\search.xml
O2 - BHO: (no name) - {68DD98BF-9DE8-418C-89F0-E37AC61CC2D9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1800031923-557482588-2345233677-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O33 - MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Users\Riley\*.tmp files -> C:\Users\Riley\*.tmp -> ]
[2011/02/02 23:11:27 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\FrostWire
[2012/09/24 20:51:10 | 000,000,000 | ---D | M] -- C:\Users\Riley\AppData\Roaming\uTorrent
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4

:Files
C:\torrent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe00000000000000000000000000000000 I
C:\Users\Riley\MsgPlusLive-490.exe
C:\Users\Riley\AppData\Roaming\FrostWire
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\content\sudoku.js
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23.exe
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23Wrapped.exe
C:\Users\Riley\Desktop\Church Clothes\gdfgdfg.exe

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

How is your computer behaving now ?

.

.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: both logs are here..adnxs removal help

Unread postby riley532 » September 26th, 2012, 9:52 pm

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "Internet Search" removed from browser.search.defaultenginename
Prefs.js: "http://www.startsearcher.com/?q=" removed from browser.search.defaulturl
Prefs.js: "http://www.startsearcher.com" removed from browser.startup.homepage
Prefs.js: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189 removed from extensions.enabledAddons
Prefs.js: plugin@startsearcher.com:1.3 removed from extensions.enabledAddons
Prefs.js: {618D522B-652C-4e19-9194-048700B12ED6}:1.4 removed from extensions.enabledItems
Prefs.js: {1392b8d2-5c05-419f-a8f6-b9f15a596612}:2.7.1.3 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\searchplugin folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\Plugins folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\modules folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\META-INF folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\defaults folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\chrome folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\skin folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\locale\en-US folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\locale folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\defaults\preferences folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\defaults folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\content folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com folder moved successfully.
C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\searchplugins\search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68DD98BF-9DE8-418C-89F0-E37AC61CC2D9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68DD98BF-9DE8-418C-89F0-E37AC61CC2D9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1800031923-557482588-2345233677-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94e4c814-ab10-11df-93b8-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94e4c814-ab10-11df-93b8-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94e4c814-ab10-11df-93b8-806e6f6e6963}\ not found.
File D:\Setup.exe not found.
C:\ProgramData\SPL154C.tmp deleted successfully.
C:\ProgramData\SPL2929.tmp deleted successfully.
C:\ProgramData\SPL4E94.tmp deleted successfully.
C:\ProgramData\SPL5E9D.tmp deleted successfully.
C:\ProgramData\SPLA6E3.tmp deleted successfully.
C:\ProgramData\SPLED51.tmp deleted successfully.
C:\ProgramData\SPLF7AD.tmp deleted successfully.
C:\Users\Riley\53FA9A9F3C194D43AD6BDEF365D469BA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Users\Riley\53FA9A9F3C194D43AD6BDEF365D469BA.TMP\WiseCustomCalla3.exe deleted successfully.
C:\Users\Riley\53FA9A9F3C194D43AD6BDEF365D469BA.TMP folder deleted successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\xml\data folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\xml folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\themes\frostwirePro_theme folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\themes folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\overlays folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\torrents folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\tmp folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\plugins folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\net folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\logs\save folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\logs folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\dht folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus\active folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\azureus folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\.NetworkShare\Incomplete folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\.NetworkShare folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire\.AppSpecialShare folder moved successfully.
C:\Users\Riley\AppData\Roaming\FrostWire folder moved successfully.
C:\Users\Riley\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\Riley\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\Riley\AppData\Roaming\uTorrent folder moved successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
========== FILES ==========
C:\torrent.exe moved successfully.
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe moved successfully.
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe moved successfully.
File\Folder C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe00000000000000000000000000000000 I not found.
C:\Users\Riley\MsgPlusLive-490.exe moved successfully.
File\Folder C:\Users\Riley\AppData\Roaming\FrostWire not found.
File\Folder C:\Users\Riley\AppData\Roaming\Mozilla\Firefox\Profiles\0ik16r9a.default\extensions\plugin@startsearcher.com\content\sudoku.js not found.
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23.exe moved successfully.
C:\Users\Riley\AppData\Roaming\OpenCandy\OpenCandy_5EA85B4EF8014DD89C673933B01E99B4\registrybooster23Wrapped.exe moved successfully.
C:\Users\Riley\Desktop\Church Clothes\gdfgdfg.exe moved successfully.

OTL by OldTimer - Version 3.2.67.1 log created on 09262012_214805


All popups/redirecting seems to be gone!

Thank you so much :)
riley532
Banned Member
 
Posts: 16
Joined: September 13th, 2012, 8:30 pm

Re: both logs are here..adnxs removal help

Unread postby Gary R » September 27th, 2012, 1:21 am

You're welcome. :)

OK, as far as I can see we've got everything, time for a little housekeeping.

Let's clear out OTL and the files and folders it created. This should also remove TDSSKiller and SystemLook as well.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: both logs are here..adnxs removal help

Unread postby Gary R » October 2nd, 2012, 10:03 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21861
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware