jwill80
-
Posts
16 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by jwill80
-
-
*while using firefox.
Typing issues...
-
Well i start Firefox which takes me to my homepage: yahoo.com, type anything in search bar, for my tests i have been using "dog", click search and once I click on any of the results the address bar basically goes crazy and will go to some random garbage site and then usually bounces to one of the 3 sites mentioned above. Like i said above it is only on yahoo wh
-
Still have redirect issues with Firefox and yahoo. About 90% of all search results takes me to one of these sites:
looksmart.com
searchocity.com
topmarket-search.com
-
Checkup.txt:
Results of screen317's Security Check version 0.99.42
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.61.0.1400
Java 6 Update 29
Java 7 Update 2
Java version out of Date!
Adobe Flash Player 11.3.300.262
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (13.0.1)
````````Process Check: objlist.exe by Laurent````````
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
Log.txt:
Logfile of random's system information tool 1.09 (written by random/random)
Run by John at 2012-06-23 16:25:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 127 GB (53%) free of 238 GB
Total RAM: 2038 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:26:01 PM, on 6/23/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\John\Desktop\RSIT.exe
C:\Program Files\trend micro\John.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/'>http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = John\AppData\Local\Temp\{1F622389-E184-41F9-B1DF-77198C1E351C}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 6210 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default
prefs.js - "browser.startup.homepage" - "http://www.yahoo.com/'>http://www.yahoo.com/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, vshare@toolbar:1.0.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, DeviceDetection@logitech.com:1.21.0.11, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPcol400.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\
DeviceDetection@logitech.com
vshare@toolbar
{cce665dd-f6dd-4808-968e-eaec971f70ef}
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\searchplugins\
MyStart Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-06 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-16 59272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-06 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-04-13 1808784]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-28 1352272]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-08-23 206240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2012-02-09 312376]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-09-30 252296]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]
C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\John\AppData\Local\Temp\{1F622389-E184-41F9-B1DF-77198C1E351C}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-29 203776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-06-23 16:25:45 ----D---- C:\Program Files\trend micro
2012-06-23 16:25:44 ----D---- C:\rsit
2012-06-23 15:09:46 ----D---- C:\Users\John\AppData\Roaming\f-secure
2012-06-23 15:09:33 ----D---- C:\ProgramData\F-Secure
2012-06-23 10:08:29 ----A---- C:\ComboFix.txt
2012-06-23 10:06:44 ----SHD---- C:\$RECYCLE.BIN
2012-06-23 09:53:32 ----D---- C:\ComboFix
2012-06-23 08:35:45 ----D---- C:\_OTL
2012-06-23 00:21:00 ----A---- C:\TDSSKiller.2.7.41.0_23.06.2012_00.21.00_log.txt
2012-06-23 00:19:25 ----A---- C:\TDSSKiller.2.7.41.0_23.06.2012_00.19.25_log.txt
2012-06-23 00:06:30 ----A---- C:\TDSSKiller.2.7.41.0_23.06.2012_00.06.30_log.txt
2012-06-22 23:37:49 ----A---- C:\TDSSKiller.2.7.41.0_22.06.2012_23.37.49_log.txt
2012-06-22 22:19:10 ----D---- C:\Program Files\ERUNT
2012-06-22 19:20:51 ----A---- C:\Windows\MBR.exe
2012-06-22 19:20:50 ----A---- C:\Windows\zip.exe
2012-06-22 19:20:50 ----A---- C:\Windows\SWSC.exe
2012-06-22 19:20:50 ----A---- C:\Windows\SWREG.exe
2012-06-22 19:20:50 ----A---- C:\Windows\sed.exe
2012-06-22 19:20:50 ----A---- C:\Windows\PEV.exe
2012-06-22 19:20:50 ----A---- C:\Windows\NIRCMD.exe
2012-06-22 19:20:50 ----A---- C:\Windows\grep.exe
2012-06-22 19:18:47 ----D---- C:\Qoobox
2012-06-22 19:18:18 ----D---- C:\Windows\erdnt
2012-06-22 10:24:39 ----D---- C:\Users\John\AppData\Roaming\SUPERAntiSpyware.com
2012-06-22 10:24:03 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-06-21 10:34:04 ----D---- C:\Users\John\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-06-21 07:12:58 ----D---- C:\Windows\en
2012-06-21 07:06:03 ----D---- C:\Program Files\Adobe Download Assistant
2012-06-21 07:05:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2012-06-21 06:53:53 ----A---- C:\Windows\system32\wups2.dll
2012-06-21 06:53:53 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-21 06:53:52 ----A---- C:\Windows\system32\wucltux.dll
2012-06-21 06:53:52 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-21 06:53:23 ----A---- C:\Windows\system32\wups.dll
2012-06-21 06:53:23 ----A---- C:\Windows\system32\wudriver.dll
2012-06-21 06:53:23 ----A---- C:\Windows\system32\wuapi.dll
2012-06-21 06:52:47 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-21 06:52:47 ----A---- C:\Windows\system32\wuapp.exe
2012-06-13 22:33:28 ----A---- C:\Windows\system32\mshtmled.dll
2012-06-13 22:33:26 ----A---- C:\Windows\system32\iertutil.dll
2012-06-13 22:33:25 ----A---- C:\Windows\system32\jsproxy.dll
2012-06-13 22:33:25 ----A---- C:\Windows\system32\ieUnatt.exe
2012-06-13 22:33:25 ----A---- C:\Windows\system32\ieui.dll
2012-06-13 22:33:24 ----A---- C:\Windows\system32\wininet.dll
2012-06-13 22:33:23 ----A---- C:\Windows\system32\jscript.dll
2012-06-13 22:33:22 ----A---- C:\Windows\system32\url.dll
2012-06-13 22:33:22 ----A---- C:\Windows\system32\jscript9.dll
2012-06-13 22:33:20 ----A---- C:\Windows\system32\urlmon.dll
2012-06-13 22:33:17 ----A---- C:\Windows\system32\mshtml.dll
2012-06-13 22:33:16 ----A---- C:\Windows\system32\ieframe.dll
2012-06-13 07:40:58 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-13 07:40:56 ----A---- C:\Windows\system32\msi.dll
2012-06-13 07:40:54 ----A---- C:\Windows\system32\win32k.sys
2012-06-13 07:40:52 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-13 07:40:52 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-13 07:40:51 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-13 07:40:49 ----A---- C:\Windows\system32\profsvc.dll
2012-06-13 07:40:38 ----A---- C:\Windows\system32\crypt32.dll
2012-06-13 07:40:36 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-13 07:40:36 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-09 07:59:20 ----D---- C:\ProgramData\Apple Computer
2012-06-09 07:59:20 ----D---- C:\Program Files\QuickTime
2012-05-28 10:04:57 ----D---- C:\ProgramData\3DVIA
2012-05-28 10:04:56 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-05-28 10:04:55 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-05-28 10:04:51 ----D---- C:\Program Files\Virtools
2012-05-28 09:36:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
======List of files/folders modified in the last 1 month======
2012-06-23 16:25:50 ----D---- C:\Windows\Temp
2012-06-23 16:25:45 ----RD---- C:\Program Files
2012-06-23 15:09:46 ----D---- C:\Program Files\Mozilla Firefox
2012-06-23 15:09:33 ----D---- C:\ProgramData
2012-06-23 14:53:30 ----D---- C:\Windows\system32\config
2012-06-23 14:39:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-23 12:41:09 ----D---- C:\Windows\System32
2012-06-23 10:03:51 ----D---- C:\Windows
2012-06-23 10:03:51 ----A---- C:\Windows\system.ini
2012-06-23 09:59:33 ----D---- C:\Windows\system32\drivers
2012-06-23 09:59:33 ----D---- C:\Windows\AppPatch
2012-06-23 09:59:31 ----D---- C:\Program Files\Common Files
2012-06-23 08:37:06 ----SHD---- C:\System Volume Information
2012-06-22 22:28:49 ----D---- C:\Users\John\AppData\Roaming\uTorrent
2012-06-22 19:34:29 ----D---- C:\Windows\system32\drivers\etc
2012-06-22 19:20:43 ----D---- C:\Windows\Prefetch
2012-06-22 17:43:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-06-22 17:43:57 ----D---- C:\Windows\inf
2012-06-22 13:58:32 ----D---- C:\Program Files\PeerBlock
2012-06-22 10:14:56 ----D---- C:\Windows\system32\wdi
2012-06-21 15:54:53 ----D---- C:\Windows\rescache
2012-06-21 10:55:50 ----D---- C:\Windows\Setup
2012-06-21 10:44:02 ----D---- C:\Program Files\Free Window Registry Repair
2012-06-21 09:00:02 ----D---- C:\Windows\winsxs
2012-06-21 08:59:12 ----D---- C:\Windows\system32\en-US
2012-06-21 08:59:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-06-21 08:59:06 ----D---- C:\Config.Msi
2012-06-21 08:25:08 ----SHD---- C:\Windows\Installer
2012-06-21 07:27:04 ----D---- C:\Windows\Microsoft.NET
2012-06-21 07:27:00 ----RSD---- C:\Windows\assembly
2012-06-21 07:07:27 ----D---- C:\Program Files\Windows Live
2012-06-21 07:05:45 ----D---- C:\Program Files\Adobe
2012-06-21 06:54:02 ----D---- C:\Windows\system32\catroot
2012-06-21 06:53:44 ----D---- C:\Windows\system32\catroot2
2012-06-14 07:10:03 ----D---- C:\Windows\system32\migration
2012-06-14 07:10:02 ----D---- C:\Program Files\Internet Explorer
2012-06-13 22:43:25 ----D---- C:\ProgramData\Microsoft Help
2012-06-13 22:38:11 ----A---- C:\Windows\system32\MRT.exe
2012-06-11 12:54:00 ----SD---- C:\Users\John\AppData\Roaming\Microsoft
2012-05-28 09:36:34 ----D---- C:\Windows\Tasks
2012-05-28 09:36:34 ----D---- C:\Windows\system32\Tasks
2012-05-27 17:32:41 ----D---- C:\Windows\system32\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0x01000000 papycpu;papycpu; C:\Windows\system32\drivers\papycpu.sys [1998-10-06 1984]
R0x01000000 papycpu2;papycpu2; C:\Windows\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]
R0x01000000 papyjoy;papyjoy; C:\Windows\system32\drivers\papyjoy.sys [1998-10-06 1888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-06 44376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-06 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-06 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-06 53848]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-02-09 112096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-06 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-06 57688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-06-25 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-06-25 38400]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta; C:\Windows\system32\DRIVERS\dualshock3.sys [2008-11-22 11392]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-13 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 78336]
S3 catchme;catchme; \??\C:\Users\John\AppData\Local\Temp\catchme.sys []
S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2011-04-08 40448]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-13 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-13 36864]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-03-24 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-03-24 8456]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 81168]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2011-04-13 21784]
S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [2010-11-06 20080]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12368]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-04-13 40984]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\Windows\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\Windows\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\Windows\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-13 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-13 15872]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-13 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-13 17920]
S3 WSDScan;WSD Scan Support via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-13 20480]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2010-08-19 61984]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-06 44768]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-13 20992]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-08-15 40999448]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-13 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-13 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-23 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-02-28 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-08-15 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-08-15 369688]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Info.txt:
info.txt logfile of random's system information tool 1.09 2012-06-23 16:26:06
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}
3DVIA player 5.0.0.20-->MsiExec.exe /X{B01DD1A4-F4E1-4CE7-AB6E-3168C5BD5D30}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}
Adobe Download Assistant-->msiexec /qb /x {9866E5F0-121F-E018-E2D1-2E1770847ABF}
Adobe Download Assistant-->MsiExec.exe /I{9866E5F0-121F-E018-E2D1-2E1770847ABF}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -maintain plugin
Adobe Reader 9.5.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
calibre-->MsiExec.exe /I{A5425D07-D972-47DA-8133-4D33876D44A4}
Canon IJ Network Scan Utility-->"C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files\Canon\Canon IJ Network Scan Utility\uninst.ini
Canon IJ Network Tool-->C:\Program Files\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon MP640 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series
Canon MP640 series User Registration-->C:\Program Files\Canon\IJEREG\MP640 series\UNINST.EXE
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
EASEUS Partition Master 8.0.1 Home Edition-->"C:\Program Files\EASEUS\EASEUS Partition Master 8.0.1 Home Edition\unins000.exe"
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Free M4a to MP3 Converter 7.0-->"C:\Program Files\Free M4a to MP3 Converter\unins000.exe"
Free Mp3 Wma Converter V 2.2-->"C:\Program Files\Free mp3 Wma Converter\unins000.exe"
Free Window Registry Repair-->C:\PROGRA~1\FREEWI~1\UNWISE.EXE C:\PROGRA~1\FREEWI~1\INSTALL.LOG
Hamster Free EbookConverter-->"C:\Program Files\Hamster Soft\Free eBbook Converter\unins000.exe"
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)-->C:\Windows\system32\msiexec.exe /package {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB} /uninstall /qb+ REBOOTPROMPT=""
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7-->C:\Program Files\HP\Digital Imaging\{14BC6853-A74E-4874-B50D-679889D1544D}\setup\hpzscr01.exe -datfile hposcr46.dat -onestop -forcereboot
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel® TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Java 7 Update 2-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217002FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe"
Logitech SetPoint 6.22-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft IntelliPoint 8.1-->msiexec.exe /I {9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}
Microsoft IntelliPoint 8.1-->MsiExec.exe /X{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{4815BD99-96A4-49FE-A885-DCF06E9E4E78}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
Microsoft SQL Server 2008 Management Studio-->MsiExec.exe /I{2020045B-8DCF-4449-8D5C-EB5BA37440F1}
Microsoft SQL Server 2008 Management Studio-->MsiExec.exe /I{FA9C3624-C693-4423-8A8B-2BC2B9F607AB}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual Studio Tools for Applications 2.0 - ENU-->MsiExec.exe /X{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}
Mozilla Firefox 13.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
Mp3tag v2.49-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MS Access 97 SP2-->C:\Program Files\Microsoft Office\setup\setup.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
PeerBlock 1.1 (r518)-->"C:\Program Files\PeerBlock\unins000.exe"
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PS3 Media Server-->"C:\Program Files\PS3 Media Server\uninst.exe"
QuickTime-->MsiExec.exe /I{0E64B098-8018-4256-BA23-C316A43AD9B0}
RCT3 Soaked-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\Setup.exe" -l0x9
RICOH R5U8xx Media Driver ver.3.62.02-->"C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -runfromtemp -l0x0009 anything -removeonly
RollerCoaster Tycoon 2 Triple Thrill Pack-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C5D15D2-5351-4F05-A96E-56C20554F977}\Setup.exe" -l0x9
RollerCoaster Tycoon® 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x9
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {31C0F635-15AD-4AA3-A3C6-B542B403D0EE}
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {075C2272-0881-46D3-B3A5-1D83D6940270}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B5B7C5DB-74C3-43E0-8413-0C6C1CA4DED0}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======System event log======
Computer Name: John-Laptop
Event Code: 46
Message: Crash dump initialization failed!
Record Number: 138155
Source Name: volmgr
Time Written: 20111007103620.822423-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 46
Message: Crash dump initialization failed!
Record Number: 138150
Source Name: volmgr
Time Written: 20111007103617.218817-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 138139
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20111007023747.159664-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: John-Laptop
Event Code: 7000
Message: The DUALSHOCK3 Controller HID Minidriver (USB) Beta service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 137974
Source Name: Service Control Manager
Time Written: 20111006103428.767027-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 7000
Message: The adfs service failed to start due to the following error:
The system cannot find the file specified.
Record Number: 137971
Source Name: Service Control Manager
Time Written: 20111006103419.469411-000
Event Type: Error
User:
=====Application event log=====
Computer Name: John-Laptop
Event Code: 33
Message: Activation context generation failed for "C:\Program Files\Alwil Software\Avast5\AvastUI.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 12604
Source Name: SideBySide
Time Written: 20100811115052.000000-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 33
Message: Activation context generation failed for "C:\Program Files\Alwil Software\Avast5\AvastUI.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 12548
Source Name: SideBySide
Time Written: 20100810124447.000000-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 33
Message: Activation context generation failed for "C:\Program Files\Alwil Software\Avast5\AvastUI.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 12542
Source Name: SideBySide
Time Written: 20100810120919.000000-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 33
Message: Activation context generation failed for "C:\Program Files\Alwil Software\Avast5\AvastUI.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 12485
Source Name: SideBySide
Time Written: 20100809234803.000000-000
Event Type: Error
User:
Computer Name: John-Laptop
Event Code: 33
Message: Activation context generation failed for "C:\Program Files\Alwil Software\Avast5\AvastUI.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 12449
Source Name: SideBySide
Time Written: 20100809161035.000000-000
Event Type: Error
User:
=====Security event log=====
Computer Name: John-Laptop
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
New Logon:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x130ac48
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x0
Process Name: -
Network Information:
Workstation Name: SKYE-PC
Source Network Address: 192.168.1.137
Source Port: 61198
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): NTLM V1
Key Length: 128
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 51853
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111002003619.439326-000
Event Type: Audit Success
User:
Computer Name: John-Laptop
Event Code: 4634
Message: An account was logged off.
Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x12b528f
Logon Type: 3
This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 51852
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111002002619.413006-000
Event Type: Audit Success
User:
Computer Name: John-Laptop
Event Code: 4634
Message: An account was logged off.
Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x12b508a
Logon Type: 3
This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 51851
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111002002619.411006-000
Event Type: Audit Success
User:
Computer Name: John-Laptop
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
New Logon:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x12b528f
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x0
Process Name: -
Network Information:
Workstation Name: SKYE-PC
Source Network Address: 192.168.1.137
Source Port: 61151
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): NTLM V1
Key Length: 128
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 51850
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111002002417.542036-000
Event Type: Audit Success
User:
Computer Name: John-Laptop
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
New Logon:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x12b508a
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x0
Process Name: -
Network Information:
Workstation Name: SKYE-PC
Source Network Address: 192.168.1.137
Source Port: 61150
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): NTLM V1
Key Length: 128
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 51849
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111002002416.724989-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE;C:\Program Files\Windows Live\Shared;C:\Program Files\Calibre2;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"CLASSPATH"=.;C:\Program Files\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre7\lib\ext\QTJava.zip
-----------------EOF-----------------
Utorrent removed, didnt know I had anything from iobit installed. Will update the custom host file next.
-
F-secure scan:
Scanning Report
Saturday, June 23, 2012 15:09:45 - 16:15:16
Computer name: JOHN-LAPTOP
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\
No malware found
Statistics
Scanned:
Files: 153759
System: 4156
Not scanned: 597
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Not cleaned: 0
Submitted: 0
Files not scanned:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT{6DCA2F8D-B686-11DF-AE96-001D094CCC0D}.TMCONTAINER00000000000000000002.REGTRANS-MS
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT.LOG2
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT{6DCA2F8D-B686-11DF-AE96-001D094CCC0D}.TMCONTAINER00000000000000000001.REGTRANS-MS
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT.LOG1
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT{6DCA2F8D-B686-11DF-AE96-001D094CCC0D}.TM.BLF
C:\WINDOWS\SYSTEM32\MICROSOFT\PROTECT\RECOVERY\RECOVERY.DAT
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTDIAGLOG.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-APPLICATION.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SECURITY.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SYSTEM.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTUBPM.ETL
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\EDB.LOG
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE0.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE1.DAT
C:\USERS\JOHN\NTUSER.DAT
C:\USERS\JOHN\NTUSER.DAT.LOG1
C:\USERS\JOHN\NTUSER.DAT.LOG2
C:\USERS\JOHN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FFNMK6OX.DEFAULT\PARENT.LOCK
C:\USERS\JOHN\APPDATA\LOCAL\TEMP\HSPERFDATA_JOHN\2760
C:\USERS\JOHN\APPDATA\LOCAL\TEMP\HSPERFDATA_JOHN\848
C:\USERS\JOHN\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\USERS\JOHN\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG1
C:\USERS\JOHN\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG2
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG1
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG2
C:\SYSTEM VOLUME INFORMATION\{10CD7EF7-B8A9-11E1-8483-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD546-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5A5-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5A9-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5AD-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5D1-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5CD-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5D7-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{7F7BD5DB-BB4C-11E1-816A-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{DCA6392A-BBA0-11E1-AE4E-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{F96D083F-BC93-11E1-A873-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{F96D0844-BC93-11E1-A873-001D094CCC0D}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\WINDOWSIMAGEBACKUP\SPPMETADATACACHE\{B0979AE8-216B-4FFD-B266-7E87A3F7E6F5}
C:\SYSTEM VOLUME INFORMATION\WINDOWSIMAGEBACKUP\CATALOG\BACKUPGLOBALCATALOG
C:\SYSTEM VOLUME INFORMATION\WINDOWSIMAGEBACKUP\CATALOG\GLOBALCATALOG
C:\QOOBOX\BACKENV\APPDATA.FOLDER.DAT
C:\QOOBOX\BACKENV\CACHE.FOLDER.DAT
C:\QOOBOX\BACKENV\DESKTOP.FOLDER.DAT
C:\QOOBOX\BACKENV\COOKIES.FOLDER.DAT
C:\QOOBOX\BACKENV\FAVORITES.FOLDER.DAT
C:\QOOBOX\BACKENV\HISTORY.FOLDER.DAT
C:\QOOBOX\BACKENV\LOCALAPPDATA.FOLDER.DAT
C:\QOOBOX\BACKENV\LOCALSETTINGS.FOLDER.DAT
C:\QOOBOX\BACKENV\MUSIC.FOLDER.DAT
C:\QOOBOX\BACKENV\NETHOOD.FOLDER.DAT
C:\QOOBOX\BACKENV\PERSONAL.FOLDER.DAT
C:\QOOBOX\BACKENV\PICTURES.FOLDER.DAT
C:\QOOBOX\BACKENV\PRINTHOOD.FOLDER.DAT
C:\QOOBOX\BACKENV\PROFILES.FOLDER.DAT
C:\QOOBOX\BACKENV\PROGRAMS.FOLDER.DAT
C:\QOOBOX\BACKENV\PROFILES.FOLDER.FOLDER.DAT
C:\QOOBOX\BACKENV\STARTMENU.FOLDER.DAT
C:\QOOBOX\BACKENV\SETPATH.BAT
C:\QOOBOX\BACKENV\RECENT.FOLDER.DAT
C:\QOOBOX\BACKENV\SENDTO.FOLDER.DAT
C:\QOOBOX\BACKENV\STARTUP.FOLDER.DAT
C:\QOOBOX\BACKENV\SYSPATH.DAT
C:\QOOBOX\BACKENV\TEMPLATES.FOLDER.DAT
C:\QOOBOX\BACKENV\VIKPEV00
C:\PROGRAMDATA\MICROSOFT\WINDOWS\DRM\CACHE\INDIV01.TMP
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\MSS.LOG
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\TMP.EDB
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\WINDOWS.EDB
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\000A83A45BCC3B1209F01105B5F3A728_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\009050B0C9B1D449113C227045B84357_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0091919A08B9747CE59B91C4B0666529_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0095448E54ADEB5D1A035E43D974B081_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\00C768A5B1061D6435927CBD94CBC302_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\01A0DD8E4BD489EE5B87C3B710045A0B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02222182CFBE7624DAA8BD8873C8D271_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02298F04C3C5777CEDC8EE7696580873_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02E711E26E02CA010A3A665A1D865593_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02ED98D1DD3BE8A34303B9EB9AB72982_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0325003A322773E1CCB7374DEE77BCEE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\034FBEBD5AB7D96E932F9DB6D0CF38F4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\03495070A22125E726A605203979C3BC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0370EA50FFC4BB87AFDD372E87361A4A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\03B7C78B1381C3522D34CDD04527C13E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\03EB9EF7E972C39FAC9AA23DDFE32475_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\041BC01780F84D948451EA9712838F09_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\046EC1AB29B1151379B0F6DEE878AE3C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\053A62B4973A35648C3FDB1D4F14DC69_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07096783CE73E1AA9EFBCDE8AA7F9A63_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0720B80869E1BF29AFAC7CBD1F64B974_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\075895A86A7F12E1CFD1FC56E7321E11_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\075AFDFE4D16DA20E237770BB5A49316_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07F1D244463E3478A92EEE42C8607C70_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\084D8048E338539F9F2C973FB813AFC3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\096126A516FAC74BEF9C817B4D01E0E4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\09FF250B576CE53CC82C1D7096DCBACC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C4B9CEE3114F6A70063A763CB2E0C42_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0D8926B02F998CFD3DB144DD8200989E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C2EBE128F5B2230BD73CA4BC2DAE068_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0DB1F51FF3B7EAC6189EE5D6FC4B627A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0E56D52753B92C2EE51F357CC3304BCB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0EBD02AB3881E2A146852EF895F1EAE3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0ECDE63EB0B38DD1419C7D6A9BE8EC6D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0EFD8D41D4BEBD729C77DA58EF26C060_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F96BA03665CDFA7A13E2406DADA672D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0FD4FBDE59900985BCA50CBFCFFE3321_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\10A4ECAB8AA35F949331E61B8B55EBE3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\10CD4DA4B21FC6A46CEF5B960031B269_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1122C0787DEBD89F1C8C48E0DFDD2C27_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\12C179D8B097D7B8597BFFE25450E11B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\126557EABF96A9668805C0649E5AC57A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\14ECA1FF1EE8DDFB7851446AF98582C9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15AA15A9D3D5BE81461143CB3A175E8B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15F40EE3A2B964784E48204540F8BB28_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\15D4C898F24B257EB63F3C2623F077FD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\160F88A3C25853D7F436EA627E9F2C94_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\164C14F198474281DC295EE71CF08266_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\177095E39448EEAA530E2CB390F8DE33_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1809644260975FE64D3AC09B1A643F22_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\181551EC4B945A4B52FADC74E1914A5F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\182BFCCC3BFE9DF44DC2659B50F20165_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\192955F1A8DC99C192B47B02B4EA1552_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1967B457F811E0E513B0DF00EBD4F53F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1970C5F2406DE915C651D3FBDA8C942E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1CD090068831A222994FFC28E25E563F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D0AABD0C07D3E1F2CC199AF6FBF75E5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1D828D5FC38EA3B4849A70A5826E49AC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1DE11D71D05834D84C806A6BF266A15D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1ED5B2B917911E4034823C6D47445291_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F042D775E8D60E2882459089C7C9088_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F2AB3E809EF9C92E53FBA6BEF423797_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F2E1647DBFAE93792063C62E7674C90_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FEF103D1C2C6977566DEC0D76BC25C7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\219312F6F5AB6B426693DA5D59B52F79_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\22060CBB1649C68F353F1AEACC3E1662_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\229D3FB04879DEBC78DD08903E47F641_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23205263F92669871952BBAB8249FB12_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2340695FB9380CD0D5CE70D3DC106587_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23835E58C88291035398490C238D50CE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\239786900A35BFFCA454F7AD8EE051FD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23EF1FC892140AE77E9881F68AF8D612_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23CAFDEA94D94D8F8DA45563A335B858_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\24F05F91246C877586EE7BC3F3DBBB31_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\25BB7548302373536A6FA913374F8FBA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\25DAE919EA7C6D3F886B5EE9C3596388_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\25F3C148BF5D80E6AC224383D548F632_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\266A7E871D9C71F2FABE2BC012F5850B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\26E879E5ACA44F1907FD478A1142B5BB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2718ABB5900E2823A16077943B2EEA12_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A17FE77644E5C484CA3EEBE5B034F1D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A26590EC74773132C5860D5FDE69E85_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\29A1D6D8C0BFC5C0F897B01842DEF772_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A5A0C414FAAA3FAA885CDAD2585BEE3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2AB8403005B7722910AEE46511AC734E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2CABCB9DB1905C9B453490D9633E60D6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2C148D6A5BEE278A1E913F86E387E504_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2D1D593423217906FA91AD553C74F3EA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2D9B06C939490BB93DE822096F09EA7A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2DC5E11E70BC9EB82333FF2611E5CD07_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2DA12ED321CE51FB605C943FB1C8F855_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2EDA8DE121A4B9F981F77F75F29D57A3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2EDE5549DB865C4329D55C7337AAE73E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2F1C5484103F8FC5CADDD0470A8FEA41_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2F2BDCBF85606613235C410F0FAB654B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2FC7C04D2E7A23706BE837A47F6C8495_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2FDA235C53FDD121256A1C72EE6D73F9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\305286F686B04294E535418228F31C17_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\314997EAFF02C5007E7FC3715B3D009B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\31B148ACF2892B8A485DC540D794EFC5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3276EAB0FA0204902C7283D89F83893B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\330DD3999B3C9EFA8124443258F6A68D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36056E5A4A26B446BEF9A09D1DC86CC7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\35ACE1FBD2A1AF42FD3337A902739B8B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36179CC94254C7C355AD19D7B91F5607_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36254A0E3D5E5BB61A82DE80F311628C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\36765E62563125D52CE1EF8A0B64248C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\382E2D1F40AB8D0FE3DF94BBB61E9CFD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\382ADFC73B155E11280F4D66289D5526_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\38AE02A8FC70817B1D934D21FADA560D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\39D77CED4E9C8F9D1BB9662961B7A3F9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\383AECB58A4104F6E59625CDA1FDC683_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3A1499A418D3CC7B933799F3FEAD65A5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3A3494FB29232329D03E2B7B10852888_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\38FCB3FA9B82DE71630DA510480ED246_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3AA163C55F3A3D7F85C92CF7E092ABD2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3ACE1B046467303B6B8BC1FCD22A5A5E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3B4C9D08C3010713F6ADDA711E61EB60_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3BD63BA94B1EA804D7C3EBC7C6B128F2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C2F1BEE491130D633BD5A71212E0CB7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C46EB4CB7697ABE496A6498421A8B55_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C7F72C3F63E4A84CFA9CCD2B12B3334_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3E4BE26661F0F50D6B86DAA076E879CD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3E931C0ACF4C0662C4E8152DA63FB1D3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3EFDE1EC74C1726ACDEECF1D1DAAC5EE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40DB375EB2B28B7F45D73A2EC83E8D5D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\42BF3C607317EB54BF5EE5B136EBD2B9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4142C1FFE8BF7C553332891364CE09F2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\42CFD54D8847E30963F275FE85A0F76C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44487FA5EB99C938C3A564721DE67E22_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\42FC8DD5E8A2B886EAF9EA0732EC6C8B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44D2D75986D109ADAD9A327919A60676_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44D1551384B4645B2287FAE4B63E7024_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\465BA4ABBA8E9083D0FABED25D377D74_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\45B834669DC417D6F4C667239225C580_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4661B43E44762B5F683810B21973B674_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4852EB53EDC7CD37A0D6B6F54A0713FC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\48614959E3EC2A9D80AC15B5F2A1615E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4861AE53C1DC58F5C1348392DAA31C3E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\48AA008D8CF0EDFE7FFBAD3CBB358225_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\49210B96C21B903C9DFC812A3DD7160B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\48DD1E1F4AA446953E376680D7C9FE21_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4933F1D191348226217F78DE7C1124DA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\493A82B14D64D3D47B1ACF3090E5D72B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\49723B43CD245A65EFCFA23CE236B2BA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4B16355530D4B80BC04F098F56482D59_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\49D58748B9492A903F10004709B1AE2D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4BF8C7DD15D721ED9DE240A6DB5D4AF9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4BC2D9DCF8C82164F7A2C4B0E3AFE895_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C54D4B9E7FC63ECF55B523785A21C52_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D4AB4F6F7A086AABB7A2408D1423C3E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D4E951D723E998B80F973899E11F805_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D70516853E6226352EA7AB682BD0312_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D75CF63C8AB5F747F1643A61EDD542F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D8E8377B52AE9D1F27ECC4CD8D5B618_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4DA9C694E80CC892A79CF61FEEBDA03C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E11C44AF11904E2709DED824922C431_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4E9DF9BEBD2FC89541E116B7BABD6CD2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F69B07910AEAFDA54148A5BD30906E7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F818BA8CF1CEDE0465E057CD7CBB967_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4F9CB169DB593F4D8BF6EC9383B9188F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5062BFE2FA90E14F5169433A7C7AD4BD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\514897679E7A046283A195C5BAC27703_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5199A7868F91B78CF7EF74D7B1D5BA40_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\51F3AAB5BBABD7DDBBA2B2F163956F47_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\522B483CF159F0F8F49034051E32930B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\536E097197A7116DD4DE0B4C5B92460A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\53DF25DFF609BB72CD7FD6C588A94CB6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\53F801F73948E262B23D3AF7596D9650_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\540CB0C4A90ACD634EFE4A4413A4D5A2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55997EBD83F4DCCF1F63E7A16F2C3264_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\559E5BD0497D0174D5CF5D3961D43982_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55C948A4705D775CC951EEC06F2D3E20_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55F0FEE6BBBD76B6A224F8B1B844F286_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\55F9A02C7D75A7E5BD793C26EB03399C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5730A047BBD6B1CF40E16D436779449D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\57E062484E80A9A4029E9BA8FA37A976_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\586A36E09FED08556E36C09C195DBB8D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\58ED3DE14369FE971B1774D374281DB5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\590728E28A0C1C508F5604F4BFEC6A2A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\595B988AEE34D501AA2A5B1DD306DAAD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59ED0197EA66B1BD96CC93BFDC96772B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A93CFC1BEB7959043F8A06D503C63DF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5AAAC76A8D4C8221D547B29FBBD942E7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5BADE8EF5258851AD84203E26ADC7D1E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D0BA78EEB16E5805949D1DB1C5B1362_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E4C7CEFD7D6ACDAEE21246A6DF7E4C6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\605C7E71FFF227A507181890DBDB99B2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6094531317C43C9791F7B48C7C7083AF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6109B1EFE2708A7229A5E12A6F44C2F2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\618C906274345DB4F543BF0F769C9569_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\623CB5AF65D7FEA86B49C5E2FA45EFB1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6260D9B6F1089CCFFED238C0430CA10E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\646B902CA6F5CEBC165C644FC4FE27BB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\64775C19A59AFC19C69C456F25892375_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6621810C07B1EEC58CC43D859D1FAC1B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\626838F7AE59C99E283A58F7AC5BFA97_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\66BBE2BBE44213B94413D2CC2F418EA5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\66C942C738209A006CA987161C8C2BE5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6547BF0CC1DEC4D7E23F342AE5F602B7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\68A8E59CDDFF819FC79A825ED4189422_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\68B2D1C877711402ABCF57C2E231D9BA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6C4B41C188DC4BEB8CD248863BCD0E58_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B0FFE2FD6E8344C4ECE93C76D3893F9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6CF2A57BBBD904C15F4B06F16CC8B8DB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6CC752536DF375F5D9D3951A3A625807_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6D0AC4B489547959DC51F98B904A4E7D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6DADC710E9596F247A6BCD2A1915EA68_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6DC12D00E450A628B95AD2E0DD2EC72B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6E4A8AE8457DFAE2939549D4A1141293_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6E4E2F624B502B3CDD32F090C8294791_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6F1C8BFA9769302A74EF2715488B44D1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FBCDD46CC951583D0EB747B185AE7E0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\70688A110C4E1BC709D3FBAEB45788D5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7041B8B74BB4E4A04A7F3CBAB788BC66_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\716ABDE81C1134391AC7E4597DB0E092_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\71334F3F692055B7C4BD413E1791F1DE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\718F52215C6BC750492A0DFE1F9EB8B7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\718FABF8DE29738222B32BB28BDB2F96_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\71FBDD858A6121BAA2CDDCC6069A1778_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\72AE527C9220E067AB7E2AD190DC0293_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\72822E82E92F965AFFA7BDA20B83197B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\73977B751DA34E69BE1C4C1FA5D4B904_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74D7F90F5978F427F9D2419118F4F522_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\759C34BE337DD3E681B3E6CDD5265611_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\747D5462F191B45CDCF4DE3E18EC517D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\75A3DFCB2C987104760F11512079558D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\76D1CC9AFD03090CFAAD914720B2D46B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77306B56D1B8090878EEC93673CFE82F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77593925594238F324D2C72161CC1205_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77900308C91FC6F5650B9A415F434365_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\78CFE96C09DAB9AB785FB0E26A6E7FC3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\79EC420E299D21B500A8878BDACAAA70_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\78EC4FF62124FBF1E45B46B7BF792E96_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7975F9B1B549FA954B7183E341BC5016_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7A04A3C9408748E13E58377BC3B42DD2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7A86A751C5A7D37BF7127E0B66D3C1E0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7AB81A21702034A43B46F3385F81FE36_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B4E812CB39D90DBEECF738E3546A95B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7BF7DCC860E1DD14DF482FD9A0BCF4AD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7C9CA9BA1C49DD1381F536EE9EB02B59_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7CAB8896F2DAFEF14710A5C8BA1276D3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D4FF36C382F8FCFC073077B0E56C0DB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D9AE782A66A98E6E44D91575A9C4DBA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D9823C36C7D03A283849ED8B7F66622_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7F2DE00E77E957D06E28FE6BE8B9E4CA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7E22B9723A4BD807B9570EF2042B3760_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81958FED41711813EBE00DB620DCB29A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B398F2FA3A4473439FA2401A6999242_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B9A26CCECFA1581BE8CBF55BFE47F03_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81A97D7D92F0FABB4911D3E3CAD802F4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\82251A782FA99C09B1B857E4CF312300_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81B54D7CAB94981A50ACB8F29C05D518_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81F6F2F7B854EE2D434AF9A1A268BAE4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\83F32BD86DE5464C6AC9F99943289967_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\812CF38267726C540DA1AAA878A2EE6A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\85847495EF1E79BD72A0D6CD1AB38749_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\852C73272254EBDA7DAEDA9B36A7032C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\84DFB4D22786E349716F16783B26550A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\84E241229FAB507CA21C99C1D8964006_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87825F93EADACDF8A7469364142D06CC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87D461D11F7754F931973A479A753754_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\87909324A0367952586E7F78CE0C86BB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\89FF6A9CBCE80C968D8ACAB3E11A2A90_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\894C3A82D6946EB357DE83D1BB22F561_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8822CA1B621600BB49047F95A609C90A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\886E2010896945F7E0342FA49F5F8D9F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A1105F25FA8E8315BC11F4407A6A368_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A81B3F89106546A325BCE88180C3ADD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8AEA07FDBCC73DDC5B5D731AB851F130_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B7FEABEC36FE53772F66E249D321E20_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8BF958E647235D3D79D66F368F02D493_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8C0C89B676E843348DA8A9AC5D7C22DF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8CBCFB7FE5EC77A58F43E5258349E479_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8E23775BDB65EC0411C1F3FEE42A6DCA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8DED4C527D0625C3ED2271B11987BD87_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8D5FE7274AAD956159C984CC619890D1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8F88C94BCE5B22665C79C31D221108B7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8F129F4E00C216024EFFE86BEF7E5FC0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8E69ACEB9CB2BFC5755AF3A0A7B61A60_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9036BF0BEC4D948D0F281DD6B1D29E13_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8F90A48FE25BE2CD6FFEEF48423FE4C9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9130DA1784A8FDD424C94026DEE4950C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8EA0460B10F7AF9F76899B7DCB6099D8_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\927152C031E56DC4B4B26412DEE1183C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9056DA49588504120AFA170E2F25EBA1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9156DB77AE77FAFBA40E6F6E75E18716_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9388291F1C47F850B5C0B02973E12441_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\93BF8F1B2D737A0080B80BD60EE18FB2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94415E2E5FFEE0A8C9D820301C4E2B5F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\949C0E7B9A2F613203E1A87CA8D93DA0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94C1868E6F8AC6555CD368D7CCCAE448_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\952F44B5E8C5188DFF2CE5B6C3C85968_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\95356156C094E9231DF0947EE19780C0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\961302E13A07C98AC340EDD321AD160A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\96311C7CB8F4589730FB21C86F5F79CC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\96F4C3B6EDB942704551F1C37AFBD145_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\96F96B7BAAC13E51C62A48BD5631C621_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9736E12DE2630CEDADDA0A172A4791A7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9ABEAF7C164705F4F779580548C162BF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\980BC27DCD8716AF99980A9268C37096_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\997BFB3F17BF78504014E64426FDB131_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9ABEF70821AF3119BFC3AFF5D5A01144_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9B28B3467EBF8B4EDD84F8F3906479AD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9B6388335332DFBB1F0B73DC977FD253_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9B75DB24786950A1E2AD8C8E1BFD6AF1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C6B88E0F6E83DA1C92B96606B907FB0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C10673F942822190B79B711C3BAAB5C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C4EAEF33270D967DA28BE77BF0D2DDC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9D06DED8C8313879FD04C8EEBE62F3B3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F2A58B158313AD6462182581E516805_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9E227C2AAB0F3526329C8A84704F3DD3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9DE459132FDC831529EB832951C64CAE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9F7DE9C77A9792EC127C824AE000FEED_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A071293EE4D9C2825099508AAA1488AF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A016B405CE40F4D5B31C33154F5F422D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A026959528B6072453B46489A9FC2144_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A0C717ACB3005A8EDECA39FD8A50D5A1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A1166246B0FC6590C1D03D572880364D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A17CE61412BE69735256661F187B3535_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A2613D86522FE1AA957C7CF283C0B9C5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A32B597FEC8B898EF2DF92DA9B7B1483_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A342BAD938363A154CBF5536FF4DD5D5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A36276371A25E489482D5BF2BB37A837_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A4ADCE3AC7F3C9CD53122E54D59F34D9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A523CF9607078663781B2B0D96458D73_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A55C562CBDD4F38945EAEDAEB97D5157_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5A51ABCBDCF356060CFB0A6B2B5D0DC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5D54B834033B99C300D986609927827_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A5F55A2F360423E7C79A78D62C382042_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A66CD8B235BE0B97166345A35728BCD4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A91144EA36FE5E96D5D9D26393E1FFFE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A9C05474FFD0C59C0C616B117DD14AE1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA1835C1A4B86DA63C03D5E1503CEB64_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA9A32756654EE9F608C6172E40E2049_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AAC8975B3EB7B5D01FF48E273C96A9FC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AAD2548D7000257F18E1DFFDCDBDF9F2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A8A4807A78A142155B60D3FD99B39EA7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AD0905C801C11E8A892911D57E552B25_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AC12ABAF1363FE081922E8524F5D970D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AD93BB59300888505D850A306A2707F2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AD558DD46A76DA5692617C379E2AA4CF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB6542F6D40CD4464D8E8F6B767C9907_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A77363A78FB40B3DED680D69E91815BC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AEC3730A499553280ACEB7833BE1C6D1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF4EAD0EDEAD42AE0C3954FC058FB0C1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B05146317BA4807AB8F688C0C1F18689_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B069053C419AFEC46B2E72305B7A6889_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B08BA80CA627F14DEE1E373152C4EFCF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B09C3675BBBBB3D746066006DC4B292F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B248C89BA5791B4DB7F835C1A14B9B4D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B265EA368AC0E4B059D1F86B481BB2C1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B272BF414D12A6AFFB8F442ABD3598D0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2D0B5480FC91C12F3D0A8F7EB60AD63_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B4784074F5434617C2F9539AD4E760D3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2BAA3C205AD589809D866D6DBD0502E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B353B05ADE0EF1C24046ECBE3591C0D0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B6833EE2296CB6771BAFAF04C120D135_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B748256E93B73D9F32AB7EFAFF978FB0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7FD7B1941F6317CB30BCA49EBE61561_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B80A7A56DC8690F3C01325A968FDB8C0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B890E19754746066CA66FB9FE1E4A07B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B95207C3244BB5F6692AEA66CA20FB0A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA2DFCBC655C443B3B736963A2502632_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BA5F73B40DFE8854DD392A6892EF5B7E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BB3AF356A87AB1715B88006540B8DC71_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BB671D383F5C834520D60F7B0B811BE4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BB8ADE7CDC1EE690C4D5CC7BE885A97B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BD0FE1D75A5150C3FE1C49FB7C5BBB33_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BC25E8B52725E93422C0F1058913B021_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BC672FA6EA05B8A57DC5BA8DDB2853D6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C01AEBB50911C00F7EB26FE437E9C5C2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BE11B993876DF294DD5CC2AD00EDC4FE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BFAD3ED8D95BF4BAA34B6E8A5DCDD7A3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C074DB2A9AD9AACC417E825AA60EF8F8_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C08FB66C38C59C57B7AEF734E7939463_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C113FFDA1CBD83B8DDD1EE5C5438B65E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C1BB40B662F7ADA7EDEB6BC8CF39D641_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2723B9AC07F24FA6F111BCF6BAB62AA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2A3DCD00B358570BF169829914883EE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2AFAEF09005C03DFB7B9A7BF2AFC948_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2B16F12ABB8FE6F51404F4A364726E3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C486B48E5328382FB0448CA3E067CD7F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C4A6DE49E3D2E26D1A93D9785496B7C3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2D47D902E59DACC107EC65DA1812C59_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2D6B3E3CB439C64D9C8CA211C032097_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C4B533595611E026F7854CA8D7AD1711_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C534E0946364CC00A819320A2692E05A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C5552440B3D8311A8367FDC9BF22A5D2_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C589EA0292C5E5F7D66B376751F94785_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C7A346DFE8E55D3EC73667F9D5B85212_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C64B3D0CE3BFE48117E88AA33FC57273_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C628EF45CE5CAD895D153F0525FED324_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C65A07FFC06566EE28733972FC1D68B0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C5D343A47DA431461F9FF1D704F713EA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8FF21A4B776362DF762A2623F7BBAC0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8365C0DF681EDD53E8F5D414FB35370_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8B9A7E612FE8CF2FCC98C301519A18E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C905E3E1BA5976E405C53E55DF66C6A1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C9D520BB008280B99B6E29A405BA7310_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C9DE9619270D0E3E74E5C6DCF1C23B8E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CA7DB0BE0CCE10AF57042346F97BA69A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CA8C7E9C861A6E10CB53D87ACF873285_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CAD1F57E9EF1034B3D06A58C522A4DA1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CB4803914ADBE70B2B73FB6643815550_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CB892917A62A707C4EFAD5C6D607149C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CC1DA74AC8F65590453FD9DAC901CB8F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CC460A7E209EE838956DA4253B505BDC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CC7B3FA3F5378859B684994586F0172E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD06F924E4F75B45D258E57D50107EC4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD6DB7AFCA33E782DA4191BAF2629B92_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CD76613765A4FB8D7FFA4204FFBCFFD0_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE7B2E335FF82619C319DFD8CC0045E1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CF7466C2B4284034F63110CF39751455_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D00474D9AE7A64186D67BD320FD31816_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D07AE7EE1CDA7FEBF4812E714C1A2C55_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D0B8AE683CAFFE5B0DAB28E18BF90301_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D0C22C11394E40B2F107D4ECCEC87CF8_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D1C09A206AD256060BDA807BF93A42A9_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D2C3EC3514DAFF326849CC74DE6E7786_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D3248232BBE802352B4ECF284C1ACA28_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D34663A50FA9747F36436A96DB927315_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D435770B38CBC39268E4B448F55BE403_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D438E85F6C3E119C86C762912392F676_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D63919DFF6A2541A729D92D887C749ED_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D741FDC962C6959F1B5E3BFB4C8298F4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9A3F1DE67C7D81C32877151DCEA2E4E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D96016F8057CDF6771C85DB5A4B47A97_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DB98897D358F7D8F619DDD861B173630_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DA7950606CCA7DC3037E59025E2D53CE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DC9C691CC7FAF3502BB71C622B832CCB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DBDE9F9C484F2F07FD0DF3B0CC9659E8_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DCB1098364279F349CDBA530E0331993_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DD1FAB15766910B6B6D6CBE202633D43_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DD5402A01C6963B9719A3A54C994AD29_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DE028E0EBB58286803E470E7E73E559E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DE921A30B04C4101499615E6591989A1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DEDE6BB84B452AB19F9E934DEE32D7FB_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DEE28D784F5B1BD4D2AD9556C5D32092_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DF25B21E8C3CC4C0BD07677CE93D758D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DFCF4E3150BC00485170F1F7F5DE63F7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E02867D349A8BC82ACA7A71DA2E3D511_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E2291F4634A29BD650091C2723AAF059_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E16D30B1901CF4790FC19622684C82F8_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E46DE92BBAD2ECA75CF22BA4365A54B1_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E42BA85A180DCE260AEA58540878762A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E4AA540193F3B92FB2CF97BF9E1EA756_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5036CB1215CAD56A8CDBAF9C1DDC7DE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E50F5813351B9E7608BC6BE8EC217330_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5749F3C58D64B68EA723F78FC134B3A_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E74F7241B2466BFC80FF218CB625851B_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E759614F65DA9242D8A5BB91E51F9F6D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E789DE0035434EA134067B032E0A6601_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E7DB0F11B6EAC68E82299AA066C523EE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E8065710AC6127D200B3FE410C023B50_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E916C4E078CE2931D88F921929A7B2DD_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E80F1C4E32667172CCD310F01A1701BE_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB63528972361AF061E107424E783209_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EAFE58CA5ADDCF6ABAE6A4A987E0E660_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ECB7D4B6EC32B59EC70D89357E2FA90C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB9FCDA0C396BA43D3F5435387D241E6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ECF4389843F6AAB2041E5182077FEA10_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ECE3A3E2D0E96A8BFA7407837746A54D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ED02BDE71DFEEFB98616C785F9DD6443_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\ED7B68FAC118F3C9F2E5C3C2022BCF27_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDE572D777488679394BB16F3191105E_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE294B3E0A55762C09A83B7AC1E00A95_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EEBD4E541481A0DF2605EDD1B1B0D9B6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE2ADDB6FD7DCA3CE0C4F84FC020D8CC_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EEDAE374F786E02B8251B57074D91CEA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EF44CE22B05B10BB023D620BCCD35DBF_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EFCB1188063E685A190B76E787EDA927_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F26782E1AC1F7B60DE8149FF77917840_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F13125F3130F121AACC76E975C166A14_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F3BBA1F0CE9CAFB572224287AD795D70_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F3BE5F626CFAD07BE7EA538742D397B7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4276790D11EBC7CAD04AA4A4BEF8C15_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F49D7B185C52F93726C538B7B2220E84_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4BF87F4A338AEB7BC822E0A73F80CE7_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F53B42EBB8A0F4B454B135319521B344_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F619C5AFA4C4DEDA59EEDB89B62B52F5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F67251BF16811E21DA5328C790E94D9F_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F7279D2EFE243DA2E07CAEF97BE0BF35_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F727FDC98AFD4BB9C2E130536C8C5AAA_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F78C19DE9F93B5EC95DB486BE63E3DB3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8702A9F984B61751ED5B75C5A210226_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F7BCA8F7FF6A239EECA7490FD9AC3E36_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8CFDB1D8128202CCE2058ED8A3A16C4_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F88529EA37DEE3D7C02C10CED1EA484C_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FA58DD449BCFEF87BF5819C2ADCA11F3_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FA691C9982B36FCEB0B896D1EB5535D5_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FC5BF53704A57C040E70B97F350C2D5D_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD3D8E2EC010F4C39AC9F25FFD867763_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD43051A60A12AC1A21E254838B27BC6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FDC7BFBB8D1C251D535F8BBB008CCC78_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FFABDAD76DBD53DAEC9E5DC1E1722BF6_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FFF27E02541BA811EA325393045AB515_24D15555-3A2F-49D6-AB5B-A3B80EA93EE6
-
Same issue after doing those things.
-
The only one that gives me trouble is yahoo.com on Firefox. Internet explorer is fine with all search engines I tested.
Here is the FSS.txt:
Farbar Service Scanner Version: 22-06-2012 01
Ran by John (administrator) on 23-06-2012 at 11:53:41
Running from "C:\Users\John\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
Action Center:
============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
-
Sorry about running it again. Next time i have trouble i will ask for help. And yes i did run it yesterday, was trying to see what i could do to fix it, but was obvious pretty quickly that I was in over my head and needed help.
Here are the contents of that txt file.
2012-06-23 13:40:58 . 2012-06-23 13:40:58 139 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-uTorrent.reg.dat
2012-06-22 23:38:51 . 2012-06-22 23:38:51 1,276 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-Microsoft SQL Server 10.reg.dat
2012-06-22 23:37:01 . 2012-06-22 23:37:01 198 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-Apple Computer.reg.dat
2012-06-22 23:36:58 . 2012-06-22 23:36:58 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440}.reg.dat
2012-06-22 23:36:52 . 2012-06-22 23:36:52 118 ----a-w- C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{cce665dd-f6dd-4808-968e-eaec971f70ef}.reg.dat
2012-06-22 23:30:09 . 2012-06-23 14:00:42 20,303 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2012-06-22 23:20:44 . 2012-06-23 13:55:18 257 ----a-w- C:\Qoobox\Quarantine\catchme.log
2012-06-18 02:28:00 . 2012-06-18 02:28:00 146,432 ----a-w- C:\Qoobox\Quarantine\C\Users\John\AppData\Local\DFX\Apple Computer\ryspolxg.dll.vir
-
Combofix log: (For some reason the first scan i did the log file was not there? Removed combofix and re-installed and re-ran.)
ComboFix 12-06-23.05 - John 06/23/2012 9:55.3.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.1043 [GMT -4:00]
Running from: c:\users\John\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-05-23 to 2012-06-23 )))))))))))))))))))))))))))))))
.
.
2012-06-23 14:03 . 2012-06-23 14:03 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2012-06-23 14:03 . 2012-06-23 14:03 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-06-23 14:03 . 2012-06-23 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-23 14:03 . 2012-06-23 14:03 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-06-23 12:35 . 2012-06-23 12:35 -------- d-----w- C:\_OTL
2012-06-23 02:19 . 2012-06-23 02:19 -------- d-----w- c:\program files\ERUNT
2012-06-22 14:24 . 2012-06-22 14:24 -------- d-----w- c:\users\John\AppData\Roaming\SUPERAntiSpyware.com
2012-06-22 14:24 . 2012-06-22 14:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-22 14:24 . 2012-06-22 14:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-22 10:50 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6186E0E-A18A-4034-820D-3C8E137AF848}\mpengine.dll
2012-06-21 14:34 . 2012-06-21 14:34 -------- d-----w- c:\users\John\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-06-21 11:12 . 2012-06-21 11:12 -------- d-----w- c:\windows\en
2012-06-21 11:06 . 2012-06-21 11:06 -------- d-----w- c:\program files\Adobe Download Assistant
2012-06-21 11:05 . 2012-06-21 11:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-06-21 11:00 . 2012-06-21 11:00 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\21d76b571cd4f9d02\MeshBetaRemover.exe
2012-06-21 11:00 . 2012-06-21 11:00 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\20d316e71cd4f9d01\DXSETUP.exe
2012-06-21 11:00 . 2012-06-21 11:00 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\20d316e71cd4f9d01\dsetup32.dll
2012-06-21 11:00 . 2012-06-21 11:00 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\20d316e71cd4f9d01\DSETUP.dll
2012-06-21 10:53 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 10:53 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 10:53 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 10:53 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 10:53 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 10:53 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 10:53 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 10:52 . 2012-06-02 19:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 10:52 . 2012-06-02 19:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-13 11:40 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 11:40 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 11:40 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 11:40 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 11:40 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 11:40 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 11:40 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 11:40 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 11:40 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 11:40 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-11 16:54 . 2012-06-11 16:54 -------- d-----w- c:\users\John\AppData\Local\Macromedia
2012-05-28 14:05 . 2012-05-28 14:05 -------- d-----w- c:\users\John\AppData\Local\3DVIA
2012-05-28 14:04 . 2012-05-28 14:04 -------- d-----w- c:\programdata\3DVIA
2012-05-28 14:04 . 2007-07-19 22:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-05-28 14:04 . 2006-09-28 20:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-05-28 14:04 . 2012-05-28 14:04 -------- d-----w- c:\program files\Virtools
2012-05-28 13:36 . 2012-06-11 16:52 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-11 16:52 . 2011-06-30 11:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-24 16:57 . 2011-06-19 12:18 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-04-19 00:56 . 2012-04-19 00:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56 . 2012-04-19 00:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 19:56 . 2011-08-03 13:10 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 04:39 . 2012-05-09 14:22 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 14:22 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-30 10:23 . 2012-05-09 14:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-08 11:20 . 2011-05-14 11:49 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-11 3905408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2012-02-09 312376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
.
c:\users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-2-4 576000]
RollerCoaster Tycoon 3 Registration.lnk - c:\users\John\AppData\Local\Temp\{1F622389-E184-41F9-B1DF-77198C1E351C}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\DRIVERS\dualshock3.sys [2008-11-22 11392]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 257224]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-04-09 40448]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-03-24 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-03-24 8456]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-10 33792]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 81168]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-08 129976]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 20080]
R3 PS3 Media Server;PS3 Media Server; [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-28 1343400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-08-15 47128]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-08-15 369688]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 papycpu;papycpu;c:\windows\system32\drivers\papycpu.sys [1998-10-06 1984]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-03-06 57688]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-28 16:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
mStart Page = hxxp://www.yahoo.com
Trusted Zone: samsung.com\www
TCP: DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
FF - ProfilePath - c:\users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2576205366-1716655206-47981548-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{17779F89-A00E-3A6E-0B2F-FCB54DCDB749}*]
"hadmngcdieachhmd"=hex:6a,61,69,68,67,63,68,64,6c,6c,63,68,61,66,64,64,6a,69,
6c,66,00,00
"iajkddfkoanghocppe"=hex:6a,61,69,68,67,63,68,64,6c,6c,63,68,61,66,64,64,6a,69,
6c,66,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-23 10:08:27
ComboFix-quarantined-files.txt 2012-06-23 14:08
ComboFix2.txt 2012-06-23 13:44
ComboFix3.txt 2012-06-22 23:39
.
Pre-Run: 134,139,621,376 bytes free
Post-Run: 134,079,725,568 bytes free
.
- - End Of File - - 8E276692C8D34823905188EA7BAEB752
-
The Whitesmoke toolbar is gone, but all yahoo search results are still being redirected to garbage sites.
Here is the OTL log:
All processes killed
========== OTL ==========
Prefs.js: "http://search.conduit.com/ResultsExt.aspxctid=CT3198785&SearchSource=2&q=" removed from keyword.URL
========== FILES ==========
recycler not found in C:\
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\Plugins folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\modules folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\META-INF folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\lib folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\defaults\preferences folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\defaults folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\skin folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\sl folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\lib folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\core folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI\autoTest scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\TESTER_BCAPI scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\view\script folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\view scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\SEARCH scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\RADIO_PLAYER scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\PRICE_GONG scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\NOTIFICATION scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\MULTI_RSS scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\EMAIL_NOTIFIER scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa\404 folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\wa scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\menu folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\gf folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\dlg\ftd folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui\dlg scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ui scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector\js folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\searchProtector scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\options\js\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\options\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\options\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\options\css folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\options scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\myStuffDialogs folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\features\js\resources folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\features\js folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\features scheduled to be moved on reboot.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\api folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ac\res folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ac\img folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ac\css folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\ac folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al\aboutBox folder moved successfully.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb\al scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content\tb scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785\content scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome\CT3198785 scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef} scheduled to be moved on reboot.
C:\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Program Files\Conduit folder moved successfully.
C:\Users\John\AppData\Local\Conduit folder moved successfully.
C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\searchplugins\conduit.xml moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56478 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
User: HomeGroupUser$
->Temp folder emptied: 0 bytes
User: John
->Temp folder emptied: 53 bytes
->Temporary Internet Files folder emptied: 7413195 bytes
->Java cache emptied: 4151062 bytes
->FireFox cache emptied: 106861506 bytes
->Flash cache emptied: 57180 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9544 bytes
RecycleBin emptied: 2162306 bytes
Total Files Cleaned = 115.00 mb
Restore point Set: OTL Restore Point
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: John
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.52.0 log created on 06232012_083545
-
Here is the MBAM scan log:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.23.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
John :: JOHN-LAPTOP [administrator]
6/22/2012 11:06:59 PM
mbam-log-2012-06-22 (23-06-59).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 246388
Time elapsed: 7 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Here are the OTL logs:
OTL logfile created on: 6/23/2012 7:22:05 AM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\John\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.73% Memory free
3.98 Gb Paging File | 2.82 Gb Available in Paging File | 70.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 117.40 Gb Free Space | 50.43% Space Free | Partition Type: NTFS
Computer Name: JOHN-LAPTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/23 07:13:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
PRC - [2012/03/06 19:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/02/09 02:06:48 | 000,312,376 | ---- | M] (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/09 16:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2010/10/28 19:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/08/23 10:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/02/23 20:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
PRC - [2007/05/31 17:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/14 07:15:07 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 07:14:57 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 08:35:05 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012/05/10 08:34:32 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 08:34:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 08:34:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 08:34:02 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2009/12/12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (PS3 Media Server)
SRV - [2012/06/11 12:52:48 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/08 07:20:34 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/10/28 06:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010/02/28 01:20:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003/01/17 03:59:56 | 000,001,984 | ---- | M] () [unknown (-1) | Unknown] -- C:\Windows\System32\drivers\papycpu2.sys -- (papycpu2)
SRV - [1998/10/06 14:36:26 | 000,001,984 | ---- | M] () [unknown (-1) | Unknown] -- C:\Windows\System32\drivers\papycpu.sys -- (papycpu)
SRV - [1998/10/06 14:36:26 | 000,001,888 | ---- | M] () [unknown (-1) | Unknown] -- C:\Windows\System32\drivers\papyjoy.sys -- (papyjoy)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\John\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 19:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 19:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/09 02:06:40 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/08 23:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011/03/24 10:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/03/24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/01/01 10:12:18 | 000,081,168 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/06 23:24:32 | 000,020,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2010/08/24 13:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 13:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 20:14:49 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/25 17:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 17:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 17:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/02/24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/22 13:48:16 | 000,011,392 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\dualshock3.sys -- (dualshock3) DUALSHOCK3 Controller HID Minidriver (USB)
DRV - [2008/07/10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007/04/03 13:59:42 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616unic.sys -- (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM)
DRV - [2007/04/03 13:59:42 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616obex.sys -- (s616obex)
DRV - [2007/04/03 13:59:42 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616nd5.sys -- (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS)
DRV - [2007/04/03 13:59:40 | 000,100,360 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mgmt.sys -- (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/03 13:59:38 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdm.sys -- (s616mdm)
DRV - [2007/04/03 13:59:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdfl.sys -- (s616mdfl)
DRV - [2007/04/03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2005/03/09 21:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2003/01/17 03:59:56 | 000,001,984 | ---- | M] () [unknown (-1) | Unknown (-1) | Running] -- C:\Windows\System32\drivers\papycpu2.sys -- (papycpu2)
DRV - [1998/10/06 14:36:26 | 000,001,984 | ---- | M] () [unknown (-1) | Unknown (-1) | Running] -- C:\Windows\System32\drivers\papycpu.sys -- (papycpu)
DRV - [1998/10/06 14:36:26 | 000,001,888 | ---- | M] () [unknown (-1) | Unknown (-1) | Running] -- C:\Windows\System32\drivers\papyjoy.sys -- (papyjoy)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3198785
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2&a=DgVhNP4M09
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..CT3198785.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.21.0.11
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspxctid=CT3198785&SearchSource=2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/25 20:21:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/09 07:59:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/14 07:26:05 | 000,000,000 | ---D | M]
[2010/02/03 16:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions
[2012/06/22 17:36:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions
[2012/06/22 17:36:26 | 000,000,000 | ---D | M] (WhiteSmoke US) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}
[2011/08/10 07:47:02 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\DeviceDetection@logitech.com
[2012/03/31 00:04:58 | 000,000,000 | ---D | M] (vShare) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\extensions\vshare@toolbar
[2012/06/21 07:08:04 | 000,000,917 | ---- | M] () -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\searchplugins\conduit.xml
[2011/04/08 18:57:14 | 000,002,183 | ---- | M] () -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ffnmk6ox.default\searchplugins\MyStart Search.xml
[2012/01/01 15:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/18 15:18:25 | 000,087,923 | ---- | M] () (No name found) -- C:\USERS\JOHN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FFNMK6OX.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
[2009/07/13 19:11:12 | 000,004,819 | ---- | M] () (No name found) -- C:\USERS\JOHN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FFNMK6OX.DEFAULT\EXTENSIONS\ZERWSJEKUJ@ZERWSJEKUJ.ORG.XPI
[2012/05/08 07:20:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/20 07:55:02 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2012/02/13 07:24:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/13 07:24:17 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/06/22 19:34:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" File not found
O4 - Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: samsung.com ([www] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9320F265-75F3-49E1-8F5C-85C423F568FD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733}: DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
CLEARALLRESTOREPOINTS
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/06/23 07:13:46 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2012/06/23 06:55:27 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{5A48421F-6030-41E4-8433-7B8FC3AB4491}
[2012/06/23 06:55:13 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{DD62C071-3690-4A98-A5E8-3531DDCCB656}
[2012/06/22 22:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/22 22:19:10 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/06/22 19:40:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/22 19:20:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/22 19:20:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/22 19:20:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/22 19:18:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/22 19:18:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/06/22 18:54:35 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{C102EDD6-7E68-4F02-B79A-5216D1B99905}
[2012/06/22 18:54:23 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{EE5852A8-91C2-43CC-81BB-0DB6FB55D284}
[2012/06/22 18:39:21 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\John\Desktop\dds.scr
[2012/06/22 10:24:39 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\SUPERAntiSpyware.com
[2012/06/22 10:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/06/22 10:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/06/22 10:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/06/22 06:47:09 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{5C63912F-64A9-4357-A592-D3B6FCDCC623}
[2012/06/22 06:46:43 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{48D66B41-BBD3-48B8-AB81-66E0C5D07EDD}
[2012/06/21 15:05:45 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{AD727E21-C105-46E3-BD0C-A9FBDDBFDCA3}
[2012/06/21 15:05:34 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{735FCF54-B3C1-477C-A284-6E3045CFD476}
[2012/06/21 10:44:02 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
[2012/06/21 10:34:04 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/21 07:12:58 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/06/21 07:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012/06/21 07:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/06/21 07:05:30 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{3AE0167D-9012-41F3-A58A-F2FC68DEDA0A}
[2012/06/21 07:04:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/06/21 07:04:28 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Conduit
[2012/06/21 07:00:39 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{58FD684D-33C4-42FD-955A-EA9A4EFF2759}
[2012/06/21 07:00:02 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{7E08D90A-6206-4B6E-A67C-F9F1A1D557BA}
[2012/06/21 06:59:52 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{FDF459AA-A107-458F-BC28-BF84B1277EE0}
[2012/06/21 06:53:53 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/21 06:53:52 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/21 06:53:52 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{9F7C556B-138A-4C08-A717-8D8B66764E3D}
[2012/06/21 06:53:23 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/21 06:53:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/21 06:53:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/21 06:53:13 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{BAC24AA7-A921-4004-AF0E-03324984E623}
[2012/06/21 06:52:47 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/21 06:52:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/20 09:37:43 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{D4FD3AB5-3316-47EA-87C9-5DDE9B1C27B0}
[2012/06/20 09:37:25 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{95881B8A-0EBA-40E4-B504-D89128B130B4}
[2012/06/15 22:19:26 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{49D61010-7B3F-42DB-B396-9911E33223EF}
[2012/06/15 09:54:07 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{6F23AAB4-13B6-4EA6-BB4C-B4BB2942B2C0}
[2012/06/14 21:04:07 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{DC1D7565-84E0-4BC2-BF99-9B8D3CEFC244}
[2012/06/13 22:33:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/13 22:33:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/13 22:33:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/13 22:33:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/13 22:33:22 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/13 22:33:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/13 22:33:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/13 07:40:54 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/13 07:40:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/13 07:40:52 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/13 07:40:51 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/11 12:54:00 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Macromedia
[2012/06/09 07:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/09 07:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/06/09 07:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/06/06 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{A23D4AC7-8DAF-4282-94BD-23391ED1229E}
[2012/06/06 18:02:10 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{5ADF7BBA-1F5C-4F81-B093-42210A008A94}
[2012/06/06 12:45:01 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{502BA10A-2CD7-4F9E-86C5-14532F5A0F64}
[2012/06/06 12:44:49 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{2AFCFD8C-E193-4353-A5D9-7157F65D5E1D}
[2012/06/03 19:55:21 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{7E6E0E4B-E1D9-4891-8A69-2D0A19F68302}
[2012/06/03 19:55:08 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{973C4EE3-AEFA-4154-A1FC-51B302A0354E}
[2012/05/28 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{07E6DAB2-8ACA-49D4-868F-AFAC19089DDA}
[2012/05/28 10:05:18 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\3DVIA
[2012/05/28 10:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\3DVIA
[2012/05/28 10:04:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012/05/28 10:04:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012/05/28 10:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Virtools
[2012/05/28 09:36:31 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
========== Files - Modified Within 30 Days ==========
[2012/06/23 07:23:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/23 07:13:57 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe
[2012/06/23 06:54:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/23 06:19:51 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/23 06:19:51 | 000,015,024 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/22 22:19:11 | 000,000,894 | ---- | M] () -- C:\Users\John\Desktop\NTREGOPT.lnk
[2012/06/22 22:19:11 | 000,000,875 | ---- | M] () -- C:\Users\John\Desktop\ERUNT.lnk
[2012/06/22 19:34:29 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/06/22 18:39:45 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\John\Desktop\dds.scr
[2012/06/22 17:43:58 | 000,689,724 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/22 17:43:58 | 000,131,158 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/22 13:59:25 | 1602,781,184 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/22 10:24:17 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/21 10:44:02 | 000,001,001 | ---- | M] () -- C:\Users\John\Desktop\Free Window Registry Repair.lnk
[2012/06/21 08:20:57 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/14 07:26:06 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/06/14 07:12:02 | 002,333,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/11 12:52:48 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/06/11 12:52:48 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/06/09 07:59:36 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/06/02 18:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/02 18:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/02 18:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/02 18:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/02 18:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/05/24 12:57:34 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys
========== Files Created - No Company Name ==========
[2012/06/22 22:19:11 | 000,000,894 | ---- | C] () -- C:\Users\John\Desktop\NTREGOPT.lnk
[2012/06/22 22:19:11 | 000,000,875 | ---- | C] () -- C:\Users\John\Desktop\ERUNT.lnk
[2012/06/22 19:20:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/22 19:20:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/22 19:20:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/22 19:20:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/22 19:20:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/22 10:24:17 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/21 10:44:02 | 000,001,001 | ---- | C] () -- C:\Users\John\Desktop\Free Window Registry Repair.lnk
[2012/06/21 08:20:57 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/21 07:06:05 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012/06/14 07:26:06 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/06/09 07:59:36 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/05/28 09:36:34 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/02/29 08:58:55 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012/02/26 17:39:41 | 000,120,832 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2012/02/18 12:45:00 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2011/10/30 14:52:38 | 000,000,292 | ---- | C] () -- C:\Users\John\AppData\Local\HamsterBookConverter.cfg
[2011/08/23 11:19:30 | 000,011,392 | ---- | C] () -- C:\Windows\System32\drivers\dualshock3.sys
[2011/05/06 11:27:49 | 000,173,045 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011/05/06 11:27:49 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2011/04/22 10:50:30 | 002,340,992 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/04/22 10:50:30 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/04/22 10:50:30 | 000,018,048 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/04/22 10:50:30 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/04/22 10:50:30 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/04/03 12:06:22 | 000,001,984 | ---- | C] () -- C:\Windows\System32\drivers\papycpu.sys
[2011/02/27 07:32:18 | 000,000,036 | ---- | C] () -- C:\Users\John\AppData\Local\housecall.guid.cache
[2011/01/21 11:34:03 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010/08/14 11:10:22 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/06/25 13:09:42 | 000,000,192 | ---- | C] () -- C:\Users\John\AppData\Roaming\default.rss
[2010/05/20 08:07:21 | 000,004,608 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/15 08:52:05 | 000,002,682 | ---- | C] () -- C:\Users\John\.recently-used.xbel
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %ALLUSERSPROFILE%\Application Data\*.dll /s >
< %APPDATA%\*. >
[2010/04/14 12:50:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Adobe
[2012/01/08 18:59:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Amazon
[2011/11/05 13:20:58 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Apple Computer
[2012/02/29 09:14:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Atari
[2011/10/30 18:01:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\calibre
[2011/10/20 07:55:02 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Catalina Marketing Corp
[2012/06/21 10:34:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/02/18 01:15:32 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Lite
[2012/02/26 17:40:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FreeAudioPack
[2010/02/15 08:52:05 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\gtk-2.0
[2011/12/04 16:31:31 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HandBrake
[2010/02/03 16:10:48 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Identities
[2012/01/08 18:58:33 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IObit
[2011/05/12 17:34:38 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leadertech
[2011/05/12 17:31:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Logishrd
[2011/05/12 17:42:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Logitech
[2010/02/03 16:48:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Macromedia
[2010/02/10 10:04:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MAGIX
[2010/04/14 08:00:44 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Malwarebytes
[2009/07/14 03:48:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Media Center Programs
[2012/06/11 12:54:00 | 000,000,000 | --SD | M] -- C:\Users\John\AppData\Roaming\Microsoft
[2011/12/26 10:55:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\mjusbsp
[2011/02/27 15:07:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Motacore
[2010/02/03 16:36:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla
[2012/04/22 17:02:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mp3tag
[2010/06/25 09:45:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nero
[2011/05/20 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PMS
[2011/04/16 18:59:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\rockbox.org
[2010/04/30 08:28:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\SanDisk
[2010/04/27 18:08:31 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Sibelius Software
[2010/08/14 11:45:14 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Sony
[2012/06/22 10:24:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\SUPERAntiSpyware.com
[2011/09/11 10:02:27 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Unity
[2012/06/22 22:28:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\uTorrent
[2012/02/18 13:35:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\vlc
[2012/01/20 09:19:21 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Windows Live Writer
[2010/02/04 09:18:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\WinRAR
[2010/02/10 10:39:51 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Xara
[2010/06/04 20:08:43 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2012/06/21 07:04:37 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\John\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/06/21 14:55:12 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\John\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2011/10/20 07:54:54 | 000,485,576 | ---- | M] (Catalina Marketing Corp. ) -- C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp\UninstallCouponActivator.exe
[2011/08/23 16:01:22 | 000,446,384 | ---- | M] (magicJack L.P.) -- C:\Users\John\AppData\Roaming\mjusbsp\magicJackSplash.exe
[2011/04/16 18:29:32 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\John\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
[2011/04/16 18:29:45 | 000,582,536 | ---- | M] (SanDisk Corporation) -- C:\Users\John\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater.exe
[2010/04/30 08:28:19 | 000,354,744 | ---- | M] (SanDisk Corporation) -- C:\Users\John\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdaterInstall.exe
< %SYSTEMDRIVE%\*.exe >
< c:|Fun4IM;true;true;true; /FP >
< c:|Bandoo;true;true;true; /FP >
< c:|Searchn;true;true;true; /FP >
< c:|Searchq;true;true;true; /FP >
< c:|datamngr;true;true;true; /FP >
< c:|iLivid;true;true;true; /FP >
< c:|whitesmoke;true;true;true; /FP >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:6B9ADB51
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >
Extras.txt:
OTL Extras logfile created on: 6/23/2012 7:22:05 AM - Run 1
OTL by OldTimer - Version 3.2.52.0 Folder = C:\Users\John\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.73% Memory free
3.98 Gb Paging File | 2.82 Gb Available in Paging File | 70.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 117.40 Gb Free Space | 50.43% Space Free | Partition Type: NTFS
Computer Name: JOHN-LAPTOP | User Name: John | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB61A2E-17F2-4268-A071-8D364C14BEB1}" = rport=137 | protocol=17 | dir=out | app=system |
"{12924728-534B-4B67-968A-F12EAF756087}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{12A37AFC-02C1-465D-9956-2B23C651AE6C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15F3C870-08F4-4D1D-8965-D11584308933}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{20634523-7618-4F2F-ABE9-4C35C56D399D}" = lport=139 | protocol=6 | dir=in | app=system |
"{22596AD2-6E7A-4828-BE38-B22A5642B84C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{24C75EBD-593E-4594-ABAB-2919AA81FE77}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2D31B0BC-1971-488E-99DA-20C5F40048B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2EEBFE73-283C-4DF2-B8B4-28145FAB3650}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{397D001D-CFB6-4349-B0FE-11BF72BC2F08}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3BCACCDE-21F3-482D-B317-6296858595BD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{4BE09B40-3644-4F66-97B5-836D66686842}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65480BD0-8C03-4F9C-B0D1-16A6FCB88D4B}" = rport=445 | protocol=6 | dir=out | app=system |
"{687FD186-19A5-4EAE-B5DE-89A2C93F4101}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{693B70A6-C5FB-4CF7-A218-412178332F9B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{733253C8-428E-47BA-BD12-5BF497D7E980}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{7758C9D7-229D-48B6-B2DF-A71574B98E5E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7781EFBE-3838-4CBD-9BA8-FB91E4BCC475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{78CADCE6-EAAE-476E-A1A9-F4C4435E933B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7BD9CF99-E0B8-49DB-A3AC-5DCD6139B16F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FB8F152-AA56-406D-A684-6CCECEE99289}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B51958D-542C-43E1-BB61-4F97129762D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{AEAC5E37-985A-4BE2-B82E-B7A33AD6B265}" = lport=138 | protocol=17 | dir=in | app=system |
"{B35833C5-3E19-4D08-ADF8-00AE55026E48}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B62BB39C-4CAF-4D55-9122-B4E48ABE9D9F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B69DBB31-14BA-4AD4-B849-E49FDC15566D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B94038DE-59BD-4E6D-9CF4-F9191ED57886}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C2895181-7A17-429D-A4CD-5B2612946D15}" = lport=137 | protocol=17 | dir=in | app=system |
"{CFFA2A4E-CC84-49DE-B285-916148226026}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{D943EEFE-05A8-4C1D-88E3-4AE3FFCC1890}" = rport=138 | protocol=17 | dir=out | app=system |
"{DFBF32A4-8DEA-43A9-A6C1-A8D6CAC60CDD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3DE20EC-EF30-44F5-9B62-98D8ADEF8210}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9F104F5-1D91-496A-8D1F-953D7A1914E4}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{ED48C23A-71BA-49D7-90EF-6586467FB1F4}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF3B9682-AF05-4F2E-9BEC-024AF0D7F70C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F668BD21-1CCB-40D4-AA37-8206F4A84DBE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F78880CD-2B63-4526-92CE-392DD8570964}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FC44DA34-1573-4217-AAAE-5D99805D1320}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006ADD75-1BDF-446D-8417-7F23F2E9C68F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0B1FAE33-6F4D-497C-9DD7-0D884357F5F1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{102E1B8B-68A8-4E19-90D3-2D2B3A5BBDDE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{12849527-FB07-49EF-9E78-4B4B73B159E8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{196ABC68-7CEE-4E47-AFCA-CD50793E9ECE}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1A19BE57-C9B9-448E-A39A-1982691D7868}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1C9202CC-6374-4627-86AE-C32AF6D1DA55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{25A1BED6-20DF-4453-948E-517FEA09A00F}" = protocol=6 | dir=out | app=system |
"{25A86C24-DFC1-403F-BC97-9FB706C5844C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{2C905FFA-2539-485C-B911-601B917D8C1A}" = dir=in | app=c:\users\john\appdata\local\temp\7zs4a6e\setup\hpznui01.exe |
"{3DF6EF5A-96FD-4189-B05D-4D5DF9DDB1FD}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4A336C2C-9355-4FD2-9E65-7ACEAAFECABC}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{50487E0E-ED1A-493F-81DD-EAEF9DC25664}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{56449E41-0183-4782-90DE-CFC013828A3E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{565382B7-1D25-4917-9B80-B0E40A3DFF93}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5738892E-0993-4437-ACC8-E92C053A4598}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{7544AE55-4D97-49E6-9C06-83EF120A2F4A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{815FEC47-0F71-4A94-84DB-88A0B9DD2427}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8580551F-CD95-4028-A1C8-6BD70AC438EA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8C6D7755-9598-4D33-87B9-BEC73975D081}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{902FC235-477D-4C00-9C5D-32402471CC62}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{A01B9B16-6A85-42F6-ABB5-CC8F56F97725}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A2F449B3-7F16-4FEA-BEE4-F546CD966A04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ADBFAD63-B978-473D-BED9-B50434498AC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF7354FC-5620-4AFA-B396-A0CBA14D8ADE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B07F8039-68DF-4C30-B039-ACCA0C4CCD36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3AF6F71-E513-4EE4-AFEA-2FD96F5650F8}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B4813AFF-DC03-4A0E-B76F-544890BDF098}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B55B2F14-70F2-440C-AEEA-C8E0444497F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BCB90CC7-B060-45B7-A459-A1738FC95E09}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C58E5E66-2F60-4112-8D65-E5B9F9D9B511}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CA690D68-1106-4914-8210-90FB70B365FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D78264EB-A609-471F-8988-9376F3CEF9C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8A69F15-7FB2-499C-97E0-E59549AACF93}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC258C8D-518C-4239-B9A4-62F28B4958CA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0F3D55DA-C02F-487C-BEAC-E0D661482EDE}C:\users\john\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\john\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{1D6679DD-8A68-45B4-ABFD-6A749F743E6F}C:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe" = protocol=6 | dir=in | app=c:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe |
"TCP Query User{1FCA0CDE-A37B-4474-A20A-7607152068C0}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{239CC2A4-477F-4F21-8ADF-6D8E23E8ACEC}C:\users\john\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\john\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{5331F0D6-1B86-45E0-A58F-035C32EB5F47}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{6952C296-8750-4F62-B326-620A34B51131}C:\users\john\appdata\roaming\filehunter\pumpa.exe" = protocol=6 | dir=in | app=c:\users\john\appdata\roaming\filehunter\pumpa.exe |
"TCP Query User{6FA424B1-E1D6-41E6-94DF-FB273F4D96D4}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{725D4E3E-393A-4259-8468-560C446C3AA3}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{74DDE5F9-D683-498D-82DA-179A3E86D5EE}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{81527746-8CC7-4319-B90D-605676C3B4C3}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{90BB588E-6643-4A3A-8EEF-E2CD35F35D16}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{A4060B52-7F17-4E25-82DA-BD9215AA0163}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{ADAC2A9F-FA61-4E44-AC29-DED27B11EACA}C:\users\john\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\john\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{C55BD324-655F-40C7-8FD0-486F2FB96769}C:\users\john\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\john\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{29D9251E-3773-4FF5-844C-23B322361FB6}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{32659803-A203-4BBA-81D7-86232AD99819}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{5817C7ED-903A-412E-B6F4-E37209086496}C:\users\john\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\john\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{8A9BA07C-21DC-4953-9DFC-CE2FA79A6931}C:\users\john\appdata\roaming\filehunter\pumpa.exe" = protocol=17 | dir=in | app=c:\users\john\appdata\roaming\filehunter\pumpa.exe |
"UDP Query User{8F1A29B4-CC2C-432C-BCEC-AFA7654CAF29}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9196BE39-2A41-449B-8EB8-58781D2D5D1F}C:\users\john\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\john\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{9DFD12E7-41C8-4F7C-86AB-F52AFB7E3F82}C:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe" = protocol=17 | dir=in | app=c:\program files\maxis\simcity 3000 world edition\apps\updater\updater.exe |
"UDP Query User{A26A6700-F239-41D5-975C-7603CBECFC93}C:\users\john\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\john\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{A41C37DB-EC87-4E8C-9D7D-CE60EDBB91AD}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{B4509093-B4E1-4D9B-9493-2B79BE1C734D}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{C5DA069F-11A4-4F54-B7E3-6DBCC6DE7970}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CB83A25C-4CB1-46BD-AB73-72964EA0D79C}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{E350C6D5-EEBB-444E-8E47-FE0E62AA36F5}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{FDA93628-718C-46CE-81DA-0B93CEA828A4}C:\users\john\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\john\appdata\roaming\mjusbsp\magicjack.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{14BC6853-A74E-4874-B50D-679889D1544D}" = HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java 7 Update 2
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{441AC599-200D-4E04-B274-C6B7B50C281D}_is1" = Hamster Free EbookConverter
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4C5D15D2-5351-4F05-A96E-56C20554F977}" = RollerCoaster Tycoon 2 Triple Thrill Pack
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A5425D07-D972-47DA-8133-4D33876D44A4}" = calibre
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B01DD1A4-F4E1-4CE7-AB6E-3168C5BD5D30}" = 3DVIA player 5.0.0.20
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}" = Toolbox
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{FA9C3624-C693-4423-8A8B-2BC2B9F607AB}" = Microsoft SQL Server 2008 Management Studio
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"Canon MP640 series User Registration" = Canon MP640 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 8.0.1 Home Edition
"ERUNT_is1" = ERUNT 1.1j
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"Free Window Registry Repair" = Free Window Registry Repair
"HDMI" = Intel® Graphics Media Accelerator Driver
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"MS Access 97 SP2" = MS Access 97 SP2
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"PS3 Media Server" = PS3 Media Server
"sp6" = Logitech SetPoint 6.22
"TVWiz" = Intel® TV Wizard
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/20/2011 4:09:19 PM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 2.0.1.4120 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b6c Start
Time: 01cc2f85d3c1a40a Termination Time: 36 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 29ba8a59-9b79-11e0-aec0-001d094ccc0d
Error - 7/5/2011 10:38:09 AM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 5.0.0.4183 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: afc Start
Time: 01cc3b2082a8584b Termination Time: 22 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 5ea8981f-a714-11e0-be03-001d094ccc0d
Error - 8/16/2011 6:39:56 AM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 5.0.0.4183 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 10bc Start
Time: 01cc5c00b6e453d7 Termination Time: 16 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 102f57c8-c7f4-11e0-beaf-001d094ccc0d
Error - 9/14/2011 6:44:46 AM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 6.0.2.4262 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 964 Start
Time: 01cc72cb27c4f9fc Termination Time: 42 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 8ad72fd4-debe-11e0-93dd-001d094ccc0d
Error - 9/25/2011 7:03:18 PM | Computer Name = John-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: Dwm.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc225 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0824548b Faulting process id: 0x5ac Faulting application
start time: 0x01cc79dba962cac3 Faulting application path: C:\Windows\system32\Dwm.exe
Faulting
module path: unknown Report Id: 8deeb71c-e7ca-11e0-960e-001d094ccc0d
Error - 9/26/2011 2:52:26 PM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program IncMail.exe version 6.2.9.5006 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2674 Start
Time: 01cc7c688513a843 Termination Time: 200 Application Path: C:\Program Files\IncrediMail\Bin\IncMail.exe
Report
Id: a62be079-e870-11e0-960e-001d094ccc0d
Error - 10/5/2011 12:07:38 PM | Computer Name = John-Laptop | Source = Windows Search Service | ID = 3100
Description =
Error - 10/16/2011 1:49:12 PM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 7.0.1.4288 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 10a8 Start
Time: 01cc8c2ba1895dc1 Termination Time: 38 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 22b9ac5e-f81f-11e0-8510-001d094ccc0d
Error - 10/30/2011 2:58:38 PM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program Hamster.EBookConverter.exe version 1.0.0.13 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1b58 Start
Time: 01cc973516c3d134 Termination Time: 99 Application Path: C:\Program Files\Hamster
Soft\Free eBbook Converter\Hamster.EBookConverter.exe Report Id:
Error - 10/31/2011 7:06:34 AM | Computer Name = John-Laptop | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 7.0.1.4288 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1124 Start
Time: 01cc97bcd4d63460 Termination Time: 43 Application Path: C:\Program Files\Mozilla
Firefox\firefox.exe Report Id: 5dea47d1-03b0-11e1-ac3d-001d094ccc0d
[ OSession Events ]
Error - 7/7/2010 11:13:51 PM | Computer Name = John-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5635
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/22/2012 7:22:54 PM | Computer Name = John-Laptop | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 6/22/2012 7:28:20 PM | Computer Name = John-Laptop | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 6/22/2012 7:34:33 PM | Computer Name = John-Laptop | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 6/22/2012 10:16:30 PM | Computer Name = John-Laptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 6/22/2012 10:16:33 PM | Computer Name = John-Laptop | Source = DCOM | ID = 10010
Description =
Error - 6/22/2012 10:21:27 PM | Computer Name = John-Laptop | Source = bowser | ID = 8003
Description =
Error - 6/22/2012 10:33:30 PM | Computer Name = John-Laptop | Source = bowser | ID = 8003
Description =
Error - 6/22/2012 11:29:59 PM | Computer Name = John-Laptop | Source = BROWSER | ID = 8032
Description =
Error - 6/23/2012 6:49:13 AM | Computer Name = John-Laptop | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.
Error - 6/23/2012 6:54:46 AM | Computer Name = John-Laptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the RapiMgr service.
< End of report >
-
Disregard that last post. Here is the TDSSKiller report:
00:21:00.0307 4384 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
00:21:00.0650 4384 ============================================================
00:21:00.0650 4384 Current date / time: 2012/06/23 00:21:00.0650
00:21:00.0650 4384 SystemInfo:
00:21:00.0650 4384
00:21:00.0650 4384 OS Version: 6.1.7601 ServicePack: 1.0
00:21:00.0650 4384 Product type: Workstation
00:21:00.0651 4384 ComputerName: JOHN-LAPTOP
00:21:00.0651 4384 UserName: John
00:21:00.0651 4384 Windows directory: C:\Windows
00:21:00.0651 4384 System windows directory: C:\Windows
00:21:00.0651 4384 Processor architecture: Intel x86
00:21:00.0651 4384 Number of processors: 1
00:21:00.0651 4384 Page size: 0x1000
00:21:00.0651 4384 Boot type: Normal boot
00:21:00.0651 4384 ============================================================
00:21:02.0657 4384 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:21:02.0663 4384 ============================================================
00:21:02.0663 4384 \Device\Harddisk0\DR0:
00:21:02.0664 4384 MBR partitions:
00:21:02.0664 4384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:21:02.0664 4384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
00:21:02.0664 4384 ============================================================
00:21:02.0697 4384 C: <-> \Device\Harddisk0\DR0\Partition1
00:21:02.0697 4384 ============================================================
00:21:02.0697 4384 Initialize success
00:21:02.0697 4384 ============================================================
00:21:04.0997 1652 ============================================================
00:21:04.0997 1652 Scan started
00:21:04.0997 1652 Mode: Manual;
00:21:04.0997 1652 ============================================================
00:21:05.0825 1652 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:21:05.0827 1652 !SASCORE - ok
00:21:06.0055 1652 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
00:21:06.0057 1652 1394ohci - ok
00:21:06.0108 1652 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
00:21:06.0111 1652 ACPI - ok
00:21:06.0160 1652 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
00:21:06.0161 1652 AcpiPmi - ok
00:21:06.0189 1652 adfs - ok
00:21:06.0295 1652 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:21:06.0297 1652 AdobeFlashPlayerUpdateSvc - ok
00:21:06.0375 1652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
00:21:06.0379 1652 adp94xx - ok
00:21:06.0419 1652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
00:21:06.0422 1652 adpahci - ok
00:21:06.0448 1652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
00:21:06.0450 1652 adpu320 - ok
00:21:06.0496 1652 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
00:21:06.0498 1652 AeLookupSvc - ok
00:21:06.0576 1652 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
00:21:06.0580 1652 AFD - ok
00:21:06.0623 1652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
00:21:06.0624 1652 agp440 - ok
00:21:06.0661 1652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
00:21:06.0663 1652 aic78xx - ok
00:21:06.0706 1652 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
00:21:06.0708 1652 ALG - ok
00:21:06.0725 1652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
00:21:06.0726 1652 aliide - ok
00:21:06.0771 1652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
00:21:06.0773 1652 amdagp - ok
00:21:06.0798 1652 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
00:21:06.0800 1652 amdide - ok
00:21:06.0856 1652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
00:21:06.0858 1652 AmdK8 - ok
00:21:06.0880 1652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
00:21:06.0882 1652 AmdPPM - ok
00:21:06.0923 1652 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
00:21:06.0924 1652 amdsata - ok
00:21:06.0960 1652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
00:21:06.0962 1652 amdsbs - ok
00:21:06.0975 1652 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
00:21:06.0976 1652 amdxata - ok
00:21:07.0061 1652 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
00:21:07.0063 1652 AppID - ok
00:21:07.0101 1652 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
00:21:07.0104 1652 AppIDSvc - ok
00:21:07.0168 1652 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
00:21:07.0172 1652 Appinfo - ok
00:21:07.0248 1652 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
00:21:07.0249 1652 arc - ok
00:21:07.0272 1652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
00:21:07.0273 1652 arcsas - ok
00:21:07.0328 1652 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\Windows\system32\drivers\aswFsBlk.sys
00:21:07.0329 1652 aswFsBlk - ok
00:21:07.0376 1652 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) C:\Windows\system32\drivers\aswMonFlt.sys
00:21:07.0377 1652 aswMonFlt - ok
00:21:07.0434 1652 aswRdr (225013c16fe096714d71649ad7a20e8b) C:\Windows\System32\Drivers\aswrdr2.sys
00:21:07.0436 1652 aswRdr - ok
00:21:07.0559 1652 aswSnx (dcb199b967375753b5019ec15f008f53) C:\Windows\system32\drivers\aswSnx.sys
00:21:07.0565 1652 aswSnx - ok
00:21:07.0627 1652 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\Windows\system32\drivers\aswSP.sys
00:21:07.0630 1652 aswSP - ok
00:21:07.0667 1652 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\Windows\system32\drivers\aswTdi.sys
00:21:07.0669 1652 aswTdi - ok
00:21:07.0707 1652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
00:21:07.0709 1652 AsyncMac - ok
00:21:07.0745 1652 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
00:21:07.0746 1652 atapi - ok
00:21:07.0837 1652 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
00:21:07.0842 1652 AudioEndpointBuilder - ok
00:21:07.0856 1652 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
00:21:07.0866 1652 Audiosrv - ok
00:21:07.0945 1652 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
00:21:07.0946 1652 avast! Antivirus - ok
00:21:08.0010 1652 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
00:21:08.0012 1652 AxInstSV - ok
00:21:08.0091 1652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
00:21:08.0095 1652 b06bdrv - ok
00:21:08.0162 1652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
00:21:08.0165 1652 b57nd60x - ok
00:21:08.0384 1652 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
00:21:08.0405 1652 BCM43XX - ok
00:21:08.0704 1652 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
00:21:08.0707 1652 BDESVC - ok
00:21:08.0778 1652 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
00:21:08.0779 1652 Beep - ok
00:21:09.0063 1652 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
00:21:09.0070 1652 BFE - ok
00:21:09.0306 1652 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
00:21:09.0319 1652 BITS - ok
00:21:09.0347 1652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
00:21:09.0348 1652 blbdrive - ok
00:21:09.0412 1652 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
00:21:09.0413 1652 bowser - ok
00:21:09.0436 1652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:21:09.0437 1652 BrFiltLo - ok
00:21:09.0539 1652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:21:09.0540 1652 BrFiltUp - ok
00:21:09.0603 1652 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
00:21:09.0605 1652 BridgeMP - ok
00:21:09.0670 1652 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
00:21:09.0672 1652 Browser - ok
00:21:09.0881 1652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
00:21:09.0884 1652 Brserid - ok
00:21:09.0906 1652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
00:21:09.0907 1652 BrSerWdm - ok
00:21:09.0938 1652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:21:09.0939 1652 BrUsbMdm - ok
00:21:10.0061 1652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
00:21:10.0062 1652 BrUsbSer - ok
00:21:10.0190 1652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
00:21:10.0192 1652 BTHMODEM - ok
00:21:10.0263 1652 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
00:21:10.0266 1652 bthserv - ok
00:21:10.0353 1652 catchme - ok
00:21:10.0480 1652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
00:21:10.0482 1652 cdfs - ok
00:21:10.0638 1652 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
00:21:10.0640 1652 cdrom - ok
00:21:10.0717 1652 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
00:21:10.0719 1652 CertPropSvc - ok
00:21:10.0750 1652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
00:21:10.0752 1652 circlass - ok
00:21:10.0826 1652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
00:21:10.0833 1652 CLFS - ok
00:21:11.0028 1652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:21:11.0030 1652 clr_optimization_v2.0.50727_32 - ok
00:21:11.0134 1652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:21:11.0137 1652 clr_optimization_v4.0.30319_32 - ok
00:21:11.0174 1652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
00:21:11.0175 1652 CmBatt - ok
00:21:11.0342 1652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
00:21:11.0343 1652 cmdide - ok
00:21:11.0406 1652 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
00:21:11.0410 1652 CNG - ok
00:21:11.0450 1652 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
00:21:11.0452 1652 Compbatt - ok
00:21:11.0493 1652 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
00:21:11.0496 1652 CompositeBus - ok
00:21:11.0525 1652 COMSysApp - ok
00:21:11.0553 1652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
00:21:11.0554 1652 crcdisk - ok
00:21:11.0658 1652 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
00:21:11.0661 1652 CryptSvc - ok
00:21:11.0741 1652 dc3d (94010220445f181ade8e7ca9c3a98bf4) C:\Windows\system32\DRIVERS\dc3d.sys
00:21:11.0743 1652 dc3d - ok
00:21:11.0816 1652 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
00:21:11.0824 1652 DcomLaunch - ok
00:21:11.0863 1652 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
00:21:11.0869 1652 defragsvc - ok
00:21:11.0918 1652 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
00:21:11.0920 1652 DfsC - ok
00:21:12.0003 1652 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
00:21:12.0007 1652 Dhcp - ok
00:21:12.0031 1652 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
00:21:12.0043 1652 discache - ok
00:21:12.0104 1652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
00:21:12.0106 1652 Disk - ok
00:21:12.0159 1652 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
00:21:12.0163 1652 Dnscache - ok
00:21:12.0221 1652 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
00:21:12.0225 1652 dot3svc - ok
00:21:12.0307 1652 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
00:21:12.0310 1652 Dot4 - ok
00:21:12.0359 1652 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
00:21:12.0361 1652 Dot4Print - ok
00:21:12.0387 1652 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
00:21:12.0389 1652 dot4usb - ok
00:21:12.0437 1652 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
00:21:12.0441 1652 DPS - ok
00:21:12.0487 1652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
00:21:12.0489 1652 drmkaud - ok
00:21:12.0550 1652 dualshock3 (d9d593f97d2004e92e18fab0b6f7fe48) C:\Windows\system32\DRIVERS\dualshock3.sys
00:21:12.0552 1652 dualshock3 - ok
00:21:12.0653 1652 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
00:21:12.0660 1652 DXGKrnl - ok
00:21:12.0703 1652 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
00:21:12.0707 1652 EapHost - ok
00:21:12.0944 1652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
00:21:12.0968 1652 ebdrv - ok
00:21:13.0100 1652 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
00:21:13.0106 1652 EFS - ok
00:21:13.0221 1652 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
00:21:13.0231 1652 ehRecvr - ok
00:21:13.0299 1652 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
00:21:13.0301 1652 ehSched - ok
00:21:13.0403 1652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
00:21:13.0407 1652 elxstor - ok
00:21:13.0475 1652 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
00:21:13.0483 1652 epmntdrv - ok
00:21:13.0550 1652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
00:21:13.0552 1652 ErrDev - ok
00:21:13.0640 1652 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
00:21:13.0643 1652 EuGdiDrv - ok
00:21:13.0741 1652 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
00:21:13.0745 1652 EventSystem - ok
00:21:13.0782 1652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
00:21:13.0784 1652 exfat - ok
00:21:13.0814 1652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
00:21:13.0816 1652 fastfat - ok
00:21:13.0898 1652 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
00:21:13.0905 1652 Fax - ok
00:21:13.0927 1652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
00:21:13.0929 1652 fdc - ok
00:21:13.0973 1652 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
00:21:13.0978 1652 fdPHost - ok
00:21:14.0015 1652 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
00:21:14.0018 1652 FDResPub - ok
00:21:14.0044 1652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
00:21:14.0046 1652 FileInfo - ok
00:21:14.0075 1652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
00:21:14.0076 1652 Filetrace - ok
00:21:14.0098 1652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
00:21:14.0099 1652 flpydisk - ok
00:21:14.0141 1652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
00:21:14.0144 1652 FltMgr - ok
00:21:14.0297 1652 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
00:21:14.0306 1652 FontCache - ok
00:21:14.0425 1652 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:21:14.0426 1652 FontCache3.0.0.0 - ok
00:21:14.0476 1652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
00:21:14.0477 1652 FsDepends - ok
00:21:14.0516 1652 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
00:21:14.0517 1652 Fs_Rec - ok
00:21:14.0591 1652 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
00:21:14.0594 1652 fvevol - ok
00:21:14.0642 1652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:21:14.0644 1652 gagp30kx - ok
00:21:14.0712 1652 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
00:21:14.0719 1652 gpsvc - ok
00:21:14.0750 1652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
00:21:14.0751 1652 hcw85cir - ok
00:21:14.0849 1652 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
00:21:14.0852 1652 HdAudAddService - ok
00:21:14.0888 1652 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
00:21:14.0892 1652 HDAudBus - ok
00:21:14.0910 1652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
00:21:14.0911 1652 HidBatt - ok
00:21:14.0950 1652 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
00:21:14.0952 1652 HidBth - ok
00:21:14.0995 1652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
00:21:14.0997 1652 HidIr - ok
00:21:15.0035 1652 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
00:21:15.0038 1652 hidserv - ok
00:21:15.0094 1652 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
00:21:15.0096 1652 HidUsb - ok
00:21:15.0148 1652 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
00:21:15.0152 1652 hkmsvc - ok
00:21:15.0202 1652 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
00:21:15.0207 1652 HomeGroupListener - ok
00:21:15.0273 1652 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
00:21:15.0282 1652 HomeGroupProvider - ok
00:21:15.0353 1652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
00:21:15.0355 1652 HpSAMD - ok
00:21:15.0584 1652 HPSLPSVC (9d23402d305869844bc6004a05cc74ba) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
00:21:15.0590 1652 HPSLPSVC - ok
00:21:15.0690 1652 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
00:21:15.0695 1652 HTTP - ok
00:21:15.0745 1652 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
00:21:15.0746 1652 hwpolicy - ok
00:21:15.0807 1652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
00:21:15.0811 1652 i8042prt - ok
00:21:15.0888 1652 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
00:21:15.0891 1652 iaStorV - ok
00:21:16.0036 1652 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:21:16.0044 1652 idsvc - ok
00:21:16.0379 1652 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
00:21:16.0417 1652 igfx - ok
00:21:16.0614 1652 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
00:21:16.0616 1652 iirsp - ok
00:21:16.0714 1652 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
00:21:16.0722 1652 IKEEXT - ok
00:21:16.0777 1652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
00:21:16.0780 1652 intelide - ok
00:21:16.0817 1652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
00:21:16.0818 1652 intelppm - ok
00:21:16.0877 1652 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
00:21:16.0882 1652 IPBusEnum - ok
00:21:16.0917 1652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:21:16.0919 1652 IpFilterDriver - ok
00:21:16.0996 1652 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
00:21:17.0004 1652 iphlpsvc - ok
00:21:17.0069 1652 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
00:21:17.0070 1652 IPMIDRV - ok
00:21:17.0114 1652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
00:21:17.0116 1652 IPNAT - ok
00:21:17.0151 1652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
00:21:17.0152 1652 IRENUM - ok
00:21:17.0178 1652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
00:21:17.0182 1652 isapnp - ok
00:21:17.0246 1652 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
00:21:17.0249 1652 iScsiPrt - ok
00:21:17.0289 1652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:21:17.0291 1652 kbdclass - ok
00:21:17.0341 1652 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
00:21:17.0343 1652 kbdhid - ok
00:21:17.0393 1652 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
00:21:17.0399 1652 KeyIso - ok
00:21:17.0423 1652 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
00:21:17.0425 1652 KSecDD - ok
00:21:17.0457 1652 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
00:21:17.0459 1652 KSecPkg - ok
00:21:17.0516 1652 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
00:21:17.0522 1652 KtmRm - ok
00:21:17.0577 1652 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
00:21:17.0601 1652 LanmanServer - ok
00:21:17.0653 1652 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
00:21:17.0660 1652 LanmanWorkstation - ok
00:21:17.0850 1652 LBTServ (0f98b9384c37c8c29904b8ae4359a54f) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:21:17.0853 1652 LBTServ - ok
00:21:17.0916 1652 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:21:17.0918 1652 LHidFilt - ok
00:21:18.0013 1652 libusb0 (e2f1dcf4a68cc6cf694fbfba1842f4cd) C:\Windows\system32\drivers\libusb0.sys
00:21:18.0017 1652 libusb0 - ok
00:21:18.0067 1652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
00:21:18.0069 1652 lltdio - ok
00:21:18.0121 1652 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
00:21:18.0126 1652 lltdsvc - ok
00:21:18.0151 1652 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
00:21:18.0155 1652 lmhosts - ok
00:21:18.0206 1652 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:21:18.0208 1652 LMouFilt - ok
00:21:18.0258 1652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:21:18.0260 1652 LSI_FC - ok
00:21:18.0289 1652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:21:18.0290 1652 LSI_SAS - ok
00:21:18.0320 1652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:21:18.0322 1652 LSI_SAS2 - ok
00:21:18.0354 1652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:21:18.0356 1652 LSI_SCSI - ok
00:21:18.0380 1652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
00:21:18.0384 1652 luafv - ok
00:21:18.0441 1652 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
00:21:18.0443 1652 mcdbus - ok
00:21:18.0504 1652 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
00:21:18.0508 1652 Mcx2Svc - ok
00:21:18.0537 1652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
00:21:18.0538 1652 megasas - ok
00:21:18.0572 1652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
00:21:18.0575 1652 MegaSR - ok
00:21:18.0624 1652 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
00:21:18.0629 1652 MMCSS - ok
00:21:18.0652 1652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
00:21:18.0654 1652 Modem - ok
00:21:18.0693 1652 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
00:21:18.0694 1652 monitor - ok
00:21:18.0757 1652 MotioninJoyXFilter (61448ba3cca3063541437694a5527af2) C:\Windows\system32\DRIVERS\MijXfilt.sys
00:21:18.0759 1652 MotioninJoyXFilter - ok
00:21:18.0819 1652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
00:21:18.0821 1652 mouclass - ok
00:21:18.0855 1652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
00:21:18.0856 1652 mouhid - ok
00:21:18.0905 1652 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
00:21:18.0907 1652 mountmgr - ok
00:21:18.0999 1652 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:21:19.0003 1652 MozillaMaintenance - ok
00:21:19.0066 1652 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
00:21:19.0070 1652 mpio - ok
00:21:19.0107 1652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
00:21:19.0108 1652 mpsdrv - ok
00:21:19.0175 1652 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
00:21:19.0184 1652 MpsSvc - ok
00:21:19.0253 1652 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
00:21:19.0255 1652 MRxDAV - ok
00:21:19.0327 1652 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:21:19.0329 1652 mrxsmb - ok
00:21:19.0392 1652 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:21:19.0395 1652 mrxsmb10 - ok
00:21:19.0426 1652 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:21:19.0428 1652 mrxsmb20 - ok
00:21:19.0454 1652 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
00:21:19.0456 1652 msahci - ok
00:21:19.0485 1652 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
00:21:19.0489 1652 msdsm - ok
00:21:19.0541 1652 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
00:21:19.0546 1652 MSDTC - ok
00:21:19.0606 1652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
00:21:19.0608 1652 Msfs - ok
00:21:19.0640 1652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
00:21:19.0641 1652 mshidkmdf - ok
00:21:19.0660 1652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
00:21:19.0661 1652 msisadrv - ok
00:21:19.0723 1652 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
00:21:19.0727 1652 MSiSCSI - ok
00:21:19.0741 1652 msiserver - ok
00:21:19.0786 1652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
00:21:19.0788 1652 MSKSSRV - ok
00:21:19.0817 1652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
00:21:19.0818 1652 MSPCLOCK - ok
00:21:19.0834 1652 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
00:21:19.0838 1652 MSPQM - ok
00:21:19.0892 1652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
00:21:19.0894 1652 MsRPC - ok
00:21:19.0944 1652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
00:21:19.0945 1652 mssmbios - ok
00:21:20.0288 1652 MSSQL$SQLEXPRESS - ok
00:21:20.0342 1652 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
00:21:20.0344 1652 MSSQLServerADHelper100 - ok
00:21:20.0428 1652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
00:21:20.0429 1652 MSTEE - ok
00:21:20.0573 1652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
00:21:20.0574 1652 MTConfig - ok
00:21:21.0027 1652 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
00:21:21.0029 1652 Mup - ok
00:21:22.0256 1652 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
00:21:22.0264 1652 napagent - ok
00:21:22.0306 1652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
00:21:22.0311 1652 NativeWifiP - ok
00:21:22.0391 1652 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
00:21:22.0397 1652 NDIS - ok
00:21:22.0433 1652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
00:21:22.0434 1652 NdisCap - ok
00:21:22.0469 1652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
00:21:22.0471 1652 NdisTapi - ok
00:21:22.0511 1652 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
00:21:22.0512 1652 Ndisuio - ok
00:21:22.0557 1652 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
00:21:22.0559 1652 NdisWan - ok
00:21:22.0636 1652 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
00:21:22.0638 1652 NDProxy - ok
00:21:22.0684 1652 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
00:21:22.0688 1652 Net Driver HPZ12 - ok
00:21:22.0745 1652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
00:21:22.0747 1652 NetBIOS - ok
00:21:22.0805 1652 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
00:21:22.0808 1652 NetBT - ok
00:21:22.0850 1652 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
00:21:22.0854 1652 Netlogon - ok
00:21:22.0936 1652 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
00:21:22.0947 1652 Netman - ok
00:21:22.0997 1652 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
00:21:23.0005 1652 netprofm - ok
00:21:23.0140 1652 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:21:23.0142 1652 NetTcpPortSharing - ok
00:21:23.0206 1652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
00:21:23.0208 1652 nfrd960 - ok
00:21:23.0278 1652 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
00:21:23.0289 1652 NlaSvc - ok
00:21:23.0316 1652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
00:21:23.0317 1652 Npfs - ok
00:21:23.0335 1652 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
00:21:23.0341 1652 nsi - ok
00:21:23.0366 1652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
00:21:23.0367 1652 nsiproxy - ok
00:21:23.0495 1652 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
00:21:23.0505 1652 Ntfs - ok
00:21:23.0566 1652 NuidFltr (37be10ff10a92031fc5a01e8363925cc) C:\Windows\system32\DRIVERS\NuidFltr.sys
00:21:23.0568 1652 NuidFltr - ok
00:21:23.0593 1652 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
00:21:23.0597 1652 Null - ok
00:21:23.0644 1652 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
00:21:23.0648 1652 nvraid - ok
00:21:23.0674 1652 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
00:21:23.0676 1652 nvstor - ok
00:21:23.0733 1652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
00:21:23.0735 1652 nv_agp - ok
00:21:23.0854 1652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:21:23.0858 1652 odserv - ok
00:21:23.0897 1652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
00:21:23.0899 1652 ohci1394 - ok
00:21:23.0952 1652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:21:23.0953 1652 ose - ok
00:21:24.0009 1652 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
00:21:24.0016 1652 p2pimsvc - ok
00:21:24.0061 1652 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
00:21:24.0069 1652 p2psvc - ok
00:21:24.0164 1652 papycpu (8051a829dc5544c55fb647447c4b0286) C:\Windows\system32\drivers\papycpu.sys
00:21:24.0166 1652 papycpu - ok
00:21:24.0251 1652 papycpu2 (f5cf06754ae54d9d3353fc9c59bc4e04) C:\Windows\System32\DRIVERS\papycpu2.sys
00:21:24.0252 1652 papycpu2 - ok
00:21:24.0273 1652 papyjoy (a4b3fb04a3f6367bc264e8addcae2a48) C:\Windows\system32\drivers\papyjoy.sys
00:21:24.0274 1652 papyjoy - ok
00:21:24.0320 1652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
00:21:24.0321 1652 Parport - ok
00:21:24.0361 1652 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
00:21:24.0363 1652 partmgr - ok
00:21:24.0386 1652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
00:21:24.0387 1652 Parvdm - ok
00:21:24.0495 1652 pbfilter (2f6e885c432927a186c2e352c8a1cbf4) C:\Program Files\PeerBlock\pbfilter.sys
00:21:24.0496 1652 pbfilter - ok
00:21:24.0542 1652 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
00:21:24.0550 1652 PcaSvc - ok
00:21:24.0607 1652 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
00:21:24.0610 1652 pci - ok
00:21:24.0635 1652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
00:21:24.0637 1652 pciide - ok
00:21:24.0675 1652 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
00:21:24.0678 1652 pcmcia - ok
00:21:24.0703 1652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
00:21:24.0710 1652 pcw - ok
00:21:24.0767 1652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
00:21:24.0773 1652 PEAUTH - ok
00:21:24.0952 1652 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
00:21:24.0972 1652 pla - ok
00:21:25.0162 1652 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
00:21:25.0170 1652 PlugPlay - ok
00:21:25.0221 1652 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
00:21:25.0224 1652 Pml Driver HPZ12 - ok
00:21:25.0272 1652 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
00:21:25.0277 1652 PNRPAutoReg - ok
00:21:25.0322 1652 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
00:21:25.0329 1652 PNRPsvc - ok
00:21:25.0410 1652 Point32 (7d7a9c17d5455203dea11e5ef886cc59) C:\Windows\system32\DRIVERS\point32.sys
00:21:25.0412 1652 Point32 - ok
00:21:25.0483 1652 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
00:21:25.0489 1652 PolicyAgent - ok
00:21:25.0546 1652 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
00:21:25.0555 1652 Power - ok
00:21:25.0603 1652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
00:21:25.0605 1652 PptpMiniport - ok
00:21:25.0626 1652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
00:21:25.0627 1652 Processor - ok
00:21:25.0686 1652 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
00:21:25.0692 1652 ProfSvc - ok
00:21:25.0740 1652 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
00:21:25.0745 1652 ProtectedStorage - ok
00:21:25.0828 1652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
00:21:25.0831 1652 Psched - ok
00:21:25.0948 1652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
00:21:25.0960 1652 ql2300 - ok
00:21:26.0113 1652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
00:21:26.0115 1652 ql40xx - ok
00:21:26.0176 1652 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
00:21:26.0184 1652 QWAVE - ok
00:21:26.0205 1652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
00:21:26.0207 1652 QWAVEdrv - ok
00:21:26.0294 1652 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
00:21:26.0296 1652 RapiMgr - ok
00:21:26.0323 1652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
00:21:26.0325 1652 RasAcd - ok
00:21:26.0377 1652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:21:26.0379 1652 RasAgileVpn - ok
00:21:26.0407 1652 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
00:21:26.0413 1652 RasAuto - ok
00:21:26.0439 1652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:21:26.0442 1652 Rasl2tp - ok
00:21:26.0531 1652 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
00:21:26.0539 1652 RasMan - ok
00:21:26.0561 1652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
00:21:26.0563 1652 RasPppoe - ok
00:21:26.0591 1652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
00:21:26.0593 1652 RasSstp - ok
00:21:26.0651 1652 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
00:21:26.0655 1652 rdbss - ok
00:21:26.0682 1652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
00:21:26.0683 1652 rdpbus - ok
00:21:26.0722 1652 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:21:26.0724 1652 RDPCDD - ok
00:21:26.0765 1652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
00:21:26.0766 1652 RDPENCDD - ok
00:21:26.0795 1652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
00:21:26.0797 1652 RDPREFMP - ok
00:21:26.0839 1652 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
00:21:26.0842 1652 RDPWD - ok
00:21:26.0898 1652 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
00:21:26.0901 1652 rdyboost - ok
00:21:26.0948 1652 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
00:21:26.0955 1652 RemoteAccess - ok
00:21:27.0015 1652 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
00:21:27.0021 1652 RemoteRegistry - ok
00:21:27.0080 1652 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
00:21:27.0082 1652 rimmptsk - ok
00:21:27.0141 1652 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
00:21:27.0143 1652 rimsptsk - ok
00:21:27.0195 1652 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
00:21:27.0197 1652 rismxdp - ok
00:21:27.0227 1652 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
00:21:27.0233 1652 RpcEptMapper - ok
00:21:27.0280 1652 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
00:21:27.0284 1652 RpcLocator - ok
00:21:27.0347 1652 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
00:21:27.0355 1652 RpcSs - ok
00:21:27.0410 1652 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys
00:21:27.0413 1652 RsFx0102 - ok
00:21:27.0484 1652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
00:21:27.0486 1652 rspndr - ok
00:21:27.0534 1652 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\Windows\system32\DRIVERS\s0016bus.sys
00:21:27.0536 1652 s0016bus - ok
00:21:27.0579 1652 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\Windows\system32\DRIVERS\s0016mdfl.sys
00:21:27.0581 1652 s0016mdfl - ok
00:21:27.0636 1652 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\Windows\system32\DRIVERS\s0016mdm.sys
00:21:27.0641 1652 s0016mdm - ok
00:21:27.0699 1652 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\Windows\system32\DRIVERS\s0016mgmt.sys
00:21:27.0701 1652 s0016mgmt - ok
00:21:27.0757 1652 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\Windows\system32\DRIVERS\s0016nd5.sys
00:21:27.0758 1652 s0016nd5 - ok
00:21:27.0818 1652 s0016obex (36792935847143e4a3cda0dc87248487) C:\Windows\system32\DRIVERS\s0016obex.sys
00:21:27.0820 1652 s0016obex - ok
00:21:27.0902 1652 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\Windows\system32\DRIVERS\s0016unic.sys
00:21:27.0904 1652 s0016unic - ok
00:21:27.0970 1652 s616bus (ef4b5a8d53f15cb269469dd4e4bb0109) C:\Windows\system32\DRIVERS\s616bus.sys
00:21:27.0972 1652 s616bus - ok
00:21:27.0994 1652 s616mdfl (96187731eefcf83e844bc1ce6617aaeb) C:\Windows\system32\DRIVERS\s616mdfl.sys
00:21:27.0995 1652 s616mdfl - ok
00:21:28.0031 1652 s616mdm (d2dd87368bfecfa099e50dc120f3f513) C:\Windows\system32\DRIVERS\s616mdm.sys
00:21:28.0033 1652 s616mdm - ok
00:21:28.0060 1652 s616mgmt (5f0be24e4d4fa134b0b2fef35d3a9d90) C:\Windows\system32\DRIVERS\s616mgmt.sys
00:21:28.0062 1652 s616mgmt - ok
00:21:28.0092 1652 s616nd5 (b9b507fcc67e204ef38e05ffd4176345) C:\Windows\system32\DRIVERS\s616nd5.sys
00:21:28.0093 1652 s616nd5 - ok
00:21:28.0126 1652 s616obex (f123a1f2a04a0e8dba80b64f0072475a) C:\Windows\system32\DRIVERS\s616obex.sys
00:21:28.0128 1652 s616obex - ok
00:21:28.0164 1652 s616unic (e7e55048ebd5c17bfa791b4a6ec3d54b) C:\Windows\system32\DRIVERS\s616unic.sys
00:21:28.0166 1652 s616unic - ok
00:21:28.0219 1652 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
00:21:28.0225 1652 SamSs - ok
00:21:28.0329 1652 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:21:28.0330 1652 SASDIFSV - ok
00:21:28.0405 1652 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:21:28.0407 1652 SASKUTIL - ok
00:21:28.0477 1652 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
00:21:28.0479 1652 sbp2port - ok
00:21:28.0533 1652 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
00:21:28.0539 1652 SCardSvr - ok
00:21:28.0590 1652 SCDEmu (52402149e66200c2c2bda115bca757d6) C:\Windows\system32\drivers\SCDEmu.sys
00:21:28.0594 1652 SCDEmu - ok
00:21:28.0636 1652 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
00:21:28.0638 1652 scfilter - ok
00:21:28.0817 1652 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
00:21:28.0830 1652 Schedule - ok
00:21:28.0886 1652 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
00:21:28.0888 1652 SCPolicySvc - ok
00:21:28.0954 1652 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
00:21:28.0956 1652 sdbus - ok
00:21:29.0017 1652 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
00:21:29.0024 1652 SDRSVC - ok
00:21:29.0116 1652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:21:29.0119 1652 secdrv - ok
00:21:29.0233 1652 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
00:21:29.0239 1652 seclogon - ok
00:21:29.0297 1652 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
00:21:29.0353 1652 SENS - ok
00:21:29.0404 1652 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
00:21:29.0412 1652 SensrSvc - ok
00:21:29.0464 1652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
00:21:29.0466 1652 Serenum - ok
00:21:29.0518 1652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
00:21:29.0520 1652 Serial - ok
00:21:29.0584 1652 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
00:21:29.0600 1652 sermouse - ok
00:21:29.0701 1652 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
00:21:29.0733 1652 SessionEnv - ok
00:21:29.0793 1652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
00:21:29.0796 1652 sffdisk - ok
00:21:29.0832 1652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
00:21:29.0834 1652 sffp_mmc - ok
00:21:29.0866 1652 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\DRIVERS\sffp_sd.sys
00:21:29.0882 1652 sffp_sd - ok
00:21:29.0931 1652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
00:21:29.0933 1652 sfloppy - ok
00:21:30.0028 1652 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
00:21:30.0033 1652 SharedAccess - ok
00:21:30.0201 1652 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
00:21:30.0235 1652 ShellHWDetection - ok
00:21:30.0296 1652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
00:21:30.0298 1652 sisagp - ok
00:21:30.0349 1652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:21:30.0351 1652 SiSRaid2 - ok
00:21:30.0377 1652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
00:21:30.0381 1652 SiSRaid4 - ok
00:21:30.0410 1652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
00:21:30.0414 1652 Smb - ok
00:21:30.0465 1652 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
00:21:30.0471 1652 SNMPTRAP - ok
00:21:30.0490 1652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
00:21:30.0492 1652 spldr - ok
00:21:30.0556 1652 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
00:21:30.0564 1652 Spooler - ok
00:21:30.0806 1652 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
00:21:30.0835 1652 sppsvc - ok
00:21:30.0985 1652 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
00:21:30.0993 1652 sppuinotify - ok
00:21:31.0139 1652 SQLAgent$SQLEXPRESS (eb2fd937449b7aceb39372f875eb8e78) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
00:21:31.0150 1652 SQLAgent$SQLEXPRESS - ok
00:21:31.0227 1652 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
00:21:31.0231 1652 srv - ok
00:21:31.0279 1652 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
00:21:31.0288 1652 srv2 - ok
00:21:31.0353 1652 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:21:31.0356 1652 SrvHsfHDA - ok
00:21:31.0443 1652 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
00:21:31.0452 1652 SrvHsfV92 - ok
00:21:31.0513 1652 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
00:21:31.0519 1652 SrvHsfWinac - ok
00:21:31.0551 1652 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
00:21:31.0553 1652 srvnet - ok
00:21:31.0601 1652 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
00:21:31.0608 1652 SSDPSRV - ok
00:21:31.0632 1652 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
00:21:31.0641 1652 SstpSvc - ok
00:21:31.0731 1652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
00:21:31.0733 1652 stexstor - ok
00:21:31.0868 1652 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
00:21:31.0883 1652 StiSvc - ok
00:21:31.0931 1652 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
00:21:31.0932 1652 swenum - ok
00:21:31.0969 1652 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
00:21:31.0977 1652 swprv - ok
00:21:32.0105 1652 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
00:21:32.0119 1652 SysMain - ok
00:21:32.0164 1652 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
00:21:32.0173 1652 TabletInputService - ok
00:21:32.0245 1652 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
00:21:32.0253 1652 TapiSrv - ok
00:21:32.0274 1652 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
00:21:32.0281 1652 TBS - ok
00:21:32.0466 1652 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
00:21:32.0476 1652 Tcpip - ok
00:21:32.0508 1652 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
00:21:32.0518 1652 TCPIP6 - ok
00:21:32.0573 1652 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
00:21:32.0575 1652 tcpipreg - ok
00:21:32.0637 1652 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
00:21:32.0639 1652 TDPIPE - ok
00:21:32.0672 1652 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
00:21:32.0674 1652 TDTCP - ok
00:21:32.0717 1652 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
00:21:32.0721 1652 tdx - ok
00:21:32.0767 1652 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
00:21:32.0771 1652 TermDD - ok
00:21:32.0841 1652 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
00:21:32.0851 1652 TermService - ok
00:21:32.0884 1652 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
00:21:32.0893 1652 Themes - ok
00:21:32.0945 1652 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
00:21:32.0949 1652 THREADORDER - ok
00:21:32.0994 1652 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
00:21:33.0001 1652 TrkWks - ok
00:21:33.0077 1652 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
00:21:33.0079 1652 TrustedInstaller - ok
00:21:33.0110 1652 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:21:33.0112 1652 tssecsrv - ok
00:21:33.0147 1652 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
00:21:33.0149 1652 TsUsbFlt - ok
00:21:33.0219 1652 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
00:21:33.0224 1652 tunnel - ok
00:21:33.0275 1652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
00:21:33.0277 1652 uagp35 - ok
00:21:33.0343 1652 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
00:21:33.0346 1652 udfs - ok
00:21:33.0402 1652 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
00:21:33.0415 1652 UI0Detect - ok
00:21:33.0460 1652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
00:21:33.0462 1652 uliagpkx - ok
00:21:33.0520 1652 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
00:21:33.0524 1652 umbus - ok
00:21:33.0542 1652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
00:21:33.0544 1652 UmPass - ok
00:21:33.0656 1652 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
00:21:33.0669 1652 upnphost - ok
00:21:33.0729 1652 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
00:21:33.0731 1652 usbaudio - ok
00:21:33.0780 1652 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
00:21:33.0782 1652 usbccgp - ok
00:21:33.0827 1652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
00:21:33.0829 1652 usbcir - ok
00:21:33.0874 1652 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
00:21:33.0876 1652 usbehci - ok
00:21:33.0948 1652 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
00:21:33.0951 1652 usbhub - ok
00:21:33.0997 1652 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
00:21:33.0999 1652 usbohci - ok
00:21:34.0021 1652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
00:21:34.0025 1652 usbprint - ok
00:21:34.0079 1652 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
00:21:34.0081 1652 usbscan - ok
00:21:34.0129 1652 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:21:34.0131 1652 USBSTOR - ok
00:21:34.0173 1652 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
00:21:34.0180 1652 usbuhci - ok
00:21:34.0233 1652 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
00:21:34.0235 1652 usb_rndisx - ok
00:21:34.0281 1652 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
00:21:34.0288 1652 UxSms - ok
00:21:34.0326 1652 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
00:21:34.0330 1652 VaultSvc - ok
00:21:34.0379 1652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
00:21:34.0381 1652 vdrvroot - ok
00:21:34.0459 1652 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
00:21:34.0468 1652 vds - ok
00:21:34.0525 1652 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
00:21:34.0526 1652 vga - ok
00:21:34.0545 1652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
00:21:34.0547 1652 VgaSave - ok
00:21:34.0617 1652 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
00:21:34.0620 1652 vhdmp - ok
00:21:34.0656 1652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
00:21:34.0660 1652 viaagp - ok
00:21:34.0690 1652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
00:21:34.0694 1652 ViaC7 - ok
00:21:34.0720 1652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
00:21:34.0722 1652 viaide - ok
00:21:34.0744 1652 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
00:21:34.0746 1652 volmgr - ok
00:21:34.0789 1652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
00:21:34.0794 1652 volmgrx - ok
00:21:34.0836 1652 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
00:21:34.0839 1652 volsnap - ok
00:21:34.0884 1652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
00:21:34.0886 1652 vsmraid - ok
00:21:35.0011 1652 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
00:21:35.0025 1652 VSS - ok
00:21:35.0055 1652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
00:21:35.0057 1652 vwifibus - ok
00:21:35.0096 1652 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
00:21:35.0099 1652 vwififlt - ok
00:21:35.0151 1652 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
00:21:35.0153 1652 vwifimp - ok
00:21:35.0236 1652 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
00:21:35.0245 1652 W32Time - ok
00:21:35.0286 1652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
00:21:35.0288 1652 WacomPen - ok
00:21:35.0339 1652 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
00:21:35.0342 1652 WANARP - ok
00:21:35.0354 1652 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
00:21:35.0356 1652 Wanarpv6 - ok
00:21:35.0519 1652 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
00:21:35.0530 1652 WatAdminSvc - ok
00:21:35.0648 1652 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
00:21:35.0663 1652 wbengine - ok
00:21:35.0702 1652 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
00:21:35.0717 1652 WbioSrvc - ok
00:21:35.0807 1652 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
00:21:35.0811 1652 WcesComm - ok
00:21:35.0884 1652 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
00:21:35.0892 1652 wcncsvc - ok
00:21:35.0912 1652 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
00:21:35.0919 1652 WcsPlugInService - ok
00:21:35.0991 1652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
00:21:35.0993 1652 Wd - ok
00:21:36.0045 1652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
00:21:36.0050 1652 Wdf01000 - ok
00:21:36.0070 1652 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
00:21:36.0080 1652 WdiServiceHost - ok
00:21:36.0091 1652 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
00:21:36.0100 1652 WdiSystemHost - ok
00:21:36.0156 1652 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
00:21:36.0166 1652 WebClient - ok
00:21:36.0192 1652 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
00:21:36.0202 1652 Wecsvc - ok
00:21:36.0233 1652 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
00:21:36.0240 1652 wercplsupport - ok
00:21:36.0284 1652 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
00:21:36.0291 1652 WerSvc - ok
00:21:36.0343 1652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
00:21:36.0346 1652 WfpLwf - ok
00:21:36.0372 1652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
00:21:36.0374 1652 WIMMount - ok
00:21:36.0539 1652 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
00:21:36.0545 1652 WinDefend - ok
00:21:36.0571 1652 WinHttpAutoProxySvc - ok
00:21:36.0669 1652 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
00:21:36.0672 1652 Winmgmt - ok
00:21:36.0786 1652 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
00:21:36.0802 1652 WinRM - ok
00:21:36.0907 1652 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
00:21:36.0909 1652 WinUsb - ok
00:21:37.0006 1652 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
00:21:37.0020 1652 Wlansvc - ok
00:21:37.0122 1652 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:21:37.0124 1652 wlcrasvc - ok
00:21:37.0304 1652 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:21:37.0317 1652 wlidsvc - ok
00:21:37.0477 1652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
00:21:37.0478 1652 WmiAcpi - ok
00:21:37.0572 1652 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
00:21:37.0575 1652 wmiApSrv - ok
00:21:37.0757 1652 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
00:21:37.0766 1652 WMPNetworkSvc - ok
00:21:37.0800 1652 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
00:21:37.0807 1652 WPCSvc - ok
00:21:37.0863 1652 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
00:21:37.0873 1652 WPDBusEnum - ok
00:21:37.0954 1652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
00:21:37.0956 1652 ws2ifsl - ok
00:21:37.0987 1652 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
00:21:37.0995 1652 wscsvc - ok
00:21:38.0049 1652 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
00:21:38.0051 1652 WSDPrintDevice - ok
00:21:38.0076 1652 WSDScan (7dc0270cfd4a05b4112e3ebbf083b595) C:\Windows\system32\DRIVERS\WSDScan.sys
00:21:38.0078 1652 WSDScan - ok
00:21:38.0093 1652 WSearch - ok
00:21:38.0250 1652 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
00:21:38.0275 1652 wuauserv - ok
00:21:38.0437 1652 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
00:21:38.0440 1652 WudfPf - ok
00:21:38.0477 1652 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:21:38.0479 1652 WUDFRd - ok
00:21:38.0538 1652 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
00:21:38.0546 1652 wudfsvc - ok
00:21:38.0590 1652 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
00:21:38.0600 1652 WwanSvc - ok
00:21:38.0688 1652 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
00:21:38.0690 1652 xusb21 - ok
00:21:38.0762 1652 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
00:21:38.0770 1652 yukonw7 - ok
00:21:38.0864 1652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:21:39.0084 1652 \Device\Harddisk0\DR0 - ok
00:21:39.0093 1652 Boot (0x1200) (70409ae6fda6998c556926a11c1486d4) \Device\Harddisk0\DR0\Partition0
00:21:39.0094 1652 \Device\Harddisk0\DR0\Partition0 - ok
00:21:39.0112 1652 Boot (0x1200) (6ad65bcc9aeff9679cbf3165053cbc05) \Device\Harddisk0\DR0\Partition1
00:21:39.0114 1652 \Device\Harddisk0\DR0\Partition1 - ok
00:21:39.0120 1652 ============================================================
00:21:39.0120 1652 Scan finished
00:21:39.0120 1652 ============================================================
00:21:39.0142 3740 Detected object count: 0
00:21:39.0142 3740 Actual detected object count: 0
-
Having an issue on step 3, getting a pop-up box that says:
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" refers to a location that is unavailable.
Followed the directions exactly,not sure what happened.
-
Here is contents of the ATTACH.txt file:
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/3/2010 3:10:25 PM
System Uptime: 6/22/2012 4:22:38 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0U990C
Processor: Intel® Celeron® CPU 550 @ 2.00GHz | Microprocessor | 1995/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 114.626 GiB free.
D: is CDROM ()
F: is FIXED (FAT32) - 75 GiB total, 45.213 GiB free.
G: is CDROM ()
X: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart D110 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart D110 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP415: 6/5/2012 7:14:22 AM - Windows Update
RP416: 6/8/2012 7:36:42 AM - Windows Update
RP417: 6/12/2012 7:34:13 AM - Windows Update
RP418: 6/13/2012 10:31:51 PM - Windows Update
RP419: 6/19/2012 7:40:19 AM - Windows Update
RP420: 6/21/2012 6:52:16 AM - Windows Update
RP422: 6/21/2012 7:00:53 AM - Windows Live Essentials
RP424: 6/21/2012 7:03:21 AM - Installed DirectX
RP426: 6/21/2012 7:04:54 AM - Installed DirectX
RP428: 6/21/2012 8:18:25 AM - Windows Live Essentials
RP430: 6/21/2012 8:20:28 AM - Installed DirectX
RP432: 6/21/2012 8:21:43 AM - Installed DirectX
RP433: 6/21/2012 8:22:09 AM - WLSetup
RP435: 6/21/2012 10:40:46 AM - Removed RollerCoaster Tycoon 2 Triple Thrill Pack
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
32 Bit HP CIO Components Installer
3DVIA player 5.0.0.20
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Audacity 1.2.6
avast! Free Antivirus
calibre
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP640 series MP Drivers
Canon MP640 series User Registration
Canon Utilities My Printer
D3DX10
EASEUS Partition Master 8.0.1 Home Edition
eReg
Free M4a to MP3 Converter 7.0
Free Mp3 Wma Converter V 2.2
Free Window Registry Repair
Hamster Free EbookConverter
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
ImagXpress
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
Java Auto Updater
Java 6 Update 29
Java 7 Update 2
Junk Mail filter update
LAME v3.98.2 for Audacity
Logitech SetPoint 6.22
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 RsFx Driver
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
Mp3tag v2.49
MS Access 97 SP2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Network
OGA Notifier 2.0.0048.0
PeerBlock 1.1 (r518)
PowerISO
PS_AIO_07_D110_SW_Min
PS3 Media Server
QuickTime
RCT3 Soaked
RICOH R5U8xx Media Driver ver.3.62.02
RollerCoaster Tycoon 2 Triple Thrill Pack
RollerCoaster Tycoon® 3
Sansa Updater
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sql Server Customer Experience Improvement Program
SUPERAntiSpyware
swMSM
Toolbox
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
6/22/2012 6:46:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service.
6/22/2012 5:35:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
6/22/2012 4:43:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
6/22/2012 10:14:47 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.
6/22/2012 1:59:54 PM, Error: Service Control Manager [7000] - The DUALSHOCK3 Controller HID Minidriver (USB) Beta service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
6/22/2012 1:59:54 PM, Error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
6/22/2012 1:59:28 PM, Error: volmgr [46] - Crash dump initialization failed!
6/21/2012 12:46:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
6/21/2012 12:38:54 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
6/17/2012 2:25:17 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting.
6/16/2012 9:08:08 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer EDWIN-VAIO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AD4B7C28-244C-43F0-8FA2-14EDF80. The master browser is stopping or an election is being forced.
6/15/2012 11:57:19 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer JUDITHSTUSS-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AD4B7C28-244C-43F0-8FA2-14E. The master browser is stopping or an election is being forced.
6/15/2012 11:08:55 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.123. The computer with the IP address 192.168.1.125 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================
Utorrent has been uninstalled. Thank you for the fast reply.
-
Whitesmoke toolbar showing up on Firefox.
Here is the DDS:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by John at 18:49:00 on 2012-06-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.979 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3198785
uSearch Bar = Preserve
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live
\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Apple Computer] rundll32.exe "c:\users\john\appdata\local\dfx\apple computer\ryspolxg.dll",CreateInstance
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE -startup
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\john\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\john\appdata\roaming\micros~1\windows\startm~1\programs\startup\roller~1.lnk - c:\users\john\appdata\local\temp\{1f622389-e184-41f9-
b1df-77198c1e351c}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: samsung.com\www
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
TCP: Interfaces\{9320F265-75F3-49E1-8F5C-85C423F568FD} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733} : DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
TCP: Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733}\4646D2772747 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733}\7596C6C69616D637 : DhcpNameServer = 204.186.80.229 216.144.187.101 216.144.187.199
TCP: Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733}\7657563747 : DhcpNameServer = 10.12.10.1 10.21.35.10 10.18.35.10
TCP: Interfaces\{AD4B7C28-244C-43F0-8FA2-14EDF80DC733}\8416E637 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\john\appdata\roaming\mozilla\firefox\profiles\ffnmk6ox.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke US Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspxctid=CT3198785&SearchSource=2&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\john\appdata\roaming\mozilla\firefox\profiles\ffnmk6ox.default\extensions\{cce665dd-f6dd-4808-968e-eaec971f70ef}\plugins\np-mswmp.dll
FF - plugin: c:\users\john\appdata\roaming\mozilla\firefox\profiles\ffnmk6ox.default\extensions\devicedetection@logitech.com\plugins
\npLogitechDeviceDetection.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-21 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-3 337880]
R1 papycpu;papycpu;c:\windows\system32\drivers\papycpu.sys [2011-4-3 1984]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-3 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-2-3 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2012-3-25 44768]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2011-8-23 11392]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-28 257224]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-4-22 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-4-22 8456]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-1-21 33792]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2011-4-3 81168]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-8 129976]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2012-2-8 20080]
S3 PS3 Media Server;PS3 Media Server; [x]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2010-8-14 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2010-8-14 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2010-8-14 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2010-8-14 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2010-8-14 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2010-8-14 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2010-8-14 115752]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-12 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-28 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-7-13 20480]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-8-15 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-8-15 369688]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-06-22 14:24:39 -------- d-----w- c:\users\john\appdata\roaming\SUPERAntiSpyware.com
2012-06-22 14:24:03 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-06-22 14:24:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-06-22 10:51:26 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d6186e0e-a18a-4034-820d-
3c8e137af848}\offreg.dll
2012-06-22 10:50:04 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d6186e0e-a18a-4034-820d-
3c8e137af848}\mpengine.dll
2012-06-22 10:47:09 -------- d-----w- c:\users\john\appdata\local\{5C63912F-64A9-4357-A592-D3B6FCDCC623}
2012-06-22 10:46:43 -------- d-----w- c:\users\john\appdata\local\{48D66B41-BBD3-48B8-AB81-66E0C5D07EDD}
2012-06-21 19:05:45 -------- d-----w- c:\users\john\appdata\local\{AD727E21-C105-46E3-BD0C-A9FBDDBFDCA3}
2012-06-21 19:05:34 -------- d-----w- c:\users\john\appdata\local\{735FCF54-B3C1-477C-A284-6E3045CFD476}
2012-06-21 14:34:04 -------- d-----w- c:\users\john\appdata\roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-06-21 11:12:58 -------- d-----w- c:\windows\en
2012-06-21 11:06:03 -------- d-----w- c:\program files\Adobe Download Assistant
2012-06-21 11:05:30 -------- d-----w- c:\users\john\appdata\local\{3AE0167D-9012-41F3-A58A-F2FC68DEDA0A}
2012-06-21 11:04:37 -------- d-----w- c:\program files\Conduit
2012-06-21 11:04:28 -------- d-----w- c:\users\john\appdata\local\Conduit
2012-06-21 11:00:56 15712 ----a-w- c:\program files\common files\windows live\.cache\21d76b571cd4f9d02\MeshBetaRemover.exe
2012-06-21 11:00:55 537432 ----a-w- c:\program files\common files\windows live\.cache\20d316e71cd4f9d01\DXSETUP.exe
2012-06-21 11:00:54 89944 ----a-w- c:\program files\common files\windows live\.cache\20d316e71cd4f9d01\DSETUP.dll
2012-06-21 11:00:54 1801048 ----a-w- c:\program files\common files\windows live\.cache\20d316e71cd4f9d01\dsetup32.dll
2012-06-21 11:00:39 -------- d-----w- c:\users\john\appdata\local\{58FD684D-33C4-42FD-955A-EA9A4EFF2759}
2012-06-21 11:00:02 -------- d-----w- c:\users\john\appdata\local\{7E08D90A-6206-4B6E-A67C-F9F1A1D557BA}
2012-06-21 10:59:52 -------- d-----w- c:\users\john\appdata\local\{FDF459AA-A107-458F-BC28-BF84B1277EE0}
2012-06-21 10:53:52 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 10:53:52 -------- d-----w- c:\users\john\appdata\local\{9F7C556B-138A-4C08-A717-8D8B66764E3D}
2012-06-21 10:53:23 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 10:53:13 -------- d-----w- c:\users\john\appdata\local\{BAC24AA7-A921-4004-AF0E-03324984E623}
2012-06-21 10:52:47 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-21 10:52:47 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-20 13:37:43 -------- d-----w- c:\users\john\appdata\local\{D4FD3AB5-3316-47EA-87C9-5DDE9B1C27B0}
2012-06-20 13:37:25 -------- d-----w- c:\users\john\appdata\local\{95881B8A-0EBA-40E4-B504-D89128B130B4}
2012-06-16 02:19:26 -------- d-----w- c:\users\john\appdata\local\{49D61010-7B3F-42DB-B396-9911E33223EF}
2012-06-15 13:54:07 -------- d-----w- c:\users\john\appdata\local\{6F23AAB4-13B6-4EA6-BB4C-B4BB2942B2C0}
2012-06-15 01:04:07 -------- d-----w- c:\users\john\appdata\local\{DC1D7565-84E0-4BC2-BF99-9B8D3CEFC244}
2012-06-13 11:40:58 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 11:40:56 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 11:40:54 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 11:40:52 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 11:40:52 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 11:40:51 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 11:40:49 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 11:40:38 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 11:40:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 11:40:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-11 16:54:00 -------- d-----w- c:\users\john\appdata\local\Macromedia
2012-06-06 22:02:21 -------- d-----w- c:\users\john\appdata\local\{A23D4AC7-8DAF-4282-94BD-23391ED1229E}
2012-06-06 22:02:10 -------- d-----w- c:\users\john\appdata\local\{5ADF7BBA-1F5C-4F81-B093-42210A008A94}
2012-06-06 16:45:01 -------- d-----w- c:\users\john\appdata\local\{502BA10A-2CD7-4F9E-86C5-14532F5A0F64}
2012-06-06 16:44:49 -------- d-----w- c:\users\john\appdata\local\{2AFCFD8C-E193-4353-A5D9-7157F65D5E1D}
2012-06-03 23:55:21 -------- d-----w- c:\users\john\appdata\local\{7E6E0E4B-E1D9-4891-8A69-2D0A19F68302}
2012-06-03 23:55:08 -------- d-----w- c:\users\john\appdata\local\{973C4EE3-AEFA-4154-A1FC-51B302A0354E}
2012-05-29 01:33:32 -------- d-----w- c:\users\john\appdata\local\{07E6DAB2-8ACA-49D4-868F-AFAC19089DDA}
2012-05-28 14:05:18 -------- d-----w- c:\users\john\appdata\local\3DVIA
2012-05-28 14:04:57 -------- d-----w- c:\programdata\3DVIA
2012-05-28 14:04:56 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-05-28 14:04:55 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-05-28 14:04:51 -------- d-----w- c:\program files\Virtools
2012-05-28 13:36:31 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-06-11 16:52:48 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-24 16:57:34 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-19 00:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 04:39:37 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-30 10:23:11 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
============= FINISH: 18:49:50.72 ===============
Yet another WhiteSmoke infection
in Resolved Malware Removal Logs
Posted
Actually doing Restart with Add-ons disabled and then selecting Reset tool-bars and controls and reset all user preferences to defaults seems to have taken care of the issue.