Jump to content

Morbius

Members
  • Posts

    12
  • Joined

  • Last visited

Everything posted by Morbius

  1. Thanks for all your help! I'll remember to send along a donation to your paypal when I get some spare cash
  2. Results of screen317's Security Check version 0.99.64 Windows Vista Service Pack 2 x64 Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AntiVir Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware Free Edition Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 23 Java 7 Update 15 Java version out of Date! Adobe Flash Player 11.4.402.265 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome 27.0.1453.110 Google Chrome 27.0.1453.94 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log``````````````````````
  3. My Windows update isn't showing the newest Service Pack. Can I get Service Pack 2 from the Microsoft website?
  4. <div># AdwCleaner v2.302 - Logfile created 06/07/2013 at 04:19:45</div> <div># Updated 06/06/2013 by Xplode</div> <div># Operating system : Windows Vista Home Premium Service Pack 1 (64 bits)</div> <div># User : Morbius Liadon - MORBIUSLIADO-PC</div> <div># Boot Mode : Normal</div> <div># Running from : C:\Users\Morbius Liadon\Downloads\adwcleaner.exe</div> <div># Option [Delete]</div> <div> </div> <div> </div> <div>***** [services] *****</div> <div> </div> <div>Stopped & Deleted : Viewpoint Manager Service</div> <div>Stopped & Deleted : Web Assistant Updater</div> <div> </div> <div>***** [Files / Folders] *****</div> <div> </div> <div>Deleted on reboot : C:\Program Files (x86)\Common Files\Software Update Utility</div> <div>Deleted on reboot : C:\Program Files (x86)\Conduit</div> <div>Deleted on reboot : C:\Program Files (x86)\DAEMON Tools Toolbar</div> <div>Deleted on reboot : C:\Program Files (x86)\Perion</div> <div>Deleted on reboot : C:\Program Files (x86)\PriceGong</div> <div>Deleted on reboot : C:\Program Files (x86)\Viewpoint</div> <div>Deleted on reboot : C:\Program Files\Web Assistant</div> <div>Deleted on reboot : C:\ProgramData\Babylon</div> <div>Deleted on reboot : C:\ProgramData\clsoft ltd</div> <div>Deleted on reboot : C:\ProgramData\InstallMate</div> <div>Deleted on reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong</div> <div>Deleted on reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast</div> <div>Deleted on reboot : C:\ProgramData\Premium</div> <div>Deleted on reboot : C:\ProgramData\Viewpoint</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\boost_interprocess</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\Claro LTD</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\Conduit</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\incredibar.com</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\PriceGong</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\LocalLow\Viewpoint</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Babylon</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\Conduit</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\ConduitCommon</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\CT1060933</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}</div> <div>Deleted on reboot : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}</div> <div>Deleted on reboot : C:\Windows\SysWOW64\AskSearch</div> <div>File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll</div> <div>File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt</div> <div>File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml</div> <div>File Deleted : C:\user.js</div> <div>File Deleted : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\searchplugins\Web Search.xml</div> <div> </div> <div>***** [Registry] *****</div> <div> </div> <div>Key Deleted : HKCU\Software\AppDataLow\Software\Conduit</div> <div>Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong</div> <div>Key Deleted : HKCU\Software\Ask&Record</div> <div>Key Deleted : HKCU\Software\Conduit</div> <div>Key Deleted : HKCU\Software\IM</div> <div>Key Deleted : HKCU\Software\ImInstaller</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4F4C5E11-0612-48D2-8055-987992AAC432}</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}</div> <div>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}</div> <div>Key Deleted : HKCU\Software\PrivitizeVPNInstallDates</div> <div>Key Deleted : HKCU\Software\StartSearch</div> <div>Key Deleted : HKCU\Software\YahooPartnerToolbar</div> <div>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}</div> <div>Key Deleted : HKLM\Software\Babylon</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</div> <div>Key Deleted : HKLM\Software\Conduit</div> <div>Key Deleted : HKLM\Software\Freeze.com</div> <div>Key Deleted : HKLM\Software\MetaStream</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}</div> <div>Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP</div> <div>Key Deleted : HKLM\Software\Viewpoint</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility</div> <div>Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}</div> <div>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}</div> <div>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd</div> <div>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1</div> <div>Key Deleted : HKLM\SOFTWARE\Web Assistant</div> <div>Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]</div> <div>Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]</div> <div>Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]</div> <div>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]</div> <div>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]</div> <div> </div> <div>***** [internet Browsers] *****</div> <div> </div> <div>-\\ Internet Explorer v7.0.6001.18639</div> <div> </div> <div>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 --> hxxp://www.google.com</div> <div>Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 --> hxxp://www.google.com</div> <div>Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 --> hxxp://www.google.com</div> <div>Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms} --> hxxp://www.google.com</div> <div> </div> <div>-\\ Mozilla Firefox v12.0 (en-US)</div> <div> </div> <div>File : C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\prefs.js</div> <div> </div> <div>C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\user.js ... Deleted !</div> <div> </div> <div>Deleted : user_pref("CT1060933..clientLogIsEnabled", false);</div> <div>Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]</div> <div>Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]</div> <div>Deleted : user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);</div> <div>Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");</div> <div>Deleted : user_pref("CT1060933.AppTrackingLastCheckTime", "Sat Jun 11 2011 09:49:06 GMT-0700 (Pacific Daylight[...]</div> <div>Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129681785283868963", true);</div> <div>Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129686665230467549", true);</div> <div>Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_130040833450137909", true);</div> <div>Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_130068876516309164", true);</div> <div>Deleted : user_pref("CT1060933.CTID", "CT1060933");</div> <div>Deleted : user_pref("CT1060933.CommunitiesChangesLastCheckTime", "Tue May 14 2013 16:01:04 GMT-0700 (Pacific D[...]</div> <div>Deleted : user_pref("CT1060933.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...]</div> <div>Deleted : user_pref("CT1060933.CommunityChanged", true);</div> <div>Deleted : user_pref("CT1060933.CurrentServerDate", "15-5-2013");</div> <div>Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");</div> <div>Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Tue May 14 2013 01:28:57 GMT-0700 (Pacific Daylig[...]</div> <div>Deleted : user_pref("CT1060933.DownloadDomainsCheckInterval", "168");</div> <div>Deleted : user_pref("CT1060933.DownloadDomainsListLastCheckTime", "Tue May 14 2013 01:28:56 GMT-0700 (Pacific [...]</div> <div>Deleted : user_pref("CT1060933.DownloadDomainsListLastServerUpdateTime", "1201069983");</div> <div>Deleted : user_pref("CT1060933.DownloadReferralCookieData", "");</div> <div>Deleted : user_pref("CT1060933.FirstServerDate", "26-9-2010");</div> <div>Deleted : user_pref("CT1060933.FirstTime", true);</div> <div>Deleted : user_pref("CT1060933.FirstTimeFF3", true);</div> <div>Deleted : user_pref("CT1060933.FirstTimeSettingsDone", true);</div> <div>Deleted : user_pref("CT1060933.FixPageNotFoundErrors", false);</div> <div>Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);</div> <div>Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");</div> <div>Deleted : user_pref("CT1060933.HasUserGlobalKeys", true);</div> <div>Deleted : user_pref("CT1060933.HomePageProtectorEnabled", false);</div> <div>Deleted : user_pref("CT1060933.HomepageBeforeUnload", "hxxp://www.google.com/");</div> <div>Deleted : user_pref("CT1060933.Initialize", true);</div> <div>Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);</div> <div>Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);</div> <div>Deleted : user_pref("CT1060933.InstalledDate", "Sun Sep 26 2010 12:11:14 GMT-0700 (Pacific Daylight Time)");</div> <div>Deleted : user_pref("CT1060933.InvalidateCache", false);</div> <div>Deleted : user_pref("CT1060933.IsAlertDBUpdated", true);</div> <div>Deleted : user_pref("CT1060933.IsGrouping", false);</div> <div>Deleted : user_pref("CT1060933.IsMulticommunity", true);</div> <div>Deleted : user_pref("CT1060933.IsOpenThankYouPage", true);</div> <div>Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);</div> <div>Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Tue May 14 2013 01:28:57 GMT-0700 (Pacific Dayligh[...]</div> <div>Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);</div> <div>Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]</div> <div>Deleted : user_pref("CT1060933.LastLogin_2.7.2.0", "Sat Mar 26 2011 20:08:06 GMT-0700 (Pacific Daylight Time)"[...]</div> <div>Deleted : user_pref("CT1060933.LastLogin_3.14.1.0", "Sun Aug 12 2012 17:16:34 GMT-0700 (Pacific Daylight Time)[...]</div> <div>Deleted : user_pref("CT1060933.LastLogin_3.15.1.0", "Tue May 14 2013 16:01:04 GMT-0700 (Pacific Daylight Time)[...]</div> <div>Deleted : user_pref("CT1060933.LastLogin_3.3.3.2", "Fri Aug 10 2012 00:02:26 GMT-0700 (Pacific Daylight Time)"[...]</div> <div>Deleted : user_pref("CT1060933.LatestVersion", "3.18.0.7");</div> <div>Deleted : user_pref("CT1060933.Locale", "en-us");</div> <div>Deleted : user_pref("CT1060933.LoginCache", 4);</div> <div>Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");</div> <div>Deleted : user_pref("CT1060933.MCDetectTooltipShow", true);</div> <div>Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");</div> <div>Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");</div> <div>Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);</div> <div>Deleted : user_pref("CT1060933.RadioIsPodcast", false);</div> <div>Deleted : user_pref("CT1060933.RadioLastCheckTime", "Tue May 14 2013 01:28:57 GMT-0700 (Pacific Daylight Time)[...]</div> <div>Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0");</div> <div>Deleted : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");</div> <div>Deleted : user_pref("CT1060933.RadioMediaID", "21504191");</div> <div>Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");</div> <div>Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");</div> <div>Deleted : user_pref("CT1060933.RadioShrinkedFromSetup", false);</div> <div>Deleted : user_pref("CT1060933.RadioStationName", "KFOG");</div> <div>Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");</div> <div>Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 1);</div> <div>Deleted : user_pref("CT1060933.SearchBoxWidth", 150);</div> <div>Deleted : user_pref("CT1060933.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]</div> <div>Deleted : user_pref("CT1060933.SearchEngineBeforeUnload", "Google");</div> <div>Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);</div> <div>Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Tue May 14 2013 01:28:56 GMT-0700 (Pacific Dayli[...]</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]</div> <div>Deleted : user_pref("CT1060933.SearchInNewTabUserEnabled", false);</div> <div>Deleted : user_pref("CT1060933.SearchProtectorEnabled", false);</div> <div>Deleted : user_pref("CT1060933.SearchProtectorToolbarDisabled", false);</div> <div>Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Tue May 14 2013 01:28:56 GMT-0700 (Pacific Daylight [...]</div> <div>Deleted : user_pref("CT1060933.SettingsCheckIntervalMin", 120);</div> <div>Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Tue May 14 2013 16:01:04 GMT-0700 (Pacific Daylight Ti[...]</div> <div>Deleted : user_pref("CT1060933.SettingsLastUpdate", "1368519134");</div> <div>Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);</div> <div>Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Mon May 06 2013 02:56:01 GMT-0700 (Pacific Day[...]</div> <div>Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1331805997");</div> <div>Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");</div> <div>Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]</div> <div>Deleted : user_pref("CT1060933.UserID", "UN56483507517530035");</div> <div>Deleted : user_pref("CT1060933.ValidationData_Search", 2);</div> <div>Deleted : user_pref("CT1060933.ValidationData_Toolbar", 2);</div> <div>Deleted : user_pref("CT1060933.alertChannelId", "15651");</div> <div>Deleted : user_pref("CT1060933.appApproved.129272674122038321", true);</div> <div>Deleted : user_pref("CT1060933.approveUntrustedApps", false);</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e06cg5el8:", "6E6D6C71706B6E6E756F");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737277767174747B75242F4B4947[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b-0?3g>d", "3A6E6B416C6E6E6F7A4648747520774A7C4C254C4D52502A55[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b-0?3g@6:5;", "");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b/556,bi5a>g", "6E6D686B6F6C7070747170747A");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477A213F3E484F4E4D464[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b5ba==9cjag", "6E6E406C6D4341707A78757446734C48787A4C204D");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C71706B6D6E6E70707872");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b9643g3/9e", "6A");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b<:222h64<", "393F352F3E");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b<:222h64<l8daj", "6D7070707673757975702A7A77727C77752178");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b=+03eh8h8j?:", "4443");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage./9b?b0d:8aj62<h", "6D");</div> <div>Deleted : user_pref("CT1060933.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");</div> <div>Deleted : user_pref("CT1060933.backendstorage.acp_personal.appstate", "656E61626C65");</div> <div>Deleted : user_pref("CT1060933.backendstorage.bbactive", "796573");</div> <div>Deleted : user_pref("CT1060933.backendstorage.bbid", "36633030663566373765396432353633");</div> <div>Deleted : user_pref("CT1060933.backendstorage.cb_experience_000", "31");</div> <div>Deleted : user_pref("CT1060933.backendstorage.cb_firstuse0100", "31");</div> <div>Deleted : user_pref("CT1060933.backendstorage.cb_user_id_000", "43423635373536303539343934385F46697265666F78")[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.cbcountry_001", "5553");</div> <div>Deleted : user_pref("CT1060933.backendstorage.cbfirsttime", "4672692041756720313020323031322031393A31323A33382[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.last_client_stats_submit_2", "31333635393439353236");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_last_submit_6", "31333638353732343739");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_site_irrelevant", "31");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_site_new", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_site_not_supported", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_site_supported", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_use_history", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_use_pop", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_use_related", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_stats_stats_use_typed", "30");</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_throttle_baseadd_stats|0|local_cookie_stats_stats_s[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.local_cookie_throttle_baseadd_stats|0|local_cookie_stats_stats_s[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A22436F75706F6E4[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appstate_acplus", "6F6E");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appstate_pricegong", "6F6E");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_appstatereporttime", "31333638353732343637353935");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B22[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_currentversion", "312E342E342E36");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_first_time", "31");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_lastlogintime", "31333638353732343637363634");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C69637[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A227375636365656465[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_showclosebutton", "74727565");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_showwelcomegadget", "66616C7365");</div> <div>Deleted : user_pref("CT1060933.backendstorage.mam_gk_userid", "66373564396337372D363364662D343438332D393063652[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.pg_enable", "66616C7365");</div> <div>Deleted : user_pref("CT1060933.backendstorage.printitgreenstatus", "74727565");</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-country-code", "22555322");</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-experiments-animation", "7B226E616D65223A22302E3735222C22766[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-experiments-hover_effect", "7B226E616D65223A2273686F7274222C[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-experiments-image_analysis", "7B226E616D65223A22776974686F75[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-experiments-placement", "7B226E616D65223A22777265636B2D77696[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-experiments-play_icon", "7B226E616D65223A226E6F222C227665727[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-periodic-reports", "7B227974745F70696E675F30223A5B3133363738[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-user-id", "2265393832346637332D336563342D343434382D623939662[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.sac-yt-first-ping", "31333637383334313733313739");</div> <div>Deleted : user_pref("CT1060933.backendstorage.searchappstate", "33");</div> <div>Deleted : user_pref("CT1060933.backendstorage.searchapptracking", "73656E74");</div> <div>Deleted : user_pref("CT1060933.backendstorage.shoppingapp.gk.exipres", "53756E204F637420313420323031322030363A[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");</div> <div>Deleted : user_pref("CT1060933.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.whitelist", "5B7B226E616D65223A2254696D65222C22646F6D61696E5F726[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.whitelist_ts", "31333638353732343638393932");</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-country-code", "22555322");</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-experiments-design", "7B226E616D65223A2261637475616C6C794C[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-experiments-feed", "7B226E616D65223A22777265636B416E645461[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-experiments-hover_effect", "7B226E616D65223A2268616C66222C[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-experiments-trigger", "7B226E616D65223A2278302E35222C22766[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-periodic-reports", "7B22777265636B5F70696E675F30223A5B3133[...]</div> <div>Deleted : user_pref("CT1060933.backendstorage.wreck-user-id", "2232353864616532622D326537662D343333392D3865393[...]</div> <div>Deleted : user_pref("CT1060933.clientLogIsEnabled", false);</div> <div>Deleted : user_pref("CT1060933.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]</div> <div>Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]</div> <div>Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Mon May 06 2013 02:56:04 GMT-0700 (Pacific [...]</div> <div>Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true);</div> <div>Deleted : user_pref("CT1060933.initDone", true);</div> <div>Deleted : user_pref("CT1060933.isAppTrackingManagerOn", false);</div> <div>Deleted : user_pref("CT1060933.isFirstRadioInstallation", false);</div> <div>Deleted : user_pref("CT1060933.myStuffEnabled", true);</div> <div>Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);</div> <div>Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]</div> <div>Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);</div> <div>Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]</div> <div>Deleted : user_pref("CT1060933.oldAppsList", "200,128346981843587669,128280995260143876,129272674122038321,129[...]</div> <div>Deleted : user_pref("CT1060933.revertSettingsEnabled", false);</div> <div>Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);</div> <div>Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true);</div> <div>Deleted : user_pref("CT1060933.testingCtid", "");</div> <div>Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Tue May 14 2013 01:28:57 GMT-0700 (Pacific D[...]</div> <div>Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Mon May 06 2013 02:56:03 GMT-0700 (Pacific D[...]</div> <div>Deleted : user_pref("CT1060933.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]</div> <div>Deleted : user_pref("CT1060933.usagesFlag", 2);</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/US", "\"0\"");</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]</div> <div>Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]</div> <div>Deleted : user_pref("CommunityToolbar.EngineOwner", "");</div> <div>Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{1392b8d2-5c05-419f-a8f6-b9f15a596612}");</div> <div>Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "freecorder");</div> <div>Deleted : user_pref("CommunityToolbar.IsEngineShown", true);</div> <div>Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);</div> <div>Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Morbius Liadon\\AppData\\Roaming\\M[...]</div> <div>Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");</div> <div>Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/fc6/gadget/video.html", "833x2[...]</div> <div>Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT1060933");</div> <div>Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{1392b8d2-5c05-419f-a8f6-b9f15a596612}");</div> <div>Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "freecorder");</div> <div>Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slir[...]</div> <div>Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");</div> <div>Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");</div> <div>Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Aug 08 2012 19:46:16 GMT-07[...]</div> <div>Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);</div> <div>Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Aug 10 2012 13:44:24 GMT-0700 (Pacif[...]</div> <div>Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");</div> <div>Deleted : user_pref("CommunityToolbar.alert.locale", "en");</div> <div>Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);</div> <div>Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Aug 10 2012 19:46:14 GMT-0700 (Pacific D[...]</div> <div>Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");</div> <div>Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);</div> <div>Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");</div> <div>Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);</div> <div>Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);</div> <div>Deleted : user_pref("CommunityToolbar.alert.userId", "b891c0db-1c1e-476d-9ffa-7bfa92effe3f");</div> <div>Deleted : user_pref("CommunityToolbar.globalUserId", "979d9f46-41b0-481c-8616-8750631276f1");</div> <div>Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);</div> <div>Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);</div> <div>Deleted : user_pref("CommunityToolbar.killedEngine", true);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon May 06 2013 02:56:0[...]</div> <div>Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue May 14 2013 16:01:13 GMT-070[...]</div> <div>Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");</div> <div>Deleted : user_pref("CommunityToolbar.notifications.locale", "en");</div> <div>Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue May 14 2013 01:28:58 GMT-0700 (P[...]</div> <div>Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");</div> <div>Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");</div> <div>Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);</div> <div>Deleted : user_pref("CommunityToolbar.notifications.userId", "a6ba1f96-d4ec-4f43-8892-5cd670fd1a6a");</div> <div>Deleted : user_pref("CommunityToolbar.undefined", "");</div> <div>Deleted : user_pref("aol_toolbar.surf.date", "528");</div> <div>Deleted : user_pref("aol_toolbar.surf.lastDate", "9");</div> <div>Deleted : user_pref("aol_toolbar.surf.lastMonth", "10");</div> <div>Deleted : user_pref("aol_toolbar.surf.lastYear", "2009");</div> <div>Deleted : user_pref("aol_toolbar.surf.mURL", "");</div> <div>Deleted : user_pref("aol_toolbar.surf.mURLh", "0");</div> <div>Deleted : user_pref("aol_toolbar.surf.mURLw", "0");</div> <div>Deleted : user_pref("aol_toolbar.surf.mURLx", "0");</div> <div>Deleted : user_pref("aol_toolbar.surf.mURLy", "0");</div> <div>Deleted : user_pref("aol_toolbar.surf.milestone", "-1");</div> <div>Deleted : user_pref("aol_toolbar.surf.month", "1793");</div> <div>Deleted : user_pref("aol_toolbar.surf.prevMonth", "3337");</div> <div>Deleted : user_pref("aol_toolbar.surf.total", "5143");</div> <div>Deleted : user_pref("aol_toolbar.surf.week", "1040");</div> <div>Deleted : user_pref("aol_toolbar.surf.year", "5129");</div> <div>Deleted : user_pref("browser.search.selectedEngine", "Search The Web (privitize)");</div> <div>Deleted : user_pref("extensions.503e80148ecf8.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]</div> <div>Deleted : user_pref("extensions.5174fe76c3b58.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]</div> <div>Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);</div> <div>Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=116198&tt=431[...]</div> <div>Deleted : user_pref("extensions.claro.admin", false);</div> <div>Deleted : user_pref("extensions.claro.aflt", "babsst");</div> <div>Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");</div> <div>Deleted : user_pref("extensions.claro.dfltLng", "en");</div> <div>Deleted : user_pref("extensions.claro.excTlbr", false);</div> <div>Deleted : user_pref("extensions.claro.id", "dcc2538500000000000000508d9dfb7c");</div> <div>Deleted : user_pref("extensions.claro.instlDay", "15641");</div> <div>Deleted : user_pref("extensions.claro.instlRef", "sst");</div> <div>Deleted : user_pref("extensions.claro.prdct", "claro");</div> <div>Deleted : user_pref("extensions.claro.prtnrId", "claro");</div> <div>Deleted : user_pref("extensions.claro.tlbrId", "claro");</div> <div>Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");</div> <div>Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");</div> <div>Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");</div> <div>Deleted : user_pref("extensions.claro_i.smplGrp", "none");</div> <div>Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1021:34:33");</div> <div>Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);</div> <div>Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);</div> <div>Deleted : user_pref("extensions.incredibar.admin", false);</div> <div>Deleted : user_pref("extensions.incredibar.aflt", "orgnl");</div> <div>Deleted : user_pref("extensions.incredibar.cntry", "US");</div> <div>Deleted : user_pref("extensions.incredibar.dfltLng", "");</div> <div>Deleted : user_pref("extensions.incredibar.dfltSrch", false);</div> <div>Deleted : user_pref("extensions.incredibar.did", "10659");</div> <div>Deleted : user_pref("extensions.incredibar.envrmnt", "production");</div> <div>Deleted : user_pref("extensions.incredibar.excTlbr", false);</div> <div>Deleted : user_pref("extensions.incredibar.hdrMd5", "672AA49938EF436DD61B3E6681620BA3");</div> <div>Deleted : user_pref("extensions.incredibar.hmpg", false);</div> <div>Deleted : user_pref("extensions.incredibar.id", "dcc2538500000000000000508d9dfb7c");</div> <div>Deleted : user_pref("extensions.incredibar.installerproductid", "26");</div> <div>Deleted : user_pref("extensions.incredibar.instlDay", "15581");</div> <div>Deleted : user_pref("extensions.incredibar.instlRef", "");</div> <div>Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);</div> <div>Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1413:49:36");</div> <div>Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");</div> <div>Deleted : user_pref("extensions.incredibar.newTab", false);</div> <div>Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);</div> <div>Deleted : user_pref("extensions.incredibar.ppd", "102%5F6");</div> <div>Deleted : user_pref("extensions.incredibar.prdct", "incredibar");</div> <div>Deleted : user_pref("extensions.incredibar.productid", "26");</div> <div>Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");</div> <div>Deleted : user_pref("extensions.incredibar.sg", "none");</div> <div>Deleted : user_pref("extensions.incredibar.smplGrp", "none");</div> <div>Deleted : user_pref("extensions.incredibar.tlbrId", "base");</div> <div>Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQI3IwssM&loc=IB_T[...]</div> <div>Deleted : user_pref("extensions.incredibar.upn2", "6PQI3IwssM");</div> <div>Deleted : user_pref("extensions.incredibar.upn2n", "92543491238592712");</div> <div>Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");</div> <div>Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1413:49:36");</div> <div>Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");</div> <div>Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");</div> <div>Deleted : user_pref("extensions.incredibar_i.dfltLng", "");</div> <div>Deleted : user_pref("extensions.incredibar_i.did", "10659");</div> <div>Deleted : user_pref("extensions.incredibar_i.excTlbr", false);</div> <div>Deleted : user_pref("extensions.incredibar_i.id", "dcc2538500000000000000508d9dfb7c");</div> <div>Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");</div> <div>Deleted : user_pref("extensions.incredibar_i.instlDay", "15581");</div> <div>Deleted : user_pref("extensions.incredibar_i.instlRef", "");</div> <div>Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");</div> <div>Deleted : user_pref("extensions.incredibar_i.newTab", false);</div> <div>Deleted : user_pref("extensions.incredibar_i.ppd", "102%5F6");</div> <div>Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");</div> <div>Deleted : user_pref("extensions.incredibar_i.productid", "26");</div> <div>Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");</div> <div>Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");</div> <div>Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");</div> <div>Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQI3IwssM&loc=IB[...]</div> <div>Deleted : user_pref("extensions.incredibar_i.upn2", "6PQI3IwssM");</div> <div>Deleted : user_pref("extensions.incredibar_i.upn2n", "92543491238592712");</div> <div>Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");</div> <div>Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1413:49:36");</div> <div>Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");</div> <div>Deleted : user_pref("extensions.privitize.srchPrvdr", "Search The Web (privitize)");</div> <div> </div> <div>-\\ Google Chrome v27.0.1453.110</div> <div> </div> <div>File : C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\User Data\Default\Preferences</div> <div> </div> <div>[OK] File is clean.</div> <div> </div> <div>*************************</div> <div> </div> <div>AdwCleaner[s1].txt - [45934 octets] - [07/06/2013 04:19:45]</div> <div> </div> <div>########## EOF - C:\AdwCleaner[s1].txt - [45995 octets] ##########</div> <div> </div> <div> <div> Results of screen317's Security Check version 0.99.64 </div> <div> Windows Vista Service Pack 1 x64 </div> <div> Out of date service pack!! </div> <div>``````````````Antivirus/Firewall Check:`````````````` </div> <div> Windows Firewall Enabled! </div> <div>AntiVir Desktop </div> <div> Antivirus up to date! </div> <div>`````````Anti-malware/Other Utilities Check:````````` </div> <div> SUPERAntiSpyware Free Edition </div> <div> Malwarebytes Anti-Malware version 1.75.0.1300 </div> <div> Java 6 Update 23 </div> <div> Java 7 Update 15 </div> <div> Java version out of Date! </div> <div> Adobe Flash Player <span class="Apple-tab-span" style="white-space:pre"> </span>11.4.402.265 </div> <div> Adobe Reader 9 Adobe Reader out of Date! </div> <div> Mozilla Firefox 12.0 Firefox out of Date! </div> <div> Google Chrome 27.0.1453.110 </div> <div> Google Chrome 27.0.1453.94 </div> <div>````````Process Check: objlist.exe by Laurent```````` </div> <div> Avira Antivir avgnt.exe </div> <div> Avira Antivir avguard.exe </div> <div>`````````````````System Health check````````````````` </div> <div> Total Fragmentation on Drive C: 0 % </div> <div>````````````````````End of Log`````````````````````` </div> <div> </div> <div> </div> <div>ESET Scan</div> <div> </div> <div> <div>C:\Program Files (x86)\Avira\AntiVir Desktop\ApnIC.dll<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Bundled.Toolbar.Ask application</div> <div>C:\Program Files (x86)\Avira\AntiVir Desktop\ApnToolbarInstaller.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Bundled.Toolbar.Ask application</div> <div>C:\ProgramData\ukprfree\ulklfemon.dll<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/KeyLogger.UltimateKeylogger.AB application</div> <div>C:\Users\All Users\ukprfree\ulklfemon.dll<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/KeyLogger.UltimateKeylogger.AB application</div> <div>C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\za615t@vecbkb.co.uk\content\bg.js<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Adware.MultiPlug.H application</div> <div>C:\Users\Morbius Liadon\Desktop\WAVToMP3.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Adware.RK.AO.Gen application</div> <div>C:\Users\Morbius Liadon\Downloads\cbsidlm-tr1_10a-ReadPlease_2003-ORG-10030557 (1).exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/DownloadAdmin.G application</div> <div>C:\Users\Morbius Liadon\Downloads\cbsidlm-tr1_10a-ReadPlease_2003-ORG-10030557.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/DownloadAdmin.G application</div> <div>C:\Users\Morbius Liadon\Downloads\Grandmas_Boy_(2006)_720p_BrRip_x264_-_600MB_-_YIFY_secure.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/TopMedia.B application</div> <div>C:\Users\Morbius Liadon\Downloads\Hitman_Absolution_SKIDROW.exe<span class="Apple-tab-span" style="white-space:pre"> </span>Win32/Adware.1ClickDownload.S application</div> <div>C:\Users\Morbius Liadon\Downloads\ManyCam.exe<span class="Apple-tab-span" style="white-space:pre"> </span>multiple threats</div> <div>C:\Users\Morbius Liadon\Downloads\VLC_32.exe<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/InstallIQ application</div> <div> </div> </div> </div> <p> </p>
  5. Sorry about the wait, I have been busy at work! Running the scans when I get home.
  6. I'm not sure how that HTML got in the post. Here is the log attached so it will be easier to read. ComboFix.txt
  7. <p>Here is the Combofix log.</p> <p> </p> <div>ComboFix 13-06-03.06 - Morbius Liadon 06/03/2013 21:15:42.1.4 - x64</div> <div>Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.5887.4017 [GMT -7:00]</div> <div>Running from: c:\users\Morbius Liadon\Downloads\ComboFix.exe</div> <div>AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}</div> <div>SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}</div> <div>SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</div> <div>.</div> <div>.</div> <div>((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))</div> <div>.</div> <div>.</div> <div>C:\Install.exe</div> <div>c:\programdata\40492792</div> <div>c:\programdata\MaGniiPuicc</div> <div>c:\programdata\MaGniiPuicc\5174fe76c3c37.tlb</div> <div>c:\programdata\MaGniiPuicc\settings.ini</div> <div>c:\programdata\MaGniiPuicc\uninstall.exe</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\MaGniiPuicc</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\MaGniiPuicc\MaGniiPuicc.lnk</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\MaGniiPuicc\Uninstall.lnk</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\Uninstall wxDownload Fast.lnk</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast on the Web.lnk</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\wxDownload Fast\wxDownload Fast.lnk</div> <div>c:\users\Morbius Liadon\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E688D975-6A94-4E2C-AEBB-049FFB2D461A}.xps</div> <div>c:\users\Morbius Liadon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery</div> <div>c:\users\Morbius Liadon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Uninstall Windows Vista Recovery.lnk</div> <div>c:\users\Morbius Liadon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery\Windows Vista Recovery.lnk</div> <div>c:\windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe</div> <div>c:\windows\SysWow64\URTTemp</div> <div>c:\windows\SysWow64\URTTemp\regtlib.exe</div> <div>.</div> <div>.</div> <div>((((((((((((((((((((((((( Files Created from 2013-05-04 to 2013-06-04 )))))))))))))))))))))))))))))))</div> <div>.</div> <div>.</div> <div>2013-06-04 04:26 . 2013-06-04 04:26<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Mcx1\AppData\Local\temp</div> <div>2013-06-04 04:26 . 2013-06-04 04:26<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Default\AppData\Local\temp</div> <div>2013-06-04 02:51 . 2013-06-04 02:51<span class="Apple-tab-span" style="white-space:pre"> </span>2560<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\_MSRSTRT.EXE</div> <div>2013-06-04 02:47 . 2013-06-04 02:47<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\AppData\Roaming\Sony Online Entertainment</div> <div>2013-06-03 04:15 . 2013-06-03 04:17<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\Game of Thrones S03E09 HDTV x264-EVOLVE[ettv]</div> <div>2013-06-01 08:35 . 2013-06-02 09:18<span class="Apple-tab-span" style="white-space:pre"> </span>76232<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Microsoft\Windows Defender\Definition Updates\{30D11013-79AC-4FE4-819A-F33DA6852BE0}\offreg.dll</div> <div>2013-05-31 10:20 . 2013-05-13 06:37<span class="Apple-tab-span" style="white-space:pre"> </span>9460464<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\programdata\Microsoft\Windows Defender\Definition Updates\{30D11013-79AC-4FE4-819A-F33DA6852BE0}\mpengine.dll</div> <div>2013-05-21 01:20 . 2013-05-21 01:22<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\Game of Thrones S03E08 HDTV x264-EVOLVE[ettv]</div> <div>2013-05-20 12:12 . 2013-05-20 12:12<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Bethesda Softworks</div> <div>2013-05-20 09:20 . 2013-05-20 12:12<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\Dishonored-SKIDROW</div> <div>2013-05-15 16:51 . 2013-05-15 16:51<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\AppData\Local\Octodad</div> <div>2013-05-15 16:46 . 2013-05-15 16:50<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\Octodad</div> <div>2013-05-10 09:42 . 2013-05-14 01:33<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\Farrah Superstar Backdoor Teen Mom</div> <div>2013-05-05 12:58 . 2013-05-05 13:02<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\AppData\Roaming\Blackboard</div> <div>2013-05-05 08:56 . 2013-05-05 08:57<span class="Apple-tab-span" style="white-space:pre"> </span>--------<span class="Apple-tab-span" style="white-space:pre"> </span>d-----w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\users\Morbius Liadon\Game of Thrones S03E05</div> <div>.</div> <div>.</div> <div>.</div> <div>(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))</div> <div>.</div> <div>2013-05-15 10:01 . 2006-11-02 12:35<span class="Apple-tab-span" style="white-space:pre"> </span>75016696<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\mrt.exe</div> <div>2013-05-02 09:06 . 2009-10-03 10:02<span class="Apple-tab-span" style="white-space:pre"> </span>278800<span class="Apple-tab-span" style="white-space:pre"> </span>------w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\MpSigStub.exe</div> <div>2013-04-04 21:50 . 2009-12-12 08:17<span class="Apple-tab-span" style="white-space:pre"> </span>25928<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\mbam.sys</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>78432<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atimpc64.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>78432<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\amdpcom64.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>71704<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atimpc32.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>71704<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\amdpcom32.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>139696<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiuxp64.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>118584<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiuxpag.dll</div> <div>2013-03-29 02:37 . 2012-07-28 01:13<span class="Apple-tab-span" style="white-space:pre"> </span>92304<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiu9pag.dll</div> <div>2013-03-29 02:37 . 2011-04-20 01:21<span class="Apple-tab-span" style="white-space:pre"> </span>112440<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiu9p64.dll</div> <div>2013-03-29 02:37 . 2013-03-29 02:37<span class="Apple-tab-span" style="white-space:pre"> </span>1155264<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\aticfx64.dll</div> <div>2013-03-29 02:37 . 2012-07-28 02:15<span class="Apple-tab-span" style="white-space:pre"> </span>970912<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\aticfx32.dll</div> <div>2013-03-29 02:36 . 2013-03-29 02:36<span class="Apple-tab-span" style="white-space:pre"> </span>8272136<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atidxx64.dll</div> <div>2013-03-29 02:36 . 2013-03-29 02:36<span class="Apple-tab-span" style="white-space:pre"> </span>7233336<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atidxx32.dll</div> <div>2013-03-29 02:36 . 2012-07-28 01:32<span class="Apple-tab-span" style="white-space:pre"> </span>4450264<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiumdva.dll</div> <div>2013-03-29 02:36 . 2012-07-28 04:09<span class="Apple-tab-span" style="white-space:pre"> </span>5944264<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiumdag.dll</div> <div>2013-03-29 02:36 . 2013-03-29 02:36<span class="Apple-tab-span" style="white-space:pre"> </span>5000320<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiumd6a.dll</div> <div>2013-03-29 02:36 . 2013-03-29 02:36<span class="Apple-tab-span" style="white-space:pre"> </span>6985624<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiumd64.dll</div> <div>2013-03-29 02:35 . 2013-03-29 02:35<span class="Apple-tab-span" style="white-space:pre"> </span>11658752<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\atikmdag.sys</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>222720<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\clinfo.exe</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>798734<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\amdocl_ld32.exe</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>1187342<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\amdocl_as64.exe</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>1061902<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\amdocl_ld64.exe</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>995342<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\amdocl_as32.exe</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>76288<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\OpenVideo64.dll</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>65536<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\OpenVideo.dll</div> <div>2013-03-29 02:13 . 2013-03-29 02:13<span class="Apple-tab-span" style="white-space:pre"> </span>64000<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\OVDecode64.dll</div> <div>2013-03-29 02:12 . 2013-03-29 02:12<span class="Apple-tab-span" style="white-space:pre"> </span>56320<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\OVDecode.dll</div> <div>2013-03-29 02:12 . 2013-03-29 02:12<span class="Apple-tab-span" style="white-space:pre"> </span>29150720<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\amdocl64.dll</div> <div>2013-03-29 02:10 . 2013-03-29 02:10<span class="Apple-tab-span" style="white-space:pre"> </span>23810560<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\amdocl.dll</div> <div>2013-03-29 02:09 . 2013-03-29 02:09<span class="Apple-tab-span" style="white-space:pre"> </span>54784<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\OpenCL.dll</div> <div>2013-03-29 02:09 . 2013-03-29 02:09<span class="Apple-tab-span" style="white-space:pre"> </span>50176<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\OpenCL.dll</div> <div>2013-03-29 02:04 . 2013-03-29 02:04<span class="Apple-tab-span" style="white-space:pre"> </span>24229376<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atio6axx.dll</div> <div>2013-03-29 02:00 . 2013-03-29 02:00<span class="Apple-tab-span" style="white-space:pre"> </span>76800<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\coinst_12.104.dll</div> <div>2013-03-29 01:57 . 2013-03-29 01:57<span class="Apple-tab-span" style="white-space:pre"> </span>163840<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiapfxx.exe</div> <div>2013-03-29 01:55 . 2013-03-29 01:55<span class="Apple-tab-span" style="white-space:pre"> </span>51200<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\aticalrt64.dll</div> <div>2013-03-29 01:55 . 2013-03-29 01:55<span class="Apple-tab-span" style="white-space:pre"> </span>46080<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\aticalrt.dll</div> <div>2013-03-29 01:55 . 2013-03-29 01:55<span class="Apple-tab-span" style="white-space:pre"> </span>44544<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\aticalcl64.dll</div> <div>2013-03-29 01:55 . 2013-03-29 01:55<span class="Apple-tab-span" style="white-space:pre"> </span>44032<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\aticalcl.dll</div> <div>2013-03-29 01:55 . 2013-03-29 01:55<span class="Apple-tab-span" style="white-space:pre"> </span>16082944<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\aticaldd64.dll</div> <div>2013-03-29 01:51 . 2013-03-29 01:51<span class="Apple-tab-span" style="white-space:pre"> </span>13703168<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\aticaldd.dll</div> <div>2013-03-29 01:48 . 2013-03-29 01:48<span class="Apple-tab-span" style="white-space:pre"> </span>19870720<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atioglxx.dll</div> <div>2013-03-29 01:35 . 2013-03-29 01:35<span class="Apple-tab-span" style="white-space:pre"> </span>442368<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atidemgy.dll</div> <div>2013-03-29 01:35 . 2013-03-29 01:35<span class="Apple-tab-span" style="white-space:pre"> </span>562688<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atieclxx.exe</div> <div>2013-03-29 01:34 . 2013-03-29 01:34<span class="Apple-tab-span" style="white-space:pre"> </span>241152<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiesrxx.exe</div> <div>2013-03-29 01:33 . 2013-03-29 01:33<span class="Apple-tab-span" style="white-space:pre"> </span>120320<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atitmm64.dll</div> <div>2013-03-29 01:32 . 2013-03-29 01:32<span class="Apple-tab-span" style="white-space:pre"> </span>26112<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atimuixx.dll</div> <div>2013-03-29 01:32 . 2013-03-29 01:32<span class="Apple-tab-span" style="white-space:pre"> </span>59392<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiedu64.dll</div> <div>2013-03-29 01:32 . 2013-03-29 01:32<span class="Apple-tab-span" style="white-space:pre"> </span>43520<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\ati2edxx.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>636416<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiadlxx.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>430080<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiadlxy.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>17920<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atig6pxx.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>14848<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atiglpxx.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>14848<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atiglpxx.dll</div> <div>2013-03-29 01:10 . 2013-03-29 01:10<span class="Apple-tab-span" style="white-space:pre"> </span>44032<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atig6txx.dll</div> <div>2013-03-29 01:09 . 2013-03-29 01:09<span class="Apple-tab-span" style="white-space:pre"> </span>34816<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\SysWow64\atigktxx.dll</div> <div>2013-03-29 01:09 . 2013-03-29 01:09<span class="Apple-tab-span" style="white-space:pre"> </span>581120<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\atikmpag.sys</div> <div>2013-03-29 01:07 . 2013-03-29 01:07<span class="Apple-tab-span" style="white-space:pre"> </span>53248<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\drivers\ati2erec.dll</div> <div>2013-03-29 01:07 . 2011-04-20 01:21<span class="Apple-tab-span" style="white-space:pre"> </span>45056<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\windows\system32\atitmp64.dll</div> <div>.</div> <div>.</div> <div>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))</div> <div>.</div> <div>.</div> <div>*Note* empty entries & legit default entries are not shown </div> <div>REGEDIT4</div> <div>.</div> <div>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]</div> <div>"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-11-26 1525088]</div> <div>.</div> <div>[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]</div> <div>[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]</div> <div>[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]</div> <div>[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]</div> <div>2012-07-12 18:46<span class="Apple-tab-span" style="white-space:pre"> </span>162816<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files\Web Assistant\Extension32.dll</div> <div>.</div> <div>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</div> <div>"Akamai NetSession Interface"="c:\users\Morbius Liadon\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]</div> <div>"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-05-20 399736]</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]</div> <div>"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]</div> <div>"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]</div> <div>"BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2008-11-04 615696]</div> <div>"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-09-19 236016]</div> <div>"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2009-07-31 2023936]</div> <div>"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]</div> <div>"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]</div> <div>"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]</div> <div>"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-01 1263512]</div> <div>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]</div> <div>"PrivitizeVPN"="c:\program files (x86)\PrivitizeVPN\PrivitizeVPN.exe" [2013-04-22 196784]</div> <div>"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]</div> <div>.</div> <div>[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]</div> <div>"LabelMaker2.0"="c:\program files (x86)\Common Files\MySoftware\regdll.dll" [2006-08-03 94208]</div> <div>.</div> <div>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\</div> <div>BDARemote.lnk - c:\program files (x86)\USB TV\EM28XX\BDARemote.exe [2009-11-1 81997]</div> <div>NETGEAR WG111v3 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WG111v3\WG111v3.exe [2008-6-13 2498560]</div> <div>Ultra Hal Text-to-Speech Reader Startup.lnk - [N/A]</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]</div> <div>"EnableUIADesktopToggle"= 0 (0x0)</div> <div>.</div> <div>[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]</div> <div>"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]</div> <div>2009-09-03 22:21<span class="Apple-tab-span" style="white-space:pre"> </span>548352<span class="Apple-tab-span" style="white-space:pre"> </span>----a-w-<span class="Apple-tab-span" style="white-space:pre"> </span>c:\program files (x86)\SUPERAntiSpyware\SASWINLO.dll</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]</div> <div>@="Service"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]</div> <div>Akamai<span class="Apple-tab-span" style="white-space:pre"> </span>REG_MULTI_SZ <span class="Apple-tab-span" style="white-space:pre"> </span>Akamai</div> <div>.</div> <div>HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs</div> <div>Themes</div> <div>.</div> <div>Contents of the 'Scheduled Tasks' folder</div> <div>.</div> <div>2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job</div> <div>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-06 13:02]</div> <div>.</div> <div>2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job</div> <div>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-06 13:02]</div> <div>.</div> <div>2013-06-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3416004185-852997876-3554588183-1000Core.job</div> <div>- c:\users\Morbius Liadon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 21:56]</div> <div>.</div> <div>2013-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3416004185-852997876-3554588183-1000UA.job</div> <div>- c:\users\Morbius Liadon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-31 21:56]</div> <div>.</div> <div>2013-06-03 c:\windows\Tasks\User_Feed_Synchronization-{08F944BC-915C-41C0-834D-0952645B46F2}.job</div> <div>- c:\windows\system32\msfeedssync.exe [2008-01-21 02:50]</div> <div>.</div> <div>.</div> <div>--------- X64 Entries -----------</div> <div>.</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</div> <div>"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2009-09-04 163568]</div> <div>"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2009-07-31 2023936]</div> <div>"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]</div> <div>"Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2009-12-08 8146944]</div> <div>"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]</div> <div>.</div> <div>------- Supplementary Scan -------</div> <div>.</div> <div>uLocal Page = c:\windows\system32\blank.htm</div> <div>mLocal Page = %SystemRoot%\system32\blank.htm</div> <div>uInternet Settings,ProxyOverride = <local></div> <div>uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970</div> <div>mSearchAssistant = hxxp://searchou.com/?q={searchTerms}&id=dcc2538500000000000000508d9dfb7c&r=742</div> <div>Trusted Zone: clonewarsadventures.com</div> <div>Trusted Zone: freerealms.com</div> <div>Trusted Zone: soe.com</div> <div>Trusted Zone: sony.com</div> <div>TCP: DhcpNameServer = 192.168.1.1</div> <div>FF - ProfilePath - c:\users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\</div> <div>FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=</div> <div>FF - prefs.js: browser.search.selectedEngine - Search The Web (privitize)</div> <div>FF - prefs.js: browser.startup.homepage - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c</div> <div>FF - ExtSQL: 2013-05-06 02:55; ffxtlbr@privitize.com; c:\users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\ffxtlbr@privitize.com</div> <div>FF - ExtSQL: 2013-05-06 02:55; za615t@vecbkb.co.uk; c:\users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\za615t@vecbkb.co.uk</div> <div>FF - ExtSQL: !HIDDEN! 2009-09-16 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension</div> <div>FF - user.js: extensions.incredibar_i.newTab - false</div> <div>FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQI3IwssM&loc=IB_TB&i=26&search=</div> <div>FF - user.js: extensions.incredibar_i.id - dcc2538500000000000000508d9dfb7c</div> <div>FF - user.js: extensions.incredibar_i.instlDay - 15581</div> <div>FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14</div> <div>FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14</div> <div>FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1413:49</div> <div>FF - user.js: extensions.incredibar_i.prtnrId - Incredibar</div> <div>FF - user.js: extensions.incredibar_i.prdct - incredibar</div> <div>FF - user.js: extensions.incredibar_i.aflt - orgnl</div> <div>FF - user.js: extensions.incredibar_i.smplGrp - none</div> <div>FF - user.js: extensions.incredibar_i.tlbrId - base</div> <div>FF - user.js: extensions.incredibar_i.instlRef - </div> <div>FF - user.js: extensions.incredibar_i.dfltLng - </div> <div>FF - user.js: extensions.incredibar_i.excTlbr - false</div> <div>FF - user.js: extensions.incredibar_i.ms_url_id - </div> <div>FF - user.js: extensions.incredibar_i.upn2 - 6PQI3IwssM</div> <div>FF - user.js: extensions.incredibar_i.upn2n - 92543491238592712</div> <div>FF - user.js: extensions.incredibar_i.productid - 26</div> <div>FF - user.js: extensions.incredibar_i.installerproductid - 26</div> <div>FF - user.js: extensions.incredibar_i.did - 10659</div> <div>FF - user.js: extensions.incredibar_i.ppd - 102%5F6</div> <div>FF - user.js: extensions.claro.tlbrSrchUrl - </div> <div>FF - user.js: extensions.claro.id - dcc2538500000000000000508d9dfb7c</div> <div>FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}</div> <div>FF - user.js: extensions.claro.instlDay - 15641</div> <div>FF - user.js: extensions.claro.vrsn - 1.8.3.10</div> <div>FF - user.js: extensions.claro.vrsni - 1.8.3.10</div> <div>FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1021:34</div> <div>FF - user.js: extensions.claro.prtnrId - claro</div> <div>FF - user.js: extensions.claro.prdct - claro</div> <div>FF - user.js: extensions.claro.aflt - babsst</div> <div>FF - user.js: extensions.claro_i.smplGrp - none</div> <div>FF - user.js: extensions.claro.tlbrId - claro</div> <div>FF - user.js: extensions.claro.instlRef - sst</div> <div>FF - user.js: extensions.claro.dfltLng - en</div> <div>FF - user.js: extensions.claro.excTlbr - false</div> <div>FF - user.js: extensions.claro.admin - false</div> <div>FF - user.js: extensions.privitize.hpOld0 - hxxp://www.yahoo.com/?ilc=8</div> <div>FF - user.js: extensions.privitize.tlbrSrchUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c&q=</div> <div>FF - user.js: extensions.privitize.id - dcc2538500000000000000508d9dfb7c</div> <div>FF - user.js: extensions.privitize.appId - {301966DF-A84B-4255-AAB9-574B5CE237E4}</div> <div>FF - user.js: extensions.privitize.instlDay - 15817</div> <div>FF - user.js: extensions.privitize.vrsn - 1.8.16.22</div> <div>FF - user.js: extensions.privitize.vrsni - 1.8.16.22</div> <div>FF - user.js: extensions.privitize.vrsnTs - 1.8.16.221:30</div> <div>FF - user.js: extensions.privitize.prtnrId - privitize</div> <div>FF - user.js: extensions.privitize.prdct - privitize</div> <div>FF - user.js: extensions.privitize.aflt - orgnl</div> <div>FF - user.js: extensions.privitize.smplGrp - none</div> <div>FF - user.js: extensions.privitize.tlbrId - base</div> <div>FF - user.js: extensions.privitize.instlRef - </div> <div>FF - user.js: extensions.privitize.dfltLng - </div> <div>FF - user.js: extensions.privitize.excTlbr - true</div> <div>FF - user.js: extensions.privitize.ffxUnstlRst - false</div> <div>FF - user.js: extensions.privitize.admin - false</div> <div>FF - user.js: extensions.privitize.autoRvrt - false</div> <div>FF - user.js: extensions.privitize.rvrt - false</div> <div>FF - user.js: extensions.privitize.hmpg - true</div> <div>FF - user.js: extensions.privitize.hmpgUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c</div> <div>FF - user.js: extensions.privitize.dfltSrch - true</div> <div>FF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize)</div> <div>FF - user.js: extensions.privitize.kw_url - hxxp://searchou.com/?q={searchTerms}&id=dcc2538500000000000000508d9dfb7c</div> <div>FF - user.js: extensions.privitize.dnsErr - true</div> <div>FF - user.js: extensions.privitize.newTab - true</div> <div>FF - user.js: extensions.privitize.newTabUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c</div> <div>.</div> <div>- - - - ORPHANS REMOVED - - - -</div> <div>.</div> <div>Wow6432Node-HKCU-Run-Aim6 - (no file)</div> <div>Wow6432Node-HKCU-Run-AdobeBridge - (no file)</div> <div>Wow6432Node-HKLM-Run-<NO NAME> - (no file)</div> <div>Wow6432Node-HKLM-Run-Freecorder FLV Service - c:\program files (x86)\Freecorder\FLVSrvc.exe</div> <div>SafeBoot-WudfPf</div> <div>SafeBoot-WudfRd</div> <div>AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe</div> <div>AddRemove-{EB03EF39-C655-D560-FA95-79182B837D64} - c:\programdata\MaGniiPuicc\uninstall.exe</div> <div>AddRemove-Gas Properties - c:\windows\system32\javaws.exe</div> <div>.</div> <div>.</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Akamai]</div> <div>"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll"</div> <div>.</div> <div>--------------------- LOCKED REGISTRY KEYS ---------------------</div> <div>.</div> <div>[HKEY_USERS\S-1-5-21-3416004185-852997876-3554588183-1000\Software\SecuROM\License information*]</div> <div>"datasecu"=hex:1c,38,42,42,ec,ad,f4,77,20,e1,7c,1a,ef,07,05,b0,67,09,b5,99,18,</div> <div> c9,30,6a,27,02,fc,22,26,9f,b8,89,07,df,55,90,46,67,68,45,1b,b3,c2,ed,17,0f,\</div> <div>"rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>@="FlashBroker"</div> <div>"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]</div> <div>"Enabled"=dword:00000001</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]</div> <div>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]</div> <div>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>@="Shockwave Flash Object"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]</div> <div>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"</div> <div>"ThreadingModel"="Apartment"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]</div> <div>@="0"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]</div> <div>@="ShockwaveFlash.ShockwaveFlash.11"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</div> <div>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]</div> <div>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]</div> <div>@="1.0"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</div> <div>@="ShockwaveFlash.ShockwaveFlash"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>@="Macromedia Flash Factory Object"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]</div> <div>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"</div> <div>"ThreadingModel"="Apartment"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]</div> <div>@="FlashFactory.FlashFactory.1"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]</div> <div>@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]</div> <div>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]</div> <div>@="1.0"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]</div> <div>@="FlashFactory.FlashFactory"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>@="IFlashBroker4"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]</div> <div>@="{00020424-0000-0000-C000-000000000046}"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]</div> <div>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"</div> <div>"Version"="1.0"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]</div> <div>@="Shockwave Flash"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]</div> <div>@Denied: (A 2) (Everyone)</div> <div>@=""</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]</div> <div>@="FlashBroker"</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]</div> <div>"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,</div> <div> 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\</div> <div>.</div> <div>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]</div> <div>@Denied: (A) (Users)</div> <div>@Denied: (A) (Everyone)</div> <div>@Allowed: (B 1 2 3 4 5) (S-1-5-20)</div> <div>"BlindDial"=dword:00000000</div> <div>.</div> <div>Completion time: 2013-06-03 21:29:04</div> <div>ComboFix-quarantined-files.txt 2013-06-04 04:29</div> <div>.</div> <div>Pre-Run: 165,623,472,128 bytes free</div> <div>Post-Run: 169,671,016,448 bytes free</div> <div>.</div> <div>- - End Of File - - 15A40F0E1B653C3988AAABF67FD0455E</div> <div> </div>
  8. Thanks, these ones worked. Here are the logs. 16:47:18.0846 3588 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 16:47:19.0369 3588 ============================================================ 16:47:19.0369 3588 Current date / time: 2013/06/02 16:47:19.0369 16:47:19.0369 3588 SystemInfo: 16:47:19.0369 3588 16:47:19.0370 3588 OS Version: 6.0.6001 ServicePack: 1.0 16:47:19.0370 3588 Product type: Workstation 16:47:19.0370 3588 ComputerName: MORBIUSLIADO-PC 16:47:19.0370 3588 UserName: Morbius Liadon 16:47:19.0370 3588 Windows directory: C:\Windows 16:47:19.0370 3588 System windows directory: C:\Windows 16:47:19.0370 3588 Running under WOW64 16:47:19.0370 3588 Processor architecture: Intel x64 16:47:19.0370 3588 Number of processors: 4 16:47:19.0370 3588 Page size: 0x1000 16:47:19.0370 3588 Boot type: Normal boot 16:47:19.0370 3588 ============================================================ 16:47:20.0757 3588 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:47:20.0762 3588 ============================================================ 16:47:20.0763 3588 \Device\Harddisk0\DR0: 16:47:20.0763 3588 MBR partitions: 16:47:20.0763 3588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x683B57F0 16:47:20.0763 3588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x683B6000, BlocksNum 0xC34F800 16:47:20.0763 3588 ============================================================ 16:47:20.0798 3588 C: <-> \Device\Harddisk0\DR0\Partition1 16:47:20.0798 3588 ============================================================ 16:47:20.0798 3588 Initialize success 16:47:20.0798 3588 ============================================================ 16:47:23.0755 4700 ============================================================ 16:47:23.0755 4700 Scan started 16:47:23.0755 4700 Mode: Manual; 16:47:23.0755 4700 ============================================================ 16:47:24.0754 4700 ================ Scan system memory ======================== 16:47:24.0754 4700 System memory - ok 16:47:24.0755 4700 ================ Scan services ============================= 16:47:25.0208 4700 [ 8C99ED256A889D647935A97C543B7B85 ] ACPI C:\Windows\system32\drivers\acpi.sys 16:47:25.0212 4700 ACPI - ok 16:47:25.0250 4700 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:47:25.0264 4700 adp94xx - ok 16:47:25.0300 4700 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:47:25.0310 4700 adpahci - ok 16:47:25.0343 4700 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 16:47:25.0350 4700 adpu160m - ok 16:47:25.0374 4700 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:47:25.0382 4700 adpu320 - ok 16:47:25.0417 4700 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:47:25.0418 4700 AeLookupSvc - ok 16:47:25.0450 4700 [ 9BB97042FA331A0FB4BDD98B9280A50A ] AFD C:\Windows\system32\drivers\afd.sys 16:47:25.0453 4700 AFD - ok 16:47:25.0482 4700 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys 16:47:25.0489 4700 agp440 - ok 16:47:25.0535 4700 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys 16:47:25.0550 4700 aic78xx - ok 16:47:25.0773 4700 [ C7074BD8D4B8F564859ED373433030AE ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll 16:47:25.0773 4700 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE 16:47:25.0782 4700 Akamai ( HiddenFile.Multi.Generic ) - warning 16:47:25.0782 4700 Akamai - detected HiddenFile.Multi.Generic (1) 16:47:25.0807 4700 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe 16:47:25.0810 4700 ALG - ok 16:47:25.0826 4700 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys 16:47:25.0830 4700 aliide - ok 16:47:25.0874 4700 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 16:47:25.0877 4700 AMD External Events Utility - ok 16:47:25.0889 4700 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys 16:47:25.0893 4700 amdide - ok 16:47:25.0897 4700 amdide64 - ok 16:47:25.0914 4700 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:47:25.0921 4700 AmdK8 - ok 16:47:26.0204 4700 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 16:47:26.0346 4700 amdkmdag - ok 16:47:26.0381 4700 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 16:47:26.0401 4700 amdkmdap - ok 16:47:26.0496 4700 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 16:47:26.0499 4700 AntiVirSchedulerService - ok 16:47:26.0522 4700 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 16:47:26.0526 4700 AntiVirService - ok 16:47:26.0560 4700 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll 16:47:26.0561 4700 Appinfo - ok 16:47:26.0581 4700 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys 16:47:26.0588 4700 arc - ok 16:47:26.0620 4700 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:47:26.0627 4700 arcsas - ok 16:47:26.0695 4700 aspnet_state - ok 16:47:26.0711 4700 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:47:26.0713 4700 AsyncMac - ok 16:47:26.0729 4700 [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi C:\Windows\system32\drivers\atapi.sys 16:47:26.0730 4700 atapi - ok 16:47:26.0781 4700 [ FAF6F2BD78F98BD55499681E5DA73F73 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH6.sys 16:47:26.0782 4700 AtiHDAudioService - ok 16:47:26.0787 4700 AtiHdmiService - ok 16:47:27.0133 4700 [ 79CC9BE187E3144E1B58A54B842475E7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 16:47:27.0203 4700 atikmdag - ok 16:47:27.0237 4700 [ F3A313050B8CB0608FCE442EDB49554F ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 16:47:27.0237 4700 AtiPcie - ok 16:47:27.0277 4700 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:47:27.0289 4700 AudioEndpointBuilder - ok 16:47:27.0297 4700 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:47:27.0300 4700 AudioSrv - ok 16:47:27.0322 4700 [ B1224E6B086CD6548315B04AB575A23E ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 16:47:27.0324 4700 avgntflt - ok 16:47:27.0358 4700 [ ED45F12CFA62B83765C9C1496758CC87 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 16:47:27.0359 4700 avipbb - ok 16:47:27.0389 4700 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll 16:47:27.0395 4700 BFE - ok 16:47:27.0458 4700 [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS C:\Windows\System32\qmgr.dll 16:47:27.0470 4700 BITS - ok 16:47:27.0528 4700 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 16:47:27.0533 4700 blbdrive - ok 16:47:27.0562 4700 [ F0F035FCEC3554CC1B70C5611BD87951 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:47:27.0563 4700 bowser - ok 16:47:27.0581 4700 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 16:47:27.0595 4700 BrFiltLo - ok 16:47:27.0615 4700 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 16:47:27.0635 4700 BrFiltUp - ok 16:47:27.0656 4700 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll 16:47:27.0658 4700 Browser - ok 16:47:27.0691 4700 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys 16:47:27.0698 4700 Brserid - ok 16:47:27.0714 4700 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 16:47:27.0719 4700 BrSerWdm - ok 16:47:27.0737 4700 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 16:47:27.0740 4700 BrUsbMdm - ok 16:47:27.0752 4700 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 16:47:27.0756 4700 BrUsbSer - ok 16:47:27.0770 4700 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:47:27.0776 4700 BTHMODEM - ok 16:47:27.0802 4700 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:47:27.0805 4700 cdfs - ok 16:47:27.0820 4700 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:47:27.0821 4700 cdrom - ok 16:47:27.0834 4700 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll 16:47:27.0835 4700 CertPropSvc - ok 16:47:27.0856 4700 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys 16:47:27.0862 4700 circlass - ok 16:47:27.0967 4700 [ CAEDA2572B7042B11062F327F099251D ] CLFS C:\Windows\system32\CLFS.sys 16:47:27.0981 4700 CLFS - ok 16:47:28.0013 4700 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:47:28.0028 4700 clr_optimization_v2.0.50727_32 - ok 16:47:28.0099 4700 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:47:28.0106 4700 clr_optimization_v2.0.50727_64 - ok 16:47:28.0168 4700 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:47:28.0196 4700 clr_optimization_v4.0.30319_32 - ok 16:47:28.0236 4700 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:47:28.0244 4700 clr_optimization_v4.0.30319_64 - ok 16:47:28.0261 4700 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:47:28.0266 4700 cmdide - ok 16:47:28.0294 4700 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:47:28.0299 4700 Compbatt - ok 16:47:28.0304 4700 COMSysApp - ok 16:47:28.0317 4700 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:47:28.0318 4700 crcdisk - ok 16:47:28.0337 4700 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:47:28.0339 4700 CryptSvc - ok 16:47:28.0376 4700 [ 9F38FEB92D18468012543E1AFCF79BBC ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 16:47:28.0382 4700 cvhsvc - ok 16:47:28.0463 4700 [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch C:\Windows\system32\rpcss.dll 16:47:28.0474 4700 DcomLaunch - ok 16:47:28.0497 4700 [ 3725C43C9E90731ECA651D506CC599A3 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:47:28.0499 4700 DfsC - ok 16:47:28.0664 4700 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe 16:47:28.0745 4700 DFSR - ok 16:47:28.0772 4700 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 16:47:28.0776 4700 Dhcp - ok 16:47:28.0781 4700 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys 16:47:28.0783 4700 disk - ok 16:47:28.0807 4700 [ DAF05293C1264E251D3A25E7E24B2DDF ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:47:28.0809 4700 Dnscache - ok 16:47:28.0828 4700 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll 16:47:28.0830 4700 dot3svc - ok 16:47:28.0845 4700 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll 16:47:28.0848 4700 DPS - ok 16:47:28.0884 4700 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:47:28.0887 4700 drmkaud - ok 16:47:28.0923 4700 [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:47:28.0933 4700 DXGKrnl - ok 16:47:29.0028 4700 [ 4AF117B55C76CEBFC6C52BFF1EEBAEC5 ] Dyyno Launcher C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe 16:47:29.0030 4700 Dyyno Launcher - ok 16:47:29.0067 4700 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 16:47:29.0110 4700 E1G60 - ok 16:47:29.0131 4700 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll 16:47:29.0133 4700 EapHost - ok 16:47:29.0145 4700 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys 16:47:29.0149 4700 Ecache - ok 16:47:29.0235 4700 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:47:29.0248 4700 ehRecvr - ok 16:47:29.0296 4700 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe 16:47:29.0305 4700 ehSched - ok 16:47:29.0340 4700 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll 16:47:29.0342 4700 ehstart - ok 16:47:29.0367 4700 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:47:29.0517 4700 elxstor - ok 16:47:29.0652 4700 [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt C:\Windows\system32\emdmgmt.dll 16:47:29.0703 4700 EMDMgmt - ok 16:47:29.0723 4700 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:47:29.0727 4700 ErrDev - ok 16:47:29.0755 4700 [ 932C05033053ADA2404FD836C9AB2C70 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys 16:47:29.0761 4700 EuMusDesignVirtualAudioCableWdm - ok 16:47:29.0789 4700 [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem C:\Windows\system32\es.dll 16:47:29.0806 4700 EventSystem - ok 16:47:29.0827 4700 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys 16:47:29.0835 4700 exfat - ok 16:47:29.0855 4700 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:47:29.0863 4700 fastfat - ok 16:47:29.0878 4700 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 16:47:29.0883 4700 fdc - ok 16:47:29.0887 4700 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll 16:47:29.0889 4700 fdPHost - ok 16:47:29.0896 4700 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll 16:47:29.0898 4700 FDResPub - ok 16:47:29.0914 4700 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:47:29.0915 4700 FileInfo - ok 16:47:29.0938 4700 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:47:29.0943 4700 Filetrace - ok 16:47:29.0966 4700 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 16:47:29.0970 4700 flpydisk - ok 16:47:29.0978 4700 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:47:29.0982 4700 FltMgr - ok 16:47:30.0034 4700 [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:47:30.0050 4700 FontCache3.0.0.0 - ok 16:47:30.0068 4700 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:47:30.0072 4700 Fs_Rec - ok 16:47:30.0106 4700 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:47:30.0112 4700 gagp30kx - ok 16:47:30.0160 4700 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll 16:47:30.0177 4700 gpsvc - ok 16:47:30.0226 4700 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:47:30.0227 4700 gupdate - ok 16:47:30.0248 4700 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:47:30.0249 4700 gupdatem - ok 16:47:30.0288 4700 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:47:30.0299 4700 HdAudAddService - ok 16:47:30.0326 4700 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:47:30.0327 4700 HDAudBus - ok 16:47:30.0348 4700 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:47:30.0353 4700 HidBth - ok 16:47:30.0394 4700 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys 16:47:30.0398 4700 HidIr - ok 16:47:30.0420 4700 [ 0AA154538544E988429DA2D5AA803A6C ] hidserv C:\Windows\system32\hidserv.dll 16:47:30.0432 4700 hidserv - ok 16:47:30.0445 4700 [ 128E2DA8483FDD4DD0C7B3F9ABD6F323 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:47:30.0445 4700 HidUsb - ok 16:47:30.0491 4700 [ FD1837DEE0A1D7F180D7B301C0656511 ] HiPatchService C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 16:47:30.0512 4700 HiPatchService - ok 16:47:30.0540 4700 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll 16:47:30.0542 4700 hkmsvc - ok 16:47:30.0569 4700 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 16:47:30.0576 4700 HpCISSs - ok 16:47:30.0766 4700 [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:47:30.0791 4700 HTTP - ok 16:47:30.0809 4700 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys 16:47:30.0815 4700 i2omp - ok 16:47:30.0833 4700 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 16:47:30.0839 4700 i8042prt - ok 16:47:30.0863 4700 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 16:47:30.0872 4700 iaStorV - ok 16:47:30.0968 4700 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 16:47:31.0011 4700 IDriverT - ok 16:47:31.0156 4700 [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:47:31.0247 4700 idsvc - ok 16:47:31.0267 4700 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:47:31.0273 4700 iirsp - ok 16:47:31.0307 4700 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll 16:47:31.0315 4700 IKEEXT - ok 16:47:31.0432 4700 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:47:31.0467 4700 IntcAzAudAddService - ok 16:47:31.0485 4700 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys 16:47:31.0492 4700 intelide - ok 16:47:31.0510 4700 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:47:31.0511 4700 intelppm - ok 16:47:31.0527 4700 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:47:31.0530 4700 IPBusEnum - ok 16:47:31.0554 4700 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:47:31.0560 4700 IpFilterDriver - ok 16:47:31.0594 4700 [ 3A0427F35E7F8C16BBC5B1BE32B8DE76 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:47:31.0607 4700 iphlpsvc - ok 16:47:31.0611 4700 IpInIp - ok 16:47:31.0631 4700 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 16:47:31.0637 4700 IPMIDRV - ok 16:47:31.0656 4700 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 16:47:31.0662 4700 IPNAT - ok 16:47:31.0684 4700 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:47:31.0688 4700 IRENUM - ok 16:47:31.0727 4700 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:47:31.0732 4700 isapnp - ok 16:47:31.0774 4700 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 16:47:31.0813 4700 iScsiPrt - ok 16:47:31.0828 4700 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 16:47:31.0834 4700 iteatapi - ok 16:47:31.0865 4700 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys 16:47:31.0871 4700 iteraid - ok 16:47:31.0892 4700 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:47:31.0898 4700 kbdclass - ok 16:47:31.0907 4700 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:47:31.0908 4700 kbdhid - ok 16:47:31.0929 4700 [ 80F4593E92FF960E4763380D3168E498 ] KeyIso C:\Windows\system32\lsass.exe 16:47:31.0931 4700 KeyIso - ok 16:47:31.0969 4700 [ 7D259F47D8CE1DF9A8E9C9820533191A ] KHCAP C:\Windows\system32\drivers\KHCAP.sys 16:47:31.0975 4700 KHCAP - ok 16:47:32.0012 4700 [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:47:32.0020 4700 KSecDD - ok 16:47:32.0032 4700 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:47:32.0033 4700 ksthunk - ok 16:47:32.0068 4700 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll 16:47:32.0074 4700 KtmRm - ok 16:47:32.0150 4700 [ 3F27C9CDAE606D74431E3AB39571A7F3 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:47:32.0154 4700 LanmanServer - ok 16:47:32.0179 4700 [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:47:32.0183 4700 LanmanWorkstation - ok 16:47:32.0224 4700 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:47:32.0225 4700 lltdio - ok 16:47:32.0258 4700 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:47:32.0268 4700 lltdsvc - ok 16:47:32.0273 4700 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:47:32.0275 4700 lmhosts - ok 16:47:32.0294 4700 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:47:32.0301 4700 LSI_FC - ok 16:47:32.0319 4700 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:47:32.0326 4700 LSI_SAS - ok 16:47:32.0337 4700 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:47:32.0345 4700 LSI_SCSI - ok 16:47:32.0351 4700 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys 16:47:32.0353 4700 luafv - ok 16:47:32.0380 4700 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys 16:47:32.0381 4700 ManyCam - ok 16:47:32.0411 4700 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:47:32.0418 4700 Mcx2Svc - ok 16:47:32.0438 4700 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys 16:47:32.0443 4700 megasas - ok 16:47:32.0467 4700 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys 16:47:32.0480 4700 MegaSR - ok 16:47:32.0511 4700 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll 16:47:32.0513 4700 MMCSS - ok 16:47:32.0528 4700 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys 16:47:32.0530 4700 Modem - ok 16:47:32.0538 4700 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:47:32.0544 4700 monitor - ok 16:47:32.0553 4700 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:47:32.0558 4700 mouclass - ok 16:47:32.0575 4700 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:47:32.0579 4700 mouhid - ok 16:47:32.0584 4700 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 16:47:32.0586 4700 MountMgr - ok 16:47:32.0612 4700 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:47:32.0638 4700 MozillaMaintenance - ok 16:47:32.0654 4700 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys 16:47:32.0673 4700 mpio - ok 16:47:32.0693 4700 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:47:32.0693 4700 mpsdrv - ok 16:47:32.0715 4700 [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc C:\Windows\system32\mpssvc.dll 16:47:32.0724 4700 MpsSvc - ok 16:47:32.0748 4700 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 16:47:32.0754 4700 Mraid35x - ok 16:47:32.0760 4700 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:47:32.0763 4700 MRxDAV - ok 16:47:32.0787 4700 [ B698EB9ACC7ECD4927D99D268918F912 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:47:32.0790 4700 mrxsmb - ok 16:47:32.0805 4700 [ 9A797E27FD28500EE13D43000C931435 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:47:32.0809 4700 mrxsmb10 - ok 16:47:32.0827 4700 [ F9425D610712533107A264E2D5B2154B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:47:32.0829 4700 mrxsmb20 - ok 16:47:32.0848 4700 [ 1AC860612B85D8E85EE257D372E39F4D ] msahci C:\Windows\system32\drivers\msahci.sys 16:47:32.0853 4700 msahci - ok 16:47:32.0866 4700 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:47:32.0873 4700 msdsm - ok 16:47:32.0909 4700 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe 16:47:32.0916 4700 MSDTC - ok 16:47:32.0935 4700 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:47:32.0936 4700 Msfs - ok 16:47:32.0945 4700 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:47:32.0946 4700 msisadrv - ok 16:47:32.0970 4700 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:47:32.0978 4700 MSiSCSI - ok 16:47:32.0982 4700 msiserver - ok 16:47:33.0010 4700 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:47:33.0014 4700 MSKSSRV - ok 16:47:33.0030 4700 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:47:33.0033 4700 MSPCLOCK - ok 16:47:33.0047 4700 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:47:33.0051 4700 MSPQM - ok 16:47:33.0066 4700 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:47:33.0070 4700 MsRPC - ok 16:47:33.0097 4700 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:47:33.0102 4700 mssmbios - ok 16:47:33.0113 4700 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:47:33.0116 4700 MSTEE - ok 16:47:33.0122 4700 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys 16:47:33.0124 4700 Mup - ok 16:47:33.0148 4700 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll 16:47:33.0155 4700 napagent - ok 16:47:33.0195 4700 [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:47:33.0196 4700 NativeWifiP - ok 16:47:33.0229 4700 [ 2A2EE457AF36C5C9A6808C768BD3A12B ] NDIS C:\Windows\system32\drivers\ndis.sys 16:47:33.0238 4700 NDIS - ok 16:47:33.0243 4700 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:47:33.0244 4700 NdisTapi - ok 16:47:33.0253 4700 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:47:33.0258 4700 Ndisuio - ok 16:47:33.0270 4700 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:47:33.0271 4700 NdisWan - ok 16:47:33.0281 4700 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:47:33.0287 4700 NDProxy - ok 16:47:33.0300 4700 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:47:33.0302 4700 NetBIOS - ok 16:47:33.0312 4700 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys 16:47:33.0317 4700 netbt - ok 16:47:33.0321 4700 [ 80F4593E92FF960E4763380D3168E498 ] Netlogon C:\Windows\system32\lsass.exe 16:47:33.0322 4700 Netlogon - ok 16:47:33.0348 4700 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll 16:47:33.0354 4700 Netman - ok 16:47:33.0397 4700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:47:33.0417 4700 NetMsmqActivator - ok 16:47:33.0422 4700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:47:33.0423 4700 NetPipeActivator - ok 16:47:33.0450 4700 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll 16:47:33.0455 4700 netprofm - ok 16:47:33.0460 4700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:47:33.0461 4700 NetTcpActivator - ok 16:47:33.0466 4700 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:47:33.0468 4700 NetTcpPortSharing - ok 16:47:33.0486 4700 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:47:33.0492 4700 nfrd960 - ok 16:47:33.0512 4700 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll 16:47:33.0517 4700 NlaSvc - ok 16:47:33.0522 4700 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:47:33.0523 4700 Npfs - ok 16:47:33.0532 4700 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll 16:47:33.0535 4700 nsi - ok 16:47:33.0544 4700 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:47:33.0549 4700 nsiproxy - ok 16:47:33.0586 4700 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:47:33.0605 4700 Ntfs - ok 16:47:33.0615 4700 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys 16:47:33.0615 4700 Null - ok 16:47:33.0640 4700 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:47:33.0647 4700 nvraid - ok 16:47:33.0667 4700 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:47:33.0673 4700 nvstor - ok 16:47:33.0690 4700 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:47:33.0698 4700 nv_agp - ok 16:47:33.0702 4700 NwlnkFlt - ok 16:47:33.0707 4700 NwlnkFwd - ok 16:47:33.0743 4700 [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:47:33.0750 4700 ohci1394 - ok 16:47:33.0778 4700 [ 067DB5B067722997FCAFE1858163D411 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:47:33.0787 4700 ose - ok 16:47:33.0953 4700 [ 458169BA54CCF47D178DCB40D8158A7D ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:47:34.0041 4700 osppsvc - ok 16:47:34.0070 4700 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll 16:47:34.0082 4700 p2pimsvc - ok 16:47:34.0096 4700 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll 16:47:34.0102 4700 p2psvc - ok 16:47:34.0115 4700 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys 16:47:34.0121 4700 Parport - ok 16:47:34.0128 4700 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:47:34.0130 4700 partmgr - ok 16:47:34.0149 4700 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll 16:47:34.0151 4700 PcaSvc - ok 16:47:34.0166 4700 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys 16:47:34.0168 4700 pci - ok 16:47:34.0217 4700 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys 16:47:34.0218 4700 pciide - ok 16:47:34.0255 4700 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:47:34.0265 4700 pcmcia - ok 16:47:34.0296 4700 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:47:34.0303 4700 PEAUTH - ok 16:47:34.0387 4700 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:47:34.0389 4700 PerfHost - ok 16:47:34.0470 4700 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll 16:47:34.0488 4700 pla - ok 16:47:34.0513 4700 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:47:34.0518 4700 PlugPlay - ok 16:47:34.0533 4700 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 16:47:34.0538 4700 PNRPAutoReg - ok 16:47:34.0552 4700 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll 16:47:34.0558 4700 PNRPsvc - ok 16:47:34.0584 4700 [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:47:34.0592 4700 PolicyAgent - ok 16:47:34.0606 4700 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:47:34.0613 4700 PptpMiniport - ok 16:47:34.0635 4700 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys 16:47:34.0641 4700 Processor - ok 16:47:34.0660 4700 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll 16:47:34.0664 4700 ProfSvc - ok 16:47:34.0674 4700 [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:47:34.0676 4700 ProtectedStorage - ok 16:47:34.0699 4700 [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched C:\Windows\system32\DRIVERS\pacer.sys 16:47:34.0700 4700 PSched - ok 16:47:34.0735 4700 [ A6BF0A9B5A30D743623CA0D3BE35DF05 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 16:47:34.0736 4700 PxHlpa64 - ok 16:47:34.0782 4700 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:47:34.0805 4700 ql2300 - ok 16:47:34.0821 4700 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:47:34.0829 4700 ql40xx - ok 16:47:34.0855 4700 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll 16:47:34.0860 4700 QWAVE - ok 16:47:34.0872 4700 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:47:34.0873 4700 QWAVEdrv - ok 16:47:34.0884 4700 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:47:34.0885 4700 RasAcd - ok 16:47:34.0906 4700 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll 16:47:34.0909 4700 RasAuto - ok 16:47:34.0926 4700 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:47:34.0947 4700 Rasl2tp - ok 16:47:34.0969 4700 [ 2A63D46B01685FD4BE9778CA3C231C2D ] RasMan C:\Windows\System32\rasmans.dll 16:47:34.0973 4700 RasMan - ok 16:47:34.0983 4700 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:47:34.0989 4700 RasPppoe - ok 16:47:34.0995 4700 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:47:34.0996 4700 RasSstp - ok 16:47:35.0030 4700 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:47:35.0076 4700 rdbss - ok 16:47:35.0126 4700 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:47:35.0127 4700 RDPCDD - ok 16:47:35.0154 4700 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 16:47:35.0163 4700 rdpdr - ok 16:47:35.0168 4700 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:47:35.0171 4700 RDPENCDD - ok 16:47:35.0210 4700 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:47:35.0219 4700 RDPWD - ok 16:47:35.0251 4700 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:47:35.0253 4700 RemoteAccess - ok 16:47:35.0268 4700 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:47:35.0278 4700 RemoteRegistry - ok 16:47:35.0329 4700 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys 16:47:35.0333 4700 RimUsb - ok 16:47:35.0360 4700 [ 0DE22421179D5A8440B68517DDF2B051 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 16:47:35.0361 4700 RimVSerPort - ok 16:47:35.0397 4700 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys 16:47:35.0398 4700 ROOTMODEM - ok 16:47:35.0458 4700 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe 16:47:35.0479 4700 Roxio UPnP Renderer 9 - ok 16:47:35.0528 4700 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe 16:47:35.0556 4700 Roxio Upnp Server 9 - ok 16:47:35.0604 4700 [ 36298AD2C6EC49A56A94580EFC112D5A ] RoxLiveShare9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe 16:47:35.0634 4700 RoxLiveShare9 - ok 16:47:35.0683 4700 [ A9EFCEAC45EDE62CA05BB966B4798A14 ] RoxMediaDB9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe 16:47:35.0718 4700 RoxMediaDB9 - ok 16:47:35.0746 4700 [ 5BD1FD70536147E393B39F86B9D13A92 ] RoxWatch9 C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe 16:47:35.0775 4700 RoxWatch9 - ok 16:47:35.0796 4700 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe 16:47:35.0798 4700 RpcLocator - ok 16:47:35.0828 4700 [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs C:\Windows\system32\rpcss.dll 16:47:35.0833 4700 RpcSs - ok 16:47:35.0843 4700 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:47:35.0849 4700 rspndr - ok 16:47:35.0891 4700 [ C6701C5F6781D7DED9208A4D554AC37B ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys 16:47:35.0891 4700 RTL8169 - ok 16:47:35.0929 4700 [ C979AB0ECAE51A091770A54CF64D791B ] RTL8187B C:\Windows\system32\DRIVERS\wg111v3.sys 16:47:35.0940 4700 RTL8187B - ok 16:47:35.0975 4700 [ D1664991A07ACF2703D4A4E5BE4B6C80 ] RtlProt C:\Windows\system32\DRIVERS\rtlprot.sys 16:47:35.0979 4700 RtlProt - ok 16:47:35.0984 4700 [ 80F4593E92FF960E4763380D3168E498 ] SamSs C:\Windows\system32\lsass.exe 16:47:35.0985 4700 SamSs - ok 16:47:36.0025 4700 [ 5BF35C4EA3F00FA8D3F1E5BF03D24584 ] SASDIFSV C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS 16:47:36.0046 4700 SASDIFSV - ok 16:47:36.0076 4700 [ A22F08C98AC2F44587BF3A1FB52BF8CD ] SASENUM C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS 16:47:36.0094 4700 SASENUM - ok 16:47:36.0115 4700 [ C7D81C10D3BEFEEE41F3408714637438 ] SASKUTIL C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys 16:47:36.0123 4700 SASKUTIL - ok 16:47:36.0172 4700 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:47:36.0190 4700 sbp2port - ok 16:47:36.0220 4700 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:47:36.0224 4700 SCardSvr - ok 16:47:36.0260 4700 [ CE75D26E0A1106129F4D156851E298ED ] Schedule C:\Windows\system32\schedsvc.dll 16:47:36.0273 4700 Schedule - ok 16:47:36.0318 4700 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:47:36.0319 4700 SCPolicySvc - ok 16:47:36.0343 4700 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:47:36.0347 4700 SDRSVC - ok 16:47:36.0357 4700 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:47:36.0358 4700 secdrv - ok 16:47:36.0364 4700 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll 16:47:36.0366 4700 seclogon - ok 16:47:36.0380 4700 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll 16:47:36.0383 4700 SENS - ok 16:47:36.0403 4700 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys 16:47:36.0409 4700 Serenum - ok 16:47:36.0431 4700 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys 16:47:36.0438 4700 Serial - ok 16:47:36.0457 4700 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:47:36.0462 4700 sermouse - ok 16:47:36.0489 4700 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll 16:47:36.0491 4700 SessionEnv - ok 16:47:36.0504 4700 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:47:36.0508 4700 sffdisk - ok 16:47:36.0517 4700 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:47:36.0522 4700 sffp_mmc - ok 16:47:36.0534 4700 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:47:36.0539 4700 sffp_sd - ok 16:47:36.0551 4700 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:47:36.0556 4700 sfloppy - ok 16:47:36.0611 4700 [ 6532F56E1BD7FE50E1352B909530C651 ] sftfs C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys 16:47:36.0627 4700 sftfs - ok 16:47:36.0648 4700 [ 596E6F76832E9BC6275F805F81C08085 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 16:47:36.0653 4700 sftlist - ok 16:47:36.0668 4700 [ E6FF02B1BD81EA2F6894066D5CB6D91E ] sftplay C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys 16:47:36.0677 4700 sftplay - ok 16:47:36.0701 4700 [ CFFB30B10C66F9A8C6A70D105BD4DE8D ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 16:47:36.0702 4700 Sftredir - ok 16:47:36.0717 4700 [ BAF32EF413025559C23754AFCABCA90A ] sftvol C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys 16:47:36.0718 4700 sftvol - ok 16:47:36.0730 4700 [ 741C2E8439E06670A9BA754AB27DD4A7 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 16:47:36.0732 4700 sftvsa - ok 16:47:36.0758 4700 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:47:36.0764 4700 SharedAccess - ok 16:47:36.0805 4700 [ 9235EC680D3DB17464B39C7C7DECB4DD ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:47:36.0811 4700 ShellHWDetection - ok 16:47:36.0833 4700 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 16:47:36.0839 4700 SiSRaid2 - ok 16:47:36.0856 4700 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:47:36.0863 4700 SiSRaid4 - ok 16:47:36.0915 4700 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 16:47:36.0972 4700 SkypeUpdate - ok 16:47:37.0032 4700 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe 16:47:37.0073 4700 slsvc - ok 16:47:37.0089 4700 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 16:47:37.0091 4700 SLUINotify - ok 16:47:37.0127 4700 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:47:37.0129 4700 Smb - ok 16:47:37.0148 4700 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:47:37.0150 4700 SNMPTRAP - ok 16:47:37.0158 4700 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys 16:47:37.0160 4700 spldr - ok 16:47:37.0193 4700 [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler C:\Windows\System32\spoolsv.exe 16:47:37.0223 4700 Spooler - ok 16:47:37.0295 4700 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys 16:47:37.0296 4700 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB 16:47:37.0297 4700 sptd ( LockedFile.Multi.Generic ) - warning 16:47:37.0297 4700 sptd - detected LockedFile.Multi.Generic (1) 16:47:37.0356 4700 [ A8ABD7D0D907B45CF3831F4DD8644349 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:47:37.0363 4700 srv - ok 16:47:37.0380 4700 [ 6C72EEA39E1C37B436A6D1532999F9EC ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:47:37.0383 4700 srv2 - ok 16:47:37.0399 4700 [ 7F69BCF9E6FA3D93C82EE6B87812666D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:47:37.0401 4700 srvnet - ok 16:47:37.0413 4700 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:47:37.0416 4700 SSDPSRV - ok 16:47:37.0442 4700 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:47:37.0446 4700 SstpSvc - ok 16:47:37.0460 4700 Steam Client Service - ok 16:47:37.0487 4700 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll 16:47:37.0503 4700 stisvc - ok 16:47:37.0515 4700 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:47:37.0515 4700 swenum - ok 16:47:37.0599 4700 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 16:47:37.0635 4700 SwitchBoard - ok 16:47:37.0665 4700 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll 16:47:37.0673 4700 swprv - ok 16:47:37.0695 4700 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 16:47:37.0700 4700 Symc8xx - ok 16:47:37.0734 4700 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 16:47:37.0740 4700 Sym_hi - ok 16:47:37.0749 4700 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 16:47:37.0755 4700 Sym_u3 - ok 16:47:37.0790 4700 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll 16:47:37.0799 4700 SysMain - ok 16:47:37.0816 4700 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:47:37.0818 4700 TabletInputService - ok 16:47:37.0838 4700 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll 16:47:37.0844 4700 TapiSrv - ok 16:47:37.0855 4700 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll 16:47:37.0863 4700 TBS - ok 16:47:37.0915 4700 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:47:37.0933 4700 Tcpip - ok 16:47:37.0964 4700 [ 7D86275FB640011B372FD566C0EAFA8D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 16:47:37.0972 4700 Tcpip6 - ok 16:47:37.0982 4700 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:47:38.0004 4700 tcpipreg - ok 16:47:38.0019 4700 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:47:38.0024 4700 TDPIPE - ok 16:47:38.0040 4700 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:47:38.0044 4700 TDTCP - ok 16:47:38.0062 4700 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:47:38.0063 4700 tdx - ok 16:47:38.0077 4700 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:47:38.0083 4700 TermDD - ok 16:47:38.0116 4700 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll 16:47:38.0125 4700 TermService - ok 16:47:38.0133 4700 [ 9235EC680D3DB17464B39C7C7DECB4DD ] Themes C:\Windows\system32\shsvcs.dll 16:47:38.0137 4700 Themes - ok 16:47:38.0149 4700 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll 16:47:38.0151 4700 THREADORDER - ok 16:47:38.0165 4700 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll 16:47:38.0169 4700 TrkWks - ok 16:47:38.0204 4700 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:47:38.0205 4700 TrustedInstaller - ok 16:47:38.0251 4700 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:47:38.0252 4700 tssecsrv - ok 16:47:38.0269 4700 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 16:47:38.0270 4700 tunmp - ok 16:47:38.0309 4700 [ 2DC2C423572946E9A3131425BDA73CB6 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:47:38.0310 4700 tunnel - ok 16:47:38.0332 4700 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:47:38.0338 4700 uagp35 - ok 16:47:38.0377 4700 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:47:38.0387 4700 udfs - ok 16:47:38.0412 4700 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:47:38.0415 4700 UI0Detect - ok 16:47:38.0432 4700 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:47:38.0438 4700 uliagpkx - ok 16:47:38.0460 4700 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys 16:47:38.0470 4700 uliahci - ok 16:47:38.0487 4700 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys 16:47:38.0494 4700 UlSata - ok 16:47:38.0513 4700 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 16:47:38.0522 4700 ulsata2 - ok 16:47:38.0544 4700 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:47:38.0549 4700 umbus - ok 16:47:38.0576 4700 [ 01ABE05C401E70795B43A8933B44831E ] UMPass C:\Windows\system32\DRIVERS\umpass.sys 16:47:38.0581 4700 UMPass - ok 16:47:38.0600 4700 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll 16:47:38.0608 4700 upnphost - ok 16:47:38.0660 4700 [ C899FB269BE4740DBE2801B204CD71D4 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 16:47:38.0667 4700 usbaudio - ok 16:47:38.0714 4700 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:47:38.0715 4700 usbccgp - ok 16:47:38.0742 4700 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:47:38.0751 4700 usbcir - ok 16:47:38.0764 4700 [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:47:38.0770 4700 usbehci - ok 16:47:38.0790 4700 [ 99045369AE3216216573D0775FD7ED56 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:47:38.0795 4700 usbhub - ok 16:47:38.0827 4700 [ 540B622DA0949695C40CDC9D5D497A8B ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 16:47:38.0831 4700 usbohci - ok 16:47:38.0873 4700 [ 07E2F74BA2930A302C96E027CF03CD34 ] USBPNPA C:\Windows\system32\drivers\CM10864.sys 16:47:38.0886 4700 USBPNPA - ok 16:47:38.0926 4700 [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 16:47:38.0942 4700 usbprint - ok 16:47:38.0970 4700 [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 16:47:38.0975 4700 usbscan - ok 16:47:39.0016 4700 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:47:39.0032 4700 USBSTOR - ok 16:47:39.0054 4700 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 16:47:39.0058 4700 usbuhci - ok 16:47:39.0105 4700 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 16:47:39.0112 4700 usbvideo - ok 16:47:39.0141 4700 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll 16:47:39.0143 4700 UxSms - ok 16:47:39.0162 4700 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe 16:47:39.0170 4700 vds - ok 16:47:39.0191 4700 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:47:39.0196 4700 vga - ok 16:47:39.0211 4700 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:47:39.0212 4700 VgaSave - ok 16:47:39.0234 4700 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys 16:47:39.0250 4700 viaide - ok 16:47:39.0285 4700 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe 16:47:39.0309 4700 Viewpoint Manager Service - ok 16:47:39.0327 4700 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:47:39.0329 4700 volmgr - ok 16:47:39.0338 4700 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:47:39.0344 4700 volmgrx - ok 16:47:39.0366 4700 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:47:39.0370 4700 volsnap - ok 16:47:39.0396 4700 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:47:39.0403 4700 vsmraid - ok 16:47:39.0455 4700 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe 16:47:39.0477 4700 VSS - ok 16:47:39.0497 4700 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll 16:47:39.0504 4700 W32Time - ok 16:47:39.0527 4700 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:47:39.0531 4700 WacomPen - ok 16:47:39.0555 4700 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 16:47:39.0556 4700 Wanarp - ok 16:47:39.0560 4700 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:47:39.0561 4700 Wanarpv6 - ok 16:47:39.0583 4700 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:47:39.0592 4700 wcncsvc - ok 16:47:39.0606 4700 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:47:39.0609 4700 WcsPlugInService - ok 16:47:39.0623 4700 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys 16:47:39.0628 4700 Wd - ok 16:47:39.0663 4700 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:47:39.0672 4700 Wdf01000 - ok 16:47:39.0683 4700 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:47:39.0686 4700 WdiServiceHost - ok 16:47:39.0690 4700 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:47:39.0692 4700 WdiSystemHost - ok 16:47:39.0756 4700 [ 58C93841B12E5897651EF3342F09C9F1 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 16:47:39.0757 4700 Web Assistant Updater - ok 16:47:39.0770 4700 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll 16:47:39.0775 4700 WebClient - ok 16:47:39.0810 4700 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:47:39.0815 4700 Wecsvc - ok 16:47:39.0831 4700 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:47:39.0834 4700 wercplsupport - ok 16:47:39.0855 4700 [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc C:\Windows\System32\WerSvc.dll 16:47:39.0859 4700 WerSvc - ok 16:47:39.0874 4700 WinDefend - ok 16:47:39.0882 4700 WinHttpAutoProxySvc - ok 16:47:39.0919 4700 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:47:39.0930 4700 Winmgmt - ok 16:47:39.0987 4700 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll 16:47:40.0015 4700 WinRM - ok 16:47:40.0053 4700 [ 2215B7B794B3B7E5CC9FC423E985E2AA ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys 16:47:40.0060 4700 WinUSB - ok 16:47:40.0108 4700 [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc C:\Windows\System32\wlansvc.dll 16:47:40.0117 4700 Wlansvc - ok 16:47:40.0183 4700 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:47:40.0212 4700 wlidsvc - ok 16:47:40.0232 4700 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 16:47:40.0236 4700 WmiAcpi - ok 16:47:40.0281 4700 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:47:40.0289 4700 wmiApSrv - ok 16:47:40.0299 4700 WMPNetworkSvc - ok 16:47:40.0328 4700 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:47:40.0332 4700 WPCSvc - ok 16:47:40.0344 4700 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:47:40.0348 4700 WPDBusEnum - ok 16:47:40.0390 4700 [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 16:47:40.0395 4700 WpdUsb - ok 16:47:40.0505 4700 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 16:47:40.0515 4700 WPFFontCache_v0400 - ok 16:47:40.0535 4700 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:47:40.0539 4700 ws2ifsl - ok 16:47:40.0556 4700 [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc C:\Windows\System32\wscsvc.dll 16:47:40.0559 4700 wscsvc - ok 16:47:40.0563 4700 WSearch - ok 16:47:40.0630 4700 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll 16:47:40.0660 4700 wuauserv - ok 16:47:40.0680 4700 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:47:40.0681 4700 WudfPf - ok 16:47:40.0706 4700 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:47:40.0714 4700 WUDFRd - ok 16:47:40.0726 4700 [ 3DCC7BF5AFA921B479E622BD999121F3 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:47:40.0729 4700 wudfsvc - ok 16:47:40.0781 4700 [ DA1C23F65EF1894AB5B6FF79D81F544A ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys 16:47:40.0801 4700 xnacc - ok 16:47:40.0839 4700 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys 16:47:40.0845 4700 xusb21 - ok 16:47:40.0888 4700 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 16:47:40.0924 4700 YahooAUService - ok 16:47:41.0129 4700 [ 9D6545A29F9E556E3EB7B2B565612B9A ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe 16:47:41.0244 4700 ZuneNetworkSvc - ok 16:47:41.0270 4700 [ A462202521D21127910F51D1C2BBE1AE ] ZuneWlanCfgSvc c:\Windows\system32\ZuneWlanCfgSvc.exe 16:47:41.0289 4700 ZuneWlanCfgSvc - ok 16:47:41.0300 4700 ================ Scan global =============================== 16:47:41.0321 4700 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll 16:47:41.0358 4700 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll 16:47:41.0372 4700 [ 2D94E4CE322F12061D3FA7DBE65E9AC5 ] C:\Windows\system32\winsrv.dll 16:47:41.0405 4700 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe 16:47:41.0409 4700 [Global] - ok 16:47:41.0409 4700 ================ Scan MBR ================================== 16:47:41.0416 4700 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 16:47:41.0774 4700 \Device\Harddisk0\DR0 - ok 16:47:41.0775 4700 ================ Scan VBR ================================== 16:47:41.0778 4700 [ 87CB1B07CB173479F0AE8D3DC675FC6D ] \Device\Harddisk0\DR0\Partition1 16:47:41.0780 4700 \Device\Harddisk0\DR0\Partition1 - ok 16:47:41.0813 4700 [ EA514D21F14FAD668BB6CEDA4958F98F ] \Device\Harddisk0\DR0\Partition2 16:47:41.0815 4700 \Device\Harddisk0\DR0\Partition2 - ok 16:47:41.0815 4700 ============================================================ 16:47:41.0815 4700 Scan finished 16:47:41.0815 4700 ============================================================ 16:47:41.0823 3128 Detected object count: 2 16:47:41.0823 3128 Actual detected object count: 2 16:47:50.0769 3128 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 16:47:50.0769 3128 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 16:47:50.0769 3128 sptd ( LockedFile.Multi.Generic ) - skipped by user 16:47:50.0769 3128 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 16:48:54.0970 2944 Deinitialize success aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-06-02 16:49:14 ----------------------------- 16:49:14.442 OS Version: Windows x64 6.0.6001 Service Pack 1 16:49:14.443 Number of processors: 4 586 0xF0B 16:49:14.443 ComputerName: MORBIUSLIADO-PC UserName: Morbius Liadon 16:49:16.628 Initialize success 16:49:37.811 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-6 16:49:37.813 Disk 0 Vendor: SAMSUNG_HD103UJ 1AA01118 Size: 953869MB BusType: 3 16:49:37.830 Disk 0 MBR read successfully 16:49:37.833 Disk 0 MBR scan 16:49:37.836 Disk 0 Windows VISTA default MBR code 16:49:38.047 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 853866 MB offset 2048 16:49:38.576 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99999 MB offset 1748721664 16:49:39.107 Disk 0 scanning C:\Windows\system32\drivers 16:53:35.281 Service scanning 16:53:42.391 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32 16:53:45.444 Modules scanning 16:53:45.445 Disk 0 trace - called modules: 16:53:45.453 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa8005db92c0]<<spww.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 16:53:45.454 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80061aa490] 16:53:45.455 3 CLASSPNP.SYS[fffffa60011d5b3a] -> nt!IofCallDriver -> [0xfffffa80061b0520] 16:53:45.455 5 acpi.sys[fffffa60007a0ff6] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-6[0xfffffa80061b0940] 16:53:45.455 \Driver\atapi[0xfffffa8005ecd8f0] -> IRP_MJ_CREATE -> 0xfffffa8005db92c0 16:53:45.456 Scan finished successfully 16:54:53.263 Disk 0 MBR has been saved successfully to "C:\Users\Morbius Liadon\Desktop\diag\MBR.dat" 16:54:53.271 The log file has been saved successfully to "C:\Users\Morbius Liadon\Desktop\diag\aswMBR.txt"
  9. I attempted the scan twice, but both times the GMER Program stopped responding at the end and I was forced to close the program.
  10. I will run the scan and attach it to a post when it is done.
  11. I have been having issues with my CPU not functioning properly lately, but whenever I open the task manager or process explorer, I see the CPU usage jump from 50-80% down to a normal 5-10%. I heard this can be a virus that hides when task manager is open. I have run Avira, SUPERantiSpyware, and MBAM in both normal and safe modes, and although I nipped some viruses, my issue persists. I'll paste my DxDiag, dds, and attach files below this. Thanks in advance for any help you can give. DDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.15.2 Run by Morbius Liadon at 8:44:35 on 2013-06-01 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.5887.4124 [GMT -7:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\Morbius Liadon\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe C:\Program Files\Web Assistant\ExtensionUpdaterService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Users\Morbius Liadon\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wuauclt.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Morbius Liadon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 uSearch Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 uProxyOverride = <local> uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=e3fc2318-d6df-48cd-9772-d4c55b0135cb&searchtype=ds&q={searchTerms}&installDate=01/01/1970 mSearchAssistant = hxxp://searchou.com/?q={searchTerms}&id=dcc2538500000000000000508d9dfb7c&r=742 uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: privitize Helper Object: {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.16.22\bh\privitize.dll BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll BHO: Incredibar.com Helper Object: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll TB: AIM Toolbar: {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Freecorder Toolbar: {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files (x86)\Freecorder\tbFree.dll TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\tbFree.dll TB: Incredibar Toolbar: {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll TB: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - uRun: [Aim6] <no file> mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [blackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run mRun: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [PrivitizeVPN] "C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe" /autorun mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun dRunOnce: [LabelMaker2.0] regsvr32 C:\Program Files (x86)\Common Files\MySoftware\regdll.dll /s StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BDAREM~1.LNK - C:\Program Files (x86)\USB TV\EM28XX\BDARemote.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ULTRAH~1.LNK - C:\Windows\Installer\{96EF451E-A402-44D8-BAEE-D70D558A4122}\New_Shortcut_S1449_0EB7CDB78E0C4A918D2CA535D5B8160C.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{7D360ED7-E1B5-4A7B-AB19-8E40E21AD324} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{BF1476AA-32DB-4B53-B4E0-CCFC3D83ECEB} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg x64-BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll x64-TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide x64-Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-mPolicies-Explorer: NoActiveDesktop = dword:1 x64-mPolicies-System: EnableUIADesktopToggle = dword:0 x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p= FF - prefs.js: browser.search.selectedEngine - Search The Web (privitize) FF - prefs.js: browser.startup.homepage - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c FF - prefs.js: keyword.URL - hxxp://searchou.com/?q={searchTerms}&id=dcc2538500000000000000508d9dfb7c FF - component: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\FFExternalAlert.dll FF - component: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCore.dll FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\plugins\np-mswmp.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\plugins\npPriceGong_FF.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-05-06 02:55; ffxtlbr@privitize.com; C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\ffxtlbr@privitize.com FF - ExtSQL: 2013-05-06 02:55; za615t@vecbkb.co.uk; C:\Users\Morbius Liadon\AppData\Roaming\Mozilla\Firefox\Profiles\ibjxk3vq.default\extensions\za615t@vecbkb.co.uk FF - ExtSQL: !HIDDEN! 2009-09-16 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQI3IwssM&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - dcc2538500000000000000508d9dfb7c FF - user.js: extensions.incredibar_i.instlDay - 15581 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1413:49:36 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6PQI3IwssM FF - user.js: extensions.incredibar_i.upn2n - 92543491238592712 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10659 FF - user.js: extensions.incredibar_i.ppd - 102%5F6 FF - user.js: extensions.claro.tlbrSrchUrl - FF - user.js: extensions.claro.id - dcc2538500000000000000508d9dfb7c FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062} FF - user.js: extensions.claro.instlDay - 15641 FF - user.js: extensions.claro.vrsn - 1.8.3.10 FF - user.js: extensions.claro.vrsni - 1.8.3.10 FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1021:34:33 FF - user.js: extensions.claro.prtnrId - claro FF - user.js: extensions.claro.prdct - claro FF - user.js: extensions.claro.aflt - babsst FF - user.js: extensions.claro_i.smplGrp - none FF - user.js: extensions.claro.tlbrId - claro FF - user.js: extensions.claro.instlRef - sst FF - user.js: extensions.claro.dfltLng - en FF - user.js: extensions.claro.excTlbr - false FF - user.js: extensions.claro.admin - false FF - user.js: extensions.privitize.hpOld0 - hxxp://www.yahoo.com/?ilc=8 FF - user.js: extensions.privitize.tlbrSrchUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c&q= FF - user.js: extensions.privitize.id - dcc2538500000000000000508d9dfb7c FF - user.js: extensions.privitize.appId - {301966DF-A84B-4255-AAB9-574B5CE237E4} FF - user.js: extensions.privitize.instlDay - 15817 FF - user.js: extensions.privitize.vrsn - 1.8.16.22 FF - user.js: extensions.privitize.vrsni - 1.8.16.22 FF - user.js: extensions.privitize.vrsnTs - 1.8.16.221:30:33 FF - user.js: extensions.privitize.prtnrId - privitize FF - user.js: extensions.privitize.prdct - privitize FF - user.js: extensions.privitize.aflt - orgnl FF - user.js: extensions.privitize.smplGrp - none FF - user.js: extensions.privitize.tlbrId - base FF - user.js: extensions.privitize.instlRef - FF - user.js: extensions.privitize.dfltLng - FF - user.js: extensions.privitize.excTlbr - true FF - user.js: extensions.privitize.ffxUnstlRst - false FF - user.js: extensions.privitize.admin - false FF - user.js: extensions.privitize.autoRvrt - false FF - user.js: extensions.privitize.rvrt - false FF - user.js: extensions.privitize.hmpg - true FF - user.js: extensions.privitize.hmpgUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c FF - user.js: extensions.privitize.dfltSrch - true FF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize) FF - user.js: extensions.privitize.kw_url - hxxp://searchou.com/?q={searchTerms}&id=dcc2538500000000000000508d9dfb7c FF - user.js: extensions.privitize.dnsErr - true FF - user.js: extensions.privitize.newTab - true FF - user.js: extensions.privitize.newTabUrl - hxxp://searchou.com/?id=dcc2538500000000000000508d9dfb7c . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-28 52856] R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\System32\drivers\RtlProt.sys [2007-4-23 31016] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2008-1-20 27648] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 241152] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-9-15 136360] R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-9-15 269480] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2009-9-15 88288] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2009-9-26 819600] R2 Dyyno Launcher;Dyyno Service;C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe [2011-3-15 415072] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-8-22 8704] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-9-23 447848] R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2009-9-19 24652] R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-8-29 185856] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdLH6.sys [2013-1-15 92160] R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2011-1-7 66728] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136] R3 sftfs;sftfs;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys [2009-9-23 712536] R3 sftplay;sftplay;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-9-23 261480] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-9-23 25944] R3 sftvol;sftvol;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys [2009-9-23 17752] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-9-23 203608] R3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2012-9-3 1307648] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2009-11-23 9968] S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2009-11-23 74480] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 KHCAP;KHCap Packet Driver (KHCAP);C:\Windows\System32\drivers\KHCAP.sys [2013-1-4 39304] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\System32\drivers\wg111v3.sys [2010-2-27 342528] S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2009-11-23 7408] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-14 93184] . =============== File Associations =============== . FileExt: .js: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2013-05-15 10:01:21 75016696 ----a-w- C:\Windows\System32\mrt.exe 2013-05-02 09:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-04 21:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-29 02:37:10 78432 ----a-w- C:\Windows\System32\atimpc64.dll 2013-03-29 02:37:10 78432 ----a-w- C:\Windows\System32\amdpcom64.dll 2013-03-29 02:37:10 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2013-03-29 02:37:10 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll 2013-03-29 02:37:06 139696 ----a-w- C:\Windows\System32\atiuxp64.dll 2013-03-29 02:37:04 92304 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2013-03-29 02:37:04 118584 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2013-03-29 02:37:04 112440 ----a-w- C:\Windows\System32\atiu9p64.dll 2013-03-29 02:37:02 1155264 ----a-w- C:\Windows\System32\aticfx64.dll 2013-03-29 02:37:00 970912 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2013-03-29 02:36:56 8272136 ----a-w- C:\Windows\System32\atidxx64.dll 2013-03-29 02:36:54 7233336 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2013-03-29 02:36:50 4450264 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2013-03-29 02:36:44 5944264 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2013-03-29 02:36:40 5000320 ----a-w- C:\Windows\System32\atiumd6a.dll 2013-03-29 02:36:38 6985624 ----a-w- C:\Windows\System32\atiumd64.dll 2013-03-29 02:35:02 11658752 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2013-03-29 02:13:28 222720 ----a-w- C:\Windows\System32\clinfo.exe 2013-03-29 02:13:14 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe 2013-03-29 02:13:14 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe 2013-03-29 02:13:14 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe 2013-03-29 02:13:12 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe 2013-03-29 02:13:08 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll 2013-03-29 02:13:04 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll 2013-03-29 02:13:00 64000 ----a-w- C:\Windows\System32\OVDecode64.dll 2013-03-29 02:12:56 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll 2013-03-29 02:12:48 29150720 ----a-w- C:\Windows\System32\amdocl64.dll 2013-03-29 02:10:52 23810560 ----a-w- C:\Windows\SysWow64\amdocl.dll 2013-03-29 02:09:04 54784 ----a-w- C:\Windows\System32\OpenCL.dll 2013-03-29 02:09:00 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2013-03-29 02:04:42 24229376 ----a-w- C:\Windows\System32\atio6axx.dll 2013-03-29 02:00:54 76800 ----a-w- C:\Windows\System32\coinst_12.104.dll 2013-03-29 01:57:54 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2013-03-29 01:55:36 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2013-03-29 01:55:34 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2013-03-29 01:55:28 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2013-03-29 01:55:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2013-03-29 01:55:16 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll 2013-03-29 01:51:04 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2013-03-29 01:48:26 19870720 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2013-03-29 01:35:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll 2013-03-29 01:35:06 562688 ----a-w- C:\Windows\System32\atieclxx.exe 2013-03-29 01:34:18 241152 ----a-w- C:\Windows\System32\atiesrxx.exe 2013-03-29 01:33:00 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2013-03-29 01:32:46 26112 ----a-w- C:\Windows\System32\atimuixx.dll 2013-03-29 01:32:42 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2013-03-29 01:32:36 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2013-03-29 01:10:30 636416 ----a-w- C:\Windows\System32\atiadlxx.dll 2013-03-29 01:10:20 430080 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2013-03-29 01:10:08 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2013-03-29 01:10:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2013-03-29 01:10:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2013-03-29 01:10:00 44032 ----a-w- C:\Windows\System32\atig6txx.dll 2013-03-29 01:09:52 34816 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2013-03-29 01:09:44 581120 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2013-03-29 01:07:52 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2013-03-29 01:07:22 45056 ----a-w- C:\Windows\System32\atitmp64.dll . ============= FINISH: 8:45:09.69 =============== attach DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 9/14/2009 11:22:40 PM System Uptime: 6/1/2013 8:25:22 AM (0 hours ago) . Motherboard: http://www.abit.com.tw/ | | F-I90HD (ATI RS600-SB600) Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 834 GiB total, 116.346 GiB free. D: is CDROM (CDFS) E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . toolbar on IE and Chrome 7-Zip 9.20 (x64 edition) 7plugincoupon Acrobat.com Adobe AIR Adobe Community Help Adobe Download Assistant Adobe Flash Media Encoder 2.5 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Photoshop CS6 Adobe Reader 9.1 Adobe Shockwave Player 11.5 AIM 6 AIM Toolbar Akamai NetSession Interface Akamai NetSession Interface Service AllToAVI v4 r5394 AMD APP SDK Runtime AMD Catalyst Install Manager applicationupdater Ask Toolbar Audacity 1.3.12 (Unicode) Audiosurf Avanquest update Avira AntiVir Personal - Free Antivirus AVS Update Manager 1.0 AVS Video Converter 7 Battleground Europe BlackBerry Desktop Software 4.7 Blender Blender (remove only) Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Check Designer CheckDesigner Chivalry: Medieval Warfare Civilization: Call To Power Claro LTD toolbar Command & Conquer Tiberian Sun Counter-Strike: Source DAEMON Tools Toolbar DeepBurner v1.9.0.228 Deus Ex: Game of the Year Edition Deus Ex: Human Revolution Deus Ex: Invisible War Dev-C++ 5 beta 9 release (4.9.9.2) Dishonored DivX Setup Dota 2 Download Updater (AOL LLC) Dungeons & Dragons Online® Dyyno Broadcaster EA Download Manager Entropia Universe EVE Online (remove only) Fallen Earth FFmpeg for Audacity on Windows FFsplit version Alpha FLV to WMV Convert 2.7 Free FLV Converter FreeArc 0.666 Freecorder 4.02 Application Freecorder Toolbar gamelauncher-ps2-live Garry's Mod Garry's Mod 13 Beta Gas Properties GIMP 2.6.11 GIMPshop 2.2.8 Google Chrome Google Earth Plug-in Google Talk Plugin Google Update Helper GX GAMING CAVIMANUS HEADSET Hi-Rez Studios Authenticate and Update Service Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Incredibar Toolbar on IE Java 7 Update 15 Java Auto Updater Java 6 Update 23 Just Cause 2 League of Legends Left 4 Dead 2 Demo LimeWire 5.2.13 Livestream Procaster LOLReplay Magic ISO Maker v5.5 (build 0281) MagniPic Malwarebytes Anti-Malware version 1.75.0.1300 ManyCam 2.4 (remove only) Media converter Medieval II Total War Medieval II Total War : Kingdoms : Americas Medieval II Total War : Kingdoms : Britannia Medieval II Total War : Kingdoms : Crusades Medieval II Total War : Kingdoms : Teutonic Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Flight Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office Click-to-Run 2010 (Beta) Microsoft Office Home and Business 2010 (Beta) - English Microsoft Silverlight Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Moon Breakers Mozilla Firefox 12.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyCheckBook MySoftware Fonts NETGEAR WG111v3 wireless USB 2.0 adapter Octodad Octoshape Streaming Services OpenOffice.org 3.1 Pando Media Booster PDF Settings CS5 PDF Settings CS6 PlanetSide 2 PrivitizeVPN Project64 1.6 Python 2.7a4 Realtek High Definition Audio Driver Roll Rome: Total War Roxio Media Manager Savage 2 SeaMonkey (2.0.8) SecondLife (remove only) SecondLifeViewer2 (remove only) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Skype™ 6.3 Snap.Do SPORE™ Spotify Star Conflict Star Wars®: Knights of the Old Republic StarCraft II Steam Stronghold Kingdoms SUPERAntiSpyware Free Edition Team Fortress 2 The Lord of the Rings Online™ The Lord of the Rings Online™ v03.08.00.8025 The Sims 2 The Sims 2 Nightlife The Sims 2 Open For Business Tom Clancy's H.A.W.X. 2 Tribes: Ascend TuxGuitar Ubisoft Game Launcher Ultra Hal Text-to-Speech Reader Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) USB Video Driver VanDyke Software SecureCRT 6.7 VanDyke Software SecureFX 6.7 VC80CRTRedist - 8.0.50727.6195 VD64Inst Ventrilo Client for Windows x64 VH Toolkit 1.0.15.0 Viewpoint Media Player Virtual Audio Cable 4.10 VLC media player 0.9.2 War of the Immortals WAV To MP3 10.1.1 Web Assistant 2.0.0.464 Westwood Shared Internet Components Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0) Windows Live ID Sign-in Assistant WinFF 1.2 WinRAR archiver WinX Free FLV to MP4 Converter 4.1.9 WinX Free MOV to WMV Converter 4.1.8 WinX Free MP4 to WMV Converter 4.1.9 WMA MP3 Converter v4.1 build 1296 World of Warcraft wxDownload Fast 0.6.0 XSplit Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar Zune Zune Language Pack (ES) Zune Language Pack (FR) . ==== End Of File =========================== DxDiag ------------------ System Information ------------------ Time of this report: 6/1/2013, 08:51:43 Machine name: MORBIUSLIADO-PC Operating System: Windows Vista™ Home Premium (6.0, Build 6001) Service Pack 1 (6001.vistasp1_gdr.101014-0432) Language: English (Regional Setting: English) System Manufacturer: System Manufacter System Model: System Product Name BIOS: Phoenix - AwardBIOS v6.00PG Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz (4 CPUs), ~2.4GHz Memory: 5886MB RAM Page File: 2274MB used, 9720MB available Windows Dir: C:\Windows DirectX Version: DirectX 10 DX Setup Parameters: Not found DxDiag Version: 6.00.6001.18000 64bit Unicode ------------ DxDiag Notes ------------ Display Tab 1: No problems found. Sound Tab 1: No problems found. Sound Tab 2: The file vrtaucbl.sys is not digitally signed, which means that it has not been tested by Microsoft's Windows Hardware Quality Labs (WHQL). You may be able to get a WHQL logo'd driver from the hardware manufacturer. Sound Tab 3: No problems found. Sound Tab 4: No problems found. Input Tab: No problems found. -------------------- DirectX Debug Levels -------------------- Direct3D: 0/4 (retail) DirectDraw: 0/4 (retail) DirectInput: 0/5 (retail) DirectMusic: 0/5 (retail) DirectPlay: 0/9 (retail) DirectSound: 0/5 (retail) DirectShow: 0/6 (retail) --------------- Display Devices --------------- Card name: AMD Radeon HD 6900 Series Manufacturer: Advanced Micro Devices, Inc. Chip type: AMD Radeon Graphics Processor (0x6718) DAC type: Internal DAC(400MHz) Device Key: Enum\PCI\VEN_1002&DEV_6718&SUBSYS_31301682&REV_00 Display Memory: 629 MB Dedicated Memory: 2037 MB Shared Memory: 2687 MB Current Mode: 1280 x 720 (32 bit) (60Hz) Monitor: Generic PnP Monitor Driver Name: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll Driver Version: 8.17.0010.1191 (English) DDI Version: 10.1 Driver Attributes: Final Retail Driver Date/Size: 3/28/2013 19:37:02, 1155264 bytes WHQL Logo'd: Yes WHQL Date Stamp: Device Identifier: {D7B71EE2-2458-11CF-9571-3A11BEC2C535} Vendor ID: 0x1002 Device ID: 0x6718 SubSys ID: 0x31301682 Revision ID: 0x0000 Revision ID: 0x0000 Video Accel: ModeMPEG2_A ModeMPEG2_C Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps= DDraw Status: Enabled D3D Status: Enabled AGP Status: Enabled ------------- Sound Devices ------------- Description: Speakers (2- USB PnP Sound Device) Default Sound Playback: Yes Default Voice Playback: Yes Hardware ID: USB\VID_0D8C&PID_013C&REV_0100&MI_00 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: CM10864.sys Driver Version: 7.12.0008.2140 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 1/11/2010 00:25:36, 1307648 bytes Other Files: Driver Provider: C-Media Inc. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: Line 1 (Virtual Audio Cable) Default Sound Playback: No Default Voice Playback: No Hardware ID: EuMusDesign_VAC_WDM Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: vrtaucbl.sys Driver Version: 4.10.0000.2964 (English) Driver Attributes: Final Retail WHQL Logo'd: No Date and Size: 1/7/2011 04:40:24, 66728 bytes Other Files: Driver Provider: EuMus Design HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: Realtek Digital Output (Realtek High Definition Audio) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_147BA601&REV_1000 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: RTKVHD64.sys Driver Version: 6.00.0001.6662 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 6/19/2012 17:54:20, 4065296 bytes Other Files: Driver Provider: Realtek Semiconductor Corp. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No Description: 1 - Digital Display Audio (AMD High Definition Audio Device) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1002 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: AtihdLH6.sys Driver Version: 6.58.0000.6614 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 1/15/2013 03:11:24, 92160 bytes Other Files: Driver Provider: Advanced Micro Devices HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX 2.0 Listen/Src: No, No I3DL2 Listen/Src: No, No Sensaura ZoomFX: No --------------------- Sound Capture Devices --------------------- Description: Microphone (2- USB PnP Sound Device) Default Sound Capture: Yes Default Voice Capture: Yes Driver Name: CM10864.sys Driver Version: 7.12.0008.2140 (English) Driver Attributes: Final Retail Date and Size: 1/11/2010 00:25:36, 1307648 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: Mic 1 (Virtual Audio Cable) Default Sound Capture: No Default Voice Capture: No Driver Name: vrtaucbl.sys Driver Version: 4.10.0000.2964 (English) Driver Attributes: Final Retail Date and Size: 1/7/2011 04:40:24, 66728 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: Line 1 (Virtual Audio Cable) Default Sound Capture: No Default Voice Capture: No Driver Name: vrtaucbl.sys Driver Version: 4.10.0000.2964 (English) Driver Attributes: Final Retail Date and Size: 1/7/2011 04:40:24, 66728 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF ------------------- DirectInput Devices ------------------- Device Name: Mouse Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: Keyboard Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: USB Keyboard Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x04D9, 0x1603 FF Driver: n/a Device Name: USB Keyboard Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x04D9, 0x1603 FF Driver: n/a Device Name: USB PnP Sound Device Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x0D8C, 0x013C FF Driver: n/a Poll w/ Interrupt: No ----------- USB Devices ----------- + USB Root Hub | Vendor/Product ID: 0x1002, 0x4387 | Matching Device ID: usb\root_hub | Service: usbhub | Driver: usbhub.sys, 1/20/2008 19:47:01, 270336 bytes | Driver: usbd.sys, 1/20/2008 19:47:25, 7680 bytes ---------------- Gameport Devices ---------------- ------------ PS/2 Devices ------------ + HID Keyboard Device | Vendor/Product ID: 0x04D9, 0x1603 | Matching Device ID: hid_device_system_keyboard | Service: kbdhid | Driver: kbdhid.sys, 1/20/2008 19:47:27, 20480 bytes | Driver: kbdclass.sys, 1/20/2008 19:47:27, 42040 bytes | + Terminal Server Keyboard Driver | Matching Device ID: root\rdp_kbd | Upper Filters: kbdclass | Service: TermDD | Driver: i8042prt.sys, 1/20/2008 19:47:27, 64000 bytes | Driver: kbdclass.sys, 1/20/2008 19:47:27, 42040 bytes | + PS/2 Compatible Mouse | Matching Device ID: *pnp0f13 | Service: i8042prt | Driver: i8042prt.sys, 1/20/2008 19:47:27, 64000 bytes | Driver: mouclass.sys, 1/20/2008 19:46:59, 39992 bytes | + Terminal Server Mouse Driver | Matching Device ID: root\rdp_mou | Upper Filters: mouclass | Service: TermDD | Driver: termdd.sys, 1/20/2008 19:46:50, 63544 bytes | Driver: sermouse.sys, 1/20/2008 19:46:59, 26624 bytes | Driver: mouclass.sys, 1/20/2008 19:46:59, 39992 bytes ------------------------ Disk & DVD/CD-ROM Drives ------------------------ Drive: C: Free Space: 119.1 GB Total Space: 853.9 GB File System: NTFS Model: SAMSUNG HD103UJ ATA Device Drive: Q: Model: n/a Drive: D: Model: Memorex DVD+-RAM 530L v1 ATA Device Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:54, 79872 bytes Drive: E: Model: DWDA TQB81IV SCSI CdRom Device Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:54, 79872 bytes Drive: F: Model: DWDA TQB81IV SCSI CdRom Device Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:54, 79872 bytes -------------- System Devices -------------- Name: Realtek RTL8168/8111 Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2410147B&REV_01\4&32DD75A1&0&0020 Driver: C:\Windows\system32\DRIVERS\Rtlh64.sys, 6.1837.0926.2006 (English), 10/2/2006 19:13:44, 51200 bytes Name: High Definition Audio Controller Device ID: PCI\VEN_1002&DEV_AA80&SUBSYS_AA801682&REV_00\4&1D657AEE&0&0110 Driver: C:\Windows\system32\DRIVERS\hdaudbus.sys, 6.00.6001.17036 (English), 1/20/2008 19:46:51, 50688 bytes Name: PCI standard PCI-to-PCI bridge Device ID: PCI\VEN_1002&DEV_7934&SUBSYS_79301002&REV_00\3&2B8E0B4B&0&20 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:51, 179768 bytes Name: PCI standard PCI-to-PCI bridge Device ID: PCI\VEN_1002&DEV_7933&SUBSYS_79301002&REV_00\3&2B8E0B4B&0&10 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:51, 179768 bytes Name: PCI standard host CPU bridge Device ID: PCI\VEN_1002&DEV_7930&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&00 Driver: n/a Name: AMD Radeon HD 6900 Series Device ID: PCI\VEN_1002&DEV_6718&SUBSYS_31301682&REV_00\4&1D657AEE&0&0010 Driver: C:\Windows\system32\DRIVERS\atikmdag.sys, 8.01.0001.1295 (English), 3/28/2013 19:35:02, 11658752 bytes Driver: C:\Windows\system32\DRIVERS\ati2erec.dll, 1.00.0000.0024 (English), 3/28/2013 18:07:52, 53248 bytes Driver: C:\Windows\system32\DRIVERS\atikmpag.sys, 8.14.0001.6304 (English), 3/28/2013 18:09:44, 581120 bytes Driver: C:\Windows\system32\atiumd64.dll, 9.14.0010.0969 (English), 3/28/2013 19:36:38, 6985624 bytes Driver: C:\Windows\system32\atiumd6a.dll, 8.14.0010.0390 (English), 3/28/2013 19:36:40, 5000320 bytes Driver: C:\Windows\system32\atitmm64.dll, 6.14.0011.0024 (English), 3/28/2013 18:33:00, 120320 bytes Driver: C:\Windows\system32\atiicdxx.dat, 3/11/2013 22:38:22, 695006 bytes Driver: C:\Windows\system32\amdpcom64.dll, 8.14.0010.0023 (English), 3/28/2013 19:37:10, 78432 bytes Driver: C:\Windows\system32\atimpc64.dll, 8.14.0010.0023 (English), 3/28/2013 19:37:10, 78432 bytes Driver: C:\Windows\system32\atiadlxx.dll, 6.14.0010.1127 (English), 3/28/2013 18:10:30, 636416 bytes Driver: C:\Windows\system32\atiumd6a.cap, 3/28/2013 18:38:06, 3309936 bytes Driver: C:\Windows\system32\atimuixx.dll, 6.14.0010.1002 (English), 3/28/2013 18:32:46, 26112 bytes Driver: C:\Windows\system32\atiapfxx.exe, 6.14.0010.1001 (English), 3/28/2013 18:57:54, 163840 bytes Driver: C:\Windows\system32\atiapfxx.blb, 3/28/2013 18:59:46, 522872 bytes Driver: C:\Windows\system32\ativvaxy_cik.dat, 3/4/2013 11:52:52, 230836 bytes Driver: C:\Windows\system32\ativvaxy_cik_nd.dat, 11/22/2012 08:14:26, 230064 bytes Driver: C:\Windows\system32\ativce02.dat, 1/31/2013 17:14:10, 75600 bytes Driver: C:\Windows\system32\atiesrxx.exe, 6.14.0011.1143 (English), 3/28/2013 18:34:18, 241152 bytes Driver: C:\Windows\system32\atieclxx.exe, 6.14.0011.1143 (English), 3/28/2013 18:35:06, 562688 bytes Driver: C:\Windows\system32\atiedu64.dll, 6.14.0010.2514 (English), 3/28/2013 18:32:42, 59392 bytes Driver: C:\Windows\system32\atidemgy.dll, 4.00.4835.37057 (English), 3/28/2013 18:35:14, 442368 bytes Driver: C:\Windows\system32\atio6axx.dll, 6.14.0010.12217 (English), 3/28/2013 19:04:42, 24229376 bytes Driver: C:\Windows\system32\aticalrt64.dll, 6.14.0010.1741 (English), 3/28/2013 18:55:36, 51200 bytes Driver: C:\Windows\system32\aticalcl64.dll, 6.14.0010.1741 (English), 3/28/2013 18:55:28, 44544 bytes Driver: C:\Windows\system32\aticaldd64.dll, 6.14.0010.1741 (English), 3/28/2013 18:55:16, 16082944 bytes Driver: C:\Windows\system32\atipblag.dat, 9/12/2011 15:06:16, 3917 bytes Driver: C:\Windows\system32\atiu9p64.dll, 8.14.0001.6304 (English), 3/28/2013 19:37:04, 112440 bytes Driver: C:\Windows\system32\atiuxp64.dll, 8.14.0001.6304 (English), 3/28/2013 19:37:06, 139696 bytes Driver: C:\Windows\system32\atig6pxx.dll, 8.14.0001.6304 (English), 3/28/2013 18:10:08, 17920 bytes Driver: C:\Windows\system32\atig6txx.dll, 8.14.0001.6304 (English), 3/28/2013 18:10:00, 44032 bytes Driver: C:\Windows\system32\atitmp64.dll, 6.14.0011.0021 (English), 3/28/2013 18:07:22, 45056 bytes Driver: C:\Windows\system32\atibtmon.exe, 2.00.0000.0000 (English), 5/11/2009 15:35:28, 118784 bytes Driver: C:\Windows\system32\atidxx64.dll, 8.17.0010.0489 (English), 3/28/2013 19:36:56, 8272136 bytes Driver: C:\Windows\SysWOW64\atiumdag.dll, 9.14.0010.0969 (English), 3/28/2013 19:36:44, 5944264 bytes Driver: C:\Windows\SysWOW64\atiumdva.dll, 8.14.0010.0390 (English), 3/28/2013 19:36:50, 4450264 bytes Driver: C:\Windows\SysWOW64\amdpcom32.dll, 8.14.0010.0023 (English), 3/28/2013 19:37:10, 71704 bytes Driver: C:\Windows\SysWOW64\atimpc32.dll, 8.14.0010.0023 (English), 3/28/2013 19:37:10, 71704 bytes Driver: C:\Windows\SysWOW64\atiadlxy.dll, 6.14.0010.1127 (English), 3/28/2013 18:10:20, 430080 bytes Driver: C:\Windows\SysWOW64\atiumdva.cap, 3/28/2013 18:24:06, 3342768 bytes Driver: C:\Windows\SysWOW64\atiapfxx.blb, 3/28/2013 18:59:46, 522872 bytes Driver: C:\Windows\SysWOW64\ati2edxx.dll, 6.14.0010.2514 (English), 3/28/2013 18:32:36, 43520 bytes Driver: C:\Windows\SysWOW64\atioglxx.dll, 6.14.0010.12217 (English), 3/28/2013 18:48:26, 19870720 bytes Driver: C:\Windows\SysWOW64\atidxx32.dll, 8.17.0010.0489 (English), 3/28/2013 19:36:54, 7233336 bytes Driver: C:\Windows\SysWOW64\aticalrt.dll, 6.14.0010.1741 (English), 3/28/2013 18:55:34, 46080 bytes Driver: C:\Windows\SysWOW64\aticalcl.dll, 6.14.0010.1741 (English), 3/28/2013 18:55:28, 44032 bytes Driver: C:\Windows\SysWOW64\aticaldd.dll, 6.14.0010.1741 (English), 3/28/2013 18:51:04, 13703168 bytes Driver: C:\Windows\SysWOW64\atipblag.dat, 9/12/2011 15:06:16, 3917 bytes Driver: C:\Windows\SysWOW64\atiu9pag.dll, 8.14.0001.6304 (English), 3/28/2013 19:37:04, 92304 bytes Driver: C:\Windows\SysWOW64\atiuxpag.dll, 8.14.0001.6304 (English), 3/28/2013 19:37:04, 118584 bytes Driver: C:\Windows\SysWOW64\atigktxx.dll, 8.14.0001.6304 (English), 3/28/2013 18:09:52, 34816 bytes Driver: C:\Windows\SysWOW64\atiglpxx.dll, 8.14.0001.6304 (English), 3/28/2013 18:10:04, 14848 bytes Driver: C:\Windows\atiogl.xml, 2/27/2013 11:08:54, 44066 bytes Driver: C:\Windows\system32\ATIODCLI.exe, 1.00.0000.0001 (English), 6/22/2009 08:34:36, 51200 bytes Driver: C:\Windows\system32\ATIODE.exe, 1.00.0000.0001 (English), 8/27/2010 11:33:08, 332800 bytes Driver: C:\Windows\system32\atiglpxx.dll, 8.14.0001.6304 (English), 3/28/2013 18:10:04, 14848 bytes Driver: C:\Windows\system32\aticfx64.dll, 8.17.0010.1191 (English), 3/28/2013 19:37:02, 1155264 bytes Driver: C:\Windows\SysWOW64\aticfx32.dll, 8.17.0010.1191 (English), 3/28/2013 19:37:00, 970912 bytes Driver: C:\Windows\system32\OpenCL.dll, 1.02.0011.0000 (English), 3/28/2013 19:09:04, 54784 bytes Driver: C:\Windows\system32\amdocl64.dll, 10.00.1124.0002 (English), 3/28/2013 19:12:48, 29150720 bytes Driver: C:\Windows\system32\amdocl_as64.exe, 3/28/2013 19:13:14, 1187342 bytes Driver: C:\Windows\system32\amdocl_ld64.exe, 3/28/2013 19:13:14, 1061902 bytes Driver: C:\Windows\system32\OpenVideo64.dll, 10.00.1124.0002 (English), 3/28/2013 19:13:08, 76288 bytes Driver: C:\Windows\system32\OVDecode64.dll, 10.00.1124.0002 (English), 3/28/2013 19:13:00, 64000 bytes Driver: C:\Windows\system32\clinfo.exe, 3/28/2013 19:13:28, 222720 bytes Driver: C:\Windows\SysWOW64\OpenCL.dll, 1.02.0011.0000 (English), 3/28/2013 19:09:00, 50176 bytes Driver: C:\Windows\SysWOW64\amdocl.dll, 10.00.1124.0002 (English), 3/28/2013 19:10:52, 23810560 bytes Driver: C:\Windows\SysWOW64\amdocl_as32.exe, 3/28/2013 19:13:12, 995342 bytes Driver: C:\Windows\SysWOW64\amdocl_ld32.exe, 3/28/2013 19:13:14, 798734 bytes Driver: C:\Windows\SysWOW64\OpenVideo.dll, 10.00.1124.0002 (English), 3/28/2013 19:13:04, 65536 bytes Driver: C:\Windows\SysWOW64\OVDecode.dll, 10.00.1124.0002 (English), 3/28/2013 19:12:56, 56320 bytes Driver: C:\Windows\system32\coinst_12.104.dll, 1.00.0005.0008 (English), 3/28/2013 19:00:54, 76800 bytes Driver: C:\Windows\system32\Difxapi.dll, 2.01.0000.0000 (English), 11/2/2006 06:22:14, 525792 bytes Name: ATI I/O Communications Processor LPC Controller Device ID: PCI\VEN_1002&DEV_438D&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&A3 Driver: C:\Windows\system32\DRIVERS\msisadrv.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:51, 17976 bytes Name: Standard Dual Channel PCI IDE Controller Device ID: PCI\VEN_1002&DEV_438C&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&A1 Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.00.6000.16386 (English), 1/20/2008 19:46:50, 13416 bytes Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 51256 bytes Driver: C:\Windows\system32\DRIVERS\atapi.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 22584 bytes Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 124472 bytes Name: Standard OpenHCD USB Host Controller Device ID: PCI\VEN_1002&DEV_438B&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&9C Driver: C:\Windows\system32\drivers\usbohci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 24064 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: Standard OpenHCD USB Host Controller Device ID: PCI\VEN_1002&DEV_438A&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&9B Driver: C:\Windows\system32\drivers\usbohci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 24064 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: Standard OpenHCD USB Host Controller Device ID: PCI\VEN_1002&DEV_4389&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&9A Driver: C:\Windows\system32\drivers\usbohci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 24064 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: Standard OpenHCD USB Host Controller Device ID: PCI\VEN_1002&DEV_4388&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&99 Driver: C:\Windows\system32\drivers\usbohci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 24064 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: Standard OpenHCD USB Host Controller Device ID: PCI\VEN_1002&DEV_4387&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&98 Driver: C:\Windows\system32\drivers\usbohci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 24064 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: Standard Enhanced PCI to USB Host Controller Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&9D Driver: C:\Windows\system32\drivers\usbehci.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 49152 bytes Driver: C:\Windows\system32\drivers\usbport.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 259584 bytes Driver: C:\Windows\system32\drivers\usbhub.sys, 6.00.6001.18000 (English), 1/20/2008 19:47:01, 270336 bytes Driver: C:\Windows\system32\hccoin.dll, 6.00.6000.16386 (English), 11/2/2006 04:17:29, 10752 bytes Driver: C:\Windows\system32\hcrstco.dll, 6.00.6001.18000 (English), 1/20/2008 19:47:25, 17920 bytes Name: ATI I/O Communications Processor SMBus Controller Device ID: PCI\VEN_1002&DEV_4385&SUBSYS_2412147B&REV_13\3&2B8E0B4B&0&A0 Driver: n/a Name: ATI I/O Communications Processor PCI Bus Controller Device ID: PCI\VEN_1002&DEV_4384&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&A4 Driver: C:\Windows\system32\DRIVERS\pci.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:51, 179768 bytes Name: High Definition Audio Controller Device ID: PCI\VEN_1002&DEV_4383&SUBSYS_2412147B&REV_00\3&2B8E0B4B&0&A2 Driver: C:\Windows\system32\DRIVERS\hdaudbus.sys, 6.00.6001.17036 (English), 1/20/2008 19:46:51, 50688 bytes Name: Standard Dual Channel PCI IDE Controller Device ID: PCI\VEN_1002&DEV_4380&SUBSYS_43801002&REV_00\3&2B8E0B4B&0&90 Driver: C:\Windows\system32\DRIVERS\pciide.sys, 6.00.6000.16386 (English), 1/20/2008 19:46:50, 13416 bytes Driver: C:\Windows\system32\DRIVERS\pciidex.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 51256 bytes Driver: C:\Windows\system32\DRIVERS\atapi.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 22584 bytes Driver: C:\Windows\system32\DRIVERS\ataport.sys, 6.00.6001.18000 (English), 1/20/2008 19:46:50, 124472 bytes ------------------ DirectShow Filters ------------------ DirectShow Filters: WMAudio Decoder DMO,0x00800800,1,1,, WMAPro over S/PDIF DMO,0x00600800,1,1,, WMSpeech Decoder DMO,0x00600800,1,1,, Zune AAC Decoder DMO,0x005fffff,1,1,, MP3 Decoder DMO,0x00600800,1,1,, Mpeg4s Decoder DMO,0x00800001,1,1,, WMV Screen decoder DMO,0x00600800,1,1,, WMVideo Decoder DMO,0x00800001,1,1,, Microsoft Zune Mpeg4s Decoder DMO,0x00800001,1,1,, Mpeg43 Decoder DMO,0x00800001,1,1,, Mpeg4 Decoder DMO,0x00800001,1,1,, Full Screen Renderer,0x00200000,1,0,,6.06.6001.18461 Multiple File Output,0x00200000,2,2,WMM2FILT.dll, WMT Black Frame Generator,0x00200000,1,1,WMM2FILT.dll, WMT Import Filter,0x00200000,0,1,WMM2FILT.dll, DV Muxer,0x00400000,0,0,,6.06.6001.18000 Color Space Converter,0x00400001,1,1,,6.06.6001.18461 WMT Interlacer,0x00200000,1,1,WMM2FILT.dll, WM ASF Reader,0x00400000,0,0,,11.00.6001.7000 Zune Enhanced Video Renderer,0x00200000,1,0,ZuneEvr.dll,4.00.0740.0000 Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.6001.7000 AVI Splitter,0x00600000,1,1,,6.06.6001.18461 VGA 16 Color Ditherer,0x00400000,1,1,,6.06.6001.18461 Microsoft MPEG-2 Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,11.00.6001.7000 AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.6001.18571 WMT Format Conversion,0x00200000,1,1,WMM2FILT.dll, 9x8Resize,0x00200000,1,1,WMM2FILT.dll, StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.6001.18571 WMT Virtual Source,0x00200000,0,1,WMM2FILT.dll, Microsoft TV Caption Decoder,0x00200001,1,0,MSTVCapn.dll,6.00.6001.18000 MJPEG Decompressor,0x00600000,1,1,,6.06.6001.18461 CBVA DMO wrapper filter,0x00200000,1,1,cbva.dll,6.00.6001.18459 MPEG-I Stream Splitter,0x00600000,1,2,,6.06.6001.18461 SAMI (CC) Parser,0x00400000,1,1,,6.06.6001.18461 VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000 MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.6001.18571 WMT AudioAnalyzer,0x00200000,1,1,WMM2FILT.dll, Microsoft MPEG-2 Video Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000 Stretch Video,0x00200000,1,1,WMM2FILT.dll, Internal Script Command Renderer,0x00800001,1,0,,6.06.6001.18461 MPEG Audio Decoder,0x03680001,1,1,,6.06.6001.18461 Screen Capture filter,0x00200000,0,1,ZuneSrcWrp.dll,4.00.0740.0000 DV Splitter,0x00600000,1,2,,6.06.6001.18000 Video Mixing Renderer 9,0x00200000,1,0,,6.06.6001.18461 Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,11.00.6001.7000 Frame Eater,0x00200000,1,1,WMM2FILT.dll, Allocator Fix,0x00200000,1,1,WMM2FILT.dll, ACM Wrapper,0x00600000,1,1,,6.06.6001.18461 Video Renderer,0x00800001,1,0,,6.06.6001.18461 MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.6001.18571 Capture ASF Writer,0x00200000,0,0,WMM2FILT.dll, Line 21 Decoder,0x00600000,1,1,, Video Port Manager,0x00600000,2,1,,6.06.6001.18461 Video Renderer,0x00400000,1,0,,6.06.6001.18461 Bitmap Generate,0x00200000,1,1,WMM2FILT.dll, Proxy Sink,0x00200000,1,0,WMM2FILT.dll, Proxy Source,0x00200000,0,1,WMM2FILT.dll, WM ASF Writer,0x00400000,0,0,,11.00.6001.7000 VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.00.6000.16386 WMT Sample Information Filter,0x00200000,1,1,WMM2FILT.dll, File writer,0x00200000,1,0,,6.06.6001.18000 DVD Navigator,0x00200000,0,3,,6.06.6001.18000 WMT DV Extract,0x00200000,1,1,WMM2FILT.dll, Overlay Mixer2,0x00200000,1,1,, Microsoft MPEG-2 Audio Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6001.7000 WST Pager,0x00800000,1,1,WSTPager.ax,6.06.6001.18000 MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.6001.18571 Record Queue,0x00200000,1,1,WMM2FILT.dll, DV Video Decoder,0x00800000,1,1,,6.06.6001.18000 SampleGrabber,0x00200000,1,1,qedit.dll,6.06.6001.18000 Null Renderer,0x00200000,1,0,qedit.dll,6.06.6001.18000 WMT Log Filter,0x00200000,1,1,WMM2FILT.dll, MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.6001.18000 Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,11.00.6001.7000 WMT Virtual Renderer,0x00200000,1,0,WMM2FILT.dll, StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.6001.18571 Smart Tee,0x00200000,1,2,,6.06.6001.18000 Overlay Mixer,0x00200000,0,0,, AVI Decompressor,0x00600000,1,1,,6.06.6001.18461 WMT MuxDeMux Filter,0x00200000,0,0,WMM2FILT.dll, NetBridge,0x00200000,2,0,netbridge.dll,6.01.6001.18000 AVI/WAV File Source,0x00400000,0,2,,6.06.6001.18461 WMT Volume,0x00200000,1,1,WMM2FILT.dll, Wave Parser,0x00400000,1,1,,6.06.6001.18461 MIDI Parser,0x00400000,1,1,,6.06.6001.18461 Multi-file Parser,0x00400000,1,1,,6.06.6001.18461 File stream renderer,0x00400000,1,1,,6.06.6001.18461 WMT VIH2 Fix,0x00200000,1,1,WMM2FILT.dll, Microsoft MPEG-1/DD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,11.00.6001.7000 AVI Mux,0x00200000,1,0,,6.06.6001.18000 Microsoft Zune H.264 Video Decoder,0x005fffff,1,1,ZuneH264Dec.dll,11.05.6000.6740 Line 21 Decoder 2,0x00600002,1,1,,6.06.6001.18461 File Source (Async.),0x00400000,0,1,,6.06.6001.18461 File Source (URL),0x00400000,0,1,,6.06.6001.18461 Media Center Extender Encryption Filter,0x00200000,2,2,Mcx2Filter.dll,6.01.6001.18459 AudioRecorder WAV Dest,0x00200000,0,0,,6.00.6000.16386 AudioRecorder Wave Form,0x00200000,0,0,,6.00.6000.16386 SoundRecorder Null Renderer,0x00200000,0,0,,6.00.6000.16386 Infinite Pin Tee Filter,0x00200000,1,1,,6.06.6001.18000 WMT Switch Filter,0x00200000,1,1,WMM2FILT.dll, Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.00.6001.18000 Uncompressed Domain Shot Detection Filter,0x00200000,1,1,WMM2FILT.dll, BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.6001.18459 MPEG Video Decoder,0x40000001,1,1,,6.06.6001.18461 WDM Streaming Tee/Splitter Devices: Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000 Video Compressors: WMVideo8 Encoder DMO,0x00600800,1,1,, WMVideo9 Encoder DMO,0x00600800,1,1,, MSScreen 9 encoder DMO,0x00600800,1,1,, DV Video Encoder,0x00200000,0,0,,6.06.6001.18000 MJPEG Compressor,0x00200000,0,0,,6.06.6001.18461 Audio Compressors: WM Speech Encoder DMO,0x00600800,1,1,, WMAudio Encoder DMO,0x00600800,1,1,, IMA ADPCM,0x00200000,1,1,,6.06.6001.18461 PCM,0x00200000,1,1,,6.06.6001.18461 Microsoft ADPCM,0x00200000,1,1,,6.06.6001.18461 GSM 6.10,0x00200000,1,1,,6.06.6001.18461 CCITT A-Law,0x00200000,1,1,,6.06.6001.18461 CCITT u-Law,0x00200000,1,1,,6.06.6001.18461 MPEG Layer-3,0x00200000,1,1,,6.06.6001.18461 Audio Capture Sources: Microphone (2- USB PnP Sound De,0x00200000,0,0,,6.06.6001.18000 Line 1 (Virtual Audio Cable),0x00200000,0,0,,6.06.6001.18000 Mic 1 (Virtual Audio Cable),0x00200000,0,0,,6.06.6001.18000 Midi Renderers: Default MidiOut Device,0x00800000,1,0,,6.06.6001.18461 Microsoft GS Wavetable Synth,0x00200000,1,0,,6.06.6001.18461 WDM Streaming Capture Devices: ,0x00000000,0,0,, Realtek HD Audio CD input,0x00200000,1,1,,6.00.6001.18000 Realtek HD Audio Front Mic input,0x00200000,1,1,,6.00.6001.18000 Realtek HD Audio Line input,0x00200000,1,1,,6.00.6001.18000 Realtek HD Audio Mic input,0x00200000,1,1,,6.00.6001.18000 Realtek HD Audio Stereo input,0x00200000,1,1,,6.00.6001.18000 ManyCam Virtual Webcam,0x00200000,1,2,,6.00.6001.18000 Virtual Cable 1,0x00200000,2,2,,6.00.6001.18000 USB PnP Sound Device,0x00200000,2,2,,6.00.6001.18000 WDM Streaming Rendering Devices: AMD HD Audio HDMI out #0,0x00200000,1,1,,6.00.6001.18000 Realtek HD Audio output,0x00200000,1,1,,6.00.6001.18000 Realtek HDA SPDIF Out,0x00200000,1,1,,6.00.6001.18000 Virtual Cable 1,0x00200000,2,2,,6.00.6001.18000 USB PnP Sound Device,0x00200000,2,2,,6.00.6001.18000 BDA Network Providers: Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061 Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061 Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061 Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6001.18061 Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.6001.18459 Video Capture Sources: ManyCam Virtual Webcam,0x00200000,1,2,,6.00.6001.18000 Multi-Instance Capable VBI Codecs: VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000 BDA Transport Information Renderers: BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.6001.18459 MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.6001.18000 BDA CP/CA Filters: Decrypt/Tag,0x00600000,1,0,EncDec.dll,6.06.6001.18571 Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.6001.18571 XDS Codec,0x00200000,0,0,EncDec.dll,6.06.6001.18571 WDM Streaming Communication Transforms: Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000 Audio Renderers: Speakers (2- USB PnP Sound Devi,0x00200000,1,0,,6.06.6001.18461 1 - Digital Display Audio (AMD ,0x00200000,1,0,,6.06.6001.18461 Default DirectSound Device,0x00800000,1,0,,6.06.6001.18461 Default WaveOut Device,0x00200000,1,0,,6.06.6001.18461 DirectSound: 1 - Digital Display Audio (AMD High Definition Audio Device),0x00200000,1,0,,6.06.6001.18461 DirectSound: Line 1 (Virtual Audio Cable),0x00200000,1,0,,6.06.6001.18461 DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,,6.06.6001.18461 DirectSound: Speakers (2- USB PnP Sound Device),0x00200000,1,0,,6.06.6001.18461 Line 1 (Virtual Audio Cable),0x00200000,1,0,,6.06.6001.18461 Realtek Digital Output (Realtek,0x00200000,1,0,,6.06.6001.18461
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.