WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer Self Destructing - GRRRR! [Solved]

Started by FreyjaGoddess , Dec 03 2013 09:07 AM

This topic is locked

61 replies to this topic

#1 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 09:07 AM

Things are going wrong on my computer.

Initially, it kept saying that Windows Defender and my Anti-virus were not turned on. I changed to Avast antivirus from Avira.

Then my print spooler stopped working so I was unable to print anymore.

Now Windows Update has disappeared!

OTL logfile created on: 03/12/2013 9:43:56 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Karri\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.93 Gb Total Physical Memory | 5.42 Gb Available Physical Memory | 68.30% Memory free
15.92 Gb Paging File | 12.69 Gb Available in Paging File | 79.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.59 Gb Total Space | 41.75 Gb Free Space | 17.95% Space Free | Partition Type: NTFS
Drive D: | 348.93 Gb Total Space | 88.23 Gb Free Space | 25.29% Space Free | Partition Type: NTFS
Drive H: | 3.80 Gb Total Space | 3.37 Gb Free Space | 88.72% Space Free | Partition Type: FAT32
Drive J: | 295.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive N: | 3.79 Gb Total Space | 3.79 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive O: | 930.95 Gb Total Space | 813.57 Gb Free Space | 87.39% Space Free | Partition Type: FAT32

Computer Name: KARRI-PC | User Name: Karri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Karri\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Capture.exe ()
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Users\Karri\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
PRC - C:\Users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdate.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaService.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe ()
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Users\Karri\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Karri\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\LogiShrd\SharedBin\LvApi11.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQDEVCL.dll ()
MOD - C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMDLL.DLL ()

========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (c2wts) -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe (Microsoft Corporation)
SRV:64bit: - (ME Services Manager) -- C:\Program Files\Intel\inteldh\msm\MSM.exe (Intel® Corporation)
SRV:64bit: - (Software Services Manager) -- C:\Program Files\Intel\inteldh\common\IntelDHSvcMgr.exe (Intel® Corporation)
SRV:64bit: - (LMS) -- C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)
SRV:64bit: - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (M4-Service) -- C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe ()
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CyberLink Live Push Update Service) -- C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe (CyberLink)
SRV - (CyberLink Live Monitor Service) -- C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe (CyberLink)
SRV - (CyberLink Live Service) -- C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaService.exe (CyberLink Corp.)
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

========== Driver Services (SafeList) ==========

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\DRIVERS\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\DRIVERS\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (PID_PEPI) -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation)
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\DRIVERS\HECIx64.sys (Intel Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_m5700
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_m5700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_m5700
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_m5700
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.theweathe...ather/caon0532"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Karri\AppData\Local\Citrix\Plugins\79\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Karri\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Karri\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/27 15:12:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/21 20:32:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/21 20:32:48 | 000,000,000 | ---D | M]

[2009/10/29 12:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karri\AppData\Roaming\Mozilla\Extensions
[2009/10/29 12:03:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karri\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2013/11/05 11:42:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\extensions
[2011/10/15 13:35:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/11/05 11:42:58 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/21 20:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013/11/21 20:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/21 20:32:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/21 20:32:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Karri\AppData\Local\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Karri\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Karri\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft Lync 2010 Meeting Join Plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Citrix Online Web Deployment Plugin 1.0.0.79 (Enabled) = C:\Users\Karri\AppData\Local\Citrix\Plugins\79\npappdetector.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Karri\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Entanglement Web App = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: AT_JamesWhite = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3\
CHR - Extension: AdBlock = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Skype Click to Call = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Poppit = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Google Wallet = C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/12/03 09:34:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelSWUpdateClient] C:\Program Files\Intel\inteldh\common\SWUpdateClient.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSCRM] C:\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [ACQTMOUSE] C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLPushUpdate] C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdate.exe (CyberLink)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Karri\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - CC:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} http://www.shockwave...nx.1.0.0.86.cab (CPlayFirstTriJinxControl Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DF7249C-DC40-4434-8123-8375B94A51F0}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/24 10:26:00 | 000,000,740 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010/06/03 10:45:28 | 000,000,055 | ---- | M] () - N:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~2\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/12/03 09:42:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Karri\Desktop\OTL.exe
[2013/12/02 13:31:49 | 000,000,000 | ---D | C] -- C:\Users\Karri\Desktop\Videos
[2013/12/01 13:28:47 | 000,000,000 | ---D | C] -- C:\Users\Karri\Desktop\MOIST
[2013/11/27 18:36:35 | 000,347,304 | ---- | C] (Microsoft Corporation) -- C:\Users\Karri\Desktop\MicrosoftFixit.Printing.Run.exe
[2013/11/27 16:23:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/11/27 16:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013/11/27 16:17:28 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013/11/27 15:13:28 | 000,000,000 | ---D | C] -- C:\Users\Karri\AppData\Roaming\AVAST Software
[2013/11/27 15:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/11/27 15:12:53 | 001,032,416 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/11/27 15:12:53 | 000,065,264 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/11/27 15:12:52 | 000,409,832 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/11/27 15:12:52 | 000,084,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/11/27 15:12:52 | 000,064,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2013/11/27 15:12:52 | 000,038,984 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/11/27 15:12:50 | 000,334,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/27 15:12:47 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/11/27 15:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/27 15:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/27 13:52:46 | 000,000,000 | ---D | C] -- C:\Users\Karri\AppData\Roaming\TuneUp Software
[2013/11/27 13:48:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/27 13:48:02 | 000,000,000 | ---D | C] -- C:\Users\Karri\AppData\Local\MFAData
[2013/11/27 13:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/11/21 20:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/14 08:25:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/14 08:25:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/14 08:25:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/14 08:25:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/14 08:25:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/14 08:25:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/14 08:25:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/14 08:25:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/14 08:25:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/14 08:25:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/14 08:25:46 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/14 08:25:45 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/14 08:25:45 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/14 08:25:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/14 08:25:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/12 18:12:13 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/12 18:12:13 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/12 18:11:53 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/12 18:11:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/06 15:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/06 15:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/06 15:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/06 15:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

========== Files - Modified Within 30 Days ==========

[2013/12/03 09:42:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karri\Desktop\OTL.exe
[2013/12/03 09:40:37 | 000,652,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/03 09:40:36 | 000,766,246 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/03 09:40:36 | 000,125,686 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/03 09:34:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/12/03 09:34:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/03 09:34:13 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/03 09:34:13 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/03 09:34:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/03 09:28:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/03 09:19:50 | 000,041,472 | ---- | M] () -- C:\Users\Karri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/03 09:12:13 | 000,393,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/03 09:07:26 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000UA.job
[2013/12/02 22:07:22 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/12/02 19:07:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000Core.job
[2013/12/02 15:35:02 | 000,000,222 | ---- | M] () -- C:\Users\Karri\Desktop\The Walking Dead.url
[2013/11/27 19:39:32 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2013/11/27 19:37:21 | 000,150,223 | ---- | M] () -- C:\Windows\hpwins05.dat.temp
[2013/11/27 19:36:11 | 000,002,073 | ---- | M] () -- C:\Users\Karri\HP Photosmart Essential.lnk
[2013/11/27 18:59:15 | 003,045,848 | ---- | M] () -- C:\Users\Karri\Desktop\OJProL7X00_Scrubber_14.exe
[2013/11/27 18:36:35 | 000,347,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Karri\Desktop\MicrosoftFixit.Printing.Run.exe
[2013/11/27 17:07:25 | 000,000,000 | -H-- | M] () -- C:\Users\Karri\Documents\Default.rdp
[2013/11/27 16:03:29 | 403,965,704 | ---- | M] () -- C:\Users\Karri\Desktop\OJProL7X00_Full_14.exe
[2013/11/27 15:38:05 | 000,006,711 | -HS- | M] () -- C:\Users\Karri\Desktop\Folder.jpg
[2013/11/27 15:38:05 | 000,001,751 | -HS- | M] () -- C:\Users\Karri\Desktop\AlbumArtSmall.jpg
[2013/11/27 15:15:35 | 009,267,598 | ---- | M] () -- C:\Users\Karri\Desktop\Kodaline_All_I_Want(Instrumental_version_(With_backing_vocals))_168418.mp3
[2013/11/27 15:13:20 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/27 15:13:00 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2013/11/27 15:12:48 | 000,205,320 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/27 15:12:48 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/27 15:12:48 | 000,065,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/11/27 15:12:47 | 001,032,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/11/27 15:12:47 | 000,409,832 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/11/27 15:12:47 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/11/27 15:12:47 | 000,084,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/11/27 15:12:47 | 000,064,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2013/11/27 15:12:47 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/11/27 15:12:47 | 000,038,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/11/22 14:14:47 | 000,048,940 | ---- | M] () -- C:\Users\Karri\Desktop\Karri medical approval.pdf
[2013/11/20 17:20:05 | 010,578,277 | ---- | M] () -- C:\Users\Karri\Desktop\Robin Thicke Feat T.I. & Pharrell - Blurred Lines.mp3
[2013/11/20 17:17:41 | 000,009,533 | -HS- | M] () -- C:\Users\Karri\Desktop\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Large.jpg
[2013/11/20 17:17:41 | 000,002,919 | -HS- | M] () -- C:\Users\Karri\Desktop\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Small.jpg
[2013/11/19 16:21:20 | 000,000,012 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2013/11/19 03:03:41 | 000,001,566 | ---- | M] () -- C:\Windows\CrmClient.mif
[2013/11/18 20:50:39 | 687,311,779 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/11/16 13:42:21 | 000,002,048 | ---- | M] () -- C:\Users\Karri\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/11/16 13:42:21 | 000,002,046 | ---- | M] () -- C:\Users\Karri\Desktop\Google Chrome.lnk
[2013/11/06 15:30:34 | 000,001,698 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

========== Files Created - No Company Name ==========

[2013/12/02 15:35:02 | 000,000,222 | ---- | C] () -- C:\Users\Karri\Desktop\The Walking Dead.url
[2013/11/27 19:36:11 | 000,002,073 | ---- | C] () -- C:\Users\Karri\HP Photosmart Essential.lnk
[2013/11/27 18:59:09 | 003,045,848 | ---- | C] () -- C:\Users\Karri\Desktop\OJProL7X00_Scrubber_14.exe
[2013/11/27 17:07:25 | 000,000,000 | -H-- | C] () -- C:\Users\Karri\Documents\Default.rdp
[2013/11/27 16:11:37 | 000,150,223 | ---- | C] () -- C:\Windows\hpwins05.dat.temp
[2013/11/27 16:11:37 | 000,004,785 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp
[2013/11/27 15:31:16 | 403,965,704 | ---- | C] () -- C:\Users\Karri\Desktop\OJProL7X00_Full_14.exe
[2013/11/27 15:29:31 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2013/11/27 15:15:16 | 009,267,598 | ---- | C] () -- C:\Users\Karri\Desktop\Kodaline_All_I_Want(Instrumental_version_(With_backing_vocals))_168418.mp3
[2013/11/27 15:13:20 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/27 15:13:00 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2013/11/27 15:12:53 | 000,205,320 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/11/27 15:12:53 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/11/22 14:14:45 | 000,048,940 | ---- | C] () -- C:\Users\Karri\Desktop\Karri medical approval.pdf
[2013/11/20 17:17:41 | 000,009,533 | -HS- | C] () -- C:\Users\Karri\Desktop\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Large.jpg
[2013/11/20 17:17:41 | 000,002,919 | -HS- | C] () -- C:\Users\Karri\Desktop\AlbumArt_{A331ADFC-ABF7-4B45-A34A-D33C7843D5EC}_Small.jpg
[2013/11/16 13:42:21 | 000,002,046 | ---- | C] () -- C:\Users\Karri\Desktop\Google Chrome.lnk
[2013/11/12 19:02:58 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000UA.job
[2013/11/12 19:02:58 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000Core.job
[2013/11/12 18:12:13 | 000,217,074 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2013/11/05 22:33:38 | 010,578,277 | ---- | C] () -- C:\Users\Karri\Desktop\Robin Thicke Feat T.I. & Pharrell - Blurred Lines.mp3
[2012/07/22 17:32:00 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/02/01 17:18:15 | 000,000,552 | ---- | C] () -- C:\Users\Karri\AppData\Local\d3d8caps.dat
[2012/01/18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/12/30 21:49:42 | 000,000,680 | ---- | C] () -- C:\Users\Karri\AppData\Local\d3d9caps.dat
[2011/09/02 13:28:57 | 000,041,472 | ---- | C] () -- C:\Users\Karri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/12 21:00:58 | 000,000,760 | ---- | C] () -- C:\Users\Karri\AppData\Roaming\setup_ldm.iss
[2009/09/21 11:30:38 | 000,000,029 | ---- | C] () -- C:\Users\Karri\AppData\Roaming\default.rss
[2009/09/15 11:40:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/28 10:50:52 | 000,048,127 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/06/28 10:50:52 | 000,048,127 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/10/28 07:57:39 | 000,000,052 | ---- | C] () -- C:\ProgramData\CLSDefine.ini

========== ZeroAccess Check ==========

[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

========== LOP Check ==========

[2010/12/18 11:49:09 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\.minecraft
[2012/11/19 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\1morebee
[2012/07/07 21:02:22 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\8floor
[2009/03/29 19:30:38 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Acer
[2008/10/28 08:17:30 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Acer GameZone Console
[2011/04/16 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\aliasworlds
[2012/07/14 15:40:16 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Anino Games
[2010/09/25 19:05:35 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Atlus
[2013/09/19 13:34:36 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Audacity
[2013/11/27 15:13:28 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\AVAST Software
[2011/12/12 21:07:00 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\blg
[2009/08/06 12:12:47 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\DAEMON Tools Lite
[2012/09/17 19:00:26 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\DivoGames
[2013/12/03 09:37:23 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Dropbox
[2009/03/30 19:40:22 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\eSobi
[2009/04/06 06:42:54 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\FloodLightGames
[2012/11/20 07:53:50 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\GamesCafe
[2012/08/10 19:09:27 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\HipSoft
[2013/11/27 14:30:25 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Image Zone Express
[2012/01/03 19:40:28 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Islands2
[2012/07/22 17:32:17 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Jumb-O-Fun Games
[2009/03/29 19:30:38 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Leadertech
[2012/12/14 08:14:34 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\LimeWire
[2011/03/04 11:36:00 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\MumboJumbo
[2012/11/19 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\northern_tale_bfg_en
[2011/02/13 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Oberon Media
[2013/01/02 15:50:23 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\ooVoo Details
[2013/01/28 08:36:20 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Origin
[2012/01/20 19:35:58 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\PetRush
[2011/11/27 13:02:08 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Ph03nixNewMedia
[2012/04/07 15:11:40 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\PlayFirst
[2011/12/21 18:50:08 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Playrix Entertainment
[2012/09/13 18:58:22 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Princess Isabella CE
[2009/10/28 14:05:06 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Printer Info Cache
[2013/08/18 18:39:18 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\Rainbow
[2010/06/04 21:03:13 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\runic games
[2012/07/17 17:45:03 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\SanDisk
[2013/06/18 07:36:08 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\TeamViewer
[2013/11/27 13:52:46 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\TuneUp Software
[2013/10/07 21:27:50 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\uTorrent
[2011/12/18 18:18:25 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\ValuSoft
[2012/09/12 18:41:41 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\VC 2 Paradise Resort
[2012/09/16 18:51:24 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\ViquaSoft
[2012/01/02 12:34:19 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\WendigoStudios
[2012/07/14 15:18:47 | 000,000,000 | ---D | M] -- C:\Users\Karri\AppData\Roaming\YoudaGames

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 01:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\erdnt\cache86\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 21:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 01:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 00:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 21:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 21:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2006/11/02 10:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2006/11/02 10:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_6a2f0af76374ed51\explorer.exe.mui
[2006/11/02 10:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 10:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_5fda60a52f142b56\explorer.exe.mui

< MD5 for: EXPLORER.EXE-A80E4F97.PF >
[2013/12/03 08:48:49 | 000,307,422 | ---- | M] () MD5=6F5E9A51FFB0BC7119AABF2782913B35 -- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf

< MD5 for: EXPLORER.ZIP >
[2009/06/03 21:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip

< MD5 for: IEXPLORE.EXE >
[2012/06/02 06:47:54 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=004640AB259C1572EBD5FB0A32F63686 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_b5336068bd3ba567\iexplore.exe
[2013/01/08 20:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_b49ff3fba4253ae5\iexplore.exe
[2012/05/17 18:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_bf0c3eb9d873f7ac\iexplore.exe
[2013/10/13 05:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/10/13 05:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_bf1bdebbd86924e7\iexplore.exe
[2008/04/24 23:22:36 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=07ED775D6DB4BFA96D7CFB09EB228418 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_9399882309d61be8\iexplore.exe
[2009/01/14 23:14:36 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=0844F5B9CB3BB85A917D347EF1565B6C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_93f80d9f098e0166\iexplore.exe
[2012/10/03 21:07:39 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=0B09588808D3865287BE65CF62D792B2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_b5279032bd44a801\iexplore.exe
[2012/11/13 21:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_bf026f17d87b2cf4\iexplore.exe
[2013/07/31 05:18:24 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=10C1F2EC48D524AE10229AACD37B172A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_bfb74d78f1785a21\iexplore.exe
[2013/07/24 21:48:45 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=139C8953AC56A9E559C7DEF07BC45ED7 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_bfb34c50f17bf4c5\iexplore.exe
[2013/05/16 23:10:41 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=1423FF1BFD2ECD9CFC8C17EA4F98B20F -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_b47b830fa441295c\iexplore.exe
[2008/02/21 21:44:11 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=182CAF7403705ACCB51211A761080B8F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_9433f69622e637cb\iexplore.exe
[2012/06/27 21:23:58 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=1A8A5634E778B0466BE0932B460ACCB3 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_b53460b2bd3abebe\iexplore.exe
[2008/04/24 21:16:24 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=1ACD856D345FA54F89335C793B2B0874 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_8a115c9dee6081e6\iexplore.exe
[2009/11/21 10:04:19 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=1B5572B8B9CD678E814F57B245400F64 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_6ec34e240169f05e\iexplore.exe
[2009/11/21 01:42:38 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=1B6362BB14FCEB9E76BCF9A953B04788 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_78828b751cb61529\iexplore.exe
[2009/04/24 11:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=1F44940EF1D07D0BDAF80E55853DFBD0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_93b9fbb309bdc263\iexplore.exe
[2012/08/24 02:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_befb6d11d8817b93\iexplore.exe
[2013/02/22 02:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_b49724a3a42b8984\iexplore.exe
[2010/02/23 10:06:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=25DB705A7DC85C208B3CF2D20F118AA7 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_78ebb87c35ec08c6\iexplore.exe
[2012/05/17 17:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_bf860a26f19e34b4\iexplore.exe
[2013/10/13 11:04:00 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=27DC2B3A141BE4566A0B45A5E5F4668A -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/10/13 11:04:00 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=27DC2B3A141BE4566A0B45A5E5F4668A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_b4c73469a40862ec\iexplore.exe
[2012/06/27 23:16:03 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=2BF1D4CA1D2DFDCA52421730CA46E851 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_b4b994fba411685f\iexplore.exe
[2009/04/11 01:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[2012/08/24 06:23:44 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_b4a6c2bfa420b998\iexplore.exe
[2013/10/13 04:43:05 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=2D64E29ADB5DEB40446796A9C42417E3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_bf9babe4f18df9f9\iexplore.exe
[2009/08/27 00:23:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=2E48756F12C21F46895036AC089AAD97 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_78b0cc031c92f16a\iexplore.exe
[2011/02/22 01:50:19 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=2E70FE17239DFCA6209FD698D0F18C61 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_6e465be0e84297ba\iexplore.exe
[2008/02/21 21:54:54 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=2EEE7F65B04F759FE7D238AD6EAB90B7 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_89df4c43ee8575d0\iexplore.exe
[2008/02/20 23:45:17 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=31705413C889C5503F564C642D83C282 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_89721e14d5531cd7\iexplore.exe
[2013/02/21 23:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_beebcef5d88c4b7f\iexplore.exe
[2012/06/27 20:08:59 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=32F1A71CC1943BD537DA1516E0CB6AF3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_bf0e3f4dd8722a5a\iexplore.exe
[2009/04/24 11:07:30 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=3319AE709DEAA8539AB3B4110C3C675D -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_8c07706deb7a6fe7\iexplore.exe
[2013/05/28 22:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_bfc11d1af17124d9\iexplore.exe
[2012/06/02 04:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_bf0d3f03d8731103\iexplore.exe
[2012/10/03 22:12:11 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=367045AF10C4875707E0864E352EF3F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_b4abc431a41c384b\iexplore.exe
[2010/11/02 01:29:04 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=37302FCB9B7D54B0DBB43624E7A21B3C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_6e11746ce86a0984\iexplore.exe
[2010/01/02 09:58:26 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=3D8DA00B028DEA9517066F1CECBFC4A2 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_78ff57c035dd9e36\iexplore.exe
[2013/04/04 17:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_beddfe2bd8971b6b\iexplore.exe
[2013/02/21 23:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_bf6a9bd4f1b2073a\iexplore.exe
[2013/09/22 05:59:54 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=45BDA923BE52906D1460BCB13AC2AB7A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_bf2aafcfd85d6e52\iexplore.exe
[2010/05/04 01:32:18 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=48A6109E8DF0365195298CC527B7426A -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_7946112635a7c1dc\iexplore.exe
[2010/09/08 01:26:34 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4A719476A6393B1DCACFEB4F3AC6599C -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_790e00f635d21ae3\iexplore.exe
[2009/07/22 01:04:09 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=4B5AEA50CE77FBA4C2D169622DC9B489 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_794b073435a4da9f\iexplore.exe
[2012/06/27 18:36:32 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=4B649ED3CDC17707898E4948AAB72528 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_bf890b04f19b80b9\iexplore.exe
[2012/05/17 21:51:05 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_b4b79467a41335b1\iexplore.exe
[2009/08/27 00:52:49 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=51BDD4A648CD937BC7111D09930114C3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_6e5c21b0e8322f6f\iexplore.exe
[2013/07/24 23:00:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=536B5973A34DDAA6E16AC8248B726BD0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_b55ea1febd1b32ca\iexplore.exe
[2013/07/24 21:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\erdnt\cache86\iexplore.exe
[2013/07/24 21:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_bf337f27d8571fb3\iexplore.exe
[2009/04/11 02:11:08 | 000,712,864 | ---- | M] (Microsoft Corporation) MD5=58136AB5A3DF2D44BBB483629188584A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_8d6c1498cf7dbd4b\iexplore.exe
[2012/08/24 05:49:07 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=5A150AFABB25BEA50CEDC8650A7B8A9E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_b5376190bd380ac3\iexplore.exe
[2010/11/02 01:03:13 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5AB037B17F8A87D052F5A88E0D29A3C8 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18999_none_78661ebf1ccacb7f\iexplore.exe
[2008/01/20 21:48:06 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_95d545df06bcb3fa\iexplore.exe
[2010/05/04 01:00:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=5C9B1062EA7A44E8F6BFDE994B68C7AA -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_78b0cde91c92ee91\iexplore.exe
[2012/06/02 07:52:21 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=610F6596921C4BAA8834ADBB9BE272EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_b4b894b1a4124f08\iexplore.exe
[2012/08/24 02:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_bf8c0be2f198ccbe\iexplore.exe
[2013/05/16 18:34:33 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=67EE46FD4D3B56531C5DD1BDC149275A -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_bed02d61d8a1eb57\iexplore.exe
[2013/01/08 17:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_bef49e4dd885fce0\iexplore.exe
[2008/04/24 23:28:44 | 000,701,440 | ---- | M] (Microsoft Corporation) MD5=699D1D2EAF5C80E7361809B0ED8AE773 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_8944ddd0d57559ed\iexplore.exe
[2009/04/24 11:27:28 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=6B9F780596A6FA37909A1E17B13DB8F3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_89fe97abee6e3636\iexplore.exe
[2010/05/04 01:57:44 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=6E4A7132FE953AFFAE00B15835404564 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18928_none_6e5c2396e8322c96\iexplore.exe
[2013/09/22 10:05:44 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=6FE8A2A2E24D8BED324BA2EBE356488E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_b555d2a6bd218169\iexplore.exe
[2009/01/14 23:59:48 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=724BC813643C688280F353EC23128A66 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_89c8afedee968ea9\iexplore.exe
[2010/06/26 01:06:48 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7420BE0E7D3D1320054F7ACA0594953D -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_78962c9f1ca7a7c0\iexplore.exe
[2010/12/18 02:19:44 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=7852371DA9EFBC17B645558E23780EAC -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_793e10bc35aef44b\iexplore.exe
[2009/03/08 16:09:11 | 000,661,344 | ---- | M] (Microsoft Corporation) MD5=7A81E0CECAE7B98459A073981F0124D5 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_6e6bbde6e827625c\iexplore.exe
[2013/02/02 03:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_b50fefc6bd56ad35\iexplore.exe
[2009/08/27 08:31:08 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=7DD482E4A2E3CBB0A72F718C342F5B75 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_794538ba35a87543\iexplore.exe
[2012/10/03 17:53:29 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=7FC9E840B32E9DFBFBBA92BA5E9B97C2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_bf7c3a84f1a569fc\iexplore.exe
[2010/02/23 02:03:07 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=81AF4A1549710310E56B43C4D3F3657C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_6e6dc246e8258f58\iexplore.exe
[2010/09/08 01:49:26 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=827BE3F3C80787B00F19E36B19531197 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_6e23131ce85d6c46\iexplore.exe
[2009/04/24 11:32:29 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=8679C8CD9690758AF0984290A1843E72 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_89655160d55d0068\iexplore.exe
[2010/01/02 01:40:20 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=88BD42DAE7CFFEB256CA7145A15E4843 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_7869eabf1cc90106\iexplore.exe
[2012/11/14 00:19:40 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=8ACFFA754B6ED028B8689CAD00FC2BCB -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_b52a9110bd41f406\iexplore.exe
[2009/11/21 01:53:25 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=8ADB04E86E8A38307D0663CD002BFFD1 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18865_none_6e2de122e855532e\iexplore.exe
[2010/12/18 01:56:48 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=8F69AE4F1AC2E1D2C34348D519007A2C -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_6e67cbeee8295d3e\iexplore.exe
[2011/05/30 19:52:50 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_bf1cdd1fd8684117\iexplore.exe
[2010/11/02 02:13:47 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=92A17B0A89D14815AACC62CD190B6CE3 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_78e78f7635efd6ac\iexplore.exe
[2008/02/20 23:43:03 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=9437CA21CD48C9B6BFD6F5AC0143D251 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_93c6c86709b3ded2\iexplore.exe
[2012/10/03 18:08:28 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=96A360002311ECE53952AF2F5B4CD64E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_bf006e83d87cfa46\iexplore.exe
[2011/02/22 02:18:28 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9CE5543464432CA73134F170FA2BF823 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_791fa18c35c57acc\iexplore.exe
[2010/05/04 01:59:11 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=9D0512508DBDD31DA29BC05941417101 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23019_none_6ef166d40146ffe1\iexplore.exe
[2008/04/24 21:04:08 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=9F1427F203CA078005C9943800929640 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_946606f022c143e1\iexplore.exe
[2010/02/23 01:39:16 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=9F52FBE99C749E3F32C75124F09F1B03 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18904_none_78c26c991c865153\iexplore.exe
[2013/05/16 20:46:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A1397D2A4924C390E55D146FB45FDF7C -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_b566710cbd15cad4\iexplore.exe
[2013/04/04 20:55:57 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=A1B0DEC3BB845C6369F97BC1A3542A07 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_b48953d9a4365970\iexplore.exe
[2013/02/01 23:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_bf649a18f1b76f30\iexplore.exe
[2013/07/31 09:22:10 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=A818D637533302BA58C685F332388FC0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_b4e2d5fda3f2c314\iexplore.exe
[2013/05/16 17:27:11 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=A8732CEDB2C0EE7AFC08F867A47BB3EC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_bfbb1b5ef1768ccf\iexplore.exe
[2013/02/02 02:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_b49122e7a430f17a\iexplore.exe
[2013/07/31 05:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_bf37804fd853850f\iexplore.exe
[2008/01/20 21:50:37 | 000,701,952 | ---- | M] (Microsoft Corporation) MD5=AC2C3BAFD177B60C3B5E4DDBCC2C2DB3 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_8b809b8cd25bf1ff\iexplore.exe
[2013/05/29 01:24:18 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=AFF2C99AD2C599108B6BD9E77C24B463 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_b48184cba43bc166\iexplore.exe
[2013/02/22 02:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_b515f182bd51453f\iexplore.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2009/03/08 16:09:24 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_78c068391c882457\iexplore.exe
[2010/01/02 10:15:56 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=B7ECFA3A546360E2A39ADBE1D773F3DC -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22973_none_6eaaad6e017cdc3b\iexplore.exe
[2013/10/13 07:41:01 | 000,763,632 | ---- | M] (Microsoft Corporation) MD5=B7FF42AE9760F3F0CC8EF2056A7BC372 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_b5470192bd2d37fe\iexplore.exe
[2010/12/18 01:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=B988D7F127B94BD5BF8356FE81B985C4 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19019_none_78bc76411c8a1f39\iexplore.exe
[2012/06/02 03:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_bf880abaf19c6762\iexplore.exe
[2013/04/04 16:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_bf5ccb0af1bcd726\iexplore.exe
[2011/02/22 01:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=C1D36A2CBE0CEC4DF593DB1288CF586E -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.19048_none_789b06331ca359b5\iexplore.exe
[2009/07/21 16:53:43 | 000,638,216 | ---- | M] (Microsoft Corporation) MD5=C33BD196A0301F9B23D9A003D30ED8B0 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_78b69a7d1c8f56c6\iexplore.exe
[2009/07/21 17:12:12 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=C45FA4DA458E0B3C9636B09488029BDD -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_6e61f02ae82e94cb\iexplore.exe
[2013/04/04 19:40:37 | 000,763,504 | ---- | M] (Microsoft Corporation) MD5=C4A4F4AD91677DA1659A9ADE63746B8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_b50820b8bd5c152b\iexplore.exe
[2010/01/02 02:09:58 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=C9256212D298D96FE0F63D69ECD9CE97 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18882_none_6e15406ce8683f0b\iexplore.exe
[2013/05/29 00:56:53 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=C9C29508A433DAF0118D28C4F38CDDFC -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_b56c72c8bd1062de\iexplore.exe
[2009/08/27 09:04:11 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=CBDEB65EDCC5E574F43F1EF79E54C8A1 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_6ef08e680147b348\iexplore.exe
[2010/02/23 11:03:02 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=D1978C9901DAA9A1C2EE78A707B1449A -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22995_none_6e970e2a018b46cb\iexplore.exe
[2009/04/24 11:03:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D5271AC4A06AD9D1E2EA0151B79B2657 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_945341fe22cef831\iexplore.exe
[2010/09/08 01:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=D5A730DFDEAE005373E62BC2A866E3BB -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18975_none_7877bd6f1cbe2e41\iexplore.exe
[2009/04/24 11:01:36 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=D6157423C117F24D24695866A1D0A93F -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_965c1ac01fdb31e2\iexplore.exe
[2009/01/14 23:50:38 | 000,709,800 | ---- | M] (Microsoft Corporation) MD5=D6F4816C6B7BE9A125E138B903C2B0EF -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_89a3634cd52d3f6b\iexplore.exe
[2010/09/08 02:28:01 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=D93AB1673986658EF1931FA751BCCF69 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23067_none_6eb956a4017158e8\iexplore.exe
[2013/02/01 23:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_bee5cd39d891b375\iexplore.exe
[2013/07/31 08:01:01 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=E1D016741AA03A959586A7818595BF46 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_b562a326bd179826\iexplore.exe
[2011/02/22 02:54:38 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=E79C480F9DCD7512AAB9727A533CB152 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23143_none_6ecaf73a0164b8d1\iexplore.exe
[2009/11/21 10:05:17 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=E7F8DF50E483D165BB01F367D3519AA7 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22956_none_7917f87635cab259\iexplore.exe
[2010/06/26 01:31:23 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=E9D8A71AFDCA528A184C1498E22A8241 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18943_none_6e41824ce846e5c5\iexplore.exe
[2013/05/28 21:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_bed62f1dd89c8361\iexplore.exe
[2013/01/08 19:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_b51dc090bd4bdd49\iexplore.exe
[2013/01/08 16:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_bf726ae2f1ac9f44\iexplore.exe
[2010/06/26 01:52:42 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=F05B3A2C6CB319DD1377AD566CF5ECE5 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_791c9ec835c831a0\iexplore.exe
[2009/01/14 23:18:47 | 000,634,024 | ---- | M] (Microsoft Corporation) MD5=F0B1CA517977BA2FF6DA33F1B966C488 -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_941d5a4022f750a4\iexplore.exe
[2011/05/30 19:52:47 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_b4c832cda4077f1c\iexplore.exe
[2009/04/24 11:08:04 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F294D8EEB05C835EC44A12CE0A1DFE7A -- C:\Windows\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_95b20c4b06d5e8c4\iexplore.exe
[2010/11/02 02:42:15 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=F686191623AC22EE2521C2D17157B199 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23091_none_6e92e524018f14b1\iexplore.exe
[2012/11/13 21:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_bf7f3b62f1a2b601\iexplore.exe
[2013/09/22 07:14:29 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=F87E95A127E83277B9AE500D7A18C998 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_bfaa7cf8f1824364\iexplore.exe
[2010/06/28 13:17:01 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=F896A6A9965B9C64061BE97F6D84B075 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23040_none_6ec7f47601676fa5\iexplore.exe
[2012/05/17 20:37:57 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_b5315fd4bd3d72b9\iexplore.exe
[2013/09/22 10:48:47 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=F980F2E95E0434C8E0559B6504FE1D10 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_b4d6057da3fcac57\iexplore.exe
[2013/07/24 22:58:46 | 000,763,544 | ---- | M] (Microsoft Corporation) MD5=FA5B33E7BB143BCE846C303B528E8D62 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_b4ded4d5a3f65db8\iexplore.exe
[2010/12/18 02:54:56 | 000,660,760 | ---- | M] (Microsoft Corporation) MD5=FC6DC0E786A4D2E7DA6E9C012ED2E64F -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.23111_none_6ee9666a014e3250\iexplore.exe
[2012/11/14 02:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_b4adc4c5a41a6af9\iexplore.exe
[2009/04/24 11:23:20 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=FD4E1EF226A34D093AAD475B94C5E36E -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_8b5d61f8d27526c9\iexplore.exe
[2009/07/22 01:30:13 | 000,660,744 | ---- | M] (Microsoft Corporation) MD5=FDCF656D4B4E116D9C932AD2868FD811 -- C:\Windows\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_6ef65ce2014418a4\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 17:15:57 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=11E9431B29BD64A1FB13369BB8AD4116 -- C:\Windows\winsxs\amd64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_7c9630f422ee47f7\iexplore.exe.mui
[2011/05/30 19:52:48 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2011/05/30 19:52:48 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.1.8112.16421_en-us_ae74c844dbb4c003\iexplore.exe.mui
[2006/11/02 10:13:34 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\wow64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a1c8f6f0449888c1\iexplore.exe.mui
[2011/05/30 19:52:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2011/05/30 19:52:51 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.1.8112.16421_en-us_b8c97297101581fe\iexplore.exe.mui
[2009/03/08 16:27:11 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Windows\winsxs\wow64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_8.0.6001.18702_en-us_86eadb46574f09f2\iexplore.exe.mui
[2006/11/02 10:13:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D421BD7B9646679254B0D855823C6F21 -- C:\Windows\winsxs\amd64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_97744c9e1037c6c6\iexplore.exe.mui

< MD5 for: SERVICES >
[2006/09/18 16:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\drivers\etc\services
[2006/09/18 16:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_5e6cdbf5b2cd5bcb\services
[2006/09/18 16:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services

< MD5 for: SERVICES.CFG >
[2013/09/03 08:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2006/11/02 06:16:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=0A87F57DFC2C0EB9BBA8BE1C87BAFE1A -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\services.exe
[2006/11/02 06:16:09 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=0A87F57DFC2C0EB9BBA8BE1C87BAFE1A -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_294799ef88bb616c\services.exe
[2008/01/20 21:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 02:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\erdnt\cache64\services.exe
[2009/04/11 02:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 02:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SysWOW64\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 21:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 10:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\SysWOW64\en-US\services.exe.mui
[2006/11/02 10:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 06:26:35 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\en-US\services.exe.mui
[2006/11/02 06:26:35 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui
[2006/11/02 10:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 10:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui

< MD5 for: SERVICES.LNK >
[2008/01/20 22:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.LOG >
[2013/11/27 20:20:22 | 000,064,078 | ---- | M] () MD5=73899ABE6F40399CFE1BC35970E85562 -- C:\ProgramData\HP\Installer\Temp\services.log
[2013/11/27 20:20:22 | 000,064,078 | ---- | M] () MD5=73899ABE6F40399CFE1BC35970E85562 -- C:\Users\All Users\HP\Installer\Temp\services.log

< MD5 for: SERVICES.MOF >
[2006/09/18 16:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\wbem\services.mof
[2006/09/18 16:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_294799ef88bb616c\services.mof
[2006/09/18 16:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysWOW64\wbem\services.mof
[2006/09/18 16:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 16:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 10:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 16:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 10:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2006/11/02 10:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 16:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 10:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: WINLOGON.EXE >
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 21:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 06:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\winlogon.exe
[2006/11/02 06:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 21:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2008/01/20 21:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2008/01/20 21:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_27172d0ebc73e370\winlogon.exe.mui
[2008/01/20 21:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\SysWOW64\en-US\winlogon.exe.mui
[2008/01/20 21:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 06:25:07 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=2D30AB05DBA78517B34C0AAC71DF5299 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\en-US\winlogon.exe.mui
[2006/11/02 06:25:07 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=2D30AB05DBA78517B34C0AAC71DF5299 -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_24e06b12bf88d29c\winlogon.exe.mui
[2006/11/02 10:13:52 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=2D30AB05DBA78517B34C0AAC71DF5299 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_24e06b12bf88d29c\winlogon.exe.mui
[2006/11/02 10:13:03 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui

< MD5 for: WINLOGON.MOF >
[2006/11/02 08:54:54 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\System32\wbem\winlogon.mof
[2006/11/02 08:54:54 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\ACER\Preload\Acer\Recovery\HPartition\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_da20a358315a3dca\winlogon.mof
[2006/09/18 16:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\SysNative\wbem\winlogon.mof
[2006/09/18 16:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\SysWOW64\wbem\winlogon.mof
[2006/09/18 16:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_da20a358315a3dca\winlogon.mof
[2006/09/18 16:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2009/04/11 01:36:36 | 000,333,257 | R-S- | M] () -- C:\bootmgr
[2008/10/28 11:09:45 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2013/12/03 09:34:06 | 244,588,542 | -HS- | M] () -- C:\pagefile.sys
[2008/10/28 07:47:02 | 000,000,607 | ---- | M] () -- C:\RHDSetup.log
[2010/01/01 13:54:04 | 000,000,927 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\Fonts\*.com >
[2006/11/02 10:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/20 20:32:20 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2006/10/19 09:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Normal).scr
[2006/10/19 09:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Wide).scr
[2013/11/27 15:12:47 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 22:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is ACER
Volume Serial Number is F2EA-6F6E
Directory of C:\
02/11/2006 10:42 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
Directory of C:\ACER\Preload\Acer\Recovery
30/03/2009 09:32 PM    <JUNCTION>     HPartition [\??\Volume{be54870c-1c9c-11de-84bd-806e6f6e6963}\]
               0 File(s)              0 bytes
Directory of C:\ProgramData
02/11/2006 10:42 AM    <JUNCTION>     Application Data [C:\ProgramData]
02/11/2006 10:42 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
02/11/2006 10:42 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
02/11/2006 10:42 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
02/11/2006 10:42 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 10:42 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users
02/11/2006 10:42 AM    <SYMLINKD>     All Users [C:\ProgramData]
02/11/2006 10:42 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
Directory of C:\Users\All Users
02/11/2006 10:42 AM    <JUNCTION>     Application Data [C:\ProgramData]
02/11/2006 10:42 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
02/11/2006 10:42 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
02/11/2006 10:42 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
02/11/2006 10:42 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 10:42 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default
02/11/2006 10:42 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
02/11/2006 10:42 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
02/11/2006 10:42 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
02/11/2006 10:42 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/11/2006 10:42 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/11/2006 10:42 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
02/11/2006 10:42 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
02/11/2006 10:42 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
02/11/2006 10:42 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default\AppData\Local
02/11/2006 10:42 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
02/11/2006 10:42 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 10:42 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Default\Documents
02/11/2006 10:42 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
02/11/2006 10:42 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
02/11/2006 10:42 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Guest
12/11/2009 04:53 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Roaming]
12/11/2009 04:53 PM    <JUNCTION>     Cookies [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies]
12/11/2009 04:53 PM    <JUNCTION>     Local Settings [C:\Users\Guest\AppData\Local]
12/11/2009 04:53 PM    <JUNCTION>     My Documents [C:\Users\Guest\Documents]
12/11/2009 04:53 PM    <JUNCTION>     NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/11/2009 04:53 PM    <JUNCTION>     PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/11/2009 04:53 PM    <JUNCTION>     Recent [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Recent]
12/11/2009 04:53 PM    <JUNCTION>     SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
12/11/2009 04:53 PM    <JUNCTION>     Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
12/11/2009 04:53 PM    <JUNCTION>     Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Guest\AppData\Local
12/11/2009 04:53 PM    <JUNCTION>     Application Data [C:\Users\Guest\AppData\Local]
12/11/2009 04:53 PM    <JUNCTION>     History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
12/11/2009 04:53 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Guest\Documents
12/11/2009 04:53 PM    <JUNCTION>     My Music [C:\Users\Guest\Music]
12/11/2009 04:53 PM    <JUNCTION>     My Pictures [C:\Users\Guest\Pictures]
12/11/2009 04:53 PM    <JUNCTION>     My Videos [C:\Users\Guest\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Karri
29/03/2009 07:28 PM    <JUNCTION>     Application Data [C:\Users\Karri\AppData\Roaming]
29/03/2009 07:28 PM    <JUNCTION>     Cookies [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Cookies]
29/03/2009 07:28 PM    <JUNCTION>     Local Settings [C:\Users\Karri\AppData\Local]
29/03/2009 07:28 PM    <JUNCTION>     My Documents [C:\Users\Karri\Documents]
29/03/2009 07:28 PM    <JUNCTION>     NetHood [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
29/03/2009 07:28 PM    <JUNCTION>     PrintHood [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
29/03/2009 07:28 PM    <JUNCTION>     Recent [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Recent]
29/03/2009 07:28 PM    <JUNCTION>     SendTo [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\SendTo]
29/03/2009 07:28 PM    <JUNCTION>     Start Menu [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Start Menu]
29/03/2009 07:28 PM    <JUNCTION>     Templates [C:\Users\Karri\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Karri\AppData\Local
29/03/2009 07:28 PM    <JUNCTION>     Application Data [C:\Users\Karri\AppData\Local]
29/03/2009 07:28 PM    <JUNCTION>     History [C:\Users\Karri\AppData\Local\Microsoft\Windows\History]
29/03/2009 07:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Karri\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Karri\Documents
29/03/2009 07:28 PM    <JUNCTION>     My Music [C:\Users\Karri\Music]
29/03/2009 07:28 PM    <JUNCTION>     My Pictures [C:\Users\Karri\Pictures]
29/03/2009 07:28 PM    <JUNCTION>     My Videos [C:\Users\Karri\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Pat
09/04/2011 01:34 PM    <JUNCTION>     Application Data [C:\Users\Pat\AppData\Roaming]
09/04/2011 01:34 PM    <JUNCTION>     Cookies [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Cookies]
09/04/2011 01:34 PM    <JUNCTION>     Local Settings [C:\Users\Pat\AppData\Local]
09/04/2011 01:34 PM    <JUNCTION>     My Documents [C:\Users\Pat\Documents]
09/04/2011 01:34 PM    <JUNCTION>     NetHood [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/04/2011 01:34 PM    <JUNCTION>     PrintHood [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/04/2011 01:34 PM    <JUNCTION>     Recent [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Recent]
09/04/2011 01:34 PM    <JUNCTION>     SendTo [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\SendTo]
09/04/2011 01:34 PM    <JUNCTION>     Start Menu [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Start Menu]
09/04/2011 01:34 PM    <JUNCTION>     Templates [C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Pat\AppData\Local
09/04/2011 01:34 PM    <JUNCTION>     Application Data [C:\Users\Pat\AppData\Local]
09/04/2011 01:34 PM    <JUNCTION>     History [C:\Users\Pat\AppData\Local\Microsoft\Windows\History]
09/04/2011 01:34 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Pat\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Pat\Documents
09/04/2011 01:34 PM    <JUNCTION>     My Music [C:\Users\Pat\Music]
09/04/2011 01:34 PM    <JUNCTION>     My Pictures [C:\Users\Pat\Pictures]
09/04/2011 01:34 PM    <JUNCTION>     My Videos [C:\Users\Pat\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Public\Documents
02/11/2006 10:42 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
02/11/2006 10:42 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
02/11/2006 10:42 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\UpdatusUser
18/11/2012 10:58 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
18/11/2012 10:58 PM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
18/11/2012 10:58 PM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
18/11/2012 10:58 PM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
18/11/2012 10:58 PM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
18/11/2012 10:58 PM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
18/11/2012 10:58 PM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
18/11/2012 10:58 PM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
18/11/2012 10:58 PM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
18/11/2012 10:58 PM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
18/11/2012 10:58 PM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
18/11/2012 10:58 PM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
18/11/2012 10:58 PM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\UpdatusUser\Documents
18/11/2012 10:58 PM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
18/11/2012 10:58 PM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
18/11/2012 10:58 PM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              98 Dir(s) 44,425,347,072 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/05/31 20:14:29 | 000,000,286 | -HS- | M] () -- C:\Users\Karri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2013/11/27 18:36:35 | 000,347,304 | ---- | M] (Microsoft Corporation) -- C:\Users\Karri\Desktop\MicrosoftFixit.Printing.Run.exe
[2013/11/27 16:03:29 | 403,965,704 | ---- | M] () -- C:\Users\Karri\Desktop\OJProL7X00_Full_14.exe
[2013/11/27 18:59:15 | 003,045,848 | ---- | M] () -- C:\Users\Karri\Desktop\OJProL7X00_Scrubber_14.exe
[2013/12/03 09:42:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karri\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2013/11/17 17:10:51 | 104,760,117 | ---- | M] ()(C:\Windows\SysWow64\???Ë) -- C:\Windows\SysWow64\嚴亞Ë
[2013/11/17 17:10:51 | 104,760,117 | ---- | C] ()(C:\Windows\SysWow64\???Ë) -- C:\Windows\SysWow64\嚴亞Ë
[2013/11/12 18:03:44 | 103,974,937 | ---- | M] ()(C:\Windows\SysWow64\???Â) -- C:\Windows\SysWow64\듺໲Â
[2013/11/12 18:03:44 | 103,974,937 | ---- | C] ()(C:\Windows\SysWow64\???Â) -- C:\Windows\SysWow64\듺໲Â
[2013/11/04 08:06:02 | 104,867,914 | ---- | M] ()(C:\Windows\SysWow64\???8) -- C:\Windows\SysWow64\릧㖷8
[2013/11/04 08:06:02 | 104,867,914 | ---- | C] ()(C:\Windows\SysWow64\???8) -- C:\Windows\SysWow64\릧㖷8
[2013/11/01 12:44:06 | 104,569,497 | ---- | M] ()(C:\Windows\SysWow64\???Í) -- C:\Windows\SysWow64\퍎梑Í
[2013/11/01 12:44:06 | 104,569,497 | ---- | C] ()(C:\Windows\SysWow64\???Í) -- C:\Windows\SysWow64\퍎梑Í
[2013/11/01 06:44:53 | 104,500,486 | ---- | M] ()(C:\Windows\SysWow64\???±) -- C:\Windows\SysWow64\兯换±
[2013/11/01 06:44:53 | 104,500,486 | ---- | C] ()(C:\Windows\SysWow64\???±) -- C:\Windows\SysWow64\兯换±
[2013/10/06 12:32:59 | 099,477,982 | ---- | M] ()(C:\Windows\SysWow64\???¹) -- C:\Windows\SysWow64\钳崩¹
[2013/10/06 06:33:02 | 099,477,982 | ---- | C] ()(C:\Windows\SysWow64\???¹) -- C:\Windows\SysWow64\钳崩¹
[2013/09/29 12:33:39 | 098,466,785 | ---- | M] ()(C:\Windows\SysWow64\???ã) -- C:\Windows\SysWow64\菶䭛ã
[2013/09/29 06:33:51 | 098,466,785 | ---- | C] ()(C:\Windows\SysWow64\???ã) -- C:\Windows\SysWow64\菶䭛ã
[2013/09/15 13:57:16 | 097,671,483 | ---- | M] ()(C:\Windows\SysWow64\???Ó) -- C:\Windows\SysWow64\肢Ó
[2013/09/15 13:57:16 | 097,671,483 | ---- | C] ()(C:\Windows\SysWow64\???Ó) -- C:\Windows\SysWow64\肢Ó
[2013/09/09 07:24:11 | 096,665,497 | ---- | M] ()(C:\Windows\SysWow64\???¿) -- C:\Windows\SysWow64\噮ᆎ¿
[2013/09/09 07:24:11 | 096,665,497 | ---- | C] ()(C:\Windows\SysWow64\???¿) -- C:\Windows\SysWow64\噮ᆎ¿
[2013/09/08 12:33:36 | 096,566,691 | ---- | M] ()(C:\Windows\SysWow64\???¥) -- C:\Windows\SysWow64\䇢¥
[2013/09/08 12:33:36 | 096,566,691 | ---- | C] ()(C:\Windows\SysWow64\???¥) -- C:\Windows\SysWow64\䇢¥
[2013/09/02 15:07:34 | 095,286,781 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᷟ舶
[2013/09/02 15:07:34 | 095,286,781 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ᷟ舶
[2013/09/01 13:25:15 | 095,199,041 | ---- | M] ()(C:\Windows\SysWow64\???L) -- C:\Windows\SysWow64\득왲L
[2013/09/01 07:25:29 | 095,199,041 | ---- | C] ()(C:\Windows\SysWow64\???L) -- C:\Windows\SysWow64\득왲L

< End of report >

OTL Extras logfile created on: 03/12/2013 9:43:56 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karri\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.93 Gb Total Physical Memory | 5.42 Gb Available Physical Memory | 68.30% Memory free
15.92 Gb Paging File | 12.69 Gb Available in Paging File | 79.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.59 Gb Total Space | 41.75 Gb Free Space | 17.95% Space Free | Partition Type: NTFS
Drive D: | 348.93 Gb Total Space | 88.23 Gb Free Space | 25.29% Space Free | Partition Type: NTFS
Drive H: | 3.80 Gb Total Space | 3.37 Gb Free Space | 88.72% Space Free | Partition Type: FAT32
Drive J: | 295.02 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive N: | 3.79 Gb Total Space | 3.79 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive O: | 930.95 Gb Total Space | 813.57 Gb Free Space | 87.39% Space Free | Partition Type: FAT32

Computer Name: KARRI-PC | User Name: Karri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = C9 C1 E4 2F 8B 3A CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008D5B72-A952-465E-8838-C7DC5D9D13F1}" = rport=139 | protocol=6 | dir=out | app=system |
"{026AB896-28F7-41E7-8CE8-0207B50166A8}" = rport=137 | protocol=17 | dir=out | app=system |
"{3BD3A34A-C7C2-4A05-B30E-CBFB2471A879}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41D76308-6B38-422F-A513-2F9FD08E1739}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{44D3C1BE-545F-4373-81B3-8C26264DDA1B}" = lport=137 | protocol=17 | dir=in | app=system |
"{5173CC4B-8A76-4797-9B11-5163D3395C5C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6702444F-8179-48CF-8054-DE90E85A2F6B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6F8A1EA1-22ED-48BD-B6DF-901BFAA1F39A}" = lport=445 | protocol=6 | dir=in | app=system |
"{7DED9F1C-0BD2-4F30-86D7-569911F0AB96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87D0F8BD-655F-431C-A947-9779438674C4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8808C898-E233-4D83-8C17-BA6D352B39F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{91C83236-BCC1-4757-BFA2-2783795917A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{975CB201-4807-4E41-B571-C227DFB9269F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0448048-4A13-497F-8DCC-A379B8B77581}" = lport=138 | protocol=17 | dir=in | app=system |
"{BCE67832-6161-49F5-A8F5-5971228A2CF5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3506EFC-3897-476E-B683-268C7E3B459F}" = rport=138 | protocol=17 | dir=out | app=system |
"{E06ECC98-06C4-44B6-B5F7-8E6DDB931007}" = lport=139 | protocol=6 | dir=in | app=system |
"{E70DBE98-9F9D-4E6D-8D02-54CE8EFA97F2}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CEB5538-B74A-4B7A-8CB4-3BB6D48B1FA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{0D72D252-8391-4AD6-B142-161582AAF129}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{1B1366C0-0D61-46C6-8741-DAB31DB31169}" = protocol=6 | dir=in | app=c:\users\karri\appdata\local\temp\7zs7a40\hpdiagnosticcoreui.exe |
"{21E123D1-F008-4B50-9F47-A0EDD7EEEE5E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{27CF736C-BB63-4353-95AF-AD83EC37521B}" = protocol=17 | dir=in | app=c:\users\karri\appdata\local\temp\7zs7a40\hpdiagnosticcoreui.exe |
"{2EAEBF3B-8E71-467F-BE17-2B2034D57241}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{339195DE-D168-4FCF-9242-7387FC17B63D}" = protocol=6 | dir=in | app=c:\users\karri\appdata\local\temp\7zs391c\hpdiagnosticcoreui.exe |
"{3DECB632-0176-4BDB-9ABE-42161FFE450A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{4C13F3D5-74CA-4ADD-95AC-4BFA8E2E3BF6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{4CE20AE9-60DC-40E6-9643-747D1D90BE1D}" = protocol=6 | dir=in | app=c:\users\karri\appdata\local\temp\7zs79c1\hpdiagnosticcoreui.exe |
"{4FEDEE8D-136E-49A9-A386-94CDDF429965}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{50BCEAEF-AC29-4769-80EF-7FBA7A6BA41A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{54BF3D75-7D28-4129-AA49-63AD679DF02C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{560A4D48-1054-4CAC-83C8-05C782D7EC17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{574C8AAB-D314-47AB-A200-6C9066BE2224}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{58B3DA59-8E85-4031-8361-B1E14C62EBA0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{620E09C1-F653-424C-BADD-BBF99F105DA9}" = protocol=17 | dir=in | app=c:\users\karri\appdata\roaming\utorrent\utorrent.exe |
"{635929C0-935E-4C57-BCFB-4AB87F0D6D79}" = protocol=17 | dir=in | app=c:\users\karri\appdata\local\temp\7zs391c\hpdiagnosticcoreui.exe |
"{66544811-8137-485E-8710-71CD3BBAB854}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{67735081-46E2-4CC5-9682-BD66027A805C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{6A24308A-0D88-4F66-95E5-A52109DBAB6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{794004E9-89D9-4B2F-9495-1D28E2E59E21}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{8C8761A0-8202-41F3-8B36-47AECB360C3F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{991CC472-8ED6-4098-A1A7-F5AD8F0CC463}" = protocol=17 | dir=in | app=c:\users\karri\appdata\local\temp\7zs79c1\hpdiagnosticcoreui.exe |
"{9C732562-EB44-4DD0-AE22-EC0513F72729}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{A0D5465E-64E8-47F6-9517-9DFD706C6065}" = protocol=17 | dir=in | app=c:\users\karri\appdata\local\temp\7zs3aed\hpdiagnosticcoreui.exe |
"{AD261F54-8816-4439-A14F-E15917E30170}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{C0762E53-EA9A-43D5-BD5E-267573E9FDED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{C0A526EF-3132-4B63-9579-D59AD2EFC3F0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C36B9E1C-8465-404A-B7C9-F9816E1A9579}" = protocol=6 | dir=in | app=c:\users\karri\appdata\roaming\utorrent\utorrent.exe |
"{C3A7FB71-17F6-486E-8C9E-2ED0A160116A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{C586170A-E894-4C5D-8AA9-0381504CDAFC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{CC2C39C5-387E-4D47-8931-98C0E04AEB7A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D178068B-CF84-4648-B5A2-73B718FF18D4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D958B27D-4A07-4816-8853-BD7A3C2879D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DAA5149C-9155-4B3D-A238-09A0C720B28B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{E4DFCA05-3DA5-4ED1-96CE-1D60D3CD6402}" = protocol=6 | dir=in | app=c:\users\karri\appdata\local\temp\7zs3aed\hpdiagnosticcoreui.exe |
"{EBE86C2C-EDA7-4868-9D08-7C1C1CB8F815}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{EDE86989-75DB-4F74-ABA0-CBAEE1415074}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{F539B7CF-F9FB-4A66-86BB-0ED4750D6392}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"TCP Query User{40CD47E3-5DE4-4B5E-945D-7A37D02C0FE8}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{86C06429-831C-435F-BB81-8EC014C2D425}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{893C7F09-81B5-4DE2-9692-4ECDC5B58601}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{5BD86A0A-93DD-4B65-9EB7-021ECAE3DCAF}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{7828BEF6-ACAE-4CE3-98FD-658CE6A4A524}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{8DD0F5F5-ADD0-4E5C-B93F-36F676138B2C}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0370E621-61D1-4199-82AF-8F21851FD194}" = i_instrumentation 1.0.38.0
"{072F206C-2F30-48C9-8ED0-3CDF4F612CB1}" = ME_Kit_Files_x64
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D666E21-2924-4B94-9A33-D6136761ACAB}" = Intel® Remote Wake Technology 1.0.296.0
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{273799F6-BC76-46F1-95E1-EF05322C3A5F}" = i_msm 1.0.312.0
"{2BE51F94-8ED9-4B31-898C-01BFA71CC1DC}" = i_swupdate 1.0.40.0
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{46E637E2-AC34-4B45-B5DF-D20903A3DB61}" = Microsoft Online Services Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52A7026F-476C-4E3B-A4C7-8FF7DAD65FEB}" = i_redistributables 1.0.45
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{70E8EBD5-78C9-4258-B20A-5098CCA000F0}" = Dolby Control Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{F39076D7-7168-44CD-A2C6-EBC1CDA7DC1C}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05DC79C6-4213-45D3-BE8A-50B8B7C1F0E1}" = bpd_scan_Carrier
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2F6F25-394B-4ACA-BC9C-1394E963C620}" = Intel® Remote Wake Technology 1.0.45.9
"{12CAA28E-56CA-4C3D-B3F2-7311540DD410}" = TurboTax 2011
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{131B84C2-5435-4993-9888-6C62D9AC755E}" = CyberLink Live
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24AE6B5B-3D5A-488C-9224-1BEE11F75DD9}" = TurboTax 2010
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28DA3304-9EC2-4097-BC64-B59A1958841F}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63e01893-1aef-40c9-b436-5817c1394f52}" = Nero 9 Trial
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ad7d061-da98-4a17-8960-1ba830ff4861}" = Nero 9
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{726DDC29-79B3-41B4-BDBF-97DF25BF1EA8}" = TurboTax 2012
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA0D2D5F-612B-45D3-8759-DA87206E5CC9}" = QuickTax 2008
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}" = Microsoft ReportViewer 2010 Redistributable
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{ECB9C58E-C565-4683-9599-B72290BD3B25}" = QuickTax 2009
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.4
"Avast" = avast! Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BFG-Build-a-lot - Fairy Tales" = Build-a-lot: Fairy Tales
"BFG-Build-a-lot - On Vacation" = Build-a-lot: On Vacation
"BFG-Build-a-Lot 4 - Power Source" = Build-a-Lot 4: Power Source
"BFGC" = Big Fish: Game Manager
"BFG-Campgrounds" = Campgrounds
"BFG-Farm Frenzy 3" = Farm Frenzy 3
"BFG-Hotel Dash 2 - Lost Luxuries" = Hotel Dash 2: Lost Luxuries
"BFG-Northern Tale" = Northern Tale
"BFG-Rush for Gold - Alaska" = Rush for Gold: Alaska
"BFG-Wedding Dash 2 - Rings Around the World" = Wedding Dash 2: Rings Around the World
"BFG-Wedding Dash 4-Ever" = Wedding Dash 4-Ever
"Comical_is1" = Comical 0.8
"Coupon Printer for Windows5.0.0.2" = Coupon Printer for Windows
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{131B84C2-5435-4993-9888-6C62D9AC755E}" = CyberLink Live
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"Kobo" = Kobo
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mouse Setting Software_is1" = Mouse Setting Software 4.0
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"Runic Games Torchlight" = Torchlight
"Steam App 19020" = Puzzle Chronicles
"Steam App 200710" = Torchlight II
"Steam App 207610" = The Walking Dead
"Steam App 23120" = Droplitz
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 3620" = Zuma's Revenge
"Steam App 41210" = Eufloria
"Steam App 47540" = Puzzle Quest 2
"Steam App 49000" = Hotel Dash
"Steam App 60340" = LUXOR: 5th Passage
"VLC media player" = VLC media player 2.1.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect 9 Add-in" = Adobe Connect 9 Add-in
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Oracle Live Help On Demand - Agent Console - NNA CLPOC ORILLIA Karri Tougas (105652707)" = Oracle Live Help On Demand - Agent Console - NNA CLPOC ORILLIA Karri Tougas (105652707)
"Sansa Updater" = Sansa Updater
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/12/2013 10:34:20 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:35:37 AM | Computer Name = Karri-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/12/2013 10:38:41 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:41:23 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:44:23 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:47:23 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:50:23 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:53:23 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:56:24 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

Error - 03/12/2013 10:59:24 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1031
Description =

[ System Events ]
Error - 03/12/2013 10:56:31 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:57:01 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:57:31 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:58:01 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:58:31 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:59:01 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 10:59:24 AM | Computer Name = Karri-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 03/12/2013 10:59:31 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 11:00:01 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

Error - 03/12/2013 11:00:31 AM | Computer Name = Karri-PC | Source = Microsoft-Windows-Bits-Client | ID = 16392
Description =

< End of report >

Advertisements

Register to Remove

#2 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 03 December 2013 - 12:30 PM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
Double click dds to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

#3 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 01:37 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.45.2
Run by Karri at 14:33:45 on 2013-12-03
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.2.1033.18.8125.4369 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe
C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe
C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaService.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\intel\inteldh\common\IntelDHSvcMgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Capture.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\intel\inteldh\msm\MSM.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\inteldh\common\SWUpdateClient.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Users\Karri\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdate.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Karri\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [SansaDispatch] C:\Users\Karri\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Google Update] "C:\Users\Karri\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [CLPushUpdate] "C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdate.exe"
mRun: [PCMMediaSharing] "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe"
mRun: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
mRun: [Acer Product Registration] "C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] "C:\Program Files (x86)\Acer\Acer Assist\launcher.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [ACQTMOUSE] "C:\Program Files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Karri\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files (x86)\WinZip\WZQKPICK.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://www.shockwave.com/content/trijinx/sis/TriJinx.1.0.0.86.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3DF7249C-DC40-4434-8123-8375B94A51F0} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
x64-mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IntelSWUpdateClient] C:\Program Files\intel\inteldh\common\SWUpdateClient.exe
x64-Run: [RtHDVCpl] RAVCpl64.exe
x64-Run: [Skytel] Skytel.exe
x64-Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
x64-Run: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
x64-Run: [eDataSecurity Loader] "C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [MSCRM] "C:\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe" /uninstallpst
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theweathernetwork.com/weather/caon0532
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Karri\AppData\Local\Citrix\Plugins\79\npappdetector.dll
FF - plugin: C:\Users\Karri\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Karri\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-27 15:12; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2009-07-11 00:01; {20a82645-c095-46ed-80e3-08825760534b}; C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-11-27 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-11-27 205320]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-11-27 1032416]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-11-27 409832]
R1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2012-11-21 352008]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-10-28 269448]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-11-27 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-11-27 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-27 50344]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-3-3 16384]
R2 CyberLink Live Monitor Service;CyberLink Live Monitor Service;C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe [2008-9-11 179232]
R2 CyberLink Live Push Update Service;CyberLink Live Push Update Service;C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe [2008-9-11 105504]
R2 CyberLink Live Service;CyberLink Live Service;C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaService.exe [2008-9-11 322592]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-10-28 24576]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 M4-Service;M4-Service;C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe [2013-1-11 1008032]
R2 ME Services Manager;ME Services Manager;C:\Program Files\Intel\inteldh\msm\MSM.exe [2008-7-16 2476432]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-4-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-4-25 131072]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 Software Services Manager;Software Services Manager;C:\Program Files\Intel\inteldh\common\IntelDHSvcMgr.exe [2008-7-16 68496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2008-10-28 315008]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2008-3-28 56344]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 LVUVC64;Logitech Webcam C260(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2012-11-23 15768]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-10-28 126464]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-7-20 1022632]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-11 89920]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\notepad.exe=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-11-27 20:12:48   65776   ----a-w-   C:\Windows\System32\drivers\aswRvrt.sys
2013-11-27 20:12:48   65264   ----a-w-   C:\Windows\System32\drivers\aswTdi.sys
2013-11-27 20:12:48   205320   ----a-w-   C:\Windows\System32\drivers\aswVmm.sys
2013-11-27 20:12:47   84328   ----a-w-   C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-27 20:12:47   64752   ----a-w-   C:\Windows\System32\drivers\aswRdr.sys
2013-11-27 20:12:47   43152   ----a-w-   C:\Windows\avastSS.scr
2013-11-27 20:12:47   409832   ----a-w-   C:\Windows\System32\drivers\aswSP.sys
2013-11-27 20:12:47   38984   ----a-w-   C:\Windows\System32\drivers\aswFsBlk.sys
2013-11-27 20:12:47   334648   ----a-w-   C:\Windows\System32\aswBoot.exe
2013-11-27 20:12:47   1032416   ----a-w-   C:\Windows\System32\drivers\aswSnx.sys
2013-11-14 13:17:14   82896128   ----a-w-   C:\Windows\System32\mrt.exe
2013-11-11 10:50:16   267936   ------w-   C:\Windows\System32\MpSigStub.exe
2013-11-01 13:28:39   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-01 13:28:39   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-01 12:09:21   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-01 12:09:21   264616   ----a-w-   C:\Windows\SysWow64\javaws.exe
2013-11-01 12:09:21   175016   ----a-w-   C:\Windows\SysWow64\javaw.exe
2013-11-01 12:09:21   174504   ----a-w-   C:\Windows\SysWow64\java.exe
2013-10-13 15:58:41   17847296   ----a-w-   C:\Windows\System32\mshtml.dll
2013-10-13 15:09:57   10926080   ----a-w-   C:\Windows\System32\ieframe.dll
2013-10-13 14:55:42   2334720   ----a-w-   C:\Windows\System32\jscript9.dll
2013-10-13 14:48:43   1346560   ----a-w-   C:\Windows\System32\urlmon.dll
2013-10-13 14:47:43   1392128   ----a-w-   C:\Windows\System32\wininet.dll
2013-10-13 14:46:53   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-10-13 14:46:27   237056   ----a-w-   C:\Windows\System32\url.dll
2013-10-13 14:44:28   85504   ----a-w-   C:\Windows\System32\jsproxy.dll
2013-10-13 14:42:38   816640   ----a-w-   C:\Windows\System32\jscript.dll
2013-10-13 14:42:36   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-10-13 14:42:11   599040   ----a-w-   C:\Windows\System32\vbscript.dll
2013-10-13 14:39:50   2147840   ----a-w-   C:\Windows\System32\iertutil.dll
2013-10-13 14:38:57   729088   ----a-w-   C:\Windows\System32\msfeeds.dll
2013-10-13 14:36:11   96768   ----a-w-   C:\Windows\System32\mshtmled.dll
2013-10-13 14:35:12   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-10-13 14:29:31   248320   ----a-w-   C:\Windows\System32\ieui.dll
2013-10-13 10:42:12   12344832   ----a-w-   C:\Windows\SysWow64\mshtml.dll
2013-10-13 10:08:04   9739264   ----a-w-   C:\Windows\SysWow64\ieframe.dll
2013-10-13 09:48:06   1806848   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-10-13 09:37:03   1104896   ----a-w-   C:\Windows\SysWow64\urlmon.dll
2013-10-13 09:35:52   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-10-13 09:35:38   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-10-13 09:33:57   231936   ----a-w-   C:\Windows\SysWow64\url.dll
2013-10-13 09:32:00   65024   ----a-w-   C:\Windows\SysWow64\jsproxy.dll
2013-10-13 09:30:20   717824   ----a-w-   C:\Windows\SysWow64\jscript.dll
2013-10-13 09:30:14   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2013-10-13 09:29:02   420864   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2013-10-13 09:27:43   607744   ----a-w-   C:\Windows\SysWow64\msfeeds.dll
2013-10-13 09:27:40   1796096   ----a-w-   C:\Windows\SysWow64\iertutil.dll
2013-10-13 09:26:08   73216   ----a-w-   C:\Windows\SysWow64\mshtmled.dll
2013-10-13 09:25:39   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-10-13 09:20:51   176640   ----a-w-   C:\Windows\SysWow64\ieui.dll
2013-10-11 04:23:42   462848   ----a-w-   C:\Windows\System32\IKEEXT.DLL
2013-10-11 04:23:21   781824   ----a-w-   C:\Windows\System32\FWPUCLNT.DLL
2013-10-11 02:07:57   596480   ----a-w-   C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-03 15:03:41   389632   ----a-w-   C:\Windows\System32\gdi32.dll
2013-10-03 15:02:58   1278976   ----a-w-   C:\Windows\System32\crypt32.dll
2013-10-03 12:46:36   304128   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2013-10-03 12:45:45   993792   ----a-w-   C:\Windows\SysWow64\crypt32.dll
.
============= FINISH: 14:34:08.15 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 29/03/2009 8:18:17 PM
System Uptime: 03/12/2013 9:33:36 AM (5 hours ago)
.
Motherboard: Acer | | EG45M
Processor: Intel® Core™2 Quad CPU Q8200 @ 2.33GHz | CPU 1 | 2336/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 41.806 GiB free.
D: is FIXED (NTFS) - 349 GiB total, 88.233 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM (UDF)
L: is CDROM ()
N: is Removable
O: is FIXED (FAT32) - 931 GiB total, 813.57 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&1F1DFD46&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&1F1DFD46&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1457: 27/11/2013 5:30:22 PM - HP Installation Restore Point
RP1458: 27/11/2013 6:24:52 PM - Device Driver Package Install: Hewlett-Packard Imaging devices
RP1460: 27/11/2013 6:25:14 PM - Sample Restore Point
RP1461: 27/11/2013 7:20:18 PM - Device Driver Package Install: Hewlett-Packard Imaging devices
RP1462: 27/11/2013 7:20:44 PM - Device Driver Package Install: HP Printers
RP1464: 27/11/2013 7:54:26 PM - HP Installation Restore Point
RP1466: 27/11/2013 8:00:46 PM - Sample Restore Point
RP1468: 27/11/2013 8:01:19 PM - Sample Restore Point
RP1469: 28/11/2013 1:55:50 PM - Scheduled Checkpoint
RP1470: 29/11/2013 12:42:13 PM - Scheduled Checkpoint
RP1471: 01/12/2013 1:17:25 PM - Scheduled Checkpoint
RP1472: 01/12/2013 7:02:31 PM - Windows Backup
RP1473: 02/12/2013 9:38:22 AM - Scheduled Checkpoint
RP1474: 02/12/2013 9:27:08 PM - Configured CyberLink Live
RP1475: 02/12/2013 9:46:58 PM - Configured CyberLink Live
RP1476: 03/12/2013 8:59:51 AM - Configured CyberLink Live
RP1477: 03/12/2013 9:46:14 AM - OTL Restore Point - 03/12/2013 9:46:14 AM
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
Acer Arcade Live Main Page
Acer Assist
Acer DV Magician
Acer DVDivine
Acer eDataSecurity Management
Acer Empowering Technology
Acer eSettings Management
Acer GameZone Console DTV 2.0.1.1
Acer HomeMedia
Acer HomeMedia Connect
Acer HomeMedia Trial Creator
Acer Registration
Acer ScreenSaver
Acer SlideShow DVD
Acer VideoMagician
Adobe AIR
Adobe Connect 9 Add-in
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8)
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
µTorrent
Audacity 2.0.4
avast! Free Antivirus
Big Fish: Game Manager
Bonjour
bpd_scan_Carrier
Build-a-Lot 4: Power Source
Build-a-lot: Fairy Tales
Build-a-lot: On Vacation
CameraHelperMsi
Campgrounds
Comical 0.8
Coupon Printer for Windows
CyberLink Live
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Version Checker
Dolby Control Center
DolbyFiles
Dropbox
Droplitz
erLT
eSobi v2
Eufloria
Farm Frenzy 3
FreeMind
Google Chrome
Google Talk Plugin
Hotel Dash
Hotel Dash 2: Lost Luxuries
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Update
HPDiagnosticAlert
i_instrumentation 1.0.38.0
i_msm 1.0.312.0
i_redistributables 1.0.45
i_swupdate 1.0.40.0
ImagXpress
Intel® Graphics Media Accelerator Driver
Intel® Remote Wake Technology 1.0.296.0
Intel® Remote Wake Technology 1.0.45.9
Intel® Matrix Storage Manager
iTunes
Java 7 Update 17 (64-bit)
Java 7 Update 45
Java Auto Updater
Kobo
LightScribe 1.4.142.1
Logitech Vid HD
Logitech Webcam Software
LUXOR: 5th Passage
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
ME_Kit_Files_x64
Menu Templates - Starter Kit
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Online Services Sign-in Assistant
Microsoft ReportViewer 2010 Redistributable
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Mouse Setting Software 4.0
Movie Templates - Starter Kit
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9
Nero 9 Trial
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero Disc Copy Gadget
Nero DiscSpeed
Nero DriveSpeed
Nero InfoTool
Nero Installer
Nero Live
Nero PhotoSnap
Nero Recode
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero Vision
Nero WaveEditor
NeroBurningROM
NeroExpress
NeroLiveGadget
neroxml
Northern Tale
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA 3D Vision Driver 311.06
NVIDIA Control Panel 311.06
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.11.3
NVIDIA Update Components
OpenAL
Oracle Live Help On Demand - Agent Console - NNA CLPOC ORILLIA Karri Tougas (105652707)
Origin
Picasa 3
Puzzle Chronicles
Puzzle Quest 2
QuickTax 2008
QuickTax 2009
QuickTime
Realtek High Definition Audio Driver
Rush for Gold: Alaska
Sansa Updater
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 64-Bit Edition
Segoe UI
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
SimCity 4 Deluxe
Skype Click to Call
Skype™ 6.10
SoundTrax
Steam
The Sims Medieval
The Sims™ 3
The Sims™ 3 Ambitions
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 World Adventures
The Walking Dead
Torchlight
Torchlight II
TurboTax 2010
TurboTax 2011
TurboTax 2012
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
Update Rollup 11 for Microsoft Dynamics CRM for Outlook (KB2739504-v2)
Update Rollup 12 for Microsoft Dynamics CRM for Outlook (KB2795627-v2)
Update Rollup 13 for Microsoft Dynamics CRM for Outlook (KB2791312)
VC80CRTRedist - 8.0.50727.6195
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.1
Wedding Dash 2: Rings Around the World
Wedding Dash 4-Ever
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.01 (64-bit)
WinRAR archiver
WinZip 15.0
Yahoo! Detect
Zuma's Revenge
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
27/11/2013 8:31:40 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
27/11/2013 8:21:35 PM, Error: Service Control Manager [7024] - The Bonjour Service service terminated with service-specific error 4294967295 (0xFFFFFFFF).
27/11/2013 7:56:01 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 12 time(s).
27/11/2013 7:53:45 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 11 time(s).
27/11/2013 7:53:43 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 10 time(s).
27/11/2013 7:53:41 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 9 time(s).
27/11/2013 7:53:38 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 8 time(s).
27/11/2013 7:46:26 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 7 time(s).
27/11/2013 7:41:43 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 6 time(s).
27/11/2013 7:39:34 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 5 time(s).
27/11/2013 7:24:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Avira Web Protection service to connect.
27/11/2013 7:24:44 AM, Error: Service Control Manager [7000] - The Avira Web Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
27/11/2013 7:21:40 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s).
27/11/2013 6:49:35 PM, Error: EventLog [6008] - The previous system shutdown at 6:47:56 PM on 27/11/2013 was unexpected.
27/11/2013 5:14:41 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 24 time(s).
27/11/2013 5:14:38 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 23 time(s).
27/11/2013 5:14:36 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 22 time(s).
27/11/2013 5:14:33 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 21 time(s).
27/11/2013 5:13:49 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 20 time(s).
27/11/2013 5:13:47 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 19 time(s).
27/11/2013 5:13:44 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 18 time(s).
27/11/2013 5:11:51 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 17 time(s).
27/11/2013 4:56:45 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 16 time(s).
27/11/2013 4:55:13 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 15 time(s).
27/11/2013 4:54:41 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 14 time(s).
27/11/2013 4:17:54 PM, Error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 13 time(s).
27/11/2013 3:20:56 PM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
27/11/2013 3:12:52 PM, Error: Service Control Manager [7030] - The avast! Antivirus service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
27/11/2013 3:09:19 PM, Error: Service Control Manager [7000] - The amsezjqv service failed to start due to the following error: The system cannot find the file specified.
03/12/2013 9:59:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 9 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:56:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 8 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:53:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 7 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:50:23 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:47:23 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:44:23 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:41:29 AM, Error: Service Control Manager [7023] -
03/12/2013 9:41:23 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:38:41 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:37:57 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
03/12/2013 9:37:57 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
03/12/2013 9:35:56 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 9:35:56 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
03/12/2013 9:35:56 AM, Error: Service Control Manager [7022] - The ME Services Manager service hung on starting.
03/12/2013 9:35:37 AM, Error: Service Control Manager [7023] - The IPsec Policy Agent service terminated with the following error: The requested service provider could not be loaded or initialized.
03/12/2013 9:08:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Print Spooler service, but this action failed with the following error: An instance of the service is already running.
03/12/2013 2:34:08 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 2147952506.
03/12/2013 2:33:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 102 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:30:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 101 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:27:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 100 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:24:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 99 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:21:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 98 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:18:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 97 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:15:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 96 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:12:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 95 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:09:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 94 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:06:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 93 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:03:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 92 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 2:00:17 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 91 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:57:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 70 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:54:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 69 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:51:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 68 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:48:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 67 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:45:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 66 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:42:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 65 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:39:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 64 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:36:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 63 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:33:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 62 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:30:13 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 61 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:27:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 60 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:24:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 59 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:21:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 58 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:18:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 57 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:15:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 56 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:12:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 55 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:09:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 54 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:06:12 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 53 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:03:11 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 52 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 12:00:11 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 51 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:57:11 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 50 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:54:11 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 49 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:51:11 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 48 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:48:11 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 47 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:45:11 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 46 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:42:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 45 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:39:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 44 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:36:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 43 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:33:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 42 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:30:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 41 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:27:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 40 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:24:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 39 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:21:10 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 38 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:18:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 37 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:15:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 36 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:12:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 35 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:09:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 34 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:06:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 33 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:03:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 32 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 11:00:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 31 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:57:09 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 30 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:54:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 29 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:51:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 28 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:48:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 27 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:45:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 26 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:42:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 25 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:39:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 24 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:36:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 23 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:33:08 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 22 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:32:01 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 21 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:30:53 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 20 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:27:53 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 19 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:24:53 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 18 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:21:53 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 17 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:20:25 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 16 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:17:25 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 15 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:14:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 14 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:11:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 13 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:08:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 12 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:05:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 11 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 10:02:24 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:57:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 90 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:54:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 89 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:51:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 88 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:48:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 87 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:45:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 86 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:42:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 85 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:39:16 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 84 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:36:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 83 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:33:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 82 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:30:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 81 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:27:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 80 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:24:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 79 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:21:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 78 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:18:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 77 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:15:15 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 76 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:12:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 75 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:09:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 74 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:06:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 73 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:03:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 72 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
03/12/2013 1:00:14 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 71 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 9:14:26 PM, Error: EventLog [6008] - The previous system shutdown at 9:12:27 PM on 02/12/2013 was unexpected.
02/12/2013 9:09:39 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 248 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 9:06:39 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 247 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 9:03:39 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 246 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 9:00:39 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 245 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:58:18 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 244 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:56:38 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 243 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:55:07 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 242 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:52:07 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 241 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:49:07 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 240 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:46:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 239 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:43:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 238 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:40:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 237 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:37:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 236 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:34:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 235 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:31:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 234 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:28:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 233 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:25:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 232 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:22:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 231 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:19:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 230 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:16:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 229 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:13:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 228 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:10:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 227 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:07:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 226 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:04:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 225 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 8:01:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 224 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:58:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 223 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:55:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 222 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:52:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 221 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:49:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 220 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:46:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 219 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:44:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 218 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:41:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 217 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:38:06 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 216 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:35:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 215 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:32:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 214 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:29:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 213 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:26:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 212 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:23:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 211 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:20:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 210 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:17:05 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 209 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:14:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 208 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:11:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 207 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:08:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 206 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:05:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 205 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 7:02:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 204 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:59:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 203 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:56:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 202 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:53:04 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 201 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:50:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 200 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:47:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 199 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:44:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 198 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:41:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 197 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:38:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 196 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:35:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 195 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:32:03 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 194 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:29:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 193 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:26:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 192 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:23:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 191 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:20:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 190 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:17:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 189 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:14:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 188 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:11:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 187 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:08:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 186 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:05:02 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 185 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 6:02:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 184 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:59:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 183 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:56:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 182 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:53:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 181 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:50:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 180 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:47:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 179 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:44:01 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 178 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:41:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 177 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:38:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 176 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:35:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 175 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:32:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 174 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:29:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 173 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:26:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 172 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:23:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 171 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:20:00 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 170 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:16:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 169 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:13:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 168 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:10:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 167 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:07:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 166 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:04:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 165 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 5:01:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 164 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:58:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 163 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:55:59 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 162 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:52:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 161 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:49:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 160 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:46:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 159 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:43:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 158 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:40:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 157 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:37:58 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 156 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:34:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 155 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:31:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 154 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:28:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 153 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:25:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 152 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:22:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 151 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:19:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 150 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:18:24 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer KARRITOSHIBALAP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3DF7249C-DC40-4434-8123-8375B94A51F0}. The master browser is stopping or an election is being forced.
02/12/2013 4:16:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 149 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:13:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 148 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:10:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 147 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:07:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 146 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:04:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 145 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 4:01:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 144 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:58:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 143 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:55:56 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 142 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:52:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 141 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:49:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 140 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:46:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 139 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:43:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 138 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:40:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 137 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:37:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 136 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:34:55 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 135 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:31:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 134 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:28:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 133 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:25:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 132 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:22:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 131 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:19:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 130 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:16:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 129 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:13:54 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 128 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:10:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 127 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:07:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 126 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:04:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 125 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 3:01:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 124 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:58:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 123 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:55:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 122 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:52:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 121 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:49:53 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 120 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:46:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 119 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:43:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 118 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:40:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 117 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:37:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 116 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:34:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 115 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:31:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 114 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:28:52 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 113 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:25:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 112 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:22:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 111 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:19:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 110 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:16:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 109 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:13:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 108 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:10:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 107 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:07:51 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 106 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:05:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 105 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 2:02:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 104 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
02/12/2013 1:59:57 PM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 103 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
01/12/2013 7:14:32 PM, Error: EventLog [6008] - The previous system shutdown at 7:08:01 PM on 01/12/2013 was unexpected.
.
==== End Of File ===========================

#4 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 01:40 PM

14:38:24.0497 0x1634 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
14:38:29.0454 0x1634 ============================================================
14:38:29.0454 0x1634 Current date / time: 2013/12/03 14:38:29.0454
14:38:29.0454 0x1634 SystemInfo:
14:38:29.0454 0x1634
14:38:29.0454 0x1634 OS Version: 6.0.6002 ServicePack: 2.0
14:38:29.0454 0x1634 Product type: Workstation
14:38:29.0454 0x1634 ComputerName: KARRI-PC
14:38:29.0455 0x1634 UserName: Karri
14:38:29.0455 0x1634 Windows directory: C:\Windows
14:38:29.0455 0x1634 System windows directory: C:\Windows
14:38:29.0455 0x1634 Running under WOW64
14:38:29.0455 0x1634 Processor architecture: Intel x64
14:38:29.0455 0x1634 Number of processors: 4
14:38:29.0455 0x1634 Page size: 0x1000
14:38:29.0455 0x1634 Boot type: Normal boot
14:38:29.0455 0x1634 ============================================================
14:38:29.0650 0x1634 KLMD registered as C:\Windows\system32\drivers\83314021.sys
14:38:29.0728 0x1634 System UUID: {932045EE-E50F-C234-4A8B-181444D5638E}
14:38:30.0181 0x1634 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:30.0195 0x1634 Drive \Device\Harddisk3\DR3 - Size: 0xF4200000 (3.81 Gb), SectorSize: 0x200, Cylinders: 0x1F1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:30.0201 0x1634 Drive \Device\Harddisk5\DR5 - Size: 0xE8C4BA0000 (931.07 Gb), SectorSize: 0x200, Cylinders: 0x1DAC7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:37.0084 0x1634 Drive \Device\Harddisk6\DR6 - Size: 0xF2C00000 (3.79 Gb), SectorSize: 0x200, Cylinders: 0x1EF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:37.0086 0x1634 ============================================================
14:38:37.0086 0x1634 \Device\Harddisk0\DR0:
14:38:37.0086 0x1634 MBR partitions:
14:38:37.0086 0x1634 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4F800, BlocksNum 0x1D12D000
14:38:37.0086 0x1634 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1EE7C800, BlocksNum 0x2B9DB000
14:38:37.0086 0x1634 \Device\Harddisk3\DR3:
14:38:37.0087 0x1634 MBR partitions:
14:38:37.0087 0x1634 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x79F000
14:38:37.0087 0x1634 \Device\Harddisk5\DR5:
14:38:37.0088 0x1634 MBR partitions:
14:38:37.0088 0x1634 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x746221C8
14:38:37.0088 0x1634 \Device\Harddisk6\DR6:
14:38:37.0088 0x1634 MBR partitions:
14:38:37.0088 0x1634 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x794000
14:38:37.0088 0x1634 ============================================================
14:38:37.0113 0x1634 C: <-> \Device\Harddisk0\DR0\Partition1
14:38:37.0150 0x1634 D: <-> \Device\Harddisk0\DR0\Partition2
14:38:37.0151 0x1634 O: <-> \Device\Harddisk5\DR5\Partition1
14:38:37.0151 0x1634 ============================================================
14:38:37.0151 0x1634 Initialize success
14:38:37.0151 0x1634 ============================================================
14:38:42.0687 0x0f80 ============================================================
14:38:42.0687 0x0f80 Scan started
14:38:42.0687 0x0f80 Mode: Manual;
14:38:42.0687 0x0f80 ============================================================
14:38:42.0687 0x0f80 KSN ping started
14:38:46.0928 0x0f80 KSN ping finished: true
14:38:47.0636 0x0f80 ================ Scan system memory ========================
14:38:47.0636 0x0f80 System memory - ok
14:38:47.0636 0x0f80 ================ Scan services =============================
14:38:47.0736 0x0f80 [ 517D30057C726C797764BFD70A55D82A, F1F48EF16DB9F7B5C6F8D0C595DE2E4ABD26FAF19372C1AA598F6988709D2170 ] Acer HomeMedia Connect Service C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
14:38:47.0752 0x0f80 Acer HomeMedia Connect Service - ok
14:38:47.0868 0x0f80 [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:38:47.0885 0x0f80 ACPI - ok
14:38:47.0966 0x0f80 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:47.0968 0x0f80 AdobeARMservice - ok
14:38:48.0083 0x0f80 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:48.0089 0x0f80 AdobeFlashPlayerUpdateSvc - ok
14:38:48.0148 0x0f80 [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:38:48.0165 0x0f80 adp94xx - ok
14:38:48.0205 0x0f80 [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:38:48.0222 0x0f80 adpahci - ok
14:38:48.0243 0x0f80 [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:38:48.0247 0x0f80 adpu160m - ok
14:38:48.0278 0x0f80 [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:38:48.0284 0x0f80 adpu320 - ok
14:38:48.0316 0x0f80 [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:38:48.0317 0x0f80 AeLookupSvc - ok
14:38:48.0354 0x0f80 [ 2BA159E1F9FD75F6A496742B20F1D9CF, 50094F6E8415ACDBC0DA9C24EDAB3F9B192D2F0D6A820C18E8DBC6D72849D612 ] AFD             C:\Windows\system32\drivers\afd.sys
14:38:48.0371 0x0f80 AFD - ok
14:38:48.0401 0x0f80 [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:38:48.0403 0x0f80 agp440 - ok
14:38:48.0416 0x0f80 [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:38:48.0419 0x0f80 aic78xx - ok
14:38:48.0433 0x0f80 [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
14:38:48.0436 0x0f80 ALG - ok
14:38:48.0448 0x0f80 [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:38:48.0449 0x0f80 aliide - ok
14:38:48.0464 0x0f80 [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:38:48.0465 0x0f80 amdide - ok
14:38:48.0476 0x0f80 [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:38:48.0478 0x0f80 AmdK8 - ok
14:38:48.0496 0x0f80 [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo         C:\Windows\System32\appinfo.dll
14:38:48.0498 0x0f80 Appinfo - ok
14:38:48.0579 0x0f80 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:38:48.0581 0x0f80 Apple Mobile Device - ok
14:38:48.0622 0x0f80 [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
14:38:48.0626 0x0f80 arc - ok
14:38:48.0649 0x0f80 [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:38:48.0653 0x0f80 arcsas - ok
14:38:48.0750 0x0f80 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:48.0752 0x0f80 aspnet_state - ok
14:38:48.0798 0x0f80 [ 9F34AA1124EEA112E49E48258B1D6394, F8648E5EDD7DDFE8D0F5F410E90D0713381A5DB0980D4F0D13D6A5B1F9F4E9A6 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
14:38:48.0799 0x0f80 aswFsBlk - ok
14:38:48.0815 0x0f80 [ 5C49AB607897C94E123EC8364FF4BF61, 77F69B00DDE1433C115AA617E0063CB93EE29B3E8D168EF2497E31DD573D5A13 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:38:48.0818 0x0f80 aswMonFlt - ok
14:38:48.0845 0x0f80 [ D040EBC230A79AC32EE1D0A1603C8854, 6051F84C7555693FBA3988F920680AB193AC677533FF15B2ECA79B3D985FF64B ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
14:38:48.0847 0x0f80 aswRdr - ok
14:38:48.0872 0x0f80 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
14:38:48.0874 0x0f80 aswRvrt - ok
14:38:48.0930 0x0f80 [ 1BA60C77EB3CDB6129DAD25BAF675F43, 1D5BB6B427E065494C8A363996974048C890F9DBBEEF305B7034873696DFD969 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:38:48.0980 0x0f80 aswSnx - ok
14:38:49.0019 0x0f80 [ 79ADA401A6E2054F110E7FBDFAC71942, 0E551FB9E5FE598900036E872E16EB407F7F63FD7A8A0AFAB5094D9DFA75CFCF ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:38:49.0037 0x0f80 aswSP - ok
14:38:49.0074 0x0f80 [ 6FFECAE6A7BF190D4A3D7AFA6D7B5478, 9BFBF0CEB0B947EED45675F4A321777E78405A07FFAA91BE3404BE03947EF033 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
14:38:49.0077 0x0f80 aswTdi - ok
14:38:49.0109 0x0f80 [ 59787B95DD9CA44CB139D96863438587, C36E1A812931BBEACE38BF1E621C950439144979E31961C016AD1AE323579058 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
14:38:49.0115 0x0f80 aswVmm - ok
14:38:49.0143 0x0f80 [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:49.0144 0x0f80 AsyncMac - ok
14:38:49.0156 0x0f80 [ 1898FAE8E07D97F2F6C2D5326C633FAC, 62142E7B720C0A7FAD36577EE985B5793CB395574A3ECA9F2AF613C0F889D39C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:38:49.0157 0x0f80 atapi - ok
14:38:49.0203 0x0f80 [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:49.0220 0x0f80 AudioEndpointBuilder - ok
14:38:49.0235 0x0f80 [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:38:49.0245 0x0f80 AudioSrv - ok
14:38:49.0382 0x0f80 [ 4D41D30E2FAB3307967C7A0B045DC874, 620482D08544478862C78285E17DEE9BC3466DF8B62BD502B0C17AE6501D2B5E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:38:49.0383 0x0f80 avast! Antivirus - ok
14:38:49.0402 0x0f80 Beep - ok
14:38:49.0450 0x0f80 [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
14:38:49.0467 0x0f80 BFE - ok
14:38:49.0542 0x0f80 [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\system32\qmgr.dll
14:38:49.0584 0x0f80 BITS - ok
14:38:49.0602 0x0f80 [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:38:49.0604 0x0f80 blbdrive - ok
14:38:49.0674 0x0f80 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:38:49.0692 0x0f80 Bonjour Service - ok
14:38:49.0739 0x0f80 [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:38:49.0742 0x0f80 bowser - ok
14:38:49.0767 0x0f80 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:38:49.0769 0x0f80 BrFiltLo - ok
14:38:49.0783 0x0f80 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:38:49.0784 0x0f80 BrFiltUp - ok
14:38:49.0806 0x0f80 [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
14:38:49.0810 0x0f80 Browser - ok
14:38:49.0831 0x0f80 [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:38:49.0834 0x0f80 Brserid - ok
14:38:49.0860 0x0f80 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:38:49.0862 0x0f80 BrSerWdm - ok
14:38:49.0871 0x0f80 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:38:49.0872 0x0f80 BrUsbMdm - ok
14:38:49.0887 0x0f80 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:38:49.0888 0x0f80 BrUsbSer - ok
14:38:49.0904 0x0f80 [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:38:49.0906 0x0f80 BTHMODEM - ok
14:38:49.0938 0x0f80 [ 09E6AFFAE6C0E9158BF05C7D08D0107A, 05524526EBD5F42F58404A698F397CD7CBC2CBB5F7211AB6B5C2691A87983A24 ] BUNAgentSvc     C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
14:38:49.0940 0x0f80 BUNAgentSvc - ok
14:38:49.0968 0x0f80 c2wts - ok
14:38:50.0015 0x0f80 [ 3D50891CAA71E3479A8A10F25CA9207F, AEF11602299188DC07F758D13ACC5F91BCD8BE94E87D050C01B1CD155CE10791 ] cbfs3           C:\Windows\system32\drivers\cbfs3.sys
14:38:50.0032 0x0f80 cbfs3 - ok
14:38:50.0047 0x0f80 [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:38:50.0050 0x0f80 cdfs - ok
14:38:50.0083 0x0f80 [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:38:50.0086 0x0f80 cdrom - ok
14:38:50.0122 0x0f80 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:38:50.0124 0x0f80 CertPropSvc - ok
14:38:50.0135 0x0f80 [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:38:50.0137 0x0f80 circlass - ok
14:38:50.0178 0x0f80 [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS            C:\Windows\system32\CLFS.sys
14:38:50.0195 0x0f80 CLFS - ok
14:38:50.0257 0x0f80 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:50.0260 0x0f80 clr_optimization_v2.0.50727_32 - ok
14:38:50.0306 0x0f80 [ CE07A466201096F021CD09D631B21540, 1A11DDAB7000569A89F3FA26BDEE4D527FA6D57D3F91CDABAA9C02CACDDE5F6D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:50.0309 0x0f80 clr_optimization_v2.0.50727_64 - ok
14:38:50.0369 0x0f80 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:50.0373 0x0f80 clr_optimization_v4.0.30319_32 - ok
14:38:50.0391 0x0f80 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:50.0396 0x0f80 clr_optimization_v4.0.30319_64 - ok
14:38:50.0409 0x0f80 [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:38:50.0411 0x0f80 cmdide - ok
14:38:50.0426 0x0f80 [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:38:50.0427 0x0f80 Compbatt - ok
14:38:50.0432 0x0f80 COMSysApp - ok
14:38:50.0439 0x0f80 [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:38:50.0440 0x0f80 crcdisk - ok
14:38:50.0500 0x0f80 [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:38:50.0506 0x0f80 CryptSvc - ok
14:38:50.0544 0x0f80 [ 6CB6E82300947870A873A7288B96E9BF, 73A663813D7032EB17277985D0BE95B042F7F342CC4BF2544682AD9BE436A450 ] CyberLink Live Monitor Service C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe
14:38:50.0549 0x0f80 CyberLink Live Monitor Service - ok
14:38:50.0559 0x0f80 [ 0FDAAE1EA129D0F3948564F96C010BA3, 02E84E8E84441FC56C22B8A96594640DA6EBAC2CD14DEF604043FD94FA789037 ] CyberLink Live Push Update Service C:\Program Files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe
14:38:50.0562 0x0f80 CyberLink Live Push Update Service - ok
14:38:50.0590 0x0f80 [ 24F71344D945C85B15C0717196238BD2, 40F08EA66B4F66A0EDC8E020CCD94C707D2B2E6BA0DA14B51B3A1F84E9A7F6BA ] CyberLink Live Service C:\Program Files (x86)\CyberLink\CyberLink Live\CLSomaService.exe
14:38:50.0605 0x0f80 CyberLink Live Service - ok
14:38:50.0665 0x0f80 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:38:50.0707 0x0f80 DcomLaunch - ok
14:38:50.0744 0x0f80 [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:38:50.0747 0x0f80 DfsC - ok
14:38:50.0888 0x0f80 [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
14:38:50.0996 0x0f80 DFSR - ok
14:38:51.0052 0x0f80 [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:38:51.0069 0x0f80 Dhcp - ok
14:38:51.0106 0x0f80 [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
14:38:51.0108 0x0f80 disk - ok
14:38:51.0150 0x0f80 [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:38:51.0155 0x0f80 Dnscache - ok
14:38:51.0176 0x0f80 [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
14:38:51.0183 0x0f80 dot3svc - ok
14:38:51.0213 0x0f80 [ 74C02B1717740C3B8039539E23E4B53F, FF17BC1DAAE92C99D17EAE5C43FCFCC4B76E390D05EE2C603E5579C78A5536F0 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:38:51.0217 0x0f80 Dot4 - ok
14:38:51.0228 0x0f80 [ 08321D1860235BF42CF2854234337AEA, 39BD593B373A43C34FDDE283BA17F8127558036E8B5604D7C7091BC99CA9D739 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:38:51.0229 0x0f80 Dot4Print - ok
14:38:51.0241 0x0f80 [ 4ADCCF0124F2B6911D3786A5D0E779E5, 950B6FA2B9ABF353036A64133ED441EF58EEE36DC4BF5D5C4FFB71796438B5AA ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
14:38:51.0243 0x0f80 dot4usb - ok
14:38:51.0277 0x0f80 [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
14:38:51.0282 0x0f80 DPS - ok
14:38:51.0309 0x0f80 [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:38:51.0310 0x0f80 drmkaud - ok
14:38:51.0363 0x0f80 [ 0A3C78677FF62E9E0AE7CC25C790A968, 6A2D81BC3715FD4960D2C853870C056C5BFE581B25C4592CBF65EAC044DFEAB3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:38:51.0396 0x0f80 DXGKrnl - ok
14:38:51.0436 0x0f80 [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
14:38:51.0440 0x0f80 E1G60 - ok
14:38:51.0464 0x0f80 [ B64CFEB83AB75AA74D0E193C423A991D, FA27CFF7593877F553388AF7385D915C4377EAEA208D88429D70C65B64CF9089 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
14:38:51.0481 0x0f80 e1yexpress - ok
14:38:51.0515 0x0f80 [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
14:38:51.0518 0x0f80 EapHost - ok
14:38:51.0548 0x0f80 [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:38:51.0553 0x0f80 Ecache - ok
14:38:51.0618 0x0f80 [ B1F2503E23425B386DF0F3413B2596F3, 02FB1FA57679DBFF2E13641AB7C24CC28D5A4CFB0C51B7A617D3A3A406B8DF0C ] eDataSecurity Service C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
14:38:51.0631 0x0f80 eDataSecurity Service - ok
14:38:51.0690 0x0f80 [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:38:51.0707 0x0f80 ehRecvr - ok
14:38:51.0726 0x0f80 [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
14:38:51.0731 0x0f80 ehSched - ok
14:38:51.0758 0x0f80 [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
14:38:51.0759 0x0f80 ehstart - ok
14:38:51.0786 0x0f80 [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:38:51.0803 0x0f80 elxstor - ok
14:38:51.0846 0x0f80 [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:38:51.0863 0x0f80 EMDMgmt - ok
14:38:51.0885 0x0f80 [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:38:51.0886 0x0f80 ErrDev - ok
14:38:51.0927 0x0f80 [ 27D2754314D12EB27D81D462FD0D86C0, 413D403CE09D9E1C9B67E4FF9E258558681119FE74DA1A92CC56B92FCAB842C5 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
14:38:51.0929 0x0f80 ETService - ok
14:38:51.0975 0x0f80 [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
14:38:51.0992 0x0f80 EventSystem - ok
14:38:52.0033 0x0f80 [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
14:38:52.0041 0x0f80 exfat - ok
14:38:52.0089 0x0f80 [ 1A4BEE34277784619DDAF0422C0C6E23, 3223E1B5DD4866D8E09F1B465FF82C911DDEE5B01B084543086E47B11D2AEA77 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:38:52.0098 0x0f80 fastfat - ok
14:38:52.0123 0x0f80 [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:38:52.0125 0x0f80 fdc - ok
14:38:52.0140 0x0f80 [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:38:52.0142 0x0f80 fdPHost - ok
14:38:52.0160 0x0f80 [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:38:52.0162 0x0f80 FDResPub - ok
14:38:52.0178 0x0f80 [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:38:52.0180 0x0f80 FileInfo - ok
14:38:52.0197 0x0f80 [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:38:52.0199 0x0f80 Filetrace - ok
14:38:52.0212 0x0f80 [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:38:52.0214 0x0f80 flpydisk - ok
14:38:52.0253 0x0f80 [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:38:52.0269 0x0f80 FltMgr - ok
14:38:52.0350 0x0f80 [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache       C:\Windows\system32\FntCache.dll
14:38:52.0393 0x0f80 FontCache - ok
14:38:52.0451 0x0f80 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:52.0453 0x0f80 FontCache3.0.0.0 - ok
14:38:52.0489 0x0f80 [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:38:52.0490 0x0f80 Fs_Rec - ok
14:38:52.0508 0x0f80 [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:38:52.0511 0x0f80 gagp30kx - ok
14:38:52.0542 0x0f80 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:38:52.0543 0x0f80 GEARAspiWDM - ok
14:38:52.0590 0x0f80 [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:38:52.0615 0x0f80 gpsvc - ok
14:38:52.0668 0x0f80 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:38:52.0672 0x0f80 gusvc - ok
14:38:52.0693 0x0f80 [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:52.0710 0x0f80 HdAudAddService - ok
14:38:52.0771 0x0f80 [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:38:52.0812 0x0f80 HDAudBus - ok
14:38:52.0843 0x0f80 [ 72D70BCF68C092978BFCD32F88BD6454, 5C189F0CF5615B9D46262B65EAFC3FEC48516E43CC88FBF4A983219327B4FBDE ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:38:52.0845 0x0f80 HECIx64 - ok
14:38:52.0866 0x0f80 [ 68214C82FA6222591873677A72DF2A66, 056B85D19CEEE763D6616898F5F16BFD6F0D626B24DBD24DBC84037F1480D907 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:38:52.0868 0x0f80 HidBatt - ok
14:38:52.0881 0x0f80 [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:38:52.0883 0x0f80 HidBth - ok
14:38:52.0899 0x0f80 [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:38:52.0900 0x0f80 HidIr - ok
14:38:52.0933 0x0f80 [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\System32\hidserv.dll
14:38:52.0936 0x0f80 hidserv - ok
14:38:52.0986 0x0f80 [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:38:52.0987 0x0f80 HidUsb - ok
14:38:53.0005 0x0f80 [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:38:53.0009 0x0f80 hkmsvc - ok
14:38:53.0028 0x0f80 [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:38:53.0030 0x0f80 HpCISSs - ok
14:38:53.0087 0x0f80 [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:38:53.0129 0x0f80 HTTP - ok
14:38:53.0146 0x0f80 [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:38:53.0148 0x0f80 i2omp - ok
14:38:53.0172 0x0f80 [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:38:53.0174 0x0f80 i8042prt - ok
14:38:53.0208 0x0f80 [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:38:53.0233 0x0f80 IAANTMON - ok
14:38:53.0266 0x0f80 [ FC28E90F2204D8FD147FA9BFA8A51C01, 4D63EA5FD72E2F9702703E906252320CA40F04AF5789B056B78D25A2E8B897E0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:38:53.0275 0x0f80 iaStor - ok
14:38:53.0299 0x0f80 [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:38:53.0316 0x0f80 iaStorV - ok
14:38:53.0367 0x0f80 [ 749F5F8CEDCA70F2A512945325FC489D, 443B4F779F27CD69C1F072823FCD9E5BA7590B6F48BE759DC6A1F898C467E58F ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:53.0417 0x0f80 idsvc - ok
14:38:53.0711 0x0f80 [ CF00559906E45ECC6F035913880BE2FC, 729D46E564DB8329F04ACE105FF1AADDEE77179B044777EA4B90C0CE02F0C154 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:38:53.0906 0x0f80 igfx - ok
14:38:53.0932 0x0f80 [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:38:53.0933 0x0f80 iirsp - ok
14:38:53.0971 0x0f80 [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
14:38:53.0989 0x0f80 IKEEXT - ok
14:38:54.0067 0x0f80 [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4, 04243A34AF13B89DABE4C4D24204438094AA36A83591092E1251AD67E623C10F ] int15           C:\Windows\SysWOW64\drivers\int15_64.sys
14:38:54.0068 0x0f80 int15 - ok
14:38:54.0141 0x0f80 [ AECDAA95B5BBFAC856C4A22D06D3D76A, 602709072690FC7F714B5C6D7312477CB915A604E67E0253C741497669D109FC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:38:54.0182 0x0f80 IntcAzAudAddService - ok
14:38:54.0206 0x0f80 [ DEA2AB452B4FA773187369C4B6517320, 5410C1715150AB844D2CB54E522474A113C099CA1BD7E933524D475A73A52F8C ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:38:54.0209 0x0f80 IntcHdmiAddService - ok
14:38:54.0222 0x0f80 [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
14:38:54.0224 0x0f80 intelide - ok
14:38:54.0237 0x0f80 [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:38:54.0238 0x0f80 intelppm - ok
14:38:54.0262 0x0f80 [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:38:54.0266 0x0f80 IPBusEnum - ok
14:38:54.0305 0x0f80 [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:54.0308 0x0f80 IpFilterDriver - ok
14:38:54.0340 0x0f80 [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:38:54.0357 0x0f80 iphlpsvc - ok
14:38:54.0361 0x0f80 IpInIp - ok
14:38:54.0377 0x0f80 [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:38:54.0379 0x0f80 IPMIDRV - ok
14:38:54.0392 0x0f80 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:38:54.0396 0x0f80 IPNAT - ok
14:38:54.0465 0x0f80 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:38:54.0490 0x0f80 iPod Service - ok
14:38:54.0506 0x0f80 [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:38:54.0507 0x0f80 IRENUM - ok
14:38:54.0532 0x0f80 [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:38:54.0534 0x0f80 isapnp - ok
14:38:54.0573 0x0f80 [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:38:54.0579 0x0f80 iScsiPrt - ok
14:38:54.0597 0x0f80 [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:38:54.0599 0x0f80 iteatapi - ok
14:38:54.0624 0x0f80 [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:38:54.0626 0x0f80 iteraid - ok
14:38:54.0632 0x0f80 [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:54.0634 0x0f80 kbdclass - ok
14:38:54.0664 0x0f80 [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:54.0665 0x0f80 kbdhid - ok
14:38:54.0692 0x0f80 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
14:38:54.0695 0x0f80 KeyIso - ok
14:38:54.0747 0x0f80 [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:38:54.0765 0x0f80 KSecDD - ok
14:38:54.0804 0x0f80 [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:38:54.0806 0x0f80 ksthunk - ok
14:38:54.0839 0x0f80 [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:38:54.0856 0x0f80 KtmRm - ok
14:38:54.0885 0x0f80 [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\System32\srvsvc.dll
14:38:54.0902 0x0f80 LanmanServer - ok
14:38:54.0938 0x0f80 [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:54.0955 0x0f80 LanmanWorkstation - ok
14:38:54.0993 0x0f80 [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:38:54.0995 0x0f80 LightScribeService - ok
14:38:55.0003 0x0f80 [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:38:55.0005 0x0f80 lltdio - ok
14:38:55.0036 0x0f80 [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:38:55.0053 0x0f80 lltdsvc - ok
14:38:55.0067 0x0f80 [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:38:55.0070 0x0f80 lmhosts - ok
14:38:55.0101 0x0f80 [ 650B3BE84ECA8BE345F9C423EF02605D, 8173AB0B97EEA9DB193C51CDA33CDB75BB1AB770A1181B4098354F2E26B82E7B ] LMS             C:\Program Files\Intel\AMT\LMS.exe
14:38:55.0106 0x0f80 LMS - ok
14:38:55.0132 0x0f80 [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:38:55.0135 0x0f80 LSI_FC - ok
14:38:55.0156 0x0f80 [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:38:55.0159 0x0f80 LSI_SAS - ok
14:38:55.0175 0x0f80 [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:38:55.0179 0x0f80 LSI_SCSI - ok
14:38:55.0197 0x0f80 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:38:55.0201 0x0f80 luafv - ok
14:38:55.0212 0x0f80 lvpepf64 - ok
14:38:55.0216 0x0f80 LVPr2M64 - ok
14:38:55.0250 0x0f80 [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
14:38:55.0267 0x0f80 LVRS64 - ok
14:38:55.0299 0x0f80 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
14:38:55.0301 0x0f80 LVUSBS64 - ok
14:38:55.0487 0x0f80 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:38:55.0636 0x0f80 LVUVC64 - ok
14:38:55.0901 0x0f80 [ 5CA51F47554C0F01C5EEDC6B9A385082, AFE10CCBC71557B9037B992A626C752D2635733EDFF0C79E4AF4DA917146945C ] M4-Service      C:\Users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe
14:38:55.0952 0x0f80 M4-Service - ok
14:38:56.0002 0x0f80 [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:38:56.0006 0x0f80 Mcx2Svc - ok
14:38:56.0113 0x0f80 [ 7C08B11778AE7FF97E4601D6111F104A, D5F046EFC8E6EE755AF97A46A73CC5AB356B6E0E76A7E5A9804A9B95F4D1CFA0 ] ME Services Manager C:\Program Files\intel\inteldh\msm\MSM.exe
14:38:56.0206 0x0f80 ME Services Manager - ok
14:38:56.0259 0x0f80 [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:38:56.0260 0x0f80 megasas - ok
14:38:56.0295 0x0f80 [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:38:56.0313 0x0f80 MegaSR - ok
14:38:56.0354 0x0f80 Microsoft SharePoint Workspace Audit Service - ok
14:38:56.0382 0x0f80 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
14:38:56.0385 0x0f80 MMCSS - ok
14:38:56.0401 0x0f80 [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
14:38:56.0403 0x0f80 Modem - ok
14:38:56.0440 0x0f80 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:38:56.0441 0x0f80 monitor - ok
14:38:56.0456 0x0f80 [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:38:56.0458 0x0f80 mouclass - ok
14:38:56.0471 0x0f80 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:38:56.0472 0x0f80 mouhid - ok
14:38:56.0479 0x0f80 [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:38:56.0482 0x0f80 MountMgr - ok
14:38:56.0533 0x0f80 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:56.0537 0x0f80 MozillaMaintenance - ok
14:38:56.0563 0x0f80 [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
14:38:56.0567 0x0f80 mpio - ok
14:38:56.0596 0x0f80 [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:38:56.0600 0x0f80 mpsdrv - ok
14:38:56.0645 0x0f80 [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:38:56.0678 0x0f80 MpsSvc - ok
14:38:56.0694 0x0f80 [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:38:56.0696 0x0f80 Mraid35x - ok
14:38:56.0731 0x0f80 [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:38:56.0736 0x0f80 MRxDAV - ok
14:38:56.0771 0x0f80 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:56.0775 0x0f80 mrxsmb - ok
14:38:56.0805 0x0f80 [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:56.0822 0x0f80 mrxsmb10 - ok
14:38:56.0830 0x0f80 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:56.0833 0x0f80 mrxsmb20 - ok
14:38:56.0848 0x0f80 [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
14:38:56.0850 0x0f80 msahci - ok
14:38:56.0867 0x0f80 [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:38:56.0871 0x0f80 msdsm - ok
14:38:56.0908 0x0f80 [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
14:38:56.0913 0x0f80 MSDTC - ok
14:38:56.0933 0x0f80 [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:38:56.0935 0x0f80 Msfs - ok
14:38:56.0948 0x0f80 [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:38:56.0949 0x0f80 msisadrv - ok
14:38:56.0969 0x0f80 [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:38:56.0975 0x0f80 MSiSCSI - ok
14:38:56.0980 0x0f80 msiserver - ok
14:38:57.0002 0x0f80 [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:38:57.0003 0x0f80 MSKSSRV - ok
14:38:57.0142 0x0f80 [ 47A616802531735DF88CD331739D6E97, 28A28794186CC0B5EC5A3838C7CAE16B9DCE2C0BD5873F59CE59F8F4EDA4268B ] msoidsvc        C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
14:38:57.0225 0x0f80 msoidsvc - ok
14:38:57.0248 0x0f80 [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:57.0249 0x0f80 MSPCLOCK - ok
14:38:57.0255 0x0f80 [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:38:57.0256 0x0f80 MSPQM - ok
14:38:57.0297 0x0f80 [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:38:57.0313 0x0f80 MsRPC - ok
14:38:57.0325 0x0f80 [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:38:57.0327 0x0f80 mssmbios - ok
14:38:57.0337 0x0f80 [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:38:57.0339 0x0f80 MSTEE - ok
14:38:57.0345 0x0f80 [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:38:57.0348 0x0f80 Mup - ok
14:38:57.0392 0x0f80 [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
14:38:57.0418 0x0f80 napagent - ok
14:38:57.0454 0x0f80 [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:38:57.0460 0x0f80 NativeWifiP - ok
14:38:57.0512 0x0f80 [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:38:57.0537 0x0f80 NDIS - ok
14:38:57.0550 0x0f80 [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:57.0552 0x0f80 NdisTapi - ok
14:38:57.0564 0x0f80 [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:57.0565 0x0f80 Ndisuio - ok
14:38:57.0600 0x0f80 [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:57.0605 0x0f80 NdisWan - ok
14:38:57.0631 0x0f80 [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:38:57.0634 0x0f80 NDProxy - ok
14:38:57.0718 0x0f80 [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:38:57.0746 0x0f80 Nero BackItUp Scheduler 4.0 - ok
14:38:57.0794 0x0f80 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:38:57.0798 0x0f80 Net Driver HPZ12 - ok
14:38:57.0807 0x0f80 [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:38:57.0809 0x0f80 NetBIOS - ok
14:38:57.0840 0x0f80 [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:38:57.0857 0x0f80 netbt - ok
14:38:57.0862 0x0f80 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
14:38:57.0864 0x0f80 Netlogon - ok
14:38:57.0890 0x0f80 [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
14:38:57.0907 0x0f80 Netman - ok
14:38:57.0989 0x0f80 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:57.0994 0x0f80 NetMsmqActivator - ok
14:38:58.0001 0x0f80 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:58.0004 0x0f80 NetPipeActivator - ok
14:38:58.0030 0x0f80 [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
14:38:58.0047 0x0f80 netprofm - ok
14:38:58.0065 0x0f80 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:58.0068 0x0f80 NetTcpActivator - ok
14:38:58.0075 0x0f80 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:58.0079 0x0f80 NetTcpPortSharing - ok
14:38:58.0107 0x0f80 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:38:58.0109 0x0f80 nfrd960 - ok
14:38:58.0129 0x0f80 [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:38:58.0146 0x0f80 NlaSvc - ok
14:38:58.0177 0x0f80 [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:38:58.0179 0x0f80 Npfs - ok
14:38:58.0193 0x0f80 [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
14:38:58.0197 0x0f80 nsi - ok
14:38:58.0206 0x0f80 [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:38:58.0207 0x0f80 nsiproxy - ok
14:38:58.0287 0x0f80 [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:38:58.0362 0x0f80 Ntfs - ok
14:38:58.0397 0x0f80 [ A2B6583A5652A385DFF5E4F49AD48761, 7214F722DE8EAEE9F33FF3AAE32AF14BEA8D1CE71680B813130D4AA41E8D32C8 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:38:58.0398 0x0f80 NTIBackupSvc - ok
14:38:58.0407 0x0f80 [ 7D397449AAF52B0E7C79B64F6AD4473E, 05FB804B6A71C48BA734CC55146B20068911AB6F7D98C0AA073505EC5CEB15CE ] NTIDrvr         C:\Windows\system32\Drivers\NTIDrvr.sys
14:38:58.0408 0x0f80 NTIDrvr - ok
14:38:58.0419 0x0f80 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD, 0C0BE4EF2999613B1559F9A709B31DB1E5EBB3336732A24D5C3E705461549E24 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:38:58.0423 0x0f80 NTISchedulerSvc - ok
14:38:58.0466 0x0f80 [ D4012918D3A3847B44B888D56BC095D6, BE78F54CA01E8C37FD9129AA2869CCFE84BA8F5ED015486019305C7F40AE3B1B ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
14:38:58.0467 0x0f80 NuidFltr - ok
14:38:58.0475 0x0f80 [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
14:38:58.0476 0x0f80 Null - ok
14:38:58.0836 0x0f80 [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:38:59.0170 0x0f80 nvlddmkm - ok
14:38:59.0209 0x0f80 [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:38:59.0213 0x0f80 nvraid - ok
14:38:59.0227 0x0f80 [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:38:59.0230 0x0f80 nvstor - ok
14:38:59.0276 0x0f80 [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:38:59.0310 0x0f80 nvsvc - ok
14:38:59.0382 0x0f80 [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:38:59.0424 0x0f80 nvUpdatusService - ok
14:38:59.0445 0x0f80 [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:38:59.0449 0x0f80 nv_agp - ok
14:38:59.0454 0x0f80 NwlnkFlt - ok
14:38:59.0460 0x0f80 NwlnkFwd - ok
14:38:59.0506 0x0f80 [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
14:38:59.0509 0x0f80 ohci1394 - ok
14:38:59.0550 0x0f80 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:59.0555 0x0f80 ose64 - ok
14:38:59.0761 0x0f80 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:38:59.0919 0x0f80 osppsvc - ok
14:38:59.0985 0x0f80 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:39:00.0027 0x0f80 p2pimsvc - ok
14:39:00.0063 0x0f80 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:39:00.0083 0x0f80 p2psvc - ok
14:39:00.0109 0x0f80 [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
14:39:00.0112 0x0f80 Parport - ok
14:39:00.0147 0x0f80 [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:39:00.0150 0x0f80 partmgr - ok
14:39:00.0171 0x0f80 [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:39:00.0176 0x0f80 PcaSvc - ok
14:39:00.0193 0x0f80 [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
14:39:00.0199 0x0f80 pci - ok
14:39:00.0213 0x0f80 [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:39:00.0215 0x0f80 pciide - ok
14:39:00.0233 0x0f80 [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:39:00.0240 0x0f80 pcmcia - ok
14:39:00.0279 0x0f80 [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:39:00.0305 0x0f80 PEAUTH - ok
14:39:00.0354 0x0f80 [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:39:00.0358 0x0f80 PerfHost - ok
14:39:00.0483 0x0f80 [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
14:39:00.0559 0x0f80 PID_PEPI - ok
14:39:00.0627 0x0f80 [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
14:39:00.0684 0x0f80 pla - ok
14:39:00.0717 0x0f80 [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:39:00.0734 0x0f80 PlugPlay - ok
14:39:00.0782 0x0f80 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:39:00.0786 0x0f80 Pml Driver HPZ12 - ok
14:39:00.0824 0x0f80 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:39:00.0842 0x0f80 PNRPAutoReg - ok
14:39:00.0876 0x0f80 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:39:00.0897 0x0f80 PNRPsvc - ok
14:39:00.0941 0x0f80 [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:39:00.0989 0x0f80 PolicyAgent - ok
14:39:01.0025 0x0f80 [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:39:01.0029 0x0f80 PptpMiniport - ok
14:39:01.0039 0x0f80 [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
14:39:01.0041 0x0f80 Processor - ok
14:39:01.0074 0x0f80 [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc         C:\Windows\system32\profsvc.dll
14:39:01.0091 0x0f80 ProfSvc - ok
14:39:01.0100 0x0f80 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:39:01.0102 0x0f80 ProtectedStorage - ok
14:39:01.0131 0x0f80 [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:39:01.0133 0x0f80 PSched - ok
14:39:01.0158 0x0f80 [ 2CFD31D41CDE75328ACAEEE2D4F4B836, 3C49F738C9CDD999C8487876C956790E4103EAFDC64E5FD76E62B28C5EC80734 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
14:39:01.0159 0x0f80 PSDFilter - ok
14:39:01.0195 0x0f80 [ 51A585F999672D8BB07F22AE12B40846, FC10C804803EBEACCFD92FED8385C5AF8E00E2F578FA64049D4BD928340C1786 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
14:39:01.0196 0x0f80 PSDNServ - ok
14:39:01.0219 0x0f80 [ DB50D3F5C31B1A848B04F7F2A6FF2709, 97B30A77AAC0A9A091EE138A6C0FF9FBD299E0F35410917006C7FE81A25866DD ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
14:39:01.0221 0x0f80 psdvdisk - ok
14:39:01.0271 0x0f80 [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:39:01.0313 0x0f80 ql2300 - ok
14:39:01.0327 0x0f80 [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:39:01.0331 0x0f80 ql40xx - ok
14:39:01.0369 0x0f80 [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
14:39:01.0386 0x0f80 QWAVE - ok
14:39:01.0395 0x0f80 [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:39:01.0397 0x0f80 QWAVEdrv - ok
14:39:01.0405 0x0f80 [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:39:01.0407 0x0f80 RasAcd - ok
14:39:01.0434 0x0f80 [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
14:39:01.0440 0x0f80 RasAuto - ok
14:39:01.0449 0x0f80 [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:39:01.0453 0x0f80 Rasl2tp - ok
14:39:01.0491 0x0f80 [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
14:39:01.0508 0x0f80 RasMan - ok
14:39:01.0536 0x0f80 [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:39:01.0538 0x0f80 RasPppoe - ok
14:39:01.0568 0x0f80 [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:39:01.0571 0x0f80 RasSstp - ok
14:39:01.0607 0x0f80 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:39:01.0624 0x0f80 rdbss - ok
14:39:01.0666 0x0f80 [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:39:01.0667 0x0f80 RDPCDD - ok
14:39:01.0694 0x0f80 [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
14:39:01.0711 0x0f80 rdpdr - ok
14:39:01.0747 0x0f80 [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:39:01.0748 0x0f80 RDPENCDD - ok
14:39:01.0793 0x0f80 [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:39:01.0810 0x0f80 RDPWD - ok
14:39:01.0839 0x0f80 [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:39:01.0844 0x0f80 RemoteAccess - ok
14:39:01.0883 0x0f80 [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:39:01.0900 0x0f80 RemoteRegistry - ok
14:39:01.0946 0x0f80 [ A035A7BF5132682F53F1E7B955690CE7, 35162F1B139531312655BA9B85C2BA3A97B837ADBA918429344237B9A58E50FE ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
14:39:01.0962 0x0f80 RichVideo - ok
14:39:01.0980 0x0f80 [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
14:39:01.0983 0x0f80 RpcLocator - ok
14:39:02.0039 0x0f80 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\System32\rpcss.dll
14:39:02.0058 0x0f80 RpcSs - ok
14:39:02.0074 0x0f80 [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:39:02.0077 0x0f80 rspndr - ok
14:39:02.0091 0x0f80 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
14:39:02.0094 0x0f80 SamSs - ok
14:39:02.0113 0x0f80 [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:39:02.0116 0x0f80 sbp2port - ok
14:39:02.0145 0x0f80 [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:39:02.0162 0x0f80 SCardSvr - ok
14:39:02.0211 0x0f80 [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule        C:\Windows\system32\schedsvc.dll
14:39:02.0243 0x0f80 Schedule - ok
14:39:02.0272 0x0f80 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:39:02.0273 0x0f80 SCPolicySvc - ok
14:39:02.0294 0x0f80 [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:39:02.0301 0x0f80 SDRSVC - ok
14:39:02.0309 0x0f80 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:39:02.0311 0x0f80 secdrv - ok
14:39:02.0323 0x0f80 [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll
14:39:02.0327 0x0f80 seclogon - ok
14:39:02.0337 0x0f80 [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\system32\sens.dll
14:39:02.0342 0x0f80 SENS - ok
14:39:02.0347 0x0f80 [ 2449316316411D65BD2C761A6FFB2CE2, A428D3B4E113D3CB6DD87CC52CF71E179189A9A9E326B39FB50C7B3155A41A88 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:39:02.0349 0x0f80 Serenum - ok
14:39:02.0373 0x0f80 [ 4B438170BE2FC8E0BD35EE87A960F84F, A585E17607DCB3E79518BC9914C7030C39B30A1B5B5B32137DABA32FF7079858 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:39:02.0376 0x0f80 Serial - ok
14:39:02.0393 0x0f80 [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:39:02.0394 0x0f80 sermouse - ok
14:39:02.0418 0x0f80 [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
14:39:02.0423 0x0f80 SessionEnv - ok
14:39:02.0435 0x0f80 [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:39:02.0437 0x0f80 sffdisk - ok
14:39:02.0448 0x0f80 [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:39:02.0449 0x0f80 sffp_mmc - ok
14:39:02.0456 0x0f80 [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:39:02.0458 0x0f80 sffp_sd - ok
14:39:02.0466 0x0f80 [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:39:02.0468 0x0f80 sfloppy - ok
14:39:02.0502 0x0f80 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:39:02.0520 0x0f80 SharedAccess - ok
14:39:02.0552 0x0f80 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:39:02.0570 0x0f80 ShellHWDetection - ok
14:39:02.0584 0x0f80 [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:39:02.0586 0x0f80 SiSRaid2 - ok
14:39:02.0605 0x0f80 [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:39:02.0608 0x0f80 SiSRaid4 - ok
14:39:02.0804 0x0f80 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:39:02.0905 0x0f80 Skype C2C Service - ok
14:39:02.0977 0x0f80 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:39:02.0981 0x0f80 SkypeUpdate - ok
14:39:03.0087 0x0f80 [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
14:39:03.0170 0x0f80 slsvc - ok
14:39:03.0202 0x0f80 [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:39:03.0207 0x0f80 SLUINotify - ok
14:39:03.0231 0x0f80 [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:39:03.0234 0x0f80 Smb - ok
14:39:03.0262 0x0f80 [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:39:03.0266 0x0f80 SNMPTRAP - ok
14:39:03.0304 0x0f80 [ BDCE0DE74BC57ABD1EF2CE6AEAC37876, C7E56D43FD29D907D2F2A4C900CED9945689B306A6CFB24BD316A6CCE553503B ] Software Services Manager C:\Program Files\intel\inteldh\common\IntelDHSvcMgr.exe
14:39:03.0306 0x0f80 Software Services Manager - ok
14:39:03.0342 0x0f80 [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:39:03.0344 0x0f80 spldr - ok
14:39:03.0384 0x0f80 [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
14:39:03.0401 0x0f80 Spooler - ok
14:39:03.0484 0x0f80 [ 88E5162E58C8919CC873F5D8946197CF, 6AE3A225E23808D297D927AE30E4DAC1238044F36750E31E68D2C07D1CBF165C ] sptd            C:\Windows\system32\Drivers\sptd.sys
14:39:03.0485 0x0f80 Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF, sha256: 6AE3A225E23808D297D927AE30E4DAC1238044F36750E31E68D2C07D1CBF165C
14:39:03.0487 0x0f80 sptd - detected LockedFile.Multi.Generic ( 1 )
14:39:06.0034 0x0f80 Detect skipped due to KSN trusted
14:39:06.0034 0x0f80 sptd - ok
14:39:06.0075 0x0f80 [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:39:06.0092 0x0f80 srv - ok
14:39:06.0132 0x0f80 [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:39:06.0138 0x0f80 srv2 - ok
14:39:06.0159 0x0f80 [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:39:06.0164 0x0f80 srvnet - ok
14:39:06.0197 0x0f80 [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:39:06.0214 0x0f80 SSDPSRV - ok
14:39:06.0236 0x0f80 [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:39:06.0244 0x0f80 SstpSvc - ok
14:39:06.0316 0x0f80 [ DB0768632C680B7C0D3AA92D80416893, BEC3CF4F1CB150AC7C4647DD7C0D5D62B10824308E44467CD77CA3427A46FB20 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:39:06.0329 0x0f80 Steam Client Service - ok
14:39:06.0387 0x0f80 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:39:06.0403 0x0f80 Stereo Service - ok
14:39:06.0448 0x0f80 [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
14:39:06.0473 0x0f80 stisvc - ok
14:39:06.0493 0x0f80 [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:39:06.0494 0x0f80 swenum - ok
14:39:06.0529 0x0f80 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
14:39:06.0554 0x0f80 swprv - ok
14:39:06.0570 0x0f80 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:39:06.0572 0x0f80 Symc8xx - ok
14:39:06.0585 0x0f80 [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:39:06.0587 0x0f80 Sym_hi - ok
14:39:06.0601 0x0f80 [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:39:06.0603 0x0f80 Sym_u3 - ok
14:39:06.0661 0x0f80 [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
14:39:06.0703 0x0f80 SysMain - ok
14:39:06.0735 0x0f80 [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
14:39:06.0741 0x0f80 TabletInputService - ok
14:39:06.0768 0x0f80 [ 595CB8DA5B522AD8CC28193DC21FD496, 8C5EFE7CE8D141529EC89332FEB98670B02CCB7F204D89B0EE3D6DA2DB58D4CB ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:39:06.0769 0x0f80 tap0901 - ok
14:39:06.0805 0x0f80 [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:39:06.0822 0x0f80 TapiSrv - ok
14:39:06.0838 0x0f80 [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
14:39:06.0843 0x0f80 TBS - ok
14:39:06.0918 0x0f80 [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:39:06.0972 0x0f80 Tcpip - ok
14:39:07.0040 0x0f80 [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:39:07.0071 0x0f80 Tcpip6 - ok
14:39:07.0099 0x0f80 [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:39:07.0101 0x0f80 tcpipreg - ok
14:39:07.0111 0x0f80 [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:39:07.0113 0x0f80 TDPIPE - ok
14:39:07.0125 0x0f80 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:39:07.0127 0x0f80 TDTCP - ok
14:39:07.0156 0x0f80 [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:39:07.0160 0x0f80 tdx - ok
14:39:07.0194 0x0f80 [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:39:07.0197 0x0f80 TermDD - ok
14:39:07.0244 0x0f80 [ 5CDD30BC217082DAC71A9878D9BFD566, 260D40973F9EEAE9A1890B813D8DCC01A9434D17DCE5DA1D16B72A57DCF59194 ] TermService     C:\Windows\System32\termsrv.dll
14:39:07.0286 0x0f80 TermService - ok
14:39:07.0302 0x0f80 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
14:39:07.0312 0x0f80 Themes - ok
14:39:07.0331 0x0f80 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:39:07.0334 0x0f80 THREADORDER - ok
14:39:07.0349 0x0f80 [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
14:39:07.0356 0x0f80 TrkWks - ok
14:39:07.0399 0x0f80 [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:39:07.0401 0x0f80 TrustedInstaller - ok
14:39:07.0412 0x0f80 [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:39:07.0414 0x0f80 tssecsrv - ok
14:39:07.0440 0x0f80 [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:39:07.0442 0x0f80 tunmp - ok
14:39:07.0460 0x0f80 [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:39:07.0462 0x0f80 tunnel - ok
14:39:07.0474 0x0f80 [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:39:07.0477 0x0f80 uagp35 - ok
14:39:07.0498 0x0f80 [ 00C8CE31657624A125FDB90EFD554371, 649F809D28EE81F791AFDF2A2BBB58122679D7B66938ECE5FB40EFF705FEBED9 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
14:39:07.0500 0x0f80 UBHelper - ok
14:39:07.0539 0x0f80 [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:39:07.0556 0x0f80 udfs - ok
14:39:07.0583 0x0f80 [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:39:07.0588 0x0f80 UI0Detect - ok
14:39:07.0609 0x0f80 [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:39:07.0612 0x0f80 uliagpkx - ok
14:39:07.0635 0x0f80 [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:39:07.0652 0x0f80 uliahci - ok
14:39:07.0695 0x0f80 [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:39:07.0700 0x0f80 UlSata - ok
14:39:07.0722 0x0f80 [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:39:07.0728 0x0f80 ulsata2 - ok
14:39:07.0745 0x0f80 [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:39:07.0747 0x0f80 umbus - ok
14:39:07.0822 0x0f80 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:39:07.0838 0x0f80 UMVPFSrv - ok
14:39:07.0866 0x0f80 [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
14:39:07.0883 0x0f80 upnphost - ok
14:39:07.0911 0x0f80 [ AF1B9474D67897D0C2CFF58E0ACEACCC, 5ED9836EC7BEEB6706C327EF199E9B674863ED8C83890DDE5E5A6554C2DA5288 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:39:07.0913 0x0f80 USBAAPL64 - ok
14:39:07.0941 0x0f80 [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:39:07.0944 0x0f80 usbaudio - ok
14:39:07.0990 0x0f80 [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:39:07.0992 0x0f80 usbccgp - ok
14:39:08.0009 0x0f80 [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:39:08.0012 0x0f80 usbcir - ok
14:39:08.0033 0x0f80 [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:39:08.0036 0x0f80 usbehci - ok
14:39:08.0057 0x0f80 [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:39:08.0074 0x0f80 usbhub - ok
14:39:08.0089 0x0f80 [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:39:08.0091 0x0f80 usbohci - ok
14:39:08.0106 0x0f80 [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:39:08.0108 0x0f80 usbprint - ok
14:39:08.0129 0x0f80 [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:39:08.0131 0x0f80 usbscan - ok
14:39:08.0154 0x0f80 [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:39:08.0157 0x0f80 USBSTOR - ok
14:39:08.0173 0x0f80 [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:39:08.0174 0x0f80 usbuhci - ok
14:39:08.0196 0x0f80 [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:39:08.0202 0x0f80 usbvideo - ok
14:39:08.0229 0x0f80 [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
14:39:08.0234 0x0f80 UxSms - ok
14:39:08.0279 0x0f80 [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
14:39:08.0322 0x0f80 vds - ok
14:39:08.0337 0x0f80 [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:39:08.0339 0x0f80 vga - ok
14:39:08.0344 0x0f80 [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:39:08.0346 0x0f80 VgaSave - ok
14:39:08.0356 0x0f80 [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
14:39:08.0357 0x0f80 viaide - ok
14:39:08.0369 0x0f80 [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:39:08.0372 0x0f80 volmgr - ok
14:39:08.0418 0x0f80 [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:39:08.0435 0x0f80 volmgrx - ok
14:39:08.0465 0x0f80 [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:39:08.0472 0x0f80 volsnap - ok
14:39:08.0493 0x0f80 [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:39:08.0498 0x0f80 vsmraid - ok
14:39:08.0570 0x0f80 [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
14:39:08.0620 0x0f80 VSS - ok
14:39:08.0665 0x0f80 [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
14:39:08.0682 0x0f80 W32Time - ok
14:39:08.0693 0x0f80 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:39:08.0695 0x0f80 WacomPen - ok
14:39:08.0721 0x0f80 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:39:08.0724 0x0f80 Wanarp - ok
14:39:08.0730 0x0f80 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:39:08.0732 0x0f80 Wanarpv6 - ok
14:39:08.0769 0x0f80 [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:39:08.0811 0x0f80 wcncsvc - ok
14:39:08.0836 0x0f80 [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:39:08.0840 0x0f80 WcsPlugInService - ok
14:39:08.0856 0x0f80 [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
14:39:08.0857 0x0f80 Wd - ok
14:39:08.0901 0x0f80 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:39:08.0926 0x0f80 Wdf01000 - ok
14:39:08.0946 0x0f80 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll
14:39:08.0952 0x0f80 WdiServiceHost - ok
14:39:08.0957 0x0f80 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:39:08.0961 0x0f80 WdiSystemHost - ok
14:39:08.0996 0x0f80 [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient       C:\Windows\System32\webclnt.dll
14:39:09.0012 0x0f80 WebClient - ok
14:39:09.0050 0x0f80 [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:39:09.0067 0x0f80 Wecsvc - ok
14:39:09.0079 0x0f80 [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:39:09.0085 0x0f80 wercplsupport - ok
14:39:09.0100 0x0f80 [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:39:09.0107 0x0f80 WerSvc - ok
14:39:09.0122 0x0f80 WinDefend - ok
14:39:09.0131 0x0f80 WinHttpAutoProxySvc - ok
14:39:09.0188 0x0f80 [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:39:09.0196 0x0f80 Winmgmt - ok
14:39:09.0289 0x0f80 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
14:39:09.0357 0x0f80 WinRM - ok
14:39:09.0425 0x0f80 [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:39:09.0467 0x0f80 Wlansvc - ok
14:39:09.0578 0x0f80 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:39:09.0640 0x0f80 wlidsvc - ok
14:39:09.0658 0x0f80 [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:39:09.0659 0x0f80 WmiAcpi - ok
14:39:09.0688 0x0f80 [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:39:09.0694 0x0f80 wmiApSrv - ok
14:39:09.0724 0x0f80 WMPNetworkSvc - ok
14:39:09.0746 0x0f80 [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:39:09.0763 0x0f80 WPCSvc - ok
14:39:09.0804 0x0f80 [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:39:09.0810 0x0f80 WPDBusEnum - ok
14:39:09.0856 0x0f80 [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:39:09.0858 0x0f80 WpdUsb - ok
14:39:10.0013 0x0f80 [ B42B9D8ABC18DFBCD6044BC10B3A9B99, FD00756DADD3BFC382FC80D7D1D25592385E647C7EAC318C154E949A51D9DC27 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:39:10.0046 0x0f80 WPFFontCache_v0400 - ok
14:39:10.0062 0x0f80 [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:39:10.0064 0x0f80 ws2ifsl - ok
14:39:10.0095 0x0f80 [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\system32\wscsvc.dll
14:39:10.0102 0x0f80 wscsvc - ok
14:39:10.0106 0x0f80 WSearch - ok
14:39:10.0210 0x0f80 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:39:10.0293 0x0f80 wuauserv - ok
14:39:10.0321 0x0f80 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:39:10.0324 0x0f80 WudfPf - ok
14:39:10.0354 0x0f80 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:10.0360 0x0f80 WUDFRd - ok
14:39:10.0381 0x0f80 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:39:10.0388 0x0f80 wudfsvc - ok
14:39:10.0423 0x0f80 ================ Scan global ===============================
14:39:10.0450 0x0f80 [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll
14:39:10.0486 0x0f80 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
14:39:10.0525 0x0f80 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
14:39:10.0574 0x0f80 [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe
14:39:10.0589 0x0f80 [ Global ] - ok
14:39:10.0590 0x0f80 ================ Scan MBR ==================================
14:39:10.0621 0x0f80 [ EF9CDC51B437D322D54016B68F003416 ] \Device\Harddisk0\DR0
14:39:12.0885 0x0f80 \Device\Harddisk0\DR0 - ok
14:39:12.0889 0x0f80 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
14:39:12.0894 0x0f80 \Device\Harddisk3\DR3 - ok
14:39:12.0898 0x0f80 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
14:39:12.0905 0x0f80 \Device\Harddisk5\DR5 - ok
14:39:12.0910 0x0f80 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
14:39:12.0914 0x0f80 \Device\Harddisk6\DR6 - ok
14:39:12.0915 0x0f80 ================ Scan VBR ==================================
14:39:12.0917 0x0f80 [ F37317A04E269FC7D3212197B7B9F501 ] \Device\Harddisk0\DR0\Partition1
14:39:12.0919 0x0f80 \Device\Harddisk0\DR0\Partition1 - ok
14:39:12.0934 0x0f80 [ F9408424C850BD05070FD9BC762A4383 ] \Device\Harddisk0\DR0\Partition2
14:39:12.0936 0x0f80 \Device\Harddisk0\DR0\Partition2 - ok
14:39:12.0941 0x0f80 [ 8A9986B04B3E796A44D0F6C5B3A411DB ] \Device\Harddisk3\DR3\Partition1
14:39:12.0943 0x0f80 \Device\Harddisk3\DR3\Partition1 - ok
14:39:12.0946 0x0f80 [ 0426358305578F2865BC0397C0544EC4 ] \Device\Harddisk5\DR5\Partition1
14:39:12.0948 0x0f80 \Device\Harddisk5\DR5\Partition1 - ok
14:39:12.0952 0x0f80 [ C1B8EEB1DD2BD4F572BD55F2202480C5 ] \Device\Harddisk6\DR6\Partition1
14:39:12.0953 0x0f80 \Device\Harddisk6\DR6\Partition1 - ok
14:39:12.0954 0x0f80 Waiting for KSN requests completion. In queue: 94
14:39:13.0954 0x0f80 Waiting for KSN requests completion. In queue: 94
14:39:14.0954 0x0f80 Waiting for KSN requests completion. In queue: 94
14:39:15.0998 0x0f80 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2008.177 ), 0x42000 ( disabled : updated )
14:39:16.0003 0x0f80 Win FW state via NFP2: enabled
14:39:18.0461 0x0f80 ============================================================
14:39:18.0461 0x0f80 Scan finished
14:39:18.0461 0x0f80 ============================================================
14:39:18.0472 0x0d98 Detected object count: 0
14:39:18.0472 0x0d98 Actual detected object count: 0

#5 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 01:40 PM

Hi Jeff,

Thanks in advance for all of your help!!

#6 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 03 December 2013 - 03:16 PM

Hi,

Good job running those....

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#7 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 03:30 PM

# AdwCleaner v3.014 - Report created 03/12/2013 at 16:26:22
# Updated 01/12/2013 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Karri - KARRI-PC
# Running from : C:\Users\Karri\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Folder Found C:\ProgramData\apn
Folder Found C:\Users\Karri\AppData\Local\Temp\apn

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16520

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\prefs.js ]

[ File : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\2kytloiw.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5704 octets] - [08/09/2013 07:57:05]
AdwCleaner[R1].txt - [1275 octets] - [08/09/2013 08:50:54]
AdwCleaner[R2].txt - [1918 octets] - [03/12/2013 16:26:22]
AdwCleaner[S0].txt - [5680 octets] - [08/09/2013 07:59:37]
AdwCleaner[S1].txt - [1360 octets] - [08/09/2013 08:52:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [2098 octets] ##########

#8 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 03:49 PM

I looked over the log and there doesn't seem to be anything too important. Should I click "CLEAN"?

#9 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 03 December 2013 - 08:41 PM

Hi,

No...don't worry about those right now. We will come back to those.

ComboFix

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#10 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 03 December 2013 - 09:28 PM

ComboFix 13-12-01.01 - Karri 03/12/2013 22:02:53.4.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.2.1033.18.8125.3992 [GMT -5:00]
Running from: c:\users\Karri\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-04 to 2013-12-04 )))))))))))))))))))))))))))))))
.
.
2013-12-04 03:16 . 2013-12-04 03:16   --------   d-----w-   c:\windows\system32\config\systemprofile\{a875e719-3eb8-4c82-b504-4f0ca2f2bb83}
2013-12-04 03:14 . 2013-12-04 03:18   --------   d-----w-   c:\users\Karri\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\Public\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\AppData\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\Administrator\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\Pat\AppData\Local\temp
2013-12-04 03:14 . 2013-12-04 03:14   --------   d-----w-   c:\users\Guest\AppData\Local\temp
2013-11-27 21:23 . 2013-11-29 02:29   --------   d-----w-   c:\program files (x86)\Microsoft
2013-11-27 21:21 . 2013-11-27 21:21   --------   d-----w-   c:\programdata\HP Product Assistant
2013-11-27 20:13 . 2013-11-27 20:13   --------   d-----w-   c:\users\Karri\AppData\Roaming\AVAST Software
2013-11-27 20:12 . 2013-11-27 20:12   65776   ----a-w-   c:\windows\system32\drivers\aswRvrt.sys
2013-11-27 20:12 . 2013-11-27 20:12   65264   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2013-11-27 20:12 . 2013-11-27 20:12   205320   ----a-w-   c:\windows\system32\drivers\aswVmm.sys
2013-11-27 20:12 . 2013-11-27 20:12   1032416   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2013-11-27 20:12 . 2013-11-27 20:12   84328   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2013-11-27 20:12 . 2013-11-27 20:12   64752   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2013-11-27 20:12 . 2013-11-27 20:12   409832   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2013-11-27 20:12 . 2013-11-27 20:12   38984   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2013-11-27 20:12 . 2013-11-27 20:12   334648   ----a-w-   c:\windows\system32\aswBoot.exe
2013-11-27 20:12 . 2013-11-27 20:12   43152   ----a-w-   c:\windows\avastSS.scr
2013-11-27 20:09 . 2013-11-27 20:09   --------   d-----w-   c:\program files\AVAST Software
2013-11-27 20:09 . 2013-11-27 20:09   --------   d-----w-   c:\programdata\AVAST Software
2013-11-27 18:52 . 2013-11-27 18:52   --------   d-----w-   c:\users\Karri\AppData\Roaming\TuneUp Software
2013-11-27 18:48 . 2013-11-27 20:18   --------   d-----w-   c:\programdata\MFAData
2013-11-27 18:48 . 2013-11-27 18:48   --------   d--h--w-   c:\programdata\Common Files
2013-11-27 18:48 . 2013-11-27 18:48   --------   d-----w-   c:\users\Karri\AppData\Local\MFAData
2013-11-26 14:19 . 2013-11-08 03:12   10285968   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00F1985-941F-4BBB-AACD-F6BFF1F1B513}\mpengine.dll
2013-11-12 23:12 . 2013-10-11 04:23   462848   ----a-w-   c:\windows\system32\IKEEXT.DLL
2013-11-12 23:12 . 2013-10-11 04:23   781824   ----a-w-   c:\windows\system32\FWPUCLNT.DLL
2013-11-12 23:12 . 2013-10-11 02:07   596480   ----a-w-   c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-12 23:11 . 2013-10-03 15:02   1278976   ----a-w-   c:\windows\system32\crypt32.dll
2013-11-12 23:11 . 2013-10-03 12:45   993792   ----a-w-   c:\windows\SysWow64\crypt32.dll
2013-11-12 23:11 . 2013-10-03 15:03   389632   ----a-w-   c:\windows\system32\gdi32.dll
2013-11-12 23:11 . 2013-10-03 12:46   304128   ----a-w-   c:\windows\SysWow64\gdi32.dll
2013-11-12 23:11 . 2013-09-04 02:31   404992   ----a-w-   c:\windows\system32\drivers\afd.sys
2013-11-06 20:30 . 2013-11-06 20:30   --------   d-----w-   c:\program files\iPod
2013-11-06 20:30 . 2013-11-06 20:30   --------   d-----w-   c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-06 20:30 . 2013-11-06 20:30   --------   d-----w-   c:\program files\iTunes
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 13:17 . 2006-11-02 12:35   82896128   ----a-w-   c:\windows\system32\mrt.exe
2013-11-11 10:50 . 2009-10-03 14:07   267936   ------w-   c:\windows\system32\MpSigStub.exe
2013-11-01 13:28 . 2012-09-29 19:56   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-01 12:09 . 2013-11-01 12:09   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   130736   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   130736   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   130736   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 21:52   121392   ----a-w-   c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-11-10 15:55   158056   ----a-w-   c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-10-30 1820584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-11-04 3561816]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
"SansaDispatch"="c:\users\Karri\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-06-16 613888]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLPushUpdate"="c:\program files (x86)\CyberLink\CyberLink Live\CLPushUpdate.exe" [2008-09-11 68640]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-20 204908]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-26 28672]
"Acer Product Registration"="c:\program files (x86)\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"Acer Assist Launcher"="c:\program files (x86)\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"ACQTMOUSE"="c:\program files (x86)\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe" [2008-08-01 501760]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-27 3568312]
.
c:\users\Karri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files (x86)\WinZip\WZQKPICK.EXE [2011-2-9 610120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 13:28]
.
2013-11-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-27 20:12]
.
2013-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000Core.job
- c:\users\Karri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-14 19:00]
.
2013-12-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3989614313-289073978-4266361891-1000UA.job
- c:\users\Karri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-14 19:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-27 20:12   326944   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   164016   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   164016   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   164016   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36   164016   ----a-w-   c:\users\Karri\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 21:53   50736   ----a-w-   c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-11-10 15:55   190312   ----a-w-   c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelSWUpdateClient"="c:\program files\intel\inteldh\common\SWUpdateClient.exe" [2008-07-16 179600]
"RtHDVCpl"="RAVCpl64.exe" [2008-08-04 6455840]
"Skytel"="Skytel.exe" [2008-08-04 1833504]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-06-02 319488]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-07-29 561200]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-25 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-25 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-25 199704]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"MSCRM"="c:\program files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe" [2013-06-24 41648]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp64&d=0309&m=aspire_m5700
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://www.shockwave.com/content/trijinx/sis/TriJinx.1.0.0.86.cab
FF - ProfilePath - c:\users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theweathernetwork.com/weather/caon0532
FF - ExtSQL: 2013-11-27 15:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2009-07-11 00:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Coupon Printer for Windows5.0.0.2 - c:\program files (x86)\Coupons\uninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-Adobe Connect 9 Add-in - c:\users\Karri\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\adobeconnectaddin\adobeconnectaddin.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ani"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bwf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.caf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.caf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdda\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cdda"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cel"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cr2"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.crw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cur"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djvu"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.flc"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fli"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fpx"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Gif"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gsm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gsm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icl"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iff"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2k"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jp2"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpc"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.kar"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.kdc"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.lbm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.m15"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.m1a"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.m2a"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4b\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.m4b"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.m75"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mpv"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcd"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pgm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pics"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ppm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.psd"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.psp"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.qcp"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.qtpf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ras"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgb"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sdv"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sfil"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sgi"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.smf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.smi"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.smil"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sml"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.swa"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-3989614313-289073978-4266361891-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ulw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.vfw"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xbm"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_USERS\S-1-5-21-3989614313-289073978-4266361891-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xpm"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files (x86)\CyberLink\CyberLink Live\CLSomaMonitorService.exe
c:\program files (x86)\CyberLink\CyberLink Live\CLPushUpdateService.exe
c:\program files (x86)\CyberLink\CyberLink Live\CLSomaService.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\users\Karri\AppData\Local\Mikogo4\Viewer\Service\M4-Capture.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\users\Karri\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
.
**************************************************************************
.
Completion time: 2013-12-03 22:25:56 - machine was rebooted
ComboFix-quarantined-files.txt 2013-12-04 03:25
.
Pre-Run: 54,124,494,848 bytes free
Post-Run: 60,199,919,616 bytes free
.
- - End Of File - - 0A08B9123A546370A430BDA736A4AB22
EF9CDC51B437D322D54016B68F003416

Advertisements

Register to Remove

#11 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 04 December 2013 - 06:54 AM

How is your system running??

#12 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 04 December 2013 - 06:57 AM

Good morning Jeff!!

My Windows Update started working last night as well as Windows Defender. So that is great!

I did a Level 4 clean when I removed my HP drivers for my printer so I will need to reinstall the drivers tonight when I get home from work to see if I can get my printer going.

Do you know what was wrong?

Also, thank you so much for your quick and consistent responses. You have made this entire process very painless!

-Karri

#13 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 04 December 2013 - 07:06 AM

Hi,

Glad to hear that your system is running better. Be sure to check out the printer problems when you get home so we can be sure that is running as well. As for what was wrong, there was some junk on your system but nothing too bad at all. Let's keep going....

AdwCleaner

Double click on AdwCleaner.exe to run the tool again.

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.

------------

Java

Please go to Start > Control Panel > Programs and Features > uninstall Java 7 Update 17 (64-bit)

----------

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

Under Temporary Internet Files, click the Delete Files button.
There are three options in the window to clear the cache - Leave ALL 3 Checked
- Downloaded Applets
  Downloaded Applications
  Installed Applications and Applets
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
Click OK to leave the Java Control Panel.
----------

Malwarebytes

Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.
----------

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator
- Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
- Turn off the real time scanner of any existing antivirus program while performing the online scan
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the activex control to install
- Click Start
- Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
- Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
- Click Scan
- Wait for the scan to finish
- When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
- Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
- Close the ESET online scan, and let me know how things are now.
----------

#14 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 04 December 2013 - 02:13 PM

Hi Jeff,

The printer received a 'Fatal Error' when I tried to install it. It seemed to be installing perfectly until it got to the final step which is 'Configuring the Printer.' Up to that point, everything had been installing without incident.

I will run the rest of the instructions and post as necessary.

Hope you are having a GREAT day!

#15 FreyjaGoddess

Authentic Member

Authentic Member
107 posts

Posted 04 December 2013 - 02:50 PM

# AdwCleaner v3.014 - Report created 04/12/2013 at 15:16:50
# Updated 01/12/2013 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Karri - KARRI-PC
# Running from : C:\Users\Karri\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\apn
File Deleted : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16520

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Karri\AppData\Roaming\Mozilla\Firefox\Profiles\3rkyge3u.default\prefs.js ]

[ File : C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\2kytloiw.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Karri\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5704 octets] - [08/09/2013 07:57:05]
AdwCleaner[R1].txt - [1275 octets] - [08/09/2013 08:50:54]
AdwCleaner[R2].txt - [2190 octets] - [03/12/2013 16:26:22]
AdwCleaner[R3].txt - [2198 octets] - [04/12/2013 15:14:29]
AdwCleaner[S0].txt - [5680 octets] - [08/09/2013 07:59:37]
AdwCleaner[S1].txt - [1360 octets] - [08/09/2013 08:52:03]
AdwCleaner[S2].txt - [2043 octets] - [04/12/2013 15:16:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2103 octets] ##########

Body Background

skin color theme