Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91698 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

s.m2pub.com pop up ads and redirects [Solved]


  • This topic is locked This topic is locked
31 replies to this topic

#1 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 01 May 2014 - 08:20 AM

I started receiving pop up ads yesterday. When I hover over the ad the web link on most are from s.m2pub.com/... There are also deal ads and several redirects. I have run anti-malware and show that I am clean. I have also run adwcleaner and keep getting the same issue under the firefox tab which appears to be a profile javascript. Below are the results of the OTL scan.

OTL logfile created on: 5/1/2014 9:59:29 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.78 Gb Available Physical Memory | 63.08% Memory free
12.17 Gb Paging File | 9.84 Gb Available in Paging File | 80.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.32 Gb Total Space | 116.08 Gb Free Space | 16.89% Space Free | Partition Type: NTFS
Drive D: | 11.31 Gb Total Space | 1.10 Gb Free Space | 9.77% Space Free | Partition Type: NTFS

Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Gary\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.)
PRC - C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
PRC - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
PRC - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
MOD - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\sqlite3.dll ()
MOD - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (System Update kb70007) -- C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdblockerSrv) -- C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\WINDOWS\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (hitmanpro37) -- C:\Windows\SysNative\drivers\hitmanpro37.sys ()
DRV:64bit: - (asdnet) -- C:\Windows\SysNative\DRIVERS\asdnet.sys ()
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMTDI.SYS (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMFW.SYS (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMNDISV.SYS (Symantec Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\BHDrvx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DP) -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys (Conexant Systems, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (SaiHFF0C) -- C:\Windows\SysNative\DRIVERS\SaiHFF0C.sys (Saitek)
DRV:64bit: - (SaiUFF0C) -- C:\Windows\SysNative\DRIVERS\SaiUFF0C.sys (Saitek)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140430.037\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140430.037\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20140430.002\IDSviA64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/01 07:15:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/30 18:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/04/30 20:10:03 | 000,000,000 | ---D | M]

[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2014/05/01 09:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\yeag246i.default-1398948955132\extensions
[2014/05/01 09:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/30 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/30 18:03:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2006/08/09 06:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/05/01 09:02:43 | 000,039,317 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.egdating.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 647 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\GatesofAndaron\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [Anvi AD Blocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [ScrewDrivers RDP Plugin] C:\Program Files (x86)\triCerat\Simplify Printing\ScrewDrivers Client v4\install_rdp.exe ()
O4 - HKCU..\Run: [VirtualDub.org] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE92507-B466-474D-9E8F-F4A5EC774184}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D8B5987-8491-4898-9A1B-88C11ECF028C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


Drivers32:64bit: msacm.ac3acm - AC3ACM.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - ac3filter.acm File not found
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
System Restore Service not available.

========== Files/Folders - Created Within 30 Days ==========

[2014/05/01 09:54:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/01 09:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/01 09:21:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/01 09:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/01 08:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/04/30 21:04:38 | 010,971,424 | ---- | C] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 21:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/30 20:22:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/30 20:22:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[2014/04/30 20:06:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/30 18:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/04/30 13:19:52 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/04/30 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/04/30 13:18:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Wise
[2014/04/23 08:53:59 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\p90x3
[2014/04/09 08:57:58 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/04/09 08:57:58 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/09 08:57:56 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/09 08:57:56 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/04/09 08:57:56 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/09 08:57:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/04/09 08:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/04/09 08:57:56 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/09 08:57:56 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/04/09 08:57:56 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/09 08:57:56 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/09 08:57:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/09 08:57:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2014/04/09 08:57:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2014/04/09 08:57:55 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/09 08:57:52 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/04 10:04:49 | 000,000,000 | ---D | C] -- C:\Users\Gary\Documents\HandHistory
[2014/04/04 10:00:16 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\cache
[2014/04/04 09:59:08 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Local\FullTiltPoker
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/01 09:54:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:37:43 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/01 09:37:40 | 000,002,051 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:37:17 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/01 09:37:17 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/01 09:37:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/01 09:31:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/01 09:21:45 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:19:14 | 006,369,640 | ---- | M] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:12:44 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/01 09:10:57 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/01 09:02:43 | 000,039,317 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/30 21:29:12 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/30 21:05:09 | 010,971,424 | ---- | M] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 20:05:32 | 001,310,621 | ---- | M] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/04/30 13:28:19 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/30 13:25:27 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 13:25:26 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 13:25:26 | 000,000,914 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/30 08:38:23 | 1502,076,584 | ---- | M] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 16:58:02 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Gary.job
[2014/04/29 13:31:15 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 13:31:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/29 08:11:23 | 1467,971,725 | ---- | M] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:55:02 | 967,586,375 | ---- | M] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:42 | 006,195,323 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:13 | 003,000,315 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/16 10:52:03 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2014/04/13 15:22:17 | 851,125,388 | ---- | M] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:39 | 000,222,166 | ---- | M] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:41:09 | 837,117,006 | ---- | M] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:18:06 | 002,290,165 | ---- | M] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:44 | 002,024,146 | ---- | M] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/10 10:23:21 | 000,000,957 | ---- | M] () -- C:\Users\Gary\Desktop\Dropbox.lnk
[2014/04/09 19:42:49 | 000,394,339 | ---- | M] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[2014/04/06 02:36:06 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/01 09:21:45 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:21:44 | 000,019,280 | ---- | C] () -- C:\Windows\SysNative\drivers\asdnet.sys
[2014/05/01 09:19:08 | 006,369,640 | ---- | C] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,051 | ---- | C] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:10:57 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/30 21:29:12 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/04/30 20:05:30 | 001,310,621 | ---- | C] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/04/30 13:19:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/30 08:27:39 | 1502,076,584 | ---- | C] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 08:01:21 | 1467,971,725 | ---- | C] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:48:18 | 967,586,375 | ---- | C] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:41 | 006,195,323 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:10 | 003,000,315 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/13 14:20:20 | 851,125,388 | ---- | C] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:37 | 000,222,166 | ---- | C] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:33:54 | 837,117,006 | ---- | C] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:12:20 | 002,290,165 | ---- | C] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:42 | 002,024,146 | ---- | C] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | C] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[2014/03/30 09:41:21 | 000,000,732 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps64.dat
[2014/02/18 19:15:33 | 000,012,005 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\alsoft.ini
[2012/07/15 09:49:45 | 000,000,680 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps.dat
[2011/12/13 09:20:01 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE3.dat
[2011/12/13 09:13:07 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE2.dat
[2011/12/12 23:41:34 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE1.dat
[2011/12/12 21:29:01 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2011/12/12 21:29:01 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat
[2011/05/23 08:44:15 | 000,000,000 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2011/05/18 17:47:00 | 000,001,940 | ---- | C] () -- C:\Users\Gary\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 07:55:03 | 000,000,092 | ---- | C] () -- C:\Users\Gary\AppData\Local\fusioncache.dat
[2010/03/21 21:09:21 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/21 20:58:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/18 17:07:28 | 000,036,352 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
"ThreadingModel" = Apartment

========== LOP Check ==========

[2010/03/18 17:19:20 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\acccore
[2011/06/08 17:16:38 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Anvil Studio
[2010/10/22 14:02:51 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\avidemux
[2012/09/10 15:44:48 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Carbon
[2010/06/19 09:34:42 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\CoffeeCup Software
[2014/04/23 15:33:04 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Dropbox
[2014/02/22 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\FEZ
[2013/07/25 08:58:11 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\FileZilla
[2010/10/01 18:29:45 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\funkitron
[2013/07/28 12:44:36 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\GroundSchool FAA
[2011/03/14 17:50:49 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\ICAClient
[2011/03/14 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Leadertech
[2011/06/18 09:44:29 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\LimeWire
[2011/04/16 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\muvee Technologies
[2014/03/29 17:40:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Origin
[2012/03/01 19:52:17 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\RadarChaos
[2011/05/14 13:40:03 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\runic games
[2011/05/23 08:44:18 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Template
[2010/08/31 11:34:41 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\thriXXX
[2013/02/23 18:38:16 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Unified Remote
[2010/06/19 10:40:22 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Web Page Maker
[2010/04/24 17:24:32 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\WinBatch
[2014/04/30 13:18:35 | 000,000,000 | ---D | M] -- C:\Users\Gary\AppData\Roaming\Wise

========== Purity Check ==========



========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 02:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\WINDOWS\erdnt\cache86\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\WINDOWS\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 22:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 02:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\SysWOW64\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 01:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 22:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 22:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >
[2006/11/02 11:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\WINDOWS\SysWOW64\en-US\explorer.exe.mui
[2006/11/02 11:13:38 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_6a2f0af76374ed51\explorer.exe.mui
[2006/11/02 11:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\WINDOWS\en-US\explorer.exe.mui
[2006/11/02 11:13:32 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=872D519975CA4D7CC596FC93470D49E0 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_5fda60a52f142b56\explorer.exe.mui

< MD5 for: EXPLORER.HTM >
[2006/01/11 02:04:38 | 000,006,995 | ---- | M] () MD5=0CFD32939C792D5BB0FFB9590324B7ED -- C:\Program Files (x86)\Evrsoft First Page 2006\Help\1stPage Guide\explorer.htm

< MD5 for: EXPLORER.ZIP >
[2006/03/06 22:48:08 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip

< MD5 for: IEXPLORE.BAT >
[2014/04/06 01:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- C:\Users\Gary\AppData\Local\Temp\jrt\iexplore.bat

< MD5 for: IEXPLORE.EXE >
[2010/09/08 13:30:52 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=02FF22F3AF0108DA2A563ABC9867049F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18527_none_95c6b18b06c68f00\iexplore.exe
[2010/09/08 12:49:16 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=04AE9CFD3F53936223BED7F52C28E5D1 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18527_none_8b720738d265cd05\iexplore.exe
[2010/05/04 15:05:56 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=0F1D27BFB65CAC093563CD46E56EAC57 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22685_none_8bb8c3e7ebb5e1c7\iexplore.exe
[2009/12/18 08:28:58 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=115076DAD84312F3A51698C15BC39D39 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21184_none_942603a022f1326e\iexplore.exe
[2010/03/09 12:56:18 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=259E27152180B895DF395ED3E412B90E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.17037_none_93d5774f09a852f4\iexplore.exe
[2010/05/04 14:56:53 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=29A7F81290165264010B784A7D217561 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18470_none_95899e0306f56c2d\iexplore.exe
[2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\WINDOWS\erdnt\cache86\iexplore.exe
[2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_97c0beeb03de7f46\iexplore.exe
[2010/09/09 11:50:19 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=3EF3476EF687FE18856A6148C6082452 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22760_none_961e0e86200aea54\iexplore.exe
[2010/05/04 14:31:09 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=424CEA5CB5999B2A6A3ED643EA20C97F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22685_none_960d6e3a2016a3c2\iexplore.exe
[2010/12/20 11:42:20 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=4319F2A5C725D9E0B9E01744E02D32BE -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18565_none_9599714706e8cc16\iexplore.exe
[2010/06/28 12:58:49 | 000,711,456 | ---- | M] (Microsoft Corporation) MD5=451108714ABD6C6923BECBD61BC9B867 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18498_none_8b275628d29daccc\iexplore.exe
[2010/10/20 14:34:04 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=47045D1D8170F3121EBCB30442B434A7 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18542_none_8b5765eed27a8634\iexplore.exe
[2009/04/11 03:11:08 | 000,712,864 | ---- | M] (Microsoft Corporation) MD5=58136AB5A3DF2D44BBB483629188584A -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/04/11 03:11:08 | 000,712,864 | ---- | M] (Microsoft Corporation) MD5=58136AB5A3DF2D44BBB483629188584A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_8d6c1498cf7dbd4b\iexplore.exe
[2008/01/20 22:48:06 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_95d545df06bcb3fa\iexplore.exe
[2010/06/28 12:45:03 | 000,711,456 | ---- | M] (Microsoft Corporation) MD5=6183CA49F334FD6B10A99AB2723AD55B -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22720_none_8bf4a3e3eb89b895\iexplore.exe
[2010/10/20 13:48:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=63E2F08404C9824C6CE6EE4A308B4083 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18542_none_95ac104106db482f\iexplore.exe
[2010/10/21 15:11:56 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=659654C25D55B7D0D4CCE8DCB65D581E -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22784_none_8bb7c583ebb6c597\iexplore.exe
[2010/03/11 12:40:22 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=67C769016A79E6FC65D1755E5D6ADAB3 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22653_none_962bdd6a20001d41\iexplore.exe
[2010/03/11 13:12:09 | 000,711,456 | ---- | M] (Microsoft Corporation) MD5=698D39FD901FA2EF5A9FF85D10B78FC5 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22653_none_8bd73317eb9f5b46\iexplore.exe
[2009/12/18 11:42:45 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=6C8AC3469BBEFE194BB18B2D84D98252 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18385_none_9583cda306f909aa\iexplore.exe
[2011/04/21 10:34:57 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=6C93AC7C0A8718E2A1543DB1B1B3B19F -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22905_none_9663f34c1fd5bbaf\iexplore.exe
[2010/03/09 12:30:03 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=74E60C93D1C9A40354D839776CCF53DF -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18444_none_95ae0eef06d97db6\iexplore.exe
[2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=77B9A891222FB46B13E414B99E1AF842 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_95bde41906ccdac6\iexplore.exe
[2010/12/20 12:10:31 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=7D15B77F30D15CC58F23CC3D3AA21BFB -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18565_none_8b44c6f4d2880a1b\iexplore.exe
[2011/04/21 11:31:40 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=7DE6E0C4FD95FD20255E842FC78AC9EF -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_8b6939c6d26c18cb\iexplore.exe
[2009/12/18 09:02:44 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=85EB45D31F684BD7071A00D42C382433 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22585_none_8bb8c201ebb5e4a0\iexplore.exe
[2010/06/28 12:33:13 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=867D06F3C473F65921F5EDF35866FF14 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22720_none_96494e361fea7a90\iexplore.exe
[2010/03/09 13:09:55 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=93D54DD14D9FE237DF830ED7522B35D4 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.17037_none_8980ccfcd54790f9\iexplore.exe
[2010/03/09 12:32:31 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=97496AA4590CB101EF990060F7055F3D -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21242_none_944f44a222d28d23\iexplore.exe
[2008/01/20 22:50:37 | 000,701,952 | ---- | M] (Microsoft Corporation) MD5=AC2C3BAFD177B60C3B5E4DDBCC2C2DB3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_8b809b8cd25bf1ff\iexplore.exe
[2009/12/18 09:20:04 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=AE8E53D125AF9E62E7AC360AC61D036D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21184_none_89d1594dee907073\iexplore.exe
[2010/05/04 15:50:33 | 000,711,456 | ---- | M] (Microsoft Corporation) MD5=AEA20B66F0AACBFF8E7F554E616DF207 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18470_none_8b34f3b0d294aa32\iexplore.exe
[2010/12/20 11:29:40 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B021EBF2A5344FF71A641B2EFDAF813E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22816_none_965a21c41fdcf3d0\iexplore.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2010/06/28 12:19:40 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B6D7D54B736056991109F169737592C7 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18498_none_957c007b06fe6ec7\iexplore.exe
[2011/04/21 11:18:01 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=B884E379175705357D541DAE90A962A9 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22905_none_8c0f48f9eb74f9b4\iexplore.exe
[2011/02/18 12:00:39 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=BCD3DE5D8693BF4F2A1201900B9E5E71 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18602_none_8b82a784d25a1397\iexplore.exe
[2011/02/18 11:23:49 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=BECD30E162ACFD7A04B1F87FBBAFF70E -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22857_none_962fe25e1ffc7ceb\iexplore.exe
[2009/12/18 08:56:05 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=C071905121F6DE5F399550FC70138FEC -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16982_none_939a8e1f09d52cb4\iexplore.exe
[2009/12/18 09:15:41 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=C2736FB489245B698691DC2FBC08BA2C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18385_none_8b2f2350d29847af\iexplore.exe
[2011/02/18 11:49:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C84ABBF7D7AF2F7D004D800D10430FF5 -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18602_none_95d751d706bad592\iexplore.exe
[2010/03/09 12:56:10 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=CDF4EDBA0498EF0FDEFDBB1C5E5B2CD6 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18444_none_8b59649cd278bbbb\iexplore.exe
[2009/12/18 09:17:05 | 000,711,432 | ---- | M] (Microsoft Corporation) MD5=E3542162B46EFB2D6FA1C7DD2C3B810D -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16982_none_8945e3ccd5746ab9\iexplore.exe
[2010/03/09 13:08:05 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=E35AAC70094E88367FA984AD891D812C -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21242_none_89fa9a4fee71cb28\iexplore.exe
[2010/10/21 14:50:10 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=ED748658B126A4617A4BA4A8F4F10DBE -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22784_none_960c6fd620178792\iexplore.exe
[2011/02/18 11:39:31 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=F451E3E1709CCEABEAC734184ACA00E0 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22857_none_8bdb380beb9bbaf0\iexplore.exe
[2010/12/20 11:47:18 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=F474DFA13C957F1385ECC42A1096C976 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22816_none_8c057771eb7c31d5\iexplore.exe
[2009/12/18 08:27:08 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=F47755101C622AF18EE669ECEB3A97AD -- C:\WINDOWS\winsxs\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22585_none_960d6c542016a69b\iexplore.exe
[2010/09/09 12:23:15 | 000,711,448 | ---- | M] (Microsoft Corporation) MD5=F8C856A2A1C1550D95EE08DC57641C57 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22760_none_8bc96433ebaa2859\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2006/11/02 11:13:34 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2006/11/02 11:13:34 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\WINDOWS\winsxs\wow64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a1c8f6f0449888c1\iexplore.exe.mui
[2006/11/02 11:13:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D421BD7B9646679254B0D855823C6F21 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2006/11/02 11:13:29 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D421BD7B9646679254B0D855823C6F21 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_97744c9e1037c6c6\iexplore.exe.mui

< MD5 for: SERVICES >
[2006/09/18 17:37:24 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6001.18000_none_60a39df1afb86c9f\services

< MD5 for: SERVICES.CFG >
[2013/09/03 09:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.CNF >
[2010/03/31 10:02:17 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Users\Gary\Documents\My Web Sites\_vti_pvt\services.cnf

< MD5 for: SERVICES.DAT >
[2014/04/06 00:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\Gary\AppData\Local\Temp\jrt\services.dat

< MD5 for: SERVICES.EXE >
[2008/01/20 22:50:34 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\WINDOWS\erdnt\cache64\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\Windows\SysNative\services.exe
[2009/04/11 03:10:50 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=934E0B7D77FF78C18D9F8891221B6DE3 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\WINDOWS\SysWOW64\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2008/01/20 22:49:44 | 000,384,512 | ---- | M] (Microsoft Corporation) MD5=DFAC660F0F139276CC9299812DE42719 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\WINDOWS\SysWOW64\en-US\services.exe.mui
[2006/11/02 11:13:31 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\Windows\SysNative\en-US\services.exe.mui
[2006/11/02 11:13:56 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=F514B57C09E143F1E14415A9E9ADD695 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c3e5209ee1678e23\services.exe.mui

< MD5 for: SERVICES.HTM >
[2006/10/26 20:42:16 | 000,003,140 | ---- | M] () MD5=065B93C99612C4DED50A5B82D1907D7A -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz4.tem\SERVICES.HTM
[2009/06/09 09:59:08 | 000,003,662 | ---- | M] () MD5=2D2B9857EE9194DE0D19180CE8BE3023 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz2.tem\SERVICES.HTM
[2009/06/09 09:59:08 | 000,003,660 | ---- | M] () MD5=385F319812E977BD0925828CB94E8B0D -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz3.tem\SERVICES.HTM
[2009/06/09 09:59:08 | 000,003,145 | ---- | M] () MD5=4AF3252172928C3C2D801273F289FAC3 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz4.tem\SERVICES.HTM
[2009/06/09 09:59:06 | 000,003,692 | ---- | M] () MD5=7C0A432F0867E6E27067925774C6BB03 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz1.tem\SERVICES.HTM
[2006/10/26 20:42:24 | 000,003,127 | ---- | M] () MD5=8637B342EC124A00EC27DFCE45A3FCB7 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz5.tem\SERVICES.HTM
[2006/10/26 20:42:00 | 000,003,657 | ---- | M] () MD5=9B68D7B32277521CB5240E7AFFD75ED3 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz2.tem\SERVICES.HTM
[2006/10/26 20:41:52 | 000,003,687 | ---- | M] () MD5=A208808966BAB0309243FFB278B919EF -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz1.tem\SERVICES.HTM
[2009/06/09 09:59:08 | 000,003,132 | ---- | M] () MD5=BA10F0A870E107AD714B52D19F13556D -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz5.tem\SERVICES.HTM
[2009/06/09 09:59:08 | 000,003,119 | ---- | M] () MD5=BF1F2DF30B367C20603E49284B55B5CD -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz6.tem\SERVICES.HTM
[2006/10/26 20:42:32 | 000,003,114 | ---- | M] () MD5=C921BDE5D523A04DE3A7319B6C8E38A2 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz6.tem\SERVICES.HTM
[2006/10/26 20:42:08 | 000,003,655 | ---- | M] () MD5=CF0DF3B55D7754DE445768728CF3EB66 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz3.tem\SERVICES.HTM

< MD5 for: SERVICES.JPG >
[2005/08/26 10:38:58 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz1.tem\SERVICES.JPG
[2005/08/26 10:46:14 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz2.tem\SERVICES.JPG
[2005/08/26 10:46:42 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz3.tem\SERVICES.JPG
[2005/08/26 10:47:18 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz4.tem\SERVICES.JPG
[2005/08/26 10:52:10 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz5.tem\SERVICES.JPG
[2005/08/26 10:52:32 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Templates\1033\WEBS12\smallbiz6.tem\SERVICES.JPG
[2009/06/09 09:59:06 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz1.tem\SERVICES.JPG
[2009/06/09 09:59:06 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz2.tem\SERVICES.JPG
[2009/06/09 09:59:08 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz3.tem\SERVICES.JPG
[2009/06/09 09:59:08 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz4.tem\SERVICES.JPG
[2009/06/09 09:59:08 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz5.tem\SERVICES.JPG
[2009/06/09 09:59:08 | 000,009,430 | ---- | M] () MD5=5B42FB058ED1B06EC596BDCF3253CBD5 -- C:\Program Files (x86)\Microsoft Expression\Web 3\en\WEBS\smallbiz6.tem\SERVICES.JPG

< MD5 for: SERVICES.LNK >
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 23:20:59 | 000,001,688 | ---- | M] () MD5=EFDD08F4E5E26430885F26F0C35B8C62 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysWOW64\wbem\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.mof
[2006/09/18 17:44:54 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\en-US\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\SysWOW64\services.msc
[2006/11/02 11:13:51 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fe26f08ab7d12816\services.msc
[2006/09/18 17:29:41 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_2b827e27fe185619\services.msc
[2006/11/02 11:14:00 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SERVICES.PNG >
[2008/03/26 14:02:52 | 000,000,875 | ---- | M] () MD5=3382D191625A7528ED791FEDCCE3F212 -- C:\Program Files (x86)\PC-Doctor 5 for Windows\Images\img16_16\services.png
[2008/03/27 05:57:28 | 000,003,334 | ---- | M] () MD5=5FF3A00670DE8D80ADA4BD034B55D154 -- C:\Program Files (x86)\CoffeeCup Software\CoffeeCup Free HTML Editor\Graphics\CoffeeCup Graphics Pack Samples\Red\services.png
[2008/03/26 14:03:00 | 000,002,244 | ---- | M] () MD5=8C5F2C34A5FB317B868565F9451BF74C -- C:\Program Files (x86)\PC-Doctor 5 for Windows\Images\img32_32\services.png
[2008/03/26 14:03:08 | 000,006,479 | ---- | M] () MD5=AFCA60ED198BE9309943722FE8758392 -- C:\Program Files (x86)\PC-Doctor 5 for Windows\Images\img64_64\services.png
[2008/03/27 05:38:18 | 000,003,827 | ---- | M] () MD5=BFC0958B73C61EE6C5EEA8D8C6073D26 -- C:\Program Files (x86)\CoffeeCup Software\CoffeeCup Free HTML Editor\Graphics\CoffeeCup Graphics Pack Samples\Blue\services.png
[2008/03/26 14:03:04 | 000,004,193 | ---- | M] () MD5=E1C3A20056206C394E65B37CE1D43851 -- C:\Program Files (x86)\PC-Doctor 5 for Windows\Images\img48_48\services.png
[2008/03/26 14:02:56 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files (x86)\PC-Doctor 5 for Windows\Images\img24_24\services.png

< MD5 for: WINLOGON.EXE >
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\WINDOWS\erdnt\cache64\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 22:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\SysWOW64\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 22:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2008/01/20 22:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2008/01/20 22:52:39 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=1DB95B0920FA9783476AC46F187C06F6 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_27172d0ebc73e370\winlogon.exe.mui
[2008/01/20 22:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\WINDOWS\SysWOW64\en-US\winlogon.exe.mui
[2008/01/20 22:52:28 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 11:13:52 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=2D30AB05DBA78517B34C0AAC71DF5299 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_24e06b12bf88d29c\winlogon.exe.mui
[2006/11/02 11:13:03 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui

< MD5 for: WINLOGON.MOF >
[2006/09/18 17:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\SysNative\wbem\winlogon.mof
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\WINDOWS\SysWOW64\wbem\winlogon.mof
[2006/09/18 17:38:40 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\WINDOWS\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_da20a358315a3dca\winlogon.mof
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/05/17 00:03:10 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/06 22:13:41 | 000,359,256 | ---- | M] (Hewlett-Packard) -- C:\hpzids40.dll
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2011/02/12 19:30:02 | 000,000,730 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2014/05/01 09:36:41 | 2460,303,359 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2006/11/02 11:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 11:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 11:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2010/03/23 08:50:24 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/05/16 10:57:33 | 000,001,642 | -H-- | M] () -- C:\Users\Gary\AppData\Roaming\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2008/01/20 23:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is HP
Volume Serial Number is E0C7-814C
Directory of C:\
03/18/2010 04:39 PM Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
03/18/2010 04:39 PM Application Data [C:\ProgramData]
03/18/2010 04:39 PM Desktop [C:\Users\Public\Desktop]
03/18/2010 04:39 PM Documents [C:\Users\Public\Documents]
03/18/2010 04:39 PM Favorites [C:\Users\Public\Favorites]
03/18/2010 04:39 PM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
03/18/2010 04:39 PM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
03/18/2010 04:39 PM All Users [C:\ProgramData]
03/18/2010 04:39 PM Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
03/18/2010 04:39 PM Application Data [C:\ProgramData]
03/18/2010 04:39 PM Desktop [C:\Users\Public\Desktop]
03/18/2010 04:39 PM Documents [C:\Users\Public\Documents]
03/18/2010 04:39 PM Favorites [C:\Users\Public\Favorites]
03/18/2010 04:39 PM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
03/18/2010 04:39 PM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
03/18/2010 04:39 PM Application Data [C:\Users\Default\AppData\Roaming]
03/18/2010 04:39 PM Local Settings [C:\Users\Default\AppData\Local]
03/18/2010 04:39 PM My Documents [C:\Users\Default\Documents]
03/18/2010 04:39 PM NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/18/2010 04:39 PM PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/18/2010 04:39 PM Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
03/18/2010 04:39 PM SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
03/18/2010 04:39 PM Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
03/18/2010 04:39 PM Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
03/18/2010 04:39 PM Application Data [C:\Users\Default\AppData\Local]
03/18/2010 04:39 PM History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
03/18/2010 04:39 PM Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
03/18/2010 04:39 PM My Music [C:\Users\Default\Music]
03/18/2010 04:39 PM My Pictures [C:\Users\Default\Pictures]
03/18/2010 04:39 PM My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Gary
03/18/2010 04:43 PM Application Data [C:\Users\Gary\AppData\Roaming]
03/18/2010 04:43 PM Cookies [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Cookies]
03/18/2010 04:43 PM Local Settings [C:\Users\Gary\AppData\Local]
03/18/2010 04:43 PM My Documents [C:\Users\Gary\Documents]
03/18/2010 04:43 PM NetHood [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/18/2010 04:43 PM PrintHood [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/18/2010 04:43 PM Recent [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Recent]
03/18/2010 04:43 PM SendTo [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\SendTo]
03/18/2010 04:43 PM Start Menu [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu]
03/18/2010 04:43 PM Templates [C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Gary\AppData\Local
03/18/2010 04:43 PM Application Data [C:\Users\Gary\AppData\Local]
03/18/2010 04:43 PM History [C:\Users\Gary\AppData\Local\Microsoft\Windows\History]
03/18/2010 04:43 PM Temporary Internet Files [C:\Users\Gary\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Gary\Documents
03/18/2010 04:43 PM My Music [C:\Users\Gary\Music]
03/18/2010 04:43 PM My Pictures [C:\Users\Gary\Pictures]
03/18/2010 04:43 PM My Videos [C:\Users\Gary\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
03/18/2010 04:39 PM My Music [C:\Users\Public\Music]
03/18/2010 04:39 PM My Pictures [C:\Users\Public\Pictures]
03/18/2010 04:39 PM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
05/15/2012 08:02 AM Application Data [C:\Users\UpdatusUser\AppData\Roaming]
05/15/2012 08:02 AM Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
05/15/2012 08:02 AM Local Settings [C:\Users\UpdatusUser\AppData\Local]
05/15/2012 08:02 AM My Documents [C:\Users\UpdatusUser\Documents]
05/15/2012 08:02 AM NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/15/2012 08:02 AM PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/15/2012 08:02 AM Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
05/15/2012 08:02 AM SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
05/15/2012 08:02 AM Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
05/15/2012 08:02 AM Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
05/15/2012 08:02 AM Application Data [C:\Users\UpdatusUser\AppData\Local]
05/15/2012 08:02 AM History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
05/15/2012 08:02 AM Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
05/15/2012 08:02 AM My Music [C:\Users\UpdatusUser\Music]
05/15/2012 08:02 AM My Pictures [C:\Users\UpdatusUser\Pictures]
05/15/2012 08:02 AM My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Directory of C:\WINDOWS\System32\config\systemprofile
03/25/2010 08:18 PM Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
03/25/2010 08:18 PM Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
03/25/2010 08:18 PM My Documents [C:\Windows\system32\config\systemprofile\Documents]
03/25/2010 08:18 PM NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/25/2010 08:18 PM PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/25/2010 08:18 PM Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
03/25/2010 08:18 PM SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
03/25/2010 08:18 PM Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
03/25/2010 08:18 PM Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\WINDOWS\System32\config\systemprofile\AppData\Local
03/25/2010 08:18 PM Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
03/25/2010 08:18 PM History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
03/25/2010 08:18 PM Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\WINDOWS\System32\config\systemprofile\Documents
03/25/2010 08:18 PM My Music [C:\Windows\system32\config\systemprofile\Music]
03/25/2010 08:18 PM My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
03/25/2010 08:18 PM My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Directory of C:\WINDOWS\SysWOW64\config\systemprofile
03/25/2010 08:18 PM Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
03/25/2010 08:18 PM Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
03/25/2010 08:18 PM My Documents [C:\Windows\system32\config\systemprofile\Documents]
03/25/2010 08:18 PM NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/25/2010 08:18 PM PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/25/2010 08:18 PM Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
03/25/2010 08:18 PM SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
03/25/2010 08:18 PM Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
03/25/2010 08:18 PM Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local
03/25/2010 08:18 PM Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
03/25/2010 08:18 PM History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
03/25/2010 08:18 PM Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\WINDOWS\SysWOW64\config\systemprofile\Documents
03/25/2010 08:18 PM My Music [C:\Windows\system32\config\systemprofile\Music]
03/25/2010 08:18 PM My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
03/25/2010 08:18 PM My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
95 Dir(s) 124,629,340,160 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/03/23 09:06:34 | 000,000,286 | -HS- | M] () -- C:\Users\Gary\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2014/05/01 09:19:14 | 006,369,640 | ---- | M] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/04/30 20:05:32 | 001,310,621 | ---- | M] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/04/30 21:05:09 | 010,971,424 | ---- | M] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/06 02:36:06 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[2014/05/01 09:54:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\tehhobtextd72.mkv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\escpepln72-G.mkv:TOC.WMV
@Alternate Data Stream - 453 bytes -> C:\Users\Gary\Desktop\2-5.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-4.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-1.jpg:com.dropbox.attributes
@Alternate Data Stream - 448 bytes -> C:\Users\Gary\Desktop\2-2.jpg:com.dropbox.attributes
@Alternate Data Stream - 446 bytes -> C:\Users\Gary\Desktop\2-3.jpg:com.dropbox.attributes
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B2AA1B61

< End of report >


OTL Extras logfile created on: 5/1/2014 9:59:29 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.78 Gb Available Physical Memory | 63.08% Memory free
12.17 Gb Paging File | 9.84 Gb Available in Paging File | 80.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.32 Gb Total Space | 116.08 Gb Free Space | 16.89% Space Free | Partition Type: NTFS
Drive D: | 11.31 Gb Total Space | 1.10 Gb Free Space | 9.77% Space Free | Partition Type: NTFS

Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = A5 BF CE 35 89 CA CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0979CC93-4C42-4F33-B8FC-289C7E508369}" = rport=445 | protocol=6 | dir=out | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D66DAF0-173D-464D-9FDD-97B32587D1F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{23585E9C-2B2C-4776-BD18-2A4348D0DBCD}" = rport=139 | protocol=6 | dir=out | app=system |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30549F92-B78C-4CB2-81B8-8371ED2066B4}" = rport=137 | protocol=17 | dir=out | app=system |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4A47D9DD-8FE4-4F4E-8583-B5B25732EF6C}" = lport=137 | protocol=17 | dir=in | app=system |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{774D286A-4B07-48D0-83BF-46CD4E949D2E}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{817AE5A9-4F49-486E-93D4-DB3BB352A5BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83CA6307-4E92-490D-84B1-706180AAAEB7}" = lport=139 | protocol=6 | dir=in | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6740674-D439-4731-904D-7A2358CEE775}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C7F059AA-3E6D-419B-ABA7-63FE852D4F23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5C81FCA-D318-4E7D-9CF8-0E0BAE42C2B8}" = lport=445 | protocol=6 | dir=in | app=system |
"{DFFEFBE6-89BD-4BEE-9798-A6B7EB7BBAAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{006BA28B-2F62-4542-B0D6-A4A02EF28660}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mrrobot\mrrobot.exe |
"{00E8629C-F9A2-48B5-A509-176CCF5E4285}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{01368529-B554-4AD2-A32B-972BFE06C5BB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0684A7E0-2296-42D0-908A-784E4744CC5F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16B1069A-CEE7-4576-89B3-B8ECC53F62EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez_launchoptions.exe |
"{268AE666-0AAF-46B0-A9B8-60BD1EDF7580}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{2F413380-2C92-4597-9E73-9DD6D35DBB38}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{36F88136-2142-48A0-87B3-60C52BA2A293}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{37C974AC-B1CF-4D88-AD5D-08D137A3F2FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3E4F2B0C-3A81-48AC-9F49-3157BC75FF81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5075E18A-715A-4A9E-89E0-178BB000C826}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{50C9EFA5-FD28-4275-A080-3099F7708DBD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mrrobot\mrrobot.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{594B3451-B0EB-40A4-8AFE-148B28B51D73}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79A2573B-3584-4CA4-B575-4A2574B2483B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2demo.exe |
"{7C7B4AEC-6750-4E41-B27B-BA1D10E59EFA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{81F286C5-C47F-457A-9E45-01FAB9FD86FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bastion\bastion.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8FD9CA62-80EC-446C-990C-9403A57980D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{951616CE-E1A8-4C32-A53E-194ED7B459CF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{970905B8-92AD-4342-99F5-1F9E8D5A2FA7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{980E8C34-737C-4D5C-9A5C-FF6B035F4930}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez_launchoptions.exe |
"{9CFC408F-4532-43A0-841A-A96FDFE71313}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A3BF6180-276A-490A-8186-8D0E91DC1051}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8831BB2-6293-49BE-942F-6686326AAEDE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BB5DFAEA-A405-472B-BE59-8DF2E1302003}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{C9DC80E4-5978-4633-A713-F5C9F254ED29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fez\fez.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF45B6FB-1A47-4012-AA1F-A8595CDD01CB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EABC12E0-1EF2-40CE-A13A-CF32692D4829}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA8B2989-954D-480F-A90C-B2FDFFCEAFEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"TCP Query User{51C10A2E-8794-4A98-A0C9-95E583752C20}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{5E8A0959-568D-42C8-A967-9FFEBD6F855A}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{68C80243-4F95-4B5E-A22C-1597F434C29C}C:\program files (x86)\steam\steamapps\common\q.u.b.e. demo\binaries\win32\qube_demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\q.u.b.e. demo\binaries\win32\qube_demo.exe |
"TCP Query User{855D6E5C-8B4C-4C8B-9A1D-D4BD3DD13E3B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"TCP Query User{E00A1DB0-E4E8-4B0E-BFE7-2526710C814E}C:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{48049B9E-0A0F-4677-9A7C-A3F92A09E2BB}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"UDP Query User{5DDA0368-A19A-4D9B-BBC0-BC63DDB55100}C:\program files (x86)\steam\steamapps\common\q.u.b.e. demo\binaries\win32\qube_demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\q.u.b.e. demo\binaries\win32\qube_demo.exe |
"UDP Query User{64260284-B835-4A6A-9D22-3B4915D14F58}C:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{D69F9FC2-6B62-43ED-90D7-829B0CAC0928}C:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\gary\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{E80B13F4-C940-43E8-945A-6C815957C13E}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{15262012-213A-4f65-9019-C8A409EC0156}" = HP Officejet J6400 Series
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{240FCE0B-F553-4ab3-9C7B-3CD082FCA117}" = NetDeviceManager64
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82ED9FB2-55AF-4A61-A6F3-506CEE112779}" = Motorola Mobile Drivers Installation 4.7.1
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}" = Smart Technology Programming Software 7.0.27.13
"{C5856970-6B43-41AC-B4A6-BB0B3E80F52B}_is1" = HP Demo
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AC3ACM" = AC-3 ACM Codec
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.20
"UDK-20cb887a-3656-4f82-9238-fc15b5fecad2" = My Game Long Name

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis®
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{034B8288-5C7B-E367-9E50-DFC71D599675}" = Acukwik
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{06B7DE4D-9098-41AF-B0C0-D3129C72E483}" = Roads of Rome 2
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{13086F8B-2AA9-4488-BC9C-BB6B912A5524}" = muvee autoProducer 6.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A21BED943}" = Video DVD Maker v3.10.0.28
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{37D4AB78-5281-44EE-91D8-B65CFE509851}" = Unified Remote
"{380CC749-8C28-4C74-BE01-45921D062302}" = BPDSoftware_Ini
"{3A9E0E2F-B0D1-452B-B833-7A7300EA1231}" = Saitek NT Controller Drivers
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41853D20-40CC-4266-978D-F128BB97CA96}" = 6400_Help
"{44F2B651-A86A-4B6C-8563-07B66F00F8F8}_is1" = Hawke BRC 1.1.0
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65BCF909-6AF7-4B01-8EB3-713CE2873DC8}" = Microsoft Expression Web 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C4C379-3E31-48E6-95EF-9C6EBCF94981}" = Flight Explorer Premier Edition 12.1.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{744F6CCF-9F56-40A0-A33D-2A45D53B6046}" = Hoyle Card Games 2004
"{752E90AC-3F11-4EA3-88EA-96441047EC31}" = Microsoft Expression Web 3 SP1
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79896C28-C277-42d5-990A-D98E10682654}" = Titan Quest
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92BCABD5-D3E4-4983-AA10-315813E2A373}" = ScrewDrivers Client v4 with Citrix Web Client 11.2
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A864E257-3554-1299-FB1B-E5D82C2F1077}" = RadarChaos
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A979B2D8-E3EE-4523-A26C-4AF0A6809280}" = Sniper Elite Demo
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AEB719FD-EDB0-43E9-B524-90F97C1E6499}" = System Update kb70007
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AIM_7" = AIM 7
"Anvi AD Blocker" = Anvi AD Blocker 2.2
"AnvSoft Movie DVD Maker_is1" = Movie DVD Maker 3.01
"AsUninst.exe" = Anvil Studio
"ATC Career Prep Software Suite" = ATC Career Prep Software Suite
"Avidemux 2.5" = Avidemux 2.5
"AviSynth" = AviSynth 2.5
"CarbonPoker Odds Calculator_is1" = CarbonPoker Odds Calculator 1.0.3
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CoffeeCup Free HTML Editor" = CoffeeCup Free HTML Editor
"com.penton.acukwik" = Acukwik
"Crimsonland_is1" = Crimsonland
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Diablo III Beta" = Diablo III Beta
"DivX Setup.divx.com" = DivX Setup
"ESET Online Scanner" = ESET Online Scanner v3
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"FreeMacroPlayer" = FreeMacroPlayer
"GameSpy Arcade" = GameSpy Arcade
"gatesofandaron_is1" = Gates of Andaron
"Google Chrome" = Google Chrome
"GroundSchool - Airline Transport Pilot (ATP)_is1" = GroundSchool - Airline Transport Pilot (ATP)
"HaaliMkx" = Haali Media Splitter
"Heroes In the Sky" = Heroes In the Sky
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III
"InstallShield_{744F6CCF-9F56-40A0-A33D-2A45D53B6046}" = Hoyle Card Games 2004
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MapleStory" = MapleStory
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MotoHelper" = MotoHelper 2.0.24 Driver 4.7.1
"Movie DVD Maker_is1" = Movie DVD Maker 2.7.1021
"Mozilla Firefox 29.0 (x86 en-US)" = Mozilla Firefox 29.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"N360" = Norton Security Suite
"NoteWorthy Composer 2" = NoteWorthy Composer 2
"NSS" = Norton Security Scan
"OpenAL" = OpenAL
"Origin" = Origin
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PokerStars.net" = PokerStars.net
"PunkBusterSvc" = PunkBuster Services
"RadarChaos" = RadarChaos
"Runic Games Torchlight" = Torchlight
"Shot Online" = Shot Online
"ShotOnline" = ShotOnline
"ShotOnline International" = ShotOnline International- remove only
"sp43111" = sp43111
"sp44626" = sp44626
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 105430" = Age of Empires Online
"Steam App 107100" = Bastion
"Steam App 130" = Half-Life: Blue Shift
"Steam App 18400" = Crazy Machines 2
"Steam App 18420" = Crazy Machines
"Steam App 18450" = Crazy Machines 1.5 New from the Lab
"Steam App 18460" = Crazy Machines 1.5 Inventors Training Camp
"Steam App 20" = Team Fortress Classic
"Steam App 200710" = Torchlight II
"Steam App 204610" = Q.U.B.E. Demo
"Steam App 20730" = Mr. Robot Demo
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 219850" = Torchlight II Demo
"Steam App 220" = Half-Life 2
"Steam App 224760" = FEZ
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 280" = Half-Life: Source
"Steam App 30" = Day of Defeat
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 360" = Half-Life Deathmatch: Source
"Steam App 380" = Half-Life 2: Episode One
"Steam App 40" = Deathmatch Classic
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 4540" = Titan Quest
"Steam App 4550" = Titan Quest: Immortal Throne
"Steam App 50" = Half-Life: Opposing Force
"Steam App 500" = Left 4 Dead
"Steam App 520" = Team Fortress 2 Beta
"Steam App 550" = Left 4 Dead 2
"Steam App 60" = Ricochet
"Steam App 620" = Portal 2
"Steam App 70" = Half-Life
"Steam App 80" = Counter-Strike: Condition Zero
"ULTIMATER" = Microsoft Office Ultimate 2007
"Verizon V CAST Media Manager" = Verizon V CAST Media Manager
"VLC media player" = VLC media player 1.1.11
"Web_3.0.3813.0" = Microsoft Expression Web 3
"WebDesigner" = Microsoft Expression Web Trial
"WildTangent hp Master Uninstall" = My HP Games
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CarbonPoker" = CarbonPoker
"DirectDownloader" = DirectDownloader
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.3.2.1
"NCsoft-Aion" = Aion

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/1/2014 8:04:09 AM | Computer Name = Gary-PC | Source = System Restore | ID = 8199
Description =

Error - 5/1/2014 8:09:46 AM | Computer Name = Gary-PC | Source = System Restore | ID = 8199
Description =

Error - 5/1/2014 8:21:46 AM | Computer Name = Gary-PC | Source = WinMgmt | ID = 28
Description =

Error - 5/1/2014 8:26:40 AM | Computer Name = Gary-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 5/1/2014 9:03:09 AM | Computer Name = Gary-PC | Source = WinMgmt | ID = 28
Description =

Error - 5/1/2014 9:07:07 AM | Computer Name = Gary-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 5/1/2014 9:21:12 AM | Computer Name = Gary-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 29.0.0.5224 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 15e8 Start Time: 01cf653ea9c53d2f Termination Time: 60000

Error - 5/1/2014 9:37:32 AM | Computer Name = Gary-PC | Source = WinMgmt | ID = 28
Description =

Error - 5/1/2014 9:42:00 AM | Computer Name = Gary-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 5/1/2014 9:42:03 AM | Computer Name = Gary-PC | Source = MsiInstaller | ID = 11706
Description =

[ OSession Events ]
Error - 11/19/2010 8:53:22 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 471
seconds with 120 seconds of active time. This session ended with a crash.

Error - 11/19/2010 8:53:34 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/19/2010 8:54:15 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 35
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8/21/2011 10:12:47 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 164
seconds with 120 seconds of active time. This session ended with a crash.

Error - 2/7/2013 9:36:21 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 87
seconds with 60 seconds of active time. This session ended with a crash.

Error - 2/7/2013 9:44:36 AM | Computer Name = Gary-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 419
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/30/2014 8:48:30 PM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =

Error - 4/30/2014 9:30:14 PM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =

Error - 5/1/2014 7:33:05 AM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =

Error - 5/1/2014 7:40:51 AM | Computer Name = Gary-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 5/1/2014 7:50:10 AM | Computer Name = Gary-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 5/1/2014 7:52:34 AM | Computer Name = Gary-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 5/1/2014 8:22:20 AM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =

Error - 5/1/2014 9:03:32 AM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =

Error - 5/1/2014 9:38:20 AM | Computer Name = Gary-PC | Source = DCOM | ID = 10016
Description =


< End of report >

    Advertisements

Register to Remove


#2 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 05 May 2014 - 09:16 AM

Hi biggary1689,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

bullseye_zpse9eaf36e.gif Security Check

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

bullseye_zpse9eaf36e.gif aswMBR

Download aswMBR.exe and save it to your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

Your OTL scan shows a Proxy Server has been set, did you do this intentionally?
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

In your next post please provide the following:


  • checkup.txt
  • aswMBR.txt
  • attach MBR.zip
  • Proxy Server information.

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#3 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 06 May 2014 - 07:31 AM

Here are the results of the requested scans. Also I did not intentionally set up a proxy server(not sure what that is or how it would have gotten there).

Results of screen317's Security Check version 0.99.82
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 17
Java version out of Date!
Adobe Flash Player 13.0.0.206
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (29.0)
Google Chrome 34.0.1847.131
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-06 07:50:53
-----------------------------
07:50:53.591 OS Version: Windows x64 6.0.6002 Service Pack 2
07:50:53.591 Number of processors: 4 586 0xF0B
07:50:53.591 ComputerName: GARY-PC UserName: Gary
07:50:56.508 Initialize success
07:51:29.050 AVAST engine defs: 14050500
07:52:21.949 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:52:21.949 Disk 0 Vendor: Hitachi_ GK8O Size: 715404MB BusType: 3
07:52:22.386 Disk 0 MBR read successfully
07:52:22.386 Disk 0 MBR scan
07:52:22.402 Disk 0 unknown MBR code
07:52:22.417 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 703816 MB offset 63
07:52:22.495 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11585 MB offset 1441416060
07:52:22.604 Disk 0 scanning C:\Windows\system32\drivers
07:53:37.094 Service scanning
07:55:03.596 Modules scanning
07:55:03.596 Disk 0 trace - called modules:
07:55:03.612 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
07:55:03.612 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064525b0]
07:55:03.628 3 CLASSPNP.SYS[fffffa6000fccc33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006174050]
07:55:09.899 AVAST engine scan C:\Windows
07:55:34.859 AVAST engine scan C:\Windows\system32
08:11:05.539 AVAST engine scan C:\Windows\system32\drivers
08:11:50.686 AVAST engine scan C:\Users\Gary
08:46:07.109 AVAST engine scan C:\ProgramData
09:18:18.826 Scan finished successfully
09:21:36.415 Disk 0 MBR has been saved successfully to "C:\Users\Gary\Desktop\MBR.dat"
09:21:36.431 The log file has been saved successfully to "C:\Users\Gary\Desktop\aswMBR.txt"

#4 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 06 May 2014 - 07:47 AM

Hi. OCD I'm having some issues trying to attache the MBR zip file.

#5 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 06 May 2014 - 01:48 PM

Hi biggary1689,
 

I'm having some issues trying to attache the MBR zip file.

Don't worry about that at the moment. But do not delete the file just in case we need it down the road.

=========================

bullseye_zpse9eaf36e.gif Run OTL.exe

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
    O4 - HKLM..\Run: [] File not found
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptyjava]
    [emptyflash]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done

=========================

I see you have AdwCleaner & JRT installed. Please re-run both and post the corresponding logs.

=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif Re-run OTL (it should be located on your desktop).

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Uncheck the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
    Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:

  • OTL fix log
  • AdwCleaner.txt
  • JRT.txt
  • Fresh OTL.txt
  • How is the computer running at the moment?
  • Describe any symptoms.

  • VigienLen likes this
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#6 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 07 May 2014 - 07:46 AM

Below are all the text docs. Everything appears to be running smoothly. I am not noticing as many pop up ads however I did see one and got a redirect page.




All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Gary\Desktop\cmd.bat deleted successfully.
C:\Users\Gary\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
System Restore Service not available.

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Gary
->Java cache emptied: 25053201 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 24.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gary
->Flash cache emptied: 6506 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gary
->Temp folder emptied: 142424327 bytes
->Temporary Internet Files folder emptied: 2297482 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 376992064 bytes
->Google Chrome cache emptied: 14392472 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 282034 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 2780 bytes

Total Files Cleaned = 512.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05072014_081945

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\JET50AE.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

# AdwCleaner v3.205 - Report created 07/05/2014 at 09:16:24
# Updated 28/04/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Gary - GARY-PC
# Running from : C:\Users\Gary\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v29.0 (en-US)

[ File : C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\yeag246i.default-1398948955132\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [7430 octets] - [30/04/2014 20:06:40]
AdwCleaner[R1].txt - [7490 octets] - [30/04/2014 20:07:30]
AdwCleaner[R2].txt - [969 octets] - [30/04/2014 20:42:04]
AdwCleaner[R3].txt - [1196 octets] - [30/04/2014 20:53:05]
AdwCleaner[R4].txt - [1256 octets] - [30/04/2014 21:35:49]
AdwCleaner[R5].txt - [1317 octets] - [30/04/2014 21:42:29]
AdwCleaner[R6].txt - [1377 octets] - [01/05/2014 08:10:01]
AdwCleaner[R7].txt - [1717 octets] - [01/05/2014 08:56:49]
AdwCleaner[R8].txt - [2107 octets] - [07/05/2014 09:07:03]
AdwCleaner[R9].txt - [1840 octets] - [07/05/2014 09:15:46]
AdwCleaner[S0].txt - [5675 octets] - [30/04/2014 20:10:01]
AdwCleaner[S1].txt - [1029 octets] - [30/04/2014 20:45:30]
AdwCleaner[S2].txt - [1440 octets] - [01/05/2014 08:10:31]
AdwCleaner[S3].txt - [1669 octets] - [01/05/2014 09:00:42]
AdwCleaner[S4].txt - [1765 octets] - [07/05/2014 09:16:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1825 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Gary on Wed 05/07/2014 at 9:08:39.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Gary\AppData\Roaming\mozilla\firefox\profiles\yeag246i.default-1398948955132\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/07/2014 at 9:14:12.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTL logfile created on: 5/7/2014 9:24:53 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.77 Gb Available Physical Memory | 62.88% Memory free
12.11 Gb Paging File | 9.91 Gb Available in Paging File | 81.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.32 Gb Total Space | 124.88 Gb Free Space | 18.17% Space Free | Partition Type: NTFS
Drive D: | 11.31 Gb Total Space | 1.10 Gb Free Space | 9.77% Space Free | Partition Type: NTFS

Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Users\Gary\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
PRC - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
PRC - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\sqlite3.dll ()
MOD - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (System Update kb70007) -- C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdblockerSrv) -- C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\WINDOWS\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (hitmanpro37) -- C:\Windows\SysNative\drivers\hitmanpro37.sys ()
DRV:64bit: - (asdnet) -- C:\Windows\SysNative\DRIVERS\asdnet.sys ()
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMTDI.SYS (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMFW.SYS (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMNDISV.SYS (Symantec Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\BHDrvx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DP) -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys (Conexant Systems, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (SaiHFF0C) -- C:\Windows\SysNative\DRIVERS\SaiHFF0C.sys (Saitek)
DRV:64bit: - (SaiUFF0C) -- C:\Windows\SysNative\DRIVERS\SaiUFF0C.sys (Saitek)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140505.035\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140505.035\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20140506.001\IDSviA64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.co...64bit:</strong> - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...64bit:</strong> - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...64bit:</strong> - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...64bit:</strong> - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...64bit:</strong> - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....p-pvdt<br /> IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE
- HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE
- HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE
- HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE
- HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE8SRC<br /> IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...TERMS}<br /> IE - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....=hp-pvdt<br />
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE
- HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE
- HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...TERMS}<br /> IE - HKCU\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....p-pvdt<br /> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/01 07:15:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/30 18:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/04/30 20:10:03 | 000,000,000 | ---D | M]

[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2014/05/01 09:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\yeag246i.default-1398948955132\extensions
[2014/05/07 09:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/30 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/30 18:03:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2006/08/09 06:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/05/01 09:02:43 | 000,039,317 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.egdating.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 647 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\GatesofAndaron\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [Anvi AD Blocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [ScrewDrivers RDP Plugin] C:\Program Files (x86)\triCerat\Simplify Printing\ScrewDrivers Client v4\install_rdp.exe ()
O4 - HKCU..\Run: [VirtualDub.org] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE92507-B466-474D-9E8F-F4A5EC774184}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D8B5987-8491-4898-9A1B-88C11ECF028C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/07 09:07:30 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/07 08:19:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/06 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\DropboxMaster
[2014/05/05 11:36:38 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/01 09:54:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/01 09:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/01 09:21:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/01 09:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/01 08:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/04/30 21:04:38 | 010,971,424 | ---- | C] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 21:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/30 20:22:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/30 20:22:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[2014/04/30 20:06:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/30 18:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/04/30 13:19:52 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/04/30 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/04/30 13:18:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Wise
[2014/04/23 08:53:59 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\p90x3
[2014/04/09 08:57:58 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/04/09 08:57:58 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/09 08:57:56 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/09 08:57:56 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/04/09 08:57:56 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/09 08:57:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/04/09 08:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/04/09 08:57:56 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/09 08:57:56 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/04/09 08:57:56 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/09 08:57:56 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/09 08:57:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/09 08:57:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2014/04/09 08:57:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2014/04/09 08:57:55 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/09 08:57:52 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/07 09:31:37 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/07 09:23:26 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/07 09:18:23 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/07 09:18:23 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/07 09:18:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/07 09:12:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/07 09:06:35 | 001,310,621 | ---- | M] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 10:31:13 | 000,105,199 | ---- | M] () -- C:\Users\Gary\Desktop\SF-87A.pdf
[2014/05/06 10:28:57 | 000,021,297 | ---- | M] () -- C:\Users\Gary\Desktop\DOT 1631.pdf
[2014/05/06 10:27:16 | 000,071,458 | ---- | M] () -- C:\Users\Gary\Desktop\eQip Brochure.pdf
[2014/05/06 10:19:03 | 000,000,957 | ---- | M] () -- C:\Users\Gary\Desktop\Dropbox.lnk
[2014/05/06 09:24:55 | 000,000,570 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:52 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/05 11:36:15 | 000,854,355 | ---- | M] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:19:07 | 837,171,865 | ---- | M] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:24:17 | 733,867,381 | ---- | M] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:31:48 | 1479,689,302 | ---- | M] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:06 | 000,239,107 | ---- | M] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:36 | 001,611,202 | ---- | M] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:54:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:37:40 | 000,002,051 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:21:45 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:19:14 | 006,369,640 | ---- | M] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/01 09:02:43 | 000,039,317 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/30 21:29:12 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/30 21:05:09 | 010,971,424 | ---- | M] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 13:28:19 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/04/30 13:25:27 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 13:25:26 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/30 13:25:26 | 000,000,914 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/30 08:38:23 | 1502,076,584 | ---- | M] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 16:58:02 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Gary.job
[2014/04/29 13:31:15 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 13:31:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/29 08:11:23 | 1467,971,725 | ---- | M] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:55:02 | 967,586,375 | ---- | M] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:42 | 006,195,323 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:13 | 003,000,315 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/16 10:52:03 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2014/04/13 15:22:17 | 851,125,388 | ---- | M] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:39 | 000,222,166 | ---- | M] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:41:09 | 837,117,006 | ---- | M] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:18:06 | 002,290,165 | ---- | M] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:44 | 002,024,146 | ---- | M] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | M] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/07 09:06:32 | 001,310,621 | ---- | C] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 10:31:11 | 000,105,199 | ---- | C] () -- C:\Users\Gary\Desktop\SF-87A.pdf
[2014/05/06 10:28:56 | 000,021,297 | ---- | C] () -- C:\Users\Gary\Desktop\DOT 1631.pdf
[2014/05/06 10:27:14 | 000,071,458 | ---- | C] () -- C:\Users\Gary\Desktop\eQip Brochure.pdf
[2014/05/06 09:24:55 | 000,000,570 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:12 | 000,854,355 | ---- | C] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:03:53 | 837,171,865 | ---- | C] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:11:27 | 733,867,381 | ---- | C] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:01:58 | 1479,689,302 | ---- | C] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:05 | 000,239,107 | ---- | C] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:33 | 001,611,202 | ---- | C] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:21:45 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:21:44 | 000,019,280 | ---- | C] () -- C:\Windows\SysNative\drivers\asdnet.sys
[2014/05/01 09:19:08 | 006,369,640 | ---- | C] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,051 | ---- | C] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:10:57 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/30 21:29:12 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/04/30 13:19:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/30 08:27:39 | 1502,076,584 | ---- | C] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 08:01:21 | 1467,971,725 | ---- | C] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:48:18 | 967,586,375 | ---- | C] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:41 | 006,195,323 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:10 | 003,000,315 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/13 14:20:20 | 851,125,388 | ---- | C] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:37 | 000,222,166 | ---- | C] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:33:54 | 837,117,006 | ---- | C] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:12:20 | 002,290,165 | ---- | C] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:42 | 002,024,146 | ---- | C] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | C] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[2014/03/30 09:41:21 | 000,000,732 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps64.dat
[2014/02/18 19:15:33 | 000,012,005 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\alsoft.ini
[2012/07/15 09:49:45 | 000,000,680 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps.dat
[2011/12/13 09:20:01 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE3.dat
[2011/12/13 09:13:07 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE2.dat
[2011/12/12 23:41:34 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE1.dat
[2011/12/12 21:29:01 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2011/12/12 21:29:01 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat
[2011/05/23 08:44:15 | 000,000,000 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2011/05/18 17:47:00 | 000,001,940 | ---- | C] () -- C:\Users\Gary\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 07:55:03 | 000,000,092 | ---- | C] () -- C:\Users\Gary\AppData\Local\fusioncache.dat
[2010/03/21 21:09:21 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/21 20:58:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/18 17:07:28 | 000,036,352 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
"ThreadingModel" = Apartment

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\tehhobtextd72.mkv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\escpepln72-G.mkv:TOC.WMV
@Alternate Data Stream - 453 bytes -> C:\Users\Gary\Desktop\2-5.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-4.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-1.jpg:com.dropbox.attributes
@Alternate Data Stream - 448 bytes -> C:\Users\Gary\Desktop\2-2.jpg:com.dropbox.attributes
@Alternate Data Stream - 446 bytes -> C:\Users\Gary\Desktop\2-3.jpg:com.dropbox.attributes
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B2AA1B61

< End of report >






#7 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 07 May 2014 - 08:37 AM

Hi biggary1689,

Your version of Internet Explorer is out dated. Update IE and get the latest version that will run on Windows Vista.
http://windows.micro...rer/download-ie

=========================

bullseye_zpse9eaf36e.gif Flush the Internet Explorer Cache
  • In Internet Explorer, click Tools
  • Select Internet Options
  • Now on the General tab and click Delete Files and select Delete all Offline content too
  • Click OK.
  • When it finishes Click OK.
=========================

bullseye_zpse9eaf36e.gif Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • Java 7 Update 17
  • Adobe Reader 10.1.8
=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif Update Java
  • Get the current version of Java (Version 7 Update 55) by going to http://java.com/en/d...d/installed.jsp
  • Select the Verify Java Version button and follow the onscreen instructions to update if necessary.
=========================

bullseye_zpse9eaf36e.gif Adobe Reader:

Go to http://get.adobe.com.../otherversions/
  • Use the drop down menu's to select your operating system
  • Select your language > Select The current version of Adobe Reader for your language
  • Remove the check mark from the box "Free! McAfee Security Scan Plus"
  • Click the Download button, and follow the onscreen directions to complete the installation.
Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif TDSSKiller

Please download TDSSKiller.zip - Extract it to your desktop
  • TDSSKiller.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Press Start Scan
    • Only if Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================

In your next post please provide the following:
  • TDSSKiller log

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#8 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 07 May 2014 - 01:37 PM

I updated IE and uninstalled the listed java and adobe and then rebooted. However, I am not able to get the new java or adobe to install. Java says it cannot proceed with the current internet connection settings. IE is not connecting to any webpage and firefox which i usually use was giving me a proxy server connection error. I selected no proxy under connection setting and this allowed me to connect to the web. Any suggestions? Should I run TDSSkiller or try to get java a adobe working first?

#9 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 07 May 2014 - 02:06 PM

Nevermind that last post. I was able to get java and adobe installed. Also IE is working. Here is the TDSSkiller log. 16:03:32.0532 0x12cc TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10 16:03:39.0760 0x12cc ============================================================ 16:03:39.0760 0x12cc Current date / time: 2014/05/07 16:03:39.0760 16:03:39.0760 0x12cc SystemInfo: 16:03:39.0760 0x12cc 16:03:39.0760 0x12cc OS Version: 6.0.6002 ServicePack: 2.0 16:03:39.0760 0x12cc Product type: Workstation 16:03:39.0760 0x12cc ComputerName: GARY-PC 16:03:39.0760 0x12cc UserName: Gary 16:03:39.0760 0x12cc Windows directory: C:\Windows 16:03:39.0760 0x12cc System windows directory: C:\Windows 16:03:39.0760 0x12cc Running under WOW64 16:03:39.0760 0x12cc Processor architecture: Intel x64 16:03:39.0760 0x12cc Number of processors: 4 16:03:39.0760 0x12cc Page size: 0x1000 16:03:39.0760 0x12cc Boot type: Normal boot 16:03:39.0760 0x12cc ============================================================ 16:03:40.0074 0x12cc KLMD registered as C:\Windows\system32\drivers\53672403.sys 16:03:40.0379 0x12cc System UUID: {935CA03A-6BFE-ED87-B5FB-55870AAD0B6A} 16:03:41.0216 0x12cc Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:03:41.0235 0x12cc ============================================================ 16:03:41.0235 0x12cc \Device\Harddisk0\DR0: 16:03:41.0235 0x12cc MBR partitions: 16:03:41.0235 0x12cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x55EA433D 16:03:41.0235 0x12cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x55EA437C, BlocksNum 0x16A0F85 16:03:41.0235 0x12cc ============================================================ 16:03:41.0259 0x12cc C: <-> \Device\Harddisk0\DR0\Partition1 16:03:41.0352 0x12cc D: <-> \Device\Harddisk0\DR0\Partition2 16:03:41.0352 0x12cc ============================================================ 16:03:41.0352 0x12cc Initialize success 16:03:41.0352 0x12cc ============================================================ 16:03:51.0985 0x0f30 ============================================================ 16:03:51.0985 0x0f30 Scan started 16:03:51.0985 0x0f30 Mode: Manual; 16:03:51.0985 0x0f30 ============================================================ 16:03:51.0985 0x0f30 KSN ping started 16:04:18.0782 0x0f30 KSN ping finished: true 16:04:19.0471 0x0f30 ================ Scan system memory ======================== 16:04:19.0471 0x0f30 Scan was interrupted by user! 16:04:19.0499 0x0f30 Win FW state via NFP2: enabled 16:04:24.0227 0x0f30 ============================================================ 16:04:24.0227 0x0f30 Scan finished 16:04:24.0227 0x0f30 ============================================================ 16:04:24.0235 0x0520 Detected object count: 0 16:04:24.0235 0x0520 Actual detected object count: 0 16:04:29.0453 0x12dc ============================================================ 16:04:29.0453 0x12dc Scan started 16:04:29.0453 0x12dc Mode: Manual; 16:04:29.0453 0x12dc ============================================================ 16:04:29.0453 0x12dc KSN ping started 16:04:29.0695 0x12dc KSN ping finished: true 16:04:30.0834 0x12dc ================ Scan system memory ======================== 16:04:30.0834 0x12dc System memory - ok 16:04:30.0835 0x12dc ================ Scan services ============================= 16:04:31.0233 0x12dc [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys 16:04:31.0238 0x12dc ACPI - ok 16:04:31.0548 0x12dc [ 0B42796730F47D8154B54BEAF72E2382, 00DEBE4D9FBCAC42000E1EC6D4F026B6E22EADB85F313C38CDB714C002A4CD34 ] AdblockerSrv C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe 16:04:31.0554 0x12dc AdblockerSrv - ok 16:04:31.0739 0x12dc [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:04:31.0740 0x12dc AdobeARMservice - ok 16:04:31.0979 0x12dc [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:04:31.0984 0x12dc AdobeFlashPlayerUpdateSvc - ok 16:04:32.0078 0x12dc [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:04:32.0086 0x12dc adp94xx - ok 16:04:32.0149 0x12dc [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:04:32.0155 0x12dc adpahci - ok 16:04:32.0196 0x12dc [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 16:04:32.0199 0x12dc adpu160m - ok 16:04:32.0277 0x12dc [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:04:32.0280 0x12dc adpu320 - ok 16:04:32.0333 0x12dc [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:04:32.0334 0x12dc AeLookupSvc - ok 16:04:32.0424 0x12dc [ 2BA159E1F9FD75F6A496742B20F1D9CF, 50094F6E8415ACDBC0DA9C24EDAB3F9B192D2F0D6A820C18E8DBC6D72849D612 ] AFD C:\Windows\system32\drivers\afd.sys 16:04:32.0431 0x12dc AFD - ok 16:04:32.0476 0x12dc [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys 16:04:32.0478 0x12dc agp440 - ok 16:04:32.0537 0x12dc [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys 16:04:32.0539 0x12dc aic78xx - ok 16:04:32.0592 0x12dc [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe 16:04:32.0593 0x12dc ALG - ok 16:04:32.0611 0x12dc [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide C:\Windows\system32\drivers\aliide.sys 16:04:32.0611 0x12dc aliide - ok 16:04:32.0624 0x12dc [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys 16:04:32.0624 0x12dc amdide - ok 16:04:32.0638 0x12dc [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:04:32.0639 0x12dc AmdK8 - ok 16:04:32.0691 0x12dc [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo C:\Windows\System32\appinfo.dll 16:04:32.0693 0x12dc Appinfo - ok 16:04:32.0778 0x12dc [ 20F6F19FE9E753F2780DC2FA083AD597, 5106F0F9BA8A7DE49260A9B13BF8EC45ACA6A166FA8B10B4F69C3BB54F6840A1 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:04:32.0780 0x12dc Apple Mobile Device - ok 16:04:32.0852 0x12dc [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys 16:04:32.0854 0x12dc arc - ok 16:04:32.0901 0x12dc [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:04:32.0902 0x12dc arcsas - ok 16:04:32.0972 0x12dc [ 7F906B6F61531F3CB0B07622FE6FD70A, 5149C4C261ACE503F8628B0E2EA22D73892C2883FC94278ECBDE255C45D06D16 ] asdnet C:\Windows\system32\DRIVERS\asdnet.sys 16:04:32.0972 0x12dc asdnet - ok 16:04:33.0094 0x12dc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:04:33.0095 0x12dc aspnet_state - ok 16:04:33.0154 0x12dc [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:04:33.0155 0x12dc AsyncMac - ok 16:04:33.0185 0x12dc [ 1898FAE8E07D97F2F6C2D5326C633FAC, 62142E7B720C0A7FAD36577EE985B5793CB395574A3ECA9F2AF613C0F889D39C ] atapi C:\Windows\system32\drivers\atapi.sys 16:04:33.0186 0x12dc atapi - ok 16:04:33.0255 0x12dc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:04:33.0263 0x12dc AudioEndpointBuilder - ok 16:04:33.0381 0x12dc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:04:33.0388 0x12dc AudioSrv - ok 16:04:33.0395 0x12dc Beep - ok 16:04:33.0496 0x12dc [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll 16:04:33.0504 0x12dc BFE - ok 16:04:33.0640 0x12dc [ 4D7F8401EAE7EAA4EF702FA6F4153269, 2C593100ECE0CD405FDB4D8C2D0841460847E29DB40726870AAD70C1A7C56D39 ] BHDrvx64 C:\Windows\System32\Drivers\N360x64\0308030.006\BHDrvx64.sys 16:04:33.0645 0x12dc BHDrvx64 - ok 16:04:33.0710 0x12dc [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\System32\qmgr.dll 16:04:33.0729 0x12dc BITS - ok 16:04:33.0827 0x12dc [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 16:04:33.0828 0x12dc blbdrive - ok 16:04:34.0075 0x12dc [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 16:04:34.0081 0x12dc Bonjour Service - ok 16:04:34.0165 0x12dc [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:04:34.0167 0x12dc bowser - ok 16:04:34.0230 0x12dc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 16:04:34.0231 0x12dc BrFiltLo - ok 16:04:34.0246 0x12dc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 16:04:34.0246 0x12dc BrFiltUp - ok 16:04:34.0301 0x12dc [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll 16:04:34.0303 0x12dc Browser - ok 16:04:34.0344 0x12dc [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys 16:04:34.0345 0x12dc Brserid - ok 16:04:34.0373 0x12dc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 16:04:34.0374 0x12dc BrSerWdm - ok 16:04:34.0412 0x12dc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 16:04:34.0412 0x12dc BrUsbMdm - ok 16:04:34.0513 0x12dc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 16:04:34.0513 0x12dc BrUsbSer - ok 16:04:34.0622 0x12dc [ FF7C57973EEAD140062238C5A0B7D455, 71055CAA7A7072F88E9218F2DCBD3122FAB3DFEE042F8D4D0D90AAC922C736E2 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys 16:04:34.0623 0x12dc BTCFilterService - ok 16:04:34.0718 0x12dc [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:04:34.0720 0x12dc BTHMODEM - ok 16:04:34.0795 0x12dc [ 9887CA12F407D7FBC7F48F3678F5F0B6, 1EA21563AE990CE4EF407AB349DE5A66CB93CD7602FE6E450E119ADF0343914E ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS 16:04:34.0796 0x12dc BVRPMPR5a64 - ok 16:04:34.0863 0x12dc [ 6C2DD66A3DB32450D661BA89B18B1941, F90707A6A708EFBED67E5FEEF713CD10CB9BBFEBDC4D0F9A5AD7BCF135E2FE1E ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys 16:04:34.0870 0x12dc CAXHWBS2 - ok 16:04:34.0987 0x12dc [ A2E6AB452B9393CA8D11D28827E0E1A1, E48927B2A9B9D17583217E7366564DA58FB4F24F250D254D0467CBF5F6515146 ] ccHP C:\Windows\System32\Drivers\N360x64\0308030.006\ccHPx64.sys 16:04:34.0997 0x12dc ccHP - ok 16:04:35.0056 0x12dc [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:04:35.0057 0x12dc cdfs - ok 16:04:35.0083 0x12dc [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:04:35.0085 0x12dc cdrom - ok 16:04:35.0139 0x12dc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll 16:04:35.0140 0x12dc CertPropSvc - ok 16:04:35.0178 0x12dc [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 16:04:35.0179 0x12dc circlass - ok 16:04:35.0348 0x12dc [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS C:\Windows\system32\CLFS.sys 16:04:35.0354 0x12dc CLFS - ok 16:04:35.0524 0x12dc [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:04:35.0526 0x12dc clr_optimization_v2.0.50727_32 - ok 16:04:35.0617 0x12dc [ CE07A466201096F021CD09D631B21540, 1A11DDAB7000569A89F3FA26BDEE4D527FA6D57D3F91CDABAA9C02CACDDE5F6D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:04:35.0619 0x12dc clr_optimization_v2.0.50727_64 - ok 16:04:36.0169 0x12dc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:04:36.0171 0x12dc clr_optimization_v4.0.30319_32 - ok 16:04:36.0207 0x12dc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:04:36.0210 0x12dc clr_optimization_v4.0.30319_64 - ok 16:04:36.0268 0x12dc [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:04:36.0269 0x12dc cmdide - ok 16:04:36.0309 0x12dc [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:04:36.0310 0x12dc Compbatt - ok 16:04:36.0313 0x12dc COMSysApp - ok 16:04:36.0378 0x12dc [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:04:36.0379 0x12dc crcdisk - ok 16:04:36.0436 0x12dc [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:04:36.0440 0x12dc CryptSvc - ok 16:04:36.0497 0x12dc [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys 16:04:36.0499 0x12dc ctxusbm - ok 16:04:36.0576 0x12dc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll 16:04:36.0589 0x12dc DcomLaunch - ok 16:04:36.0674 0x12dc [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:04:36.0676 0x12dc DfsC - ok 16:04:36.0863 0x12dc [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe 16:04:36.0920 0x12dc DFSR - ok 16:04:37.0035 0x12dc [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 16:04:37.0040 0x12dc Dhcp - ok 16:04:37.0097 0x12dc [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys 16:04:37.0099 0x12dc disk - ok 16:04:37.0153 0x12dc [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:04:37.0156 0x12dc Dnscache - ok 16:04:37.0240 0x12dc [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll 16:04:37.0244 0x12dc dot3svc - ok 16:04:37.0284 0x12dc [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll 16:04:37.0287 0x12dc DPS - ok 16:04:37.0346 0x12dc [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:04:37.0346 0x12dc drmkaud - ok 16:04:37.0416 0x12dc dump_wmimmc - ok 16:04:37.0603 0x12dc [ 0A3C78677FF62E9E0AE7CC25C790A968, 6A2D81BC3715FD4960D2C853870C056C5BFE581B25C4592CBF65EAC044DFEAB3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:04:37.0618 0x12dc DXGKrnl - ok 16:04:37.0695 0x12dc [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 16:04:37.0697 0x12dc E1G60 - ok 16:04:37.0701 0x12dc EagleX64 - ok 16:04:37.0745 0x12dc [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll 16:04:37.0747 0x12dc EapHost - ok 16:04:37.0789 0x12dc [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache C:\Windows\system32\drivers\ecache.sys 16:04:37.0792 0x12dc Ecache - ok 16:04:38.0186 0x12dc [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 16:04:38.0194 0x12dc eeCtrl - ok 16:04:38.0345 0x12dc [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:04:38.0351 0x12dc ehRecvr - ok 16:04:38.0409 0x12dc [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe 16:04:38.0412 0x12dc ehSched - ok 16:04:38.0507 0x12dc [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll 16:04:38.0508 0x12dc ehstart - ok 16:04:38.0643 0x12dc [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:04:38.0650 0x12dc elxstor - ok 16:04:38.0788 0x12dc [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 16:04:38.0795 0x12dc EMDMgmt - ok 16:04:38.0868 0x12dc [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 16:04:38.0870 0x12dc EraserUtilRebootDrv - ok 16:04:38.0896 0x12dc [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:04:38.0897 0x12dc ErrDev - ok 16:04:39.0068 0x12dc [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll 16:04:39.0075 0x12dc EventSystem - ok 16:04:39.0142 0x12dc [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys 16:04:39.0145 0x12dc exfat - ok 16:04:39.0282 0x12dc [ 1A4BEE34277784619DDAF0422C0C6E23, 3223E1B5DD4866D8E09F1B465FF82C911DDEE5B01B084543086E47B11D2AEA77 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:04:39.0286 0x12dc fastfat - ok 16:04:39.0331 0x12dc [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 16:04:39.0332 0x12dc fdc - ok 16:04:39.0417 0x12dc [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll 16:04:39.0418 0x12dc fdPHost - ok 16:04:39.0463 0x12dc [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll 16:04:39.0464 0x12dc FDResPub - ok 16:04:39.0508 0x12dc [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:04:39.0509 0x12dc FileInfo - ok 16:04:39.0628 0x12dc [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:04:39.0629 0x12dc Filetrace - ok 16:04:39.0653 0x12dc [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 16:04:39.0654 0x12dc flpydisk - ok 16:04:39.0751 0x12dc [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:04:39.0756 0x12dc FltMgr - ok 16:04:40.0102 0x12dc [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache C:\Windows\system32\FntCache.dll 16:04:40.0121 0x12dc FontCache - ok 16:04:40.0267 0x12dc [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:04:40.0268 0x12dc FontCache3.0.0.0 - ok 16:04:40.0343 0x12dc [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:04:40.0343 0x12dc Fs_Rec - ok 16:04:40.0414 0x12dc [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:04:40.0415 0x12dc gagp30kx - ok 16:04:40.0702 0x12dc [ 6139AE70E943B2A57AD04B70A316C0A0, D062AE2E7BABE70BDF28AFDF860F5D3AE4C16D042919CB5A4E935A765495D6A5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe 16:04:40.0705 0x12dc GameConsoleService - ok 16:04:40.0779 0x12dc [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:04:40.0780 0x12dc GEARAspiWDM - ok 16:04:40.0977 0x12dc [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc C:\Windows\System32\gpsvc.dll 16:04:40.0990 0x12dc gpsvc - ok 16:04:41.0068 0x12dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:04:41.0071 0x12dc gupdate - ok 16:04:41.0093 0x12dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:04:41.0096 0x12dc gupdatem - ok 16:04:41.0292 0x12dc [ 5171235F3727D5B65F356DDE6433D357, E18CCD538BB9A62C9416D38E3CBB9704D8E254E6131ECEEDC1A64D466B1E5132 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys 16:04:41.0315 0x12dc HCW85BDA - ok 16:04:41.0604 0x12dc [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:04:41.0620 0x12dc HDAudBus - ok 16:04:41.0719 0x12dc [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:04:41.0720 0x12dc HidBth - ok 16:04:41.0766 0x12dc [ 5F47839455D01FF6403B008D481A6F5B, 0CC1E8EE4C3E46937DEA39EAC2498C1A89667D6828430162FDFAE845C37D7079 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 16:04:41.0767 0x12dc HidIr - ok 16:04:41.0834 0x12dc [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\System32\hidserv.dll 16:04:41.0835 0x12dc hidserv - ok 16:04:41.0940 0x12dc [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:04:41.0941 0x12dc HidUsb - ok 16:04:42.0039 0x12dc [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys 16:04:42.0040 0x12dc hitmanpro37 - ok 16:04:42.0065 0x12dc [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:04:42.0067 0x12dc hkmsvc - ok 16:04:42.0181 0x12dc [ CB383AB0B8BA871D893B86D3C9A3ED9F, 0DFFA243CE59871556149A4C9C41BDE41280E755139EC5F199A755FC9DDE0F31 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe 16:04:42.0183 0x12dc HP Health Check Service - ok 16:04:42.0446 0x12dc [ DEB82AF183F1CD06813D91ED104C645C, E611EB78A1E7D32FCE1DF60AAD9E6894CCD61F3BD37AD7FE1C4ECF068CA1A3D8 ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe 16:04:42.0449 0x12dc HPBtnSrv - ok 16:04:42.0507 0x12dc [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 16:04:42.0508 0x12dc HpCISSs - ok 16:04:42.0625 0x12dc [ B14328CFEEB6B736BE44C2C9DB3B162C, 910CA1ABA52D27139AE8E046B4DEFD8DD565842B0F53A989A23D72880B6F1916 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 16:04:42.0629 0x12dc hpqcxs08 - ok 16:04:42.0716 0x12dc [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 16:04:42.0719 0x12dc hpqddsvc - ok 16:04:42.0770 0x12dc [ 969F2F6571B915BADA4FA68228C2CBBC, 98738009B4646D63FB6681479F4F0BB2B64399AE465C4A83880642FEC72A2EDB ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 16:04:42.0786 0x12dc HPSLPSVC - ok 16:04:43.0113 0x12dc [ 3A9291D4047935F776DB8AF831AB9BA6, D4311C1D0ED12A08015E14DEF5F6E88BBEE1B4206BB1EAA9434847B5AD8B0F1F ] HSF_DP C:\Windows\system32\DRIVERS\CAX_DP.sys 16:04:43.0137 0x12dc HSF_DP - ok 16:04:43.0225 0x12dc [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:04:43.0236 0x12dc HTTP - ok 16:04:43.0287 0x12dc [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys 16:04:43.0288 0x12dc i2omp - ok 16:04:43.0355 0x12dc [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 16:04:43.0356 0x12dc i8042prt - ok 16:04:43.0530 0x12dc [ 204A73A56751C68C6031E9D5D611EC98, 02710099E3B1FE62FD207CB8952184C99FA5A69FF23734D0236E8F6B39BC596A ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe 16:04:43.0536 0x12dc IAANTMON - ok 16:04:43.0581 0x12dc [ CEB53BB804B41C52AB0782505C8E2994, AFA87D5A9512A9308E4CA8E70639C5A905CA0CEE6EDC35F8673E1F033FC925B4 ] iaStor C:\Windows\system32\drivers\iastor.sys 16:04:43.0588 0x12dc iaStor - ok 16:04:43.0745 0x12dc [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 16:04:43.0750 0x12dc iaStorV - ok 16:04:43.0865 0x12dc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 16:04:43.0866 0x12dc IDriverT - ok 16:04:44.0083 0x12dc [ 749F5F8CEDCA70F2A512945325FC489D, 443B4F779F27CD69C1F072823FCD9E5BA7590B6F48BE759DC6A1F898C467E58F ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:04:44.0097 0x12dc idsvc - ok 16:04:44.0959 0x12dc [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20140506.001\IDSvia64.sys 16:04:44.0968 0x12dc IDSVia64 - ok 16:04:45.0036 0x12dc [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:04:45.0037 0x12dc iirsp - ok 16:04:45.0121 0x12dc [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll 16:04:45.0129 0x12dc IKEEXT - ok 16:04:45.0402 0x12dc [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0, 8099C0FC143EA9EFAC54C31FD1A059D7AFAC1C90446CD5BAE0862F5CBCCEDFDF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:04:45.0431 0x12dc IntcAzAudAddService - ok 16:04:45.0569 0x12dc [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys 16:04:45.0570 0x12dc intelide - ok 16:04:45.0683 0x12dc [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:04:45.0684 0x12dc intelppm - ok 16:04:45.0756 0x12dc [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:04:45.0758 0x12dc IPBusEnum - ok 16:04:45.0837 0x12dc [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:04:45.0838 0x12dc IpFilterDriver - ok 16:04:45.0906 0x12dc [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:04:45.0911 0x12dc iphlpsvc - ok 16:04:45.0917 0x12dc IpInIp - ok 16:04:45.0957 0x12dc [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 16:04:45.0959 0x12dc IPMIDRV - ok 16:04:45.0974 0x12dc [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 16:04:45.0976 0x12dc IPNAT - ok 16:04:46.0087 0x12dc [ F8E8676D1B6B2CC12DF9AA6B1A43D929, A1C45908A0E838F84BE941BFD96642B539BD031DB66B4E7B49F6B62B1039739E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 16:04:46.0103 0x12dc iPod Service - ok 16:04:46.0141 0x12dc [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:04:46.0142 0x12dc IRENUM - ok 16:04:46.0171 0x12dc [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:04:46.0172 0x12dc isapnp - ok 16:04:46.0214 0x12dc [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 16:04:46.0219 0x12dc iScsiPrt - ok 16:04:46.0248 0x12dc [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 16:04:46.0249 0x12dc iteatapi - ok 16:04:46.0306 0x12dc [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys 16:04:46.0307 0x12dc iteraid - ok 16:04:46.0332 0x12dc [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:04:46.0333 0x12dc kbdclass - ok 16:04:46.0340 0x12dc [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:04:46.0341 0x12dc kbdhid - ok 16:04:46.0358 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe 16:04:46.0359 0x12dc KeyIso - ok 16:04:46.0388 0x12dc [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:04:46.0397 0x12dc KSecDD - ok 16:04:46.0451 0x12dc [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:04:46.0452 0x12dc ksthunk - ok 16:04:46.0552 0x12dc [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll 16:04:46.0559 0x12dc KtmRm - ok 16:04:46.0596 0x12dc [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\System32\srvsvc.dll 16:04:46.0600 0x12dc LanmanServer - ok 16:04:46.0654 0x12dc [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:04:46.0659 0x12dc LanmanWorkstation - ok 16:04:46.0756 0x12dc [ 4ADC135F525D38A498F83B089228CC2D, 52EC57DDFC3FD8A0EF1095E597F0EF8B7E8FC3791E10361D44E487C88C957C33 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:04:46.0762 0x12dc LBTServ - ok 16:04:46.0803 0x12dc [ 24E09882BA51B9830AE029888A3AAF18, 72CEF9789EC0236D3792A7EA1FE80FF8AE3753E9C1A97C170DC1BB811090DF49 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 16:04:46.0804 0x12dc LHidFilt - ok 16:04:46.0857 0x12dc [ 7550D101BF49FDB1F92666A233EE36C4, 281EE6C9AAE0A3FDA8D0FE7CD6BA55C481B8719799A526601FEA0542345CAF18 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 16:04:46.0859 0x12dc LightScribeService - ok 16:04:46.0873 0x12dc [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:04:46.0874 0x12dc lltdio - ok 16:04:46.0922 0x12dc [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:04:46.0928 0x12dc lltdsvc - ok 16:04:47.0008 0x12dc [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll 16:04:47.0010 0x12dc lmhosts - ok 16:04:47.0023 0x12dc [ 2F94325D8C10E2B715F3D753C2422AAC, F5B45D3C6773577AF8D179AA3E4092C1A52DFBEC1A365A2A1B7181CDE1D22C2E ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 16:04:47.0024 0x12dc LMouFilt - ok 16:04:47.0075 0x12dc [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:04:47.0077 0x12dc LSI_FC - ok 16:04:47.0116 0x12dc [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:04:47.0119 0x12dc LSI_SAS - ok 16:04:47.0159 0x12dc [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:04:47.0162 0x12dc LSI_SCSI - ok 16:04:47.0208 0x12dc [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys 16:04:47.0211 0x12dc luafv - ok 16:04:47.0239 0x12dc [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:04:47.0241 0x12dc Mcx2Svc - ok 16:04:47.0281 0x12dc [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 16:04:47.0282 0x12dc mdmxsdk - ok 16:04:47.0322 0x12dc [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys 16:04:47.0323 0x12dc megasas - ok 16:04:47.0368 0x12dc [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys 16:04:47.0376 0x12dc MegaSR - ok 16:04:47.0478 0x12dc [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 16:04:47.0479 0x12dc Microsoft Office Groove Audit Service - ok 16:04:47.0505 0x12dc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll 16:04:47.0507 0x12dc MMCSS - ok 16:04:47.0529 0x12dc [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys 16:04:47.0530 0x12dc Modem - ok 16:04:47.0537 0x12dc [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:04:47.0538 0x12dc monitor - ok 16:04:47.0602 0x12dc [ 93F5ADCAD940111F6D4D71AE1D9EC7F6, 12E5D2F0B6D419E9FAA9D10A99FA33DA686DA2FEE6E1C6AE94DC0D22B9DD4929 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 16:04:47.0603 0x12dc motccgp - ok 16:04:47.0625 0x12dc [ D51E009BAEDA07EBC107D49D224C2414, F8EF80E91D67697337DD82FE0489448D2566C97C6B189BBBB4733B42BF26AB0C ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys 16:04:47.0626 0x12dc motccgpfl - ok 16:04:47.0665 0x12dc [ DB83DC223B9133DA3E41AFCBDECC46B5, A0780ECFC8A08BD5FE71C0413AC50BC4E00AA4A4B5CD9997889F5FA86B93D698 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys 16:04:47.0666 0x12dc motmodem - ok 16:04:47.0724 0x12dc [ 36AC4DECEAE4226A5B5DD038C49658E1, FFCFEA39368130A8DF8CA9B63F89ACCDBD448841A7488E0C02E3C8EC947A0D9C ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 16:04:47.0728 0x12dc MotoHelper - ok 16:04:47.0753 0x12dc [ EBD05F60CAFC5BBA2602B8D7101082D3, 9144E1E7C4DD6150C0E97B4C628DE0216ED372062F5F0FB216C81CAF93DBBF07 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 16:04:47.0753 0x12dc MotoSwitchService - ok 16:04:47.0796 0x12dc [ 87701078C3F720AC7A028E937994CC49, 8A16F0E91F44DA2679DD54266324618930C081C768E067B28AAEB93EC599C4E0 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys 16:04:47.0797 0x12dc Motousbnet - ok 16:04:47.0844 0x12dc [ 307727F9829FB46FF4BE0E4D1DAC5002, AE3CC069634D01748869E141E948553EA23E6F12BEDCE26F412A702377805496 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys 16:04:47.0845 0x12dc motusbdevice - ok 16:04:47.0862 0x12dc [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:04:47.0863 0x12dc mouclass - ok 16:04:47.0900 0x12dc [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:04:47.0901 0x12dc mouhid - ok 16:04:47.0918 0x12dc [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 16:04:47.0919 0x12dc MountMgr - ok 16:04:47.0975 0x12dc [ 4F65CBD93B9807BFD4C95598CAA390EE, 1AB3332F401A98A7E3CE99E6126D63E103B360C947BD73735B32C24FCD673D25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:04:47.0977 0x12dc MozillaMaintenance - ok 16:04:48.0012 0x12dc [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys 16:04:48.0015 0x12dc mpio - ok 16:04:48.0071 0x12dc [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:04:48.0072 0x12dc mpsdrv - ok 16:04:48.0222 0x12dc [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:04:48.0233 0x12dc MpsSvc - ok 16:04:48.0269 0x12dc [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 16:04:48.0270 0x12dc Mraid35x - ok 16:04:48.0314 0x12dc [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:04:48.0317 0x12dc MRxDAV - ok 16:04:48.0352 0x12dc [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:04:48.0354 0x12dc mrxsmb - ok 16:04:48.0397 0x12dc [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:04:48.0402 0x12dc mrxsmb10 - ok 16:04:48.0410 0x12dc [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:04:48.0412 0x12dc mrxsmb20 - ok 16:04:48.0490 0x12dc [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci C:\Windows\system32\drivers\msahci.sys 16:04:48.0491 0x12dc msahci - ok 16:04:48.0539 0x12dc [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:04:48.0541 0x12dc msdsm - ok 16:04:48.0638 0x12dc [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe 16:04:48.0641 0x12dc MSDTC - ok 16:04:48.0753 0x12dc [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:04:48.0754 0x12dc Msfs - ok 16:04:48.0763 0x12dc [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:04:48.0764 0x12dc msisadrv - ok 16:04:48.0802 0x12dc [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:04:48.0805 0x12dc MSiSCSI - ok 16:04:48.0824 0x12dc msiserver - ok 16:04:48.0844 0x12dc [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:04:48.0845 0x12dc MSKSSRV - ok 16:04:48.0861 0x12dc [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:04:48.0861 0x12dc MSPCLOCK - ok 16:04:48.0870 0x12dc [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:04:48.0870 0x12dc MSPQM - ok 16:04:48.0906 0x12dc [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:04:48.0911 0x12dc MsRPC - ok 16:04:48.0939 0x12dc [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:04:48.0940 0x12dc mssmbios - ok 16:04:48.0960 0x12dc [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:04:48.0961 0x12dc MSTEE - ok 16:04:48.0984 0x12dc [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys 16:04:48.0985 0x12dc Mup - ok 16:04:49.0097 0x12dc [ 64C89DB40949FD0E7C8FF303676A91F1, A3E5DC71DFF0E04EC398ED26ED5B4A81F938533E710CFCEAA99DF585C0AA79C9 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe 16:04:49.0100 0x12dc N360 - ok 16:04:49.0144 0x12dc [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll 16:04:49.0152 0x12dc napagent - ok 16:04:49.0197 0x12dc [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:04:49.0200 0x12dc NativeWifiP - ok 16:04:49.0332 0x12dc [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.001\ENG64.SYS 16:04:49.0334 0x12dc NAVENG - ok 16:04:49.0680 0x12dc [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.001\EX64.SYS 16:04:49.0715 0x12dc NAVEX15 - ok 16:04:49.0863 0x12dc [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:04:49.0876 0x12dc NDIS - ok 16:04:49.0926 0x12dc [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:04:49.0927 0x12dc NdisTapi - ok 16:04:49.0939 0x12dc [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:04:49.0940 0x12dc Ndisuio - ok 16:04:50.0007 0x12dc [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:04:50.0011 0x12dc NdisWan - ok 16:04:50.0056 0x12dc [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:04:50.0057 0x12dc NDProxy - ok 16:04:50.0082 0x12dc [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 16:04:50.0084 0x12dc Net Driver HPZ12 - ok 16:04:50.0138 0x12dc [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:04:50.0139 0x12dc NetBIOS - ok 16:04:50.0164 0x12dc [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt C:\Windows\system32\DRIVERS\netbt.sys 16:04:50.0169 0x12dc netbt - ok 16:04:50.0222 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe 16:04:50.0224 0x12dc Netlogon - ok 16:04:50.0286 0x12dc [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll 16:04:50.0293 0x12dc Netman - ok 16:04:50.0389 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0392 0x12dc NetMsmqActivator - ok 16:04:50.0398 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0401 0x12dc NetPipeActivator - ok 16:04:50.0446 0x12dc [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm C:\Windows\System32\netprofm.dll 16:04:50.0452 0x12dc netprofm - ok 16:04:50.0533 0x12dc [ 653A267797A4DE4A69014ED61945067A, ABF22D2DAF52F917533B30282DA215079BAFCEF26EEB9F06CBDF3707594593F1 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys 16:04:50.0543 0x12dc netr28x - ok 16:04:50.0551 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0553 0x12dc NetTcpActivator - ok 16:04:50.0559 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0562 0x12dc NetTcpPortSharing - ok 16:04:50.0594 0x12dc [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:04:50.0595 0x12dc nfrd960 - ok 16:04:50.0616 0x12dc [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:04:50.0620 0x12dc NlaSvc - ok 16:04:50.0640 0x12dc [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:04:50.0641 0x12dc Npfs - ok 16:04:50.0645 0x12dc npggsvc - ok 16:04:50.0650 0x12dc NPPTNT2 - ok 16:04:50.0695 0x12dc [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll 16:04:50.0697 0x12dc nsi - ok 16:04:50.0702 0x12dc [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:04:50.0703 0x12dc nsiproxy - ok 16:04:50.0812 0x12dc [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:04:50.0837 0x12dc Ntfs - ok 16:04:50.0870 0x12dc [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys 16:04:50.0871 0x12dc Null - ok 16:04:51.0533 0x12dc [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:04:51.0744 0x12dc nvlddmkm - ok 16:04:51.0832 0x12dc [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:04:51.0834 0x12dc nvraid - ok 16:04:51.0879 0x12dc [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:04:51.0880 0x12dc nvstor - ok 16:04:51.0969 0x12dc [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc C:\Windows\system32\nvvsvc.exe 16:04:51.0985 0x12dc nvsvc - ok 16:04:52.0106 0x12dc [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 16:04:52.0126 0x12dc nvUpdatusService - ok 16:04:52.0158 0x12dc [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:04:52.0160 0x12dc nv_agp - ok 16:04:52.0164 0x12dc NwlnkFlt - ok 16:04:52.0167 0x12dc NwlnkFwd - ok 16:04:52.0241 0x12dc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 16:04:52.0249 0x12dc odserv - ok 16:04:52.0306 0x12dc [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 16:04:52.0307 0x12dc ohci1394 - ok 16:04:52.0356 0x12dc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:04:52.0359 0x12dc ose - ok 16:04:52.0450 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll 16:04:52.0467 0x12dc p2pimsvc - ok 16:04:52.0492 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll 16:04:52.0507 0x12dc p2psvc - ok 16:04:52.0531 0x12dc [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys 16:04:52.0533 0x12dc Parport - ok 16:04:52.0566 0x12dc [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:04:52.0568 0x12dc partmgr - ok 16:04:52.0591 0x12dc [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll 16:04:52.0593 0x12dc PcaSvc - ok 16:04:52.0641 0x12dc [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys 16:04:52.0644 0x12dc pci - ok 16:04:52.0676 0x12dc [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide C:\Windows\system32\drivers\pciide.sys 16:04:52.0676 0x12dc pciide - ok 16:04:52.0710 0x12dc [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:04:52.0714 0x12dc pcmcia - ok 16:04:52.0769 0x12dc [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:04:52.0781 0x12dc PEAUTH - ok 16:04:52.0930 0x12dc [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:04:52.0931 0x12dc PerfHost - ok 16:04:53.0001 0x12dc [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll 16:04:53.0026 0x12dc pla - ok 16:04:53.0085 0x12dc [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:04:53.0092 0x12dc PlugPlay - ok 16:04:53.0157 0x12dc [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 16:04:53.0159 0x12dc Pml Driver HPZ12 - ok 16:04:53.0184 0x12dc PnkBstrA - ok 16:04:53.0207 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 16:04:53.0221 0x12dc PNRPAutoReg - ok 16:04:53.0246 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll 16:04:53.0261 0x12dc PNRPsvc - ok 16:04:53.0309 0x12dc [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:04:53.0318 0x12dc PolicyAgent - ok 16:04:53.0394 0x12dc [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:04:53.0396 0x12dc PptpMiniport - ok 16:04:53.0473 0x12dc [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\drivers\processr.sys 16:04:53.0474 0x12dc Processor - ok 16:04:53.0498 0x12dc [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc C:\Windows\system32\profsvc.dll 16:04:53.0502 0x12dc ProfSvc - ok 16:04:53.0508 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:04:53.0510 0x12dc ProtectedStorage - ok 16:04:53.0573 0x12dc [ 1D0A3F565397D08707F3D75B88586645, 92EC9C26CD446E86C37CB2FAF235B97D68D9682DD240563EC0C81000FAD7AF25 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys 16:04:53.0574 0x12dc Ps2 - ok 16:04:53.0610 0x12dc [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 16:04:53.0612 0x12dc PSched - ok 16:04:53.0686 0x12dc [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:04:53.0709 0x12dc ql2300 - ok 16:04:53.0743 0x12dc [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:04:53.0746 0x12dc ql40xx - ok 16:04:53.0794 0x12dc [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE C:\Windows\system32\qwave.dll 16:04:53.0800 0x12dc QWAVE - ok 16:04:53.0849 0x12dc [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:04:53.0850 0x12dc QWAVEdrv - ok 16:04:53.0890 0x12dc [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:04:53.0891 0x12dc RasAcd - ok 16:04:53.0937 0x12dc [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll 16:04:53.0940 0x12dc RasAuto - ok 16:04:53.0995 0x12dc [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:04:53.0997 0x12dc Rasl2tp - ok 16:04:54.0045 0x12dc [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll 16:04:54.0051 0x12dc RasMan - ok 16:04:54.0104 0x12dc [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:04:54.0105 0x12dc RasPppoe - ok 16:04:54.0129 0x12dc [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:04:54.0131 0x12dc RasSstp - ok 16:04:54.0177 0x12dc [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:04:54.0183 0x12dc rdbss - ok 16:04:54.0222 0x12dc [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:04:54.0223 0x12dc RDPCDD - ok 16:04:54.0273 0x12dc [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 16:04:54.0279 0x12dc rdpdr - ok 16:04:54.0284 0x12dc [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:04:54.0284 0x12dc RDPENCDD - ok 16:04:54.0339 0x12dc [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:04:54.0343 0x12dc RDPWD - ok 16:04:54.0382 0x12dc [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:04:54.0384 0x12dc RemoteAccess - ok 16:04:54.0403 0x12dc [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:04:54.0407 0x12dc RemoteRegistry - ok 16:04:54.0444 0x12dc [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe 16:04:54.0445 0x12dc RpcLocator - ok 16:04:54.0506 0x12dc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\System32\rpcss.dll 16:04:54.0519 0x12dc RpcSs - ok 16:04:54.0555 0x12dc [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:04:54.0556 0x12dc rspndr - ok 16:04:54.0606 0x12dc [ D53C84EC99AB4D78A90001E5CE5386EC, D6ACAAF512EB16924DCA2310BAA2917C3E24AE72048099B9939C3E49AA6FD0D7 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys 16:04:54.0609 0x12dc RTL8169 - ok 16:04:54.0659 0x12dc [ 248ABD858FF7DCC966E5A54529DDD225, 54F68F207409855AAB90FB80C8B41F20E0DF783160232AA9A11789D428D575D8 ] SaiHFF0C C:\Windows\system32\DRIVERS\SaiHFF0C.sys 16:04:54.0662 0x12dc SaiHFF0C - ok 16:04:54.0709 0x12dc [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys 16:04:54.0710 0x12dc SaiMini - ok 16:04:54.0733 0x12dc [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys 16:04:54.0734 0x12dc SaiNtBus - ok 16:04:54.0775 0x12dc [ 547B16D072A3AFCE5807BE20C3F4734B, C78317372EBAD6FBAF5E13852BE8F1CD0F4B947BA6B426D819581B00D1B3E6AE ] SaiUFF0C C:\Windows\system32\DRIVERS\SaiUFF0C.sys 16:04:54.0775 0x12dc SaiUFF0C - ok 16:04:54.0788 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe 16:04:54.0789 0x12dc SamSs - ok 16:04:54.0806 0x12dc [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:04:54.0807 0x12dc sbp2port - ok 16:04:54.0838 0x12dc [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:04:54.0842 0x12dc SCardSvr - ok 16:04:54.0891 0x12dc [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule C:\Windows\system32\schedsvc.dll 16:04:54.0906 0x12dc Schedule - ok 16:04:54.0969 0x12dc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:04:54.0970 0x12dc SCPolicySvc - ok 16:04:54.0994 0x12dc [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:04:54.0997 0x12dc SDRSVC - ok 16:04:55.0017 0x12dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:04:55.0018 0x12dc secdrv - ok 16:04:55.0031 0x12dc [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon C:\Windows\system32\seclogon.dll 16:04:55.0033 0x12dc seclogon - ok 16:04:55.0048 0x12dc [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS C:\Windows\system32\sens.dll 16:04:55.0050 0x12dc SENS - ok 16:04:55.0077 0x12dc [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys 16:04:55.0078 0x12dc Serenum - ok 16:04:55.0099 0x12dc [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys 16:04:55.0101 0x12dc Serial - ok 16:04:55.0119 0x12dc [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:04:55.0120 0x12dc sermouse - ok 16:04:55.0169 0x12dc [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv C:\Windows\system32\sessenv.dll 16:04:55.0172 0x12dc SessionEnv - ok 16:04:55.0222 0x12dc [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:04:55.0223 0x12dc sffdisk - ok 16:04:55.0248 0x12dc [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:04:55.0249 0x12dc sffp_mmc - ok 16:04:55.0260 0x12dc [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:04:55.0261 0x12dc sffp_sd - ok 16:04:55.0286 0x12dc [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:04:55.0287 0x12dc sfloppy - ok 16:04:55.0359 0x12dc [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:04:55.0365 0x12dc SharedAccess - ok 16:04:55.0426 0x12dc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:04:55.0432 0x12dc ShellHWDetection - ok 16:04:55.0495 0x12dc [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 16:04:55.0496 0x12dc SiSRaid2 - ok 16:04:55.0517 0x12dc [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:04:55.0518 0x12dc SiSRaid4 - ok 16:04:55.0628 0x12dc [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe 16:04:55.0673 0x12dc slsvc - ok 16:04:55.0717 0x12dc [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify C:\Windows\system32\SLUINotify.dll 16:04:55.0720 0x12dc SLUINotify - ok 16:04:55.0771 0x12dc [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:04:55.0773 0x12dc Smb - ok 16:04:55.0818 0x12dc [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:04:55.0819 0x12dc SNMPTRAP - ok 16:04:55.0871 0x12dc [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys 16:04:55.0872 0x12dc spldr - ok 16:04:55.0929 0x12dc [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe 16:04:55.0936 0x12dc Spooler - ok 16:04:56.0022 0x12dc [ 9E399476E5D5E0D3C8822C857A7E9A9A, 7CF78663B7EC20127970B13B5A25B980358CB36EB203B87E255FCA4A35A1FC58 ] SRTSP C:\Windows\System32\Drivers\N360x64\0308030.006\SRTSP64.SYS 16:04:56.0031 0x12dc SRTSP - ok 16:04:56.0057 0x12dc [ 3D7717B582F0365E75071556936E5A6B, 5E7C6F654A149F33418EE5A61867E6F1F80FF2596222FCFB4096AF18E930E653 ] SRTSPX C:\Windows\system32\drivers\N360x64\0308030.006\SRTSPX64.SYS 16:04:56.0058 0x12dc SRTSPX - ok 16:04:56.0092 0x12dc [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:04:56.0100 0x12dc srv - ok 16:04:56.0147 0x12dc [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:04:56.0150 0x12dc srv2 - ok 16:04:56.0199 0x12dc [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:04:56.0202 0x12dc srvnet - ok 16:04:56.0253 0x12dc [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:04:56.0257 0x12dc SSDPSRV - ok 16:04:56.0322 0x12dc [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:04:56.0325 0x12dc SstpSvc - ok 16:04:56.0364 0x12dc [ 83FED7FEB38AF36DE784C2B75750B75C, 6984B056FDFE35F0676FCE35C6C8DF6D4C55452CBD802EF83ABE6C2B446E3328 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 16:04:56.0375 0x12dc Steam Client Service - ok 16:04:56.0412 0x12dc [ 14B4DB4381E4A55F570D8BB699B791D6, 14975F249C59F9D13359FF064433246C46A8A3328ED69A23712649ACAAE9121D ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 16:04:56.0413 0x12dc StillCam - ok 16:04:56.0453 0x12dc [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll 16:04:56.0464 0x12dc stisvc - ok 16:04:56.0501 0x12dc [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:04:56.0502 0x12dc swenum - ok 16:04:56.0542 0x12dc [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll 16:04:56.0551 0x12dc swprv - ok 16:04:56.0582 0x12dc [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 16:04:56.0583 0x12dc Symc8xx - ok 16:04:56.0615 0x12dc [ 4F87BB5389A93778EBC363B28271A65B, A257737077400EE615A78810B2F7CB175849BC5D3ABE9E787BEFA1F43FC8FB31 ] SymEFA C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS 16:04:56.0622 0x12dc SymEFA - ok 16:04:56.0695 0x12dc [ 7E4D281982E19ABD06728C7EE9AC40A8, A46F5A9B38F8D854C7EE55A75674F6A0FD2A98CB80BD7B8D6892597B3C1EBF6C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 16:04:56.0698 0x12dc SymEvent - ok 16:04:56.0704 0x12dc [ B4AF6633ECD674B74BD4E80788299D2A, C53E90B609BF8897D351D92E8AC768B90CA9451B997D69F384D00E875620CB49 ] SYMFW C:\Windows\System32\Drivers\N360x64\0308030.006\SYMFW.SYS 16:04:56.0707 0x12dc SYMFW - ok 16:04:56.0737 0x12dc [ 212BBF5A964513980D5DE9397381534F, 19F38CE058ABA6F93D49EA2B001AD2FD12BA9487F364A5F8110E596BCE67BFF6 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys 16:04:56.0738 0x12dc SymIM - ok 16:04:56.0788 0x12dc [ D451A05F7E7B9D1F9F8FB76B2A16D786, 10D5E8D4BAA33A204EC22338D8647E13030D5354925D4A1BDF586FB3BD91413B ] SYMNDISV C:\Windows\System32\Drivers\N360x64\0308030.006\SYMNDISV.SYS 16:04:56.0790 0x12dc SYMNDISV - ok 16:04:56.0820 0x12dc [ 33B37CB0A74F1F4B78A665ECE9184095, CA977159FD396C05B5E1FE30DF2298EA73368CD5E381E0DF693DB1CA1806BEC4 ] SYMTDI C:\Windows\System32\Drivers\N360x64\0308030.006\SYMTDI.SYS 16:04:56.0825 0x12dc SYMTDI - ok 16:04:56.0850 0x12dc [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 16:04:56.0851 0x12dc Sym_hi - ok 16:04:56.0864 0x12dc [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 16:04:56.0865 0x12dc Sym_u3 - ok 16:04:56.0926 0x12dc [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain C:\Windows\system32\sysmain.dll 16:04:56.0942 0x12dc SysMain - ok 16:04:56.0983 0x12dc [ 90EF46C5E48B21087B6B4D07EDFDF6E3, EA3475774DB9269BBC7AE6E88984B0506EFEC8BCB30E5164FFEC6B2B95E2FB19 ] System Update kb70007 C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe 16:04:56.0983 0x12dc System Update kb70007 - ok 16:04:57.0025 0x12dc [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll 16:04:57.0028 0x12dc TabletInputService - ok 16:04:57.0104 0x12dc [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll 16:04:57.0110 0x12dc TapiSrv - ok 16:04:57.0150 0x12dc [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll 16:04:57.0152 0x12dc TBS - ok 16:04:57.0264 0x12dc [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:04:57.0290 0x12dc Tcpip - ok 16:04:57.0336 0x12dc [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 16:04:57.0363 0x12dc Tcpip6 - ok 16:04:57.0412 0x12dc [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:04:57.0413 0x12dc tcpipreg - ok 16:04:57.0456 0x12dc [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:04:57.0457 0x12dc TDPIPE - ok 16:04:57.0531 0x12dc [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:04:57.0532 0x12dc TDTCP - ok 16:04:57.0555 0x12dc [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:04:57.0557 0x12dc tdx - ok 16:04:57.0605 0x12dc [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:04:57.0607 0x12dc TermDD - ok 16:04:57.0674 0x12dc [ 5CDD30BC217082DAC71A9878D9BFD566, 260D40973F9EEAE9A1890B813D8DCC01A9434D17DCE5DA1D16B72A57DCF59194 ] TermService C:\Windows\System32\termsrv.dll 16:04:57.0684 0x12dc TermService - ok 16:04:57.0717 0x12dc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll 16:04:57.0723 0x12dc Themes - ok 16:04:57.0745 0x12dc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll 16:04:57.0746 0x12dc THREADORDER - ok 16:04:57.0791 0x12dc [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll 16:04:57.0795 0x12dc TrkWks - ok 16:04:57.0871 0x12dc [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:04:57.0873 0x12dc TrustedInstaller - ok 16:04:57.0898 0x12dc [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:04:57.0899 0x12dc tssecsrv - ok 16:04:57.0923 0x12dc [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 16:04:57.0924 0x12dc tunmp - ok 16:04:57.0940 0x12dc [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:04:57.0941 0x12dc tunnel - ok 16:04:57.0967 0x12dc [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:04:57.0968 0x12dc uagp35 - ok 16:04:57.0992 0x12dc [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:04:57.0997 0x12dc udfs - ok 16:04:58.0041 0x12dc [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:04:58.0043 0x12dc UI0Detect - ok 16:04:58.0086 0x12dc [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:04:58.0088 0x12dc uliagpkx - ok 16:04:58.0112 0x12dc [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys 16:04:58.0117 0x12dc uliahci - ok 16:04:58.0157 0x12dc [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys 16:04:58.0160 0x12dc UlSata - ok 16:04:58.0202 0x12dc [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 16:04:58.0205 0x12dc ulsata2 - ok 16:04:58.0249 0x12dc [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:04:58.0250 0x12dc umbus - ok 16:04:58.0271 0x12dc [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost C:\Windows\System32\upnphost.dll 16:04:58.0278 0x12dc upnphost - ok 16:04:58.0345 0x12dc [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:04:58.0347 0x12dc usbccgp - ok 16:04:58.0412 0x12dc [ 3F4BE4D7C5C4F64101F252263E588856, 279B05BF84E5C2DC7A24ED8FC7BCBE8A9D308F80D9EFF59DE37B4B53BD0A653C ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 16:04:58.0414 0x12dc usbcir - ok 16:04:58.0443 0x12dc [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:04:58.0444 0x12dc usbehci - ok 16:04:58.0463 0x12dc [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:04:58.0468 0x12dc usbhub - ok 16:04:58.0513 0x12dc [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci C:\Windows\system32\drivers\usbohci.sys 16:04:58.0514 0x12dc usbohci - ok 16:04:58.0541 0x12dc [ ACFEE697AF477021BB3EC78C5431FED2, DE529549074E7CA1601D889D62CFF45F00741EB584F9F2091D61527944334C2A ] usbprint C:\Windows\system32\drivers\usbprint.sys 16:04:58.0543 0x12dc usbprint - ok 16:04:58.0580 0x12dc [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:04:58.0582 0x12dc USBSTOR - ok 16:04:58.0618 0x12dc [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 16:04:58.0618 0x12dc usbuhci - ok 16:04:58.0663 0x12dc [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll 16:04:58.0665 0x12dc UxSms - ok 16:04:58.0694 0x12dc [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe 16:04:58.0703 0x12dc vds - ok 16:04:58.0734 0x12dc [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:04:58.0735 0x12dc vga - ok 16:04:58.0746 0x12dc [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:04:58.0747 0x12dc VgaSave - ok 16:04:58.0768 0x12dc [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys 16:04:58.0769 0x12dc viaide - ok 16:04:58.0794 0x12dc [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:04:58.0796 0x12dc volmgr - ok 16:04:58.0825 0x12dc [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:04:58.0832 0x12dc volmgrx - ok 16:04:58.0877 0x12dc [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:04:58.0881 0x12dc volsnap - ok 16:04:58.0918 0x12dc [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:04:58.0921 0x12dc vsmraid - ok 16:04:59.0011 0x12dc [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe 16:04:59.0036 0x12dc VSS - ok 16:04:59.0078 0x12dc [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll 16:04:59.0085 0x12dc W32Time - ok 16:04:59.0119 0x12dc [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:04:59.0120 0x12dc WacomPen - ok 16:04:59.0160 0x12dc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 16:04:59.0162 0x12dc Wanarp - ok 16:04:59.0167 0x12dc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:04:59.0169 0x12dc Wanarpv6 - ok 16:04:59.0217 0x12dc [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:04:59.0228 0x12dc wcncsvc - ok 16:04:59.0266 0x12dc [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:04:59.0268 0x12dc WcsPlugInService - ok 16:04:59.0295 0x12dc [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys 16:04:59.0296 0x12dc Wd - ok 16:04:59.0357 0x12dc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:04:59.0371 0x12dc Wdf01000 - ok 16:04:59.0455 0x12dc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll 16:04:59.0458 0x12dc WdiServiceHost - ok 16:04:59.0463 0x12dc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll 16:04:59.0465 0x12dc WdiSystemHost - ok 16:04:59.0512 0x12dc [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient C:\Windows\System32\webclnt.dll 16:04:59.0517 0x12dc WebClient - ok 16:04:59.0572 0x12dc [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:04:59.0577 0x12dc Wecsvc - ok 16:04:59.0583 0x12dc [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:04:59.0586 0x12dc wercplsupport - ok 16:04:59.0644 0x12dc [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll 16:04:59.0647 0x12dc WerSvc - ok 16:04:59.0697 0x12dc [ A53CDE6BEEA165FE9B430476EEDE3C54, 5933C8F3935F0E298A9845992259016947E977399A89C4C152381C626D21AC95 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys 16:04:59.0710 0x12dc winachsf - ok 16:04:59.0749 0x12dc WinDefend - ok 16:04:59.0754 0x12dc WinHttpAutoProxySvc - ok 16:04:59.0853 0x12dc [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:04:59.0858 0x12dc Winmgmt - ok 16:05:00.0020 0x12dc [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM C:\Windows\system32\WsmSvc.dll 16:05:00.0055 0x12dc WinRM - ok 16:05:00.0140 0x12dc [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll 16:05:00.0152 0x12dc Wlansvc - ok 16:05:00.0413 0x12dc [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:05:00.0453 0x12dc wlidsvc - ok 16:05:00.0517 0x12dc [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 16:05:00.0518 0x12dc WmiAcpi - ok 16:05:00.0552 0x12dc [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:05:00.0555 0x12dc wmiApSrv - ok 16:05:00.0621 0x12dc WMPNetworkSvc - ok 16:05:00.0647 0x12dc [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:05:00.0651 0x12dc WPCSvc - ok 16:05:00.0714 0x12dc [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:05:00.0717 0x12dc WPDBusEnum - ok 16:05:00.0761 0x12dc [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 16:05:00.0763 0x12dc WpdUsb - ok 16:05:00.0932 0x12dc [ A2BFEDF5D926CBED9C5F7BC46169A99C, 4F336C0D1DFBCDF9583F528331300FD377AE6565E0C70D58CD9E6ACE95B7273F ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 16:05:00.0949 0x12dc WPFFontCache_v0400 - ok 16:05:00.0980 0x12dc [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:05:00.0981 0x12dc ws2ifsl - ok 16:05:01.0015 0x12dc [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\system32\wscsvc.dll 16:05:01.0018 0x12dc wscsvc - ok 16:05:01.0064 0x12dc [ DE5F5212AB34221DD1618B5FEFE8DB6C, D07CBEE66F7A42EBE68212A01BDCC32EDF1810841F1BD77AE7950B1AD6DAB5DB ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 16:05:01.0065 0x12dc WSDPrintDevice - ok 16:05:01.0068 0x12dc WSearch - ok 16:05:01.0270 0x12dc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 16:05:01.0311 0x12dc wuauserv - ok 16:05:01.0378 0x12dc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:05:01.0380 0x12dc WudfPf - ok 16:05:01.0447 0x12dc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:05:01.0450 0x12dc WUDFRd - ok 16:05:01.0493 0x12dc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:05:01.0496 0x12dc wudfsvc - ok 16:05:01.0549 0x12dc [ F22E443518BC599D12888DAF292A56D8, B83E06985639F2DD7FB675FC48794C6BB424F330C6E8F030B34F128245CCE0D1 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys 16:05:01.0550 0x12dc XAudio - ok 16:05:01.0617 0x12dc [ 963C27034BBA4AC52A13F7A3C657C708, BE104B9E4978F16A023364621CFFAE95BC629A18AA82B2DA890E5DC18ADADDE1 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe 16:05:01.0624 0x12dc XAudioService - ok 16:05:01.0631 0x12dc ================ Scan global =============================== 16:05:01.0678 0x12dc [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll 16:05:01.0729 0x12dc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll 16:05:01.0751 0x12dc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll 16:05:01.0817 0x12dc [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe 16:05:01.0825 0x12dc [ Global ] - ok 16:05:01.0825 0x12dc ================ Scan MBR ================================== 16:05:01.0859 0x12dc [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0 16:05:02.0102 0x12dc \Device\Harddisk0\DR0 - ok 16:05:02.0103 0x12dc ================ Scan VBR ================================== 16:05:02.0105 0x12dc [ 057C6E92173CEF79D6520A9BEE6BB22D ] \Device\Harddisk0\DR0\Partition1 16:05:02.0141 0x12dc \Device\Harddisk0\DR0\Partition1 - ok 16:05:02.0144 0x12dc [ 5E8A6344E68F207A86ACBC2C9CE0F152 ] \Device\Harddisk0\DR0\Partition2 16:05:02.0172 0x12dc \Device\Harddisk0\DR0\Partition2 - ok 16:05:02.0172 0x12dc Waiting for KSN requests completion. In queue: 69 16:05:03.0177 0x12dc Win FW state via NFP2: enabled 16:05:03.0355 0x12dc ============================================================ 16:05:03.0355 0x12dc Scan finished 16:05:03.0355 0x12dc ============================================================ 16:05:03.0364 0x146c Detected object count: 0 16:05:03.0364 0x146c Actual detected object count: 0 16:05:07.0384 0x1570 Deinitialize success

#10 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 07 May 2014 - 07:51 PM

Hi biggary1689,

I am unable to read your log as it is currently formatted. You need to make an adjustment to your notepad settings.

bullseye_zpse9eaf36e.gif Remove Word Wrap in Notepad
  • Click the Windows Start button.
  • Enter Notepad into the search box and double-click the application from the list of search results that appears. The Notepad application opens.
  • Click Format from the main menu in Notepad to display the formatting drop-down menu. You will see a check mark next to the words Word Wrap, which indicates that the Word Wrap feature is currently inserting line endings into your Notepad files.
  • Click Word Wrap to remove line endings. The check mark that used to appear next to Word Wrap disappears, indicating that you have successfully disabled this feature and removed all line endings from your document.
=========================

Re-post the TDSSKiller log after making the notepad adjustment.
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

    Advertisements

Register to Remove


#11 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 08 May 2014 - 06:11 AM

I unselected wordwrap in notepad. When I paste it in the text box everything looks good with the times lining up on the left side. However, when I click preview Post everything get mixed up. Any suggestions? 16:03:32.0532 0x12cc TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10 16:03:39.0760 0x12cc ============================================================ 16:03:39.0760 0x12cc Current date / time: 2014/05/07 16:03:39.0760 16:03:39.0760 0x12cc SystemInfo: 16:03:39.0760 0x12cc 16:03:39.0760 0x12cc OS Version: 6.0.6002 ServicePack: 2.0 16:03:39.0760 0x12cc Product type: Workstation 16:03:39.0760 0x12cc ComputerName: GARY-PC 16:03:39.0760 0x12cc UserName: Gary 16:03:39.0760 0x12cc Windows directory: C:\Windows 16:03:39.0760 0x12cc System windows directory: C:\Windows 16:03:39.0760 0x12cc Running under WOW64 16:03:39.0760 0x12cc Processor architecture: Intel x64 16:03:39.0760 0x12cc Number of processors: 4 16:03:39.0760 0x12cc Page size: 0x1000 16:03:39.0760 0x12cc Boot type: Normal boot 16:03:39.0760 0x12cc ============================================================ 16:03:40.0074 0x12cc KLMD registered as C:\Windows\system32\drivers\53672403.sys 16:03:40.0379 0x12cc System UUID: {935CA03A-6BFE-ED87-B5FB-55870AAD0B6A} 16:03:41.0216 0x12cc Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:03:41.0235 0x12cc ============================================================ 16:03:41.0235 0x12cc \Device\Harddisk0\DR0: 16:03:41.0235 0x12cc MBR partitions: 16:03:41.0235 0x12cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x55EA433D 16:03:41.0235 0x12cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x55EA437C, BlocksNum 0x16A0F85 16:03:41.0235 0x12cc ============================================================ 16:03:41.0259 0x12cc C: <-> \Device\Harddisk0\DR0\Partition1 16:03:41.0352 0x12cc D: <-> \Device\Harddisk0\DR0\Partition2 16:03:41.0352 0x12cc ============================================================ 16:03:41.0352 0x12cc Initialize success 16:03:41.0352 0x12cc ============================================================ 16:03:51.0985 0x0f30 ============================================================ 16:03:51.0985 0x0f30 Scan started 16:03:51.0985 0x0f30 Mode: Manual; 16:03:51.0985 0x0f30 ============================================================ 16:03:51.0985 0x0f30 KSN ping started 16:04:18.0782 0x0f30 KSN ping finished: true 16:04:19.0471 0x0f30 ================ Scan system memory ======================== 16:04:19.0471 0x0f30 Scan was interrupted by user! 16:04:19.0499 0x0f30 Win FW state via NFP2: enabled 16:04:24.0227 0x0f30 ============================================================ 16:04:24.0227 0x0f30 Scan finished 16:04:24.0227 0x0f30 ============================================================ 16:04:24.0235 0x0520 Detected object count: 0 16:04:24.0235 0x0520 Actual detected object count: 0 16:04:29.0453 0x12dc ============================================================ 16:04:29.0453 0x12dc Scan started 16:04:29.0453 0x12dc Mode: Manual; 16:04:29.0453 0x12dc ============================================================ 16:04:29.0453 0x12dc KSN ping started 16:04:29.0695 0x12dc KSN ping finished: true 16:04:30.0834 0x12dc ================ Scan system memory ======================== 16:04:30.0834 0x12dc System memory - ok 16:04:30.0835 0x12dc ================ Scan services ============================= 16:04:31.0233 0x12dc [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys 16:04:31.0238 0x12dc ACPI - ok 16:04:31.0548 0x12dc [ 0B42796730F47D8154B54BEAF72E2382, 00DEBE4D9FBCAC42000E1EC6D4F026B6E22EADB85F313C38CDB714C002A4CD34 ] AdblockerSrv C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe 16:04:31.0554 0x12dc AdblockerSrv - ok 16:04:31.0739 0x12dc [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:04:31.0740 0x12dc AdobeARMservice - ok 16:04:31.0979 0x12dc [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:04:31.0984 0x12dc AdobeFlashPlayerUpdateSvc - ok 16:04:32.0078 0x12dc [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:04:32.0086 0x12dc adp94xx - ok 16:04:32.0149 0x12dc [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:04:32.0155 0x12dc adpahci - ok 16:04:32.0196 0x12dc [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 16:04:32.0199 0x12dc adpu160m - ok 16:04:32.0277 0x12dc [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:04:32.0280 0x12dc adpu320 - ok 16:04:32.0333 0x12dc [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:04:32.0334 0x12dc AeLookupSvc - ok 16:04:32.0424 0x12dc [ 2BA159E1F9FD75F6A496742B20F1D9CF, 50094F6E8415ACDBC0DA9C24EDAB3F9B192D2F0D6A820C18E8DBC6D72849D612 ] AFD C:\Windows\system32\drivers\afd.sys 16:04:32.0431 0x12dc AFD - ok 16:04:32.0476 0x12dc [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys 16:04:32.0478 0x12dc agp440 - ok 16:04:32.0537 0x12dc [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys 16:04:32.0539 0x12dc aic78xx - ok 16:04:32.0592 0x12dc [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe 16:04:32.0593 0x12dc ALG - ok 16:04:32.0611 0x12dc [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide C:\Windows\system32\drivers\aliide.sys 16:04:32.0611 0x12dc aliide - ok 16:04:32.0624 0x12dc [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys 16:04:32.0624 0x12dc amdide - ok 16:04:32.0638 0x12dc [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:04:32.0639 0x12dc AmdK8 - ok 16:04:32.0691 0x12dc [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo C:\Windows\System32\appinfo.dll 16:04:32.0693 0x12dc Appinfo - ok 16:04:32.0778 0x12dc [ 20F6F19FE9E753F2780DC2FA083AD597, 5106F0F9BA8A7DE49260A9B13BF8EC45ACA6A166FA8B10B4F69C3BB54F6840A1 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:04:32.0780 0x12dc Apple Mobile Device - ok 16:04:32.0852 0x12dc [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys 16:04:32.0854 0x12dc arc - ok 16:04:32.0901 0x12dc [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:04:32.0902 0x12dc arcsas - ok 16:04:32.0972 0x12dc [ 7F906B6F61531F3CB0B07622FE6FD70A, 5149C4C261ACE503F8628B0E2EA22D73892C2883FC94278ECBDE255C45D06D16 ] asdnet C:\Windows\system32\DRIVERS\asdnet.sys 16:04:32.0972 0x12dc asdnet - ok 16:04:33.0094 0x12dc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:04:33.0095 0x12dc aspnet_state - ok 16:04:33.0154 0x12dc [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:04:33.0155 0x12dc AsyncMac - ok 16:04:33.0185 0x12dc [ 1898FAE8E07D97F2F6C2D5326C633FAC, 62142E7B720C0A7FAD36577EE985B5793CB395574A3ECA9F2AF613C0F889D39C ] atapi C:\Windows\system32\drivers\atapi.sys 16:04:33.0186 0x12dc atapi - ok 16:04:33.0255 0x12dc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:04:33.0263 0x12dc AudioEndpointBuilder - ok 16:04:33.0381 0x12dc [ 79318C744693EC983D20E9337A2F8196, 94226786EF8A101C2E805C6BA3C1CF46628BAF1AFCECBC1FAB7A7E7E5E642608 ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:04:33.0388 0x12dc AudioSrv - ok 16:04:33.0395 0x12dc Beep - ok 16:04:33.0496 0x12dc [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll 16:04:33.0504 0x12dc BFE - ok 16:04:33.0640 0x12dc [ 4D7F8401EAE7EAA4EF702FA6F4153269, 2C593100ECE0CD405FDB4D8C2D0841460847E29DB40726870AAD70C1A7C56D39 ] BHDrvx64 C:\Windows\System32\Drivers\N360x64\0308030.006\BHDrvx64.sys 16:04:33.0645 0x12dc BHDrvx64 - ok 16:04:33.0710 0x12dc [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\System32\qmgr.dll 16:04:33.0729 0x12dc BITS - ok 16:04:33.0827 0x12dc [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 16:04:33.0828 0x12dc blbdrive - ok 16:04:34.0075 0x12dc [ F832F1505AD8B83474BD9A5B1B985E01, 205D9F237DD50FDF84F57CC53476B5ADB218A03A8B68B017AFF7CBD0DCAC71C4 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe 16:04:34.0081 0x12dc Bonjour Service - ok 16:04:34.0165 0x12dc [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:04:34.0167 0x12dc bowser - ok 16:04:34.0230 0x12dc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 16:04:34.0231 0x12dc BrFiltLo - ok 16:04:34.0246 0x12dc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 16:04:34.0246 0x12dc BrFiltUp - ok 16:04:34.0301 0x12dc [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll 16:04:34.0303 0x12dc Browser - ok 16:04:34.0344 0x12dc [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys 16:04:34.0345 0x12dc Brserid - ok 16:04:34.0373 0x12dc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 16:04:34.0374 0x12dc BrSerWdm - ok 16:04:34.0412 0x12dc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 16:04:34.0412 0x12dc BrUsbMdm - ok 16:04:34.0513 0x12dc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 16:04:34.0513 0x12dc BrUsbSer - ok 16:04:34.0622 0x12dc [ FF7C57973EEAD140062238C5A0B7D455, 71055CAA7A7072F88E9218F2DCBD3122FAB3DFEE042F8D4D0D90AAC922C736E2 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys 16:04:34.0623 0x12dc BTCFilterService - ok 16:04:34.0718 0x12dc [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 16:04:34.0720 0x12dc BTHMODEM - ok 16:04:34.0795 0x12dc [ 9887CA12F407D7FBC7F48F3678F5F0B6, 1EA21563AE990CE4EF407AB349DE5A66CB93CD7602FE6E450E119ADF0343914E ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS 16:04:34.0796 0x12dc BVRPMPR5a64 - ok 16:04:34.0863 0x12dc [ 6C2DD66A3DB32450D661BA89B18B1941, F90707A6A708EFBED67E5FEEF713CD10CB9BBFEBDC4D0F9A5AD7BCF135E2FE1E ] CAXHWBS2 C:\Windows\system32\DRIVERS\CAXHWBS2.sys 16:04:34.0870 0x12dc CAXHWBS2 - ok 16:04:34.0987 0x12dc [ A2E6AB452B9393CA8D11D28827E0E1A1, E48927B2A9B9D17583217E7366564DA58FB4F24F250D254D0467CBF5F6515146 ] ccHP C:\Windows\System32\Drivers\N360x64\0308030.006\ccHPx64.sys 16:04:34.0997 0x12dc ccHP - ok 16:04:35.0056 0x12dc [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:04:35.0057 0x12dc cdfs - ok 16:04:35.0083 0x12dc [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:04:35.0085 0x12dc cdrom - ok 16:04:35.0139 0x12dc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll 16:04:35.0140 0x12dc CertPropSvc - ok 16:04:35.0178 0x12dc [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 16:04:35.0179 0x12dc circlass - ok 16:04:35.0348 0x12dc [ 3DCA9A18B204939CFB24BEA53E31EB48, 73CEDE020A6C8269EE8847A4E43071FD231179DA9430DE2983263B8345AD92B7 ] CLFS C:\Windows\system32\CLFS.sys 16:04:35.0354 0x12dc CLFS - ok 16:04:35.0524 0x12dc [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:04:35.0526 0x12dc clr_optimization_v2.0.50727_32 - ok 16:04:35.0617 0x12dc [ CE07A466201096F021CD09D631B21540, 1A11DDAB7000569A89F3FA26BDEE4D527FA6D57D3F91CDABAA9C02CACDDE5F6D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:04:35.0619 0x12dc clr_optimization_v2.0.50727_64 - ok 16:04:36.0169 0x12dc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:04:36.0171 0x12dc clr_optimization_v4.0.30319_32 - ok 16:04:36.0207 0x12dc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:04:36.0210 0x12dc clr_optimization_v4.0.30319_64 - ok 16:04:36.0268 0x12dc [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:04:36.0269 0x12dc cmdide - ok 16:04:36.0309 0x12dc [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:04:36.0310 0x12dc Compbatt - ok 16:04:36.0313 0x12dc COMSysApp - ok 16:04:36.0378 0x12dc [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:04:36.0379 0x12dc crcdisk - ok 16:04:36.0436 0x12dc [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:04:36.0440 0x12dc CryptSvc - ok 16:04:36.0497 0x12dc [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys 16:04:36.0499 0x12dc ctxusbm - ok 16:04:36.0576 0x12dc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll 16:04:36.0589 0x12dc DcomLaunch - ok 16:04:36.0674 0x12dc [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:04:36.0676 0x12dc DfsC - ok 16:04:36.0863 0x12dc [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe 16:04:36.0920 0x12dc DFSR - ok 16:04:37.0035 0x12dc [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll 16:04:37.0040 0x12dc Dhcp - ok 16:04:37.0097 0x12dc [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys 16:04:37.0099 0x12dc disk - ok 16:04:37.0153 0x12dc [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:04:37.0156 0x12dc Dnscache - ok 16:04:37.0240 0x12dc [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll 16:04:37.0244 0x12dc dot3svc - ok 16:04:37.0284 0x12dc [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll 16:04:37.0287 0x12dc DPS - ok 16:04:37.0346 0x12dc [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:04:37.0346 0x12dc drmkaud - ok 16:04:37.0416 0x12dc dump_wmimmc - ok 16:04:37.0603 0x12dc [ 0A3C78677FF62E9E0AE7CC25C790A968, 6A2D81BC3715FD4960D2C853870C056C5BFE581B25C4592CBF65EAC044DFEAB3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:04:37.0618 0x12dc DXGKrnl - ok 16:04:37.0695 0x12dc [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys 16:04:37.0697 0x12dc E1G60 - ok 16:04:37.0701 0x12dc EagleX64 - ok 16:04:37.0745 0x12dc [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll 16:04:37.0747 0x12dc EapHost - ok 16:04:37.0789 0x12dc [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache C:\Windows\system32\drivers\ecache.sys 16:04:37.0792 0x12dc Ecache - ok 16:04:38.0186 0x12dc [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 16:04:38.0194 0x12dc eeCtrl - ok 16:04:38.0345 0x12dc [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:04:38.0351 0x12dc ehRecvr - ok 16:04:38.0409 0x12dc [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe 16:04:38.0412 0x12dc ehSched - ok 16:04:38.0507 0x12dc [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll 16:04:38.0508 0x12dc ehstart - ok 16:04:38.0643 0x12dc [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:04:38.0650 0x12dc elxstor - ok 16:04:38.0788 0x12dc [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 16:04:38.0795 0x12dc EMDMgmt - ok 16:04:38.0868 0x12dc [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 16:04:38.0870 0x12dc EraserUtilRebootDrv - ok 16:04:38.0896 0x12dc [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:04:38.0897 0x12dc ErrDev - ok 16:04:39.0068 0x12dc [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll 16:04:39.0075 0x12dc EventSystem - ok 16:04:39.0142 0x12dc [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys 16:04:39.0145 0x12dc exfat - ok 16:04:39.0282 0x12dc [ 1A4BEE34277784619DDAF0422C0C6E23, 3223E1B5DD4866D8E09F1B465FF82C911DDEE5B01B084543086E47B11D2AEA77 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:04:39.0286 0x12dc fastfat - ok 16:04:39.0331 0x12dc [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 16:04:39.0332 0x12dc fdc - ok 16:04:39.0417 0x12dc [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll 16:04:39.0418 0x12dc fdPHost - ok 16:04:39.0463 0x12dc [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll 16:04:39.0464 0x12dc FDResPub - ok 16:04:39.0508 0x12dc [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:04:39.0509 0x12dc FileInfo - ok 16:04:39.0628 0x12dc [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:04:39.0629 0x12dc Filetrace - ok 16:04:39.0653 0x12dc [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 16:04:39.0654 0x12dc flpydisk - ok 16:04:39.0751 0x12dc [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:04:39.0756 0x12dc FltMgr - ok 16:04:40.0102 0x12dc [ F937F278E44138C0386FA1DE69B1F72B, 49180522CCCB5377B5B3A7EF8B9697FBE19A1E5D84BC282D24C39B3D52698851 ] FontCache C:\Windows\system32\FntCache.dll 16:04:40.0121 0x12dc FontCache - ok 16:04:40.0267 0x12dc [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:04:40.0268 0x12dc FontCache3.0.0.0 - ok 16:04:40.0343 0x12dc [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:04:40.0343 0x12dc Fs_Rec - ok 16:04:40.0414 0x12dc [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:04:40.0415 0x12dc gagp30kx - ok 16:04:40.0702 0x12dc [ 6139AE70E943B2A57AD04B70A316C0A0, D062AE2E7BABE70BDF28AFDF860F5D3AE4C16D042919CB5A4E935A765495D6A5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe 16:04:40.0705 0x12dc GameConsoleService - ok 16:04:40.0779 0x12dc [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:04:40.0780 0x12dc GEARAspiWDM - ok 16:04:40.0977 0x12dc [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc C:\Windows\System32\gpsvc.dll 16:04:40.0990 0x12dc gpsvc - ok 16:04:41.0068 0x12dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:04:41.0071 0x12dc gupdate - ok 16:04:41.0093 0x12dc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:04:41.0096 0x12dc gupdatem - ok 16:04:41.0292 0x12dc [ 5171235F3727D5B65F356DDE6433D357, E18CCD538BB9A62C9416D38E3CBB9704D8E254E6131ECEEDC1A64D466B1E5132 ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys 16:04:41.0315 0x12dc HCW85BDA - ok 16:04:41.0604 0x12dc [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 16:04:41.0620 0x12dc HDAudBus - ok 16:04:41.0719 0x12dc [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:04:41.0720 0x12dc HidBth - ok 16:04:41.0766 0x12dc [ 5F47839455D01FF6403B008D481A6F5B, 0CC1E8EE4C3E46937DEA39EAC2498C1A89667D6828430162FDFAE845C37D7079 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 16:04:41.0767 0x12dc HidIr - ok 16:04:41.0834 0x12dc [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\System32\hidserv.dll 16:04:41.0835 0x12dc hidserv - ok 16:04:41.0940 0x12dc [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:04:41.0941 0x12dc HidUsb - ok 16:04:42.0039 0x12dc [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys 16:04:42.0040 0x12dc hitmanpro37 - ok 16:04:42.0065 0x12dc [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:04:42.0067 0x12dc hkmsvc - ok 16:04:42.0181 0x12dc [ CB383AB0B8BA871D893B86D3C9A3ED9F, 0DFFA243CE59871556149A4C9C41BDE41280E755139EC5F199A755FC9DDE0F31 ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe 16:04:42.0183 0x12dc HP Health Check Service - ok 16:04:42.0446 0x12dc [ DEB82AF183F1CD06813D91ED104C645C, E611EB78A1E7D32FCE1DF60AAD9E6894CCD61F3BD37AD7FE1C4ECF068CA1A3D8 ] HPBtnSrv c:\hp\HPEZBTN\HPBtnSrv.exe 16:04:42.0449 0x12dc HPBtnSrv - ok 16:04:42.0507 0x12dc [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 16:04:42.0508 0x12dc HpCISSs - ok 16:04:42.0625 0x12dc [ B14328CFEEB6B736BE44C2C9DB3B162C, 910CA1ABA52D27139AE8E046B4DEFD8DD565842B0F53A989A23D72880B6F1916 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 16:04:42.0629 0x12dc hpqcxs08 - ok 16:04:42.0716 0x12dc [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 16:04:42.0719 0x12dc hpqddsvc - ok 16:04:42.0770 0x12dc [ 969F2F6571B915BADA4FA68228C2CBBC, 98738009B4646D63FB6681479F4F0BB2B64399AE465C4A83880642FEC72A2EDB ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 16:04:42.0786 0x12dc HPSLPSVC - ok 16:04:43.0113 0x12dc [ 3A9291D4047935F776DB8AF831AB9BA6, D4311C1D0ED12A08015E14DEF5F6E88BBEE1B4206BB1EAA9434847B5AD8B0F1F ] HSF_DP C:\Windows\system32\DRIVERS\CAX_DP.sys 16:04:43.0137 0x12dc HSF_DP - ok 16:04:43.0225 0x12dc [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:04:43.0236 0x12dc HTTP - ok 16:04:43.0287 0x12dc [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys 16:04:43.0288 0x12dc i2omp - ok 16:04:43.0355 0x12dc [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 16:04:43.0356 0x12dc i8042prt - ok 16:04:43.0530 0x12dc [ 204A73A56751C68C6031E9D5D611EC98, 02710099E3B1FE62FD207CB8952184C99FA5A69FF23734D0236E8F6B39BC596A ] IAANTMON C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaantmon.exe 16:04:43.0536 0x12dc IAANTMON - ok 16:04:43.0581 0x12dc [ CEB53BB804B41C52AB0782505C8E2994, AFA87D5A9512A9308E4CA8E70639C5A905CA0CEE6EDC35F8673E1F033FC925B4 ] iaStor C:\Windows\system32\drivers\iastor.sys 16:04:43.0588 0x12dc iaStor - ok 16:04:43.0745 0x12dc [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 16:04:43.0750 0x12dc iaStorV - ok 16:04:43.0865 0x12dc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 16:04:43.0866 0x12dc IDriverT - ok 16:04:44.0083 0x12dc [ 749F5F8CEDCA70F2A512945325FC489D, 443B4F779F27CD69C1F072823FCD9E5BA7590B6F48BE759DC6A1F898C467E58F ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:04:44.0097 0x12dc idsvc - ok 16:04:44.0959 0x12dc [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20140506.001\IDSvia64.sys 16:04:44.0968 0x12dc IDSVia64 - ok 16:04:45.0036 0x12dc [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:04:45.0037 0x12dc iirsp - ok 16:04:45.0121 0x12dc [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll 16:04:45.0129 0x12dc IKEEXT - ok 16:04:45.0402 0x12dc [ 1EDAB7F9B9DE4424BECCDEF950CE2FF0, 8099C0FC143EA9EFAC54C31FD1A059D7AFAC1C90446CD5BAE0862F5CBCCEDFDF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:04:45.0431 0x12dc IntcAzAudAddService - ok 16:04:45.0569 0x12dc [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys 16:04:45.0570 0x12dc intelide - ok 16:04:45.0683 0x12dc [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:04:45.0684 0x12dc intelppm - ok 16:04:45.0756 0x12dc [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:04:45.0758 0x12dc IPBusEnum - ok 16:04:45.0837 0x12dc [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:04:45.0838 0x12dc IpFilterDriver - ok 16:04:45.0906 0x12dc [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:04:45.0911 0x12dc iphlpsvc - ok 16:04:45.0917 0x12dc IpInIp - ok 16:04:45.0957 0x12dc [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 16:04:45.0959 0x12dc IPMIDRV - ok 16:04:45.0974 0x12dc [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 16:04:45.0976 0x12dc IPNAT - ok 16:04:46.0087 0x12dc [ F8E8676D1B6B2CC12DF9AA6B1A43D929, A1C45908A0E838F84BE941BFD96642B539BD031DB66B4E7B49F6B62B1039739E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 16:04:46.0103 0x12dc iPod Service - ok 16:04:46.0141 0x12dc [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:04:46.0142 0x12dc IRENUM - ok 16:04:46.0171 0x12dc [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:04:46.0172 0x12dc isapnp - ok 16:04:46.0214 0x12dc [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 16:04:46.0219 0x12dc iScsiPrt - ok 16:04:46.0248 0x12dc [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 16:04:46.0249 0x12dc iteatapi - ok 16:04:46.0306 0x12dc [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys 16:04:46.0307 0x12dc iteraid - ok 16:04:46.0332 0x12dc [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:04:46.0333 0x12dc kbdclass - ok 16:04:46.0340 0x12dc [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:04:46.0341 0x12dc kbdhid - ok 16:04:46.0358 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe 16:04:46.0359 0x12dc KeyIso - ok 16:04:46.0388 0x12dc [ 88956AD9FA510848AD176777A6C6C1F5, 8F2FBF7E70F836C2C11EE5ABCAFE3E51DC26E953DDFBEE3C1B4AA8E58EBDCF5E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:04:46.0397 0x12dc KSecDD - ok 16:04:46.0451 0x12dc [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:04:46.0452 0x12dc ksthunk - ok 16:04:46.0552 0x12dc [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll 16:04:46.0559 0x12dc KtmRm - ok 16:04:46.0596 0x12dc [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\System32\srvsvc.dll 16:04:46.0600 0x12dc LanmanServer - ok 16:04:46.0654 0x12dc [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:04:46.0659 0x12dc LanmanWorkstation - ok 16:04:46.0756 0x12dc [ 4ADC135F525D38A498F83B089228CC2D, 52EC57DDFC3FD8A0EF1095E597F0EF8B7E8FC3791E10361D44E487C88C957C33 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:04:46.0762 0x12dc LBTServ - ok 16:04:46.0803 0x12dc [ 24E09882BA51B9830AE029888A3AAF18, 72CEF9789EC0236D3792A7EA1FE80FF8AE3753E9C1A97C170DC1BB811090DF49 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys 16:04:46.0804 0x12dc LHidFilt - ok 16:04:46.0857 0x12dc [ 7550D101BF49FDB1F92666A233EE36C4, 281EE6C9AAE0A3FDA8D0FE7CD6BA55C481B8719799A526601FEA0542345CAF18 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 16:04:46.0859 0x12dc LightScribeService - ok 16:04:46.0873 0x12dc [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:04:46.0874 0x12dc lltdio - ok 16:04:46.0922 0x12dc [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:04:46.0928 0x12dc lltdsvc - ok 16:04:47.0008 0x12dc [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll 16:04:47.0010 0x12dc lmhosts - ok 16:04:47.0023 0x12dc [ 2F94325D8C10E2B715F3D753C2422AAC, F5B45D3C6773577AF8D179AA3E4092C1A52DFBEC1A365A2A1B7181CDE1D22C2E ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys 16:04:47.0024 0x12dc LMouFilt - ok 16:04:47.0075 0x12dc [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:04:47.0077 0x12dc LSI_FC - ok 16:04:47.0116 0x12dc [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:04:47.0119 0x12dc LSI_SAS - ok 16:04:47.0159 0x12dc [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:04:47.0162 0x12dc LSI_SCSI - ok 16:04:47.0208 0x12dc [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys 16:04:47.0211 0x12dc luafv - ok 16:04:47.0239 0x12dc [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:04:47.0241 0x12dc Mcx2Svc - ok 16:04:47.0281 0x12dc [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 16:04:47.0282 0x12dc mdmxsdk - ok 16:04:47.0322 0x12dc [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys 16:04:47.0323 0x12dc megasas - ok 16:04:47.0368 0x12dc [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys 16:04:47.0376 0x12dc MegaSR - ok 16:04:47.0478 0x12dc [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 16:04:47.0479 0x12dc Microsoft Office Groove Audit Service - ok 16:04:47.0505 0x12dc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll 16:04:47.0507 0x12dc MMCSS - ok 16:04:47.0529 0x12dc [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys 16:04:47.0530 0x12dc Modem - ok 16:04:47.0537 0x12dc [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:04:47.0538 0x12dc monitor - ok 16:04:47.0602 0x12dc [ 93F5ADCAD940111F6D4D71AE1D9EC7F6, 12E5D2F0B6D419E9FAA9D10A99FA33DA686DA2FEE6E1C6AE94DC0D22B9DD4929 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys 16:04:47.0603 0x12dc motccgp - ok 16:04:47.0625 0x12dc [ D51E009BAEDA07EBC107D49D224C2414, F8EF80E91D67697337DD82FE0489448D2566C97C6B189BBBB4733B42BF26AB0C ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys 16:04:47.0626 0x12dc motccgpfl - ok 16:04:47.0665 0x12dc [ DB83DC223B9133DA3E41AFCBDECC46B5, A0780ECFC8A08BD5FE71C0413AC50BC4E00AA4A4B5CD9997889F5FA86B93D698 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys 16:04:47.0666 0x12dc motmodem - ok 16:04:47.0724 0x12dc [ 36AC4DECEAE4226A5B5DD038C49658E1, FFCFEA39368130A8DF8CA9B63F89ACCDBD448841A7488E0C02E3C8EC947A0D9C ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe 16:04:47.0728 0x12dc MotoHelper - ok 16:04:47.0753 0x12dc [ EBD05F60CAFC5BBA2602B8D7101082D3, 9144E1E7C4DD6150C0E97B4C628DE0216ED372062F5F0FB216C81CAF93DBBF07 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys 16:04:47.0753 0x12dc MotoSwitchService - ok 16:04:47.0796 0x12dc [ 87701078C3F720AC7A028E937994CC49, 8A16F0E91F44DA2679DD54266324618930C081C768E067B28AAEB93EC599C4E0 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys 16:04:47.0797 0x12dc Motousbnet - ok 16:04:47.0844 0x12dc [ 307727F9829FB46FF4BE0E4D1DAC5002, AE3CC069634D01748869E141E948553EA23E6F12BEDCE26F412A702377805496 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys 16:04:47.0845 0x12dc motusbdevice - ok 16:04:47.0862 0x12dc [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:04:47.0863 0x12dc mouclass - ok 16:04:47.0900 0x12dc [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:04:47.0901 0x12dc mouhid - ok 16:04:47.0918 0x12dc [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 16:04:47.0919 0x12dc MountMgr - ok 16:04:47.0975 0x12dc [ 4F65CBD93B9807BFD4C95598CAA390EE, 1AB3332F401A98A7E3CE99E6126D63E103B360C947BD73735B32C24FCD673D25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:04:47.0977 0x12dc MozillaMaintenance - ok 16:04:48.0012 0x12dc [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys 16:04:48.0015 0x12dc mpio - ok 16:04:48.0071 0x12dc [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:04:48.0072 0x12dc mpsdrv - ok 16:04:48.0222 0x12dc [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:04:48.0233 0x12dc MpsSvc - ok 16:04:48.0269 0x12dc [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 16:04:48.0270 0x12dc Mraid35x - ok 16:04:48.0314 0x12dc [ 7C1DE4AA96DC0C071611F9E7DE02A68D, 8B248A82324FB23C64D41FA91BCC22093DE44C48D688E5995C484A7072A6EC08 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:04:48.0317 0x12dc MRxDAV - ok 16:04:48.0352 0x12dc [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:04:48.0354 0x12dc mrxsmb - ok 16:04:48.0397 0x12dc [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:04:48.0402 0x12dc mrxsmb10 - ok 16:04:48.0410 0x12dc [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:04:48.0412 0x12dc mrxsmb20 - ok 16:04:48.0490 0x12dc [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci C:\Windows\system32\drivers\msahci.sys 16:04:48.0491 0x12dc msahci - ok 16:04:48.0539 0x12dc [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:04:48.0541 0x12dc msdsm - ok 16:04:48.0638 0x12dc [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe 16:04:48.0641 0x12dc MSDTC - ok 16:04:48.0753 0x12dc [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:04:48.0754 0x12dc Msfs - ok 16:04:48.0763 0x12dc [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:04:48.0764 0x12dc msisadrv - ok 16:04:48.0802 0x12dc [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:04:48.0805 0x12dc MSiSCSI - ok 16:04:48.0824 0x12dc msiserver - ok 16:04:48.0844 0x12dc [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:04:48.0845 0x12dc MSKSSRV - ok 16:04:48.0861 0x12dc [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:04:48.0861 0x12dc MSPCLOCK - ok 16:04:48.0870 0x12dc [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:04:48.0870 0x12dc MSPQM - ok 16:04:48.0906 0x12dc [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:04:48.0911 0x12dc MsRPC - ok 16:04:48.0939 0x12dc [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 16:04:48.0940 0x12dc mssmbios - ok 16:04:48.0960 0x12dc [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:04:48.0961 0x12dc MSTEE - ok 16:04:48.0984 0x12dc [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys 16:04:48.0985 0x12dc Mup - ok 16:04:49.0097 0x12dc [ 64C89DB40949FD0E7C8FF303676A91F1, A3E5DC71DFF0E04EC398ED26ED5B4A81F938533E710CFCEAA99DF585C0AA79C9 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe 16:04:49.0100 0x12dc N360 - ok 16:04:49.0144 0x12dc [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll 16:04:49.0152 0x12dc napagent - ok 16:04:49.0197 0x12dc [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:04:49.0200 0x12dc NativeWifiP - ok 16:04:49.0332 0x12dc [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.001\ENG64.SYS 16:04:49.0334 0x12dc NAVENG - ok 16:04:49.0680 0x12dc [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.001\EX64.SYS 16:04:49.0715 0x12dc NAVEX15 - ok 16:04:49.0863 0x12dc [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:04:49.0876 0x12dc NDIS - ok 16:04:49.0926 0x12dc [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:04:49.0927 0x12dc NdisTapi - ok 16:04:49.0939 0x12dc [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:04:49.0940 0x12dc Ndisuio - ok 16:04:50.0007 0x12dc [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:04:50.0011 0x12dc NdisWan - ok 16:04:50.0056 0x12dc [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:04:50.0057 0x12dc NDProxy - ok 16:04:50.0082 0x12dc [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 16:04:50.0084 0x12dc Net Driver HPZ12 - ok 16:04:50.0138 0x12dc [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:04:50.0139 0x12dc NetBIOS - ok 16:04:50.0164 0x12dc [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt C:\Windows\system32\DRIVERS\netbt.sys 16:04:50.0169 0x12dc netbt - ok 16:04:50.0222 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe 16:04:50.0224 0x12dc Netlogon - ok 16:04:50.0286 0x12dc [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll 16:04:50.0293 0x12dc Netman - ok 16:04:50.0389 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0392 0x12dc NetMsmqActivator - ok 16:04:50.0398 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0401 0x12dc NetPipeActivator - ok 16:04:50.0446 0x12dc [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm C:\Windows\System32\netprofm.dll 16:04:50.0452 0x12dc netprofm - ok 16:04:50.0533 0x12dc [ 653A267797A4DE4A69014ED61945067A, ABF22D2DAF52F917533B30282DA215079BAFCEF26EEB9F06CBDF3707594593F1 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys 16:04:50.0543 0x12dc netr28x - ok 16:04:50.0551 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0553 0x12dc NetTcpActivator - ok 16:04:50.0559 0x12dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:04:50.0562 0x12dc NetTcpPortSharing - ok 16:04:50.0594 0x12dc [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:04:50.0595 0x12dc nfrd960 - ok 16:04:50.0616 0x12dc [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:04:50.0620 0x12dc NlaSvc - ok 16:04:50.0640 0x12dc [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:04:50.0641 0x12dc Npfs - ok 16:04:50.0645 0x12dc npggsvc - ok 16:04:50.0650 0x12dc NPPTNT2 - ok 16:04:50.0695 0x12dc [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll 16:04:50.0697 0x12dc nsi - ok 16:04:50.0702 0x12dc [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:04:50.0703 0x12dc nsiproxy - ok 16:04:50.0812 0x12dc [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:04:50.0837 0x12dc Ntfs - ok 16:04:50.0870 0x12dc [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys 16:04:50.0871 0x12dc Null - ok 16:04:51.0533 0x12dc [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:04:51.0744 0x12dc nvlddmkm - ok 16:04:51.0832 0x12dc [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:04:51.0834 0x12dc nvraid - ok 16:04:51.0879 0x12dc [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:04:51.0880 0x12dc nvstor - ok 16:04:51.0969 0x12dc [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc C:\Windows\system32\nvvsvc.exe 16:04:51.0985 0x12dc nvsvc - ok 16:04:52.0106 0x12dc [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 16:04:52.0126 0x12dc nvUpdatusService - ok 16:04:52.0158 0x12dc [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:04:52.0160 0x12dc nv_agp - ok 16:04:52.0164 0x12dc NwlnkFlt - ok 16:04:52.0167 0x12dc NwlnkFwd - ok 16:04:52.0241 0x12dc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 16:04:52.0249 0x12dc odserv - ok 16:04:52.0306 0x12dc [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 16:04:52.0307 0x12dc ohci1394 - ok 16:04:52.0356 0x12dc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:04:52.0359 0x12dc ose - ok 16:04:52.0450 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll 16:04:52.0467 0x12dc p2pimsvc - ok 16:04:52.0492 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll 16:04:52.0507 0x12dc p2psvc - ok 16:04:52.0531 0x12dc [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys 16:04:52.0533 0x12dc Parport - ok 16:04:52.0566 0x12dc [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:04:52.0568 0x12dc partmgr - ok 16:04:52.0591 0x12dc [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll 16:04:52.0593 0x12dc PcaSvc - ok 16:04:52.0641 0x12dc [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys 16:04:52.0644 0x12dc pci - ok 16:04:52.0676 0x12dc [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide C:\Windows\system32\drivers\pciide.sys 16:04:52.0676 0x12dc pciide - ok 16:04:52.0710 0x12dc [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:04:52.0714 0x12dc pcmcia - ok 16:04:52.0769 0x12dc [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:04:52.0781 0x12dc PEAUTH - ok 16:04:52.0930 0x12dc [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:04:52.0931 0x12dc PerfHost - ok 16:04:53.0001 0x12dc [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll 16:04:53.0026 0x12dc pla - ok 16:04:53.0085 0x12dc [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:04:53.0092 0x12dc PlugPlay - ok 16:04:53.0157 0x12dc [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 16:04:53.0159 0x12dc Pml Driver HPZ12 - ok 16:04:53.0184 0x12dc PnkBstrA - ok 16:04:53.0207 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 16:04:53.0221 0x12dc PNRPAutoReg - ok 16:04:53.0246 0x12dc [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll 16:04:53.0261 0x12dc PNRPsvc - ok 16:04:53.0309 0x12dc [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:04:53.0318 0x12dc PolicyAgent - ok 16:04:53.0394 0x12dc [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:04:53.0396 0x12dc PptpMiniport - ok 16:04:53.0473 0x12dc [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\drivers\processr.sys 16:04:53.0474 0x12dc Processor - ok 16:04:53.0498 0x12dc [ E058CE4FC2449D8BFA14739C83B7FF2A, 6ACA086D5E0EF3C3EAEBD78010E50739BBA7CA05E937FFF3A4F2AD22FD57B54A ] ProfSvc C:\Windows\system32\profsvc.dll 16:04:53.0502 0x12dc ProfSvc - ok 16:04:53.0508 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:04:53.0510 0x12dc ProtectedStorage - ok 16:04:53.0573 0x12dc [ 1D0A3F565397D08707F3D75B88586645, 92EC9C26CD446E86C37CB2FAF235B97D68D9682DD240563EC0C81000FAD7AF25 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys 16:04:53.0574 0x12dc Ps2 - ok 16:04:53.0610 0x12dc [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 16:04:53.0612 0x12dc PSched - ok 16:04:53.0686 0x12dc [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:04:53.0709 0x12dc ql2300 - ok 16:04:53.0743 0x12dc [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:04:53.0746 0x12dc ql40xx - ok 16:04:53.0794 0x12dc [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE C:\Windows\system32\qwave.dll 16:04:53.0800 0x12dc QWAVE - ok 16:04:53.0849 0x12dc [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:04:53.0850 0x12dc QWAVEdrv - ok 16:04:53.0890 0x12dc [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:04:53.0891 0x12dc RasAcd - ok 16:04:53.0937 0x12dc [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll 16:04:53.0940 0x12dc RasAuto - ok 16:04:53.0995 0x12dc [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:04:53.0997 0x12dc Rasl2tp - ok 16:04:54.0045 0x12dc [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll 16:04:54.0051 0x12dc RasMan - ok 16:04:54.0104 0x12dc [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:04:54.0105 0x12dc RasPppoe - ok 16:04:54.0129 0x12dc [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:04:54.0131 0x12dc RasSstp - ok 16:04:54.0177 0x12dc [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:04:54.0183 0x12dc rdbss - ok 16:04:54.0222 0x12dc [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:04:54.0223 0x12dc RDPCDD - ok 16:04:54.0273 0x12dc [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 16:04:54.0279 0x12dc rdpdr - ok 16:04:54.0284 0x12dc [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:04:54.0284 0x12dc RDPENCDD - ok 16:04:54.0339 0x12dc [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:04:54.0343 0x12dc RDPWD - ok 16:04:54.0382 0x12dc [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:04:54.0384 0x12dc RemoteAccess - ok 16:04:54.0403 0x12dc [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:04:54.0407 0x12dc RemoteRegistry - ok 16:04:54.0444 0x12dc [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe 16:04:54.0445 0x12dc RpcLocator - ok 16:04:54.0506 0x12dc [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\System32\rpcss.dll 16:04:54.0519 0x12dc RpcSs - ok 16:04:54.0555 0x12dc [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:04:54.0556 0x12dc rspndr - ok 16:04:54.0606 0x12dc [ D53C84EC99AB4D78A90001E5CE5386EC, D6ACAAF512EB16924DCA2310BAA2917C3E24AE72048099B9939C3E49AA6FD0D7 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys 16:04:54.0609 0x12dc RTL8169 - ok 16:04:54.0659 0x12dc [ 248ABD858FF7DCC966E5A54529DDD225, 54F68F207409855AAB90FB80C8B41F20E0DF783160232AA9A11789D428D575D8 ] SaiHFF0C C:\Windows\system32\DRIVERS\SaiHFF0C.sys 16:04:54.0662 0x12dc SaiHFF0C - ok 16:04:54.0709 0x12dc [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys 16:04:54.0710 0x12dc SaiMini - ok 16:04:54.0733 0x12dc [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys 16:04:54.0734 0x12dc SaiNtBus - ok 16:04:54.0775 0x12dc [ 547B16D072A3AFCE5807BE20C3F4734B, C78317372EBAD6FBAF5E13852BE8F1CD0F4B947BA6B426D819581B00D1B3E6AE ] SaiUFF0C C:\Windows\system32\DRIVERS\SaiUFF0C.sys 16:04:54.0775 0x12dc SaiUFF0C - ok 16:04:54.0788 0x12dc [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe 16:04:54.0789 0x12dc SamSs - ok 16:04:54.0806 0x12dc [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:04:54.0807 0x12dc sbp2port - ok 16:04:54.0838 0x12dc [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:04:54.0842 0x12dc SCardSvr - ok 16:04:54.0891 0x12dc [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule C:\Windows\system32\schedsvc.dll 16:04:54.0906 0x12dc Schedule - ok 16:04:54.0969 0x12dc [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:04:54.0970 0x12dc SCPolicySvc - ok 16:04:54.0994 0x12dc [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:04:54.0997 0x12dc SDRSVC - ok 16:04:55.0017 0x12dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:04:55.0018 0x12dc secdrv - ok 16:04:55.0031 0x12dc [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon C:\Windows\system32\seclogon.dll 16:04:55.0033 0x12dc seclogon - ok 16:04:55.0048 0x12dc [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS C:\Windows\system32\sens.dll 16:04:55.0050 0x12dc SENS - ok 16:04:55.0077 0x12dc [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys 16:04:55.0078 0x12dc Serenum - ok 16:04:55.0099 0x12dc [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys 16:04:55.0101 0x12dc Serial - ok 16:04:55.0119 0x12dc [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:04:55.0120 0x12dc sermouse - ok 16:04:55.0169 0x12dc [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv C:\Windows\system32\sessenv.dll 16:04:55.0172 0x12dc SessionEnv - ok 16:04:55.0222 0x12dc [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:04:55.0223 0x12dc sffdisk - ok 16:04:55.0248 0x12dc [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:04:55.0249 0x12dc sffp_mmc - ok 16:04:55.0260 0x12dc [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:04:55.0261 0x12dc sffp_sd - ok 16:04:55.0286 0x12dc [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:04:55.0287 0x12dc sfloppy - ok 16:04:55.0359 0x12dc [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:04:55.0365 0x12dc SharedAccess - ok 16:04:55.0426 0x12dc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:04:55.0432 0x12dc ShellHWDetection - ok 16:04:55.0495 0x12dc [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 16:04:55.0496 0x12dc SiSRaid2 - ok 16:04:55.0517 0x12dc [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:04:55.0518 0x12dc SiSRaid4 - ok 16:04:55.0628 0x12dc [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe 16:04:55.0673 0x12dc slsvc - ok 16:04:55.0717 0x12dc [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify C:\Windows\system32\SLUINotify.dll 16:04:55.0720 0x12dc SLUINotify - ok 16:04:55.0771 0x12dc [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:04:55.0773 0x12dc Smb - ok 16:04:55.0818 0x12dc [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:04:55.0819 0x12dc SNMPTRAP - ok 16:04:55.0871 0x12dc [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys 16:04:55.0872 0x12dc spldr - ok 16:04:55.0929 0x12dc [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe 16:04:55.0936 0x12dc Spooler - ok 16:04:56.0022 0x12dc [ 9E399476E5D5E0D3C8822C857A7E9A9A, 7CF78663B7EC20127970B13B5A25B980358CB36EB203B87E255FCA4A35A1FC58 ] SRTSP C:\Windows\System32\Drivers\N360x64\0308030.006\SRTSP64.SYS 16:04:56.0031 0x12dc SRTSP - ok 16:04:56.0057 0x12dc [ 3D7717B582F0365E75071556936E5A6B, 5E7C6F654A149F33418EE5A61867E6F1F80FF2596222FCFB4096AF18E930E653 ] SRTSPX C:\Windows\system32\drivers\N360x64\0308030.006\SRTSPX64.SYS 16:04:56.0058 0x12dc SRTSPX - ok 16:04:56.0092 0x12dc [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:04:56.0100 0x12dc srv - ok 16:04:56.0147 0x12dc [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:04:56.0150 0x12dc srv2 - ok 16:04:56.0199 0x12dc [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:04:56.0202 0x12dc srvnet - ok 16:04:56.0253 0x12dc [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:04:56.0257 0x12dc SSDPSRV - ok 16:04:56.0322 0x12dc [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:04:56.0325 0x12dc SstpSvc - ok 16:04:56.0364 0x12dc [ 83FED7FEB38AF36DE784C2B75750B75C, 6984B056FDFE35F0676FCE35C6C8DF6D4C55452CBD802EF83ABE6C2B446E3328 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 16:04:56.0375 0x12dc Steam Client Service - ok 16:04:56.0412 0x12dc [ 14B4DB4381E4A55F570D8BB699B791D6, 14975F249C59F9D13359FF064433246C46A8A3328ED69A23712649ACAAE9121D ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 16:04:56.0413 0x12dc StillCam - ok 16:04:56.0453 0x12dc [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll 16:04:56.0464 0x12dc stisvc - ok 16:04:56.0501 0x12dc [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys 16:04:56.0502 0x12dc swenum - ok 16:04:56.0542 0x12dc [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll 16:04:56.0551 0x12dc swprv - ok 16:04:56.0582 0x12dc [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 16:04:56.0583 0x12dc Symc8xx - ok 16:04:56.0615 0x12dc [ 4F87BB5389A93778EBC363B28271A65B, A257737077400EE615A78810B2F7CB175849BC5D3ABE9E787BEFA1F43FC8FB31 ] SymEFA C:\Windows\system32\drivers\N360x64\0308030.006\SYMEFA64.SYS 16:04:56.0622 0x12dc SymEFA - ok 16:04:56.0695 0x12dc [ 7E4D281982E19ABD06728C7EE9AC40A8, A46F5A9B38F8D854C7EE55A75674F6A0FD2A98CB80BD7B8D6892597B3C1EBF6C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 16:04:56.0698 0x12dc SymEvent - ok 16:04:56.0704 0x12dc [ B4AF6633ECD674B74BD4E80788299D2A, C53E90B609BF8897D351D92E8AC768B90CA9451B997D69F384D00E875620CB49 ] SYMFW C:\Windows\System32\Drivers\N360x64\0308030.006\SYMFW.SYS 16:04:56.0707 0x12dc SYMFW - ok 16:04:56.0737 0x12dc [ 212BBF5A964513980D5DE9397381534F, 19F38CE058ABA6F93D49EA2B001AD2FD12BA9487F364A5F8110E596BCE67BFF6 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys 16:04:56.0738 0x12dc SymIM - ok 16:04:56.0788 0x12dc [ D451A05F7E7B9D1F9F8FB76B2A16D786, 10D5E8D4BAA33A204EC22338D8647E13030D5354925D4A1BDF586FB3BD91413B ] SYMNDISV C:\Windows\System32\Drivers\N360x64\0308030.006\SYMNDISV.SYS 16:04:56.0790 0x12dc SYMNDISV - ok 16:04:56.0820 0x12dc [ 33B37CB0A74F1F4B78A665ECE9184095, CA977159FD396C05B5E1FE30DF2298EA73368CD5E381E0DF693DB1CA1806BEC4 ] SYMTDI C:\Windows\System32\Drivers\N360x64\0308030.006\SYMTDI.SYS 16:04:56.0825 0x12dc SYMTDI - ok 16:04:56.0850 0x12dc [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 16:04:56.0851 0x12dc Sym_hi - ok 16:04:56.0864 0x12dc [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 16:04:56.0865 0x12dc Sym_u3 - ok 16:04:56.0926 0x12dc [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain C:\Windows\system32\sysmain.dll 16:04:56.0942 0x12dc SysMain - ok 16:04:56.0983 0x12dc [ 90EF46C5E48B21087B6B4D07EDFDF6E3, EA3475774DB9269BBC7AE6E88984B0506EFEC8BCB30E5164FFEC6B2B95E2FB19 ] System Update kb70007 C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe 16:04:56.0983 0x12dc System Update kb70007 - ok 16:04:57.0025 0x12dc [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll 16:04:57.0028 0x12dc TabletInputService - ok 16:04:57.0104 0x12dc [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll 16:04:57.0110 0x12dc TapiSrv - ok 16:04:57.0150 0x12dc [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll 16:04:57.0152 0x12dc TBS - ok 16:04:57.0264 0x12dc [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:04:57.0290 0x12dc Tcpip - ok 16:04:57.0336 0x12dc [ C2CB949645C299E23FBFD26CAD3FC96E, D2DB2F3F1013EA1E6E04D0AD74B8CDC3AD4BF6653F1092408629DD3492BE8968 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 16:04:57.0363 0x12dc Tcpip6 - ok 16:04:57.0412 0x12dc [ C7E72A4071EE0200E3C075DACFB2B334, 925A68FD021C7957792F31E9D69A31C180BEB878CD93D2C3E2BE463F58011A6C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:04:57.0413 0x12dc tcpipreg - ok 16:04:57.0456 0x12dc [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:04:57.0457 0x12dc TDPIPE - ok 16:04:57.0531 0x12dc [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:04:57.0532 0x12dc TDTCP - ok 16:04:57.0555 0x12dc [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:04:57.0557 0x12dc tdx - ok 16:04:57.0605 0x12dc [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 16:04:57.0607 0x12dc TermDD - ok 16:04:57.0674 0x12dc [ 5CDD30BC217082DAC71A9878D9BFD566, 260D40973F9EEAE9A1890B813D8DCC01A9434D17DCE5DA1D16B72A57DCF59194 ] TermService C:\Windows\System32\termsrv.dll 16:04:57.0684 0x12dc TermService - ok 16:04:57.0717 0x12dc [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll 16:04:57.0723 0x12dc Themes - ok 16:04:57.0745 0x12dc [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll 16:04:57.0746 0x12dc THREADORDER - ok 16:04:57.0791 0x12dc [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll 16:04:57.0795 0x12dc TrkWks - ok 16:04:57.0871 0x12dc [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:04:57.0873 0x12dc TrustedInstaller - ok 16:04:57.0898 0x12dc [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:04:57.0899 0x12dc tssecsrv - ok 16:04:57.0923 0x12dc [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 16:04:57.0924 0x12dc tunmp - ok 16:04:57.0940 0x12dc [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:04:57.0941 0x12dc tunnel - ok 16:04:57.0967 0x12dc [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:04:57.0968 0x12dc uagp35 - ok 16:04:57.0992 0x12dc [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:04:57.0997 0x12dc udfs - ok 16:04:58.0041 0x12dc [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:04:58.0043 0x12dc UI0Detect - ok 16:04:58.0086 0x12dc [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:04:58.0088 0x12dc uliagpkx - ok 16:04:58.0112 0x12dc [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys 16:04:58.0117 0x12dc uliahci - ok 16:04:58.0157 0x12dc [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys 16:04:58.0160 0x12dc UlSata - ok 16:04:58.0202 0x12dc [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 16:04:58.0205 0x12dc ulsata2 - ok 16:04:58.0249 0x12dc [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:04:58.0250 0x12dc umbus - ok 16:04:58.0271 0x12dc [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost C:\Windows\System32\upnphost.dll 16:04:58.0278 0x12dc upnphost - ok 16:04:58.0345 0x12dc [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:04:58.0347 0x12dc usbccgp - ok 16:04:58.0412 0x12dc [ 3F4BE4D7C5C4F64101F252263E588856, 279B05BF84E5C2DC7A24ED8FC7BCBE8A9D308F80D9EFF59DE37B4B53BD0A653C ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 16:04:58.0414 0x12dc usbcir - ok 16:04:58.0443 0x12dc [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 16:04:58.0444 0x12dc usbehci - ok 16:04:58.0463 0x12dc [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:04:58.0468 0x12dc usbhub - ok 16:04:58.0513 0x12dc [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci C:\Windows\system32\drivers\usbohci.sys 16:04:58.0514 0x12dc usbohci - ok 16:04:58.0541 0x12dc [ ACFEE697AF477021BB3EC78C5431FED2, DE529549074E7CA1601D889D62CFF45F00741EB584F9F2091D61527944334C2A ] usbprint C:\Windows\system32\drivers\usbprint.sys 16:04:58.0543 0x12dc usbprint - ok 16:04:58.0580 0x12dc [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:04:58.0582 0x12dc USBSTOR - ok 16:04:58.0618 0x12dc [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 16:04:58.0618 0x12dc usbuhci - ok 16:04:58.0663 0x12dc [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll 16:04:58.0665 0x12dc UxSms - ok 16:04:58.0694 0x12dc [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe 16:04:58.0703 0x12dc vds - ok 16:04:58.0734 0x12dc [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:04:58.0735 0x12dc vga - ok 16:04:58.0746 0x12dc [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:04:58.0747 0x12dc VgaSave - ok 16:04:58.0768 0x12dc [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys 16:04:58.0769 0x12dc viaide - ok 16:04:58.0794 0x12dc [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:04:58.0796 0x12dc volmgr - ok 16:04:58.0825 0x12dc [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:04:58.0832 0x12dc volmgrx - ok 16:04:58.0877 0x12dc [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:04:58.0881 0x12dc volsnap - ok 16:04:58.0918 0x12dc [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:04:58.0921 0x12dc vsmraid - ok 16:04:59.0011 0x12dc [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe 16:04:59.0036 0x12dc VSS - ok 16:04:59.0078 0x12dc [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll 16:04:59.0085 0x12dc W32Time - ok 16:04:59.0119 0x12dc [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:04:59.0120 0x12dc WacomPen - ok 16:04:59.0160 0x12dc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 16:04:59.0162 0x12dc Wanarp - ok 16:04:59.0167 0x12dc [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:04:59.0169 0x12dc Wanarpv6 - ok 16:04:59.0217 0x12dc [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:04:59.0228 0x12dc wcncsvc - ok 16:04:59.0266 0x12dc [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:04:59.0268 0x12dc WcsPlugInService - ok 16:04:59.0295 0x12dc [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys 16:04:59.0296 0x12dc Wd - ok 16:04:59.0357 0x12dc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:04:59.0371 0x12dc Wdf01000 - ok 16:04:59.0455 0x12dc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll 16:04:59.0458 0x12dc WdiServiceHost - ok 16:04:59.0463 0x12dc [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll 16:04:59.0465 0x12dc WdiSystemHost - ok 16:04:59.0512 0x12dc [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient C:\Windows\System32\webclnt.dll 16:04:59.0517 0x12dc WebClient - ok 16:04:59.0572 0x12dc [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:04:59.0577 0x12dc Wecsvc - ok 16:04:59.0583 0x12dc [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:04:59.0586 0x12dc wercplsupport - ok 16:04:59.0644 0x12dc [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll 16:04:59.0647 0x12dc WerSvc - ok 16:04:59.0697 0x12dc [ A53CDE6BEEA165FE9B430476EEDE3C54, 5933C8F3935F0E298A9845992259016947E977399A89C4C152381C626D21AC95 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys 16:04:59.0710 0x12dc winachsf - ok 16:04:59.0749 0x12dc WinDefend - ok 16:04:59.0754 0x12dc WinHttpAutoProxySvc - ok 16:04:59.0853 0x12dc [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:04:59.0858 0x12dc Winmgmt - ok 16:05:00.0020 0x12dc [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM C:\Windows\system32\WsmSvc.dll 16:05:00.0055 0x12dc WinRM - ok 16:05:00.0140 0x12dc [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll 16:05:00.0152 0x12dc Wlansvc - ok 16:05:00.0413 0x12dc [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:05:00.0453 0x12dc wlidsvc - ok 16:05:00.0517 0x12dc [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 16:05:00.0518 0x12dc WmiAcpi - ok 16:05:00.0552 0x12dc [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:05:00.0555 0x12dc wmiApSrv - ok 16:05:00.0621 0x12dc WMPNetworkSvc - ok 16:05:00.0647 0x12dc [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:05:00.0651 0x12dc WPCSvc - ok 16:05:00.0714 0x12dc [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:05:00.0717 0x12dc WPDBusEnum - ok 16:05:00.0761 0x12dc [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 16:05:00.0763 0x12dc WpdUsb - ok 16:05:00.0932 0x12dc [ A2BFEDF5D926CBED9C5F7BC46169A99C, 4F336C0D1DFBCDF9583F528331300FD377AE6565E0C70D58CD9E6ACE95B7273F ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe 16:05:00.0949 0x12dc WPFFontCache_v0400 - ok 16:05:00.0980 0x12dc [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:05:00.0981 0x12dc ws2ifsl - ok 16:05:01.0015 0x12dc [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\system32\wscsvc.dll 16:05:01.0018 0x12dc wscsvc - ok 16:05:01.0064 0x12dc [ DE5F5212AB34221DD1618B5FEFE8DB6C, D07CBEE66F7A42EBE68212A01BDCC32EDF1810841F1BD77AE7950B1AD6DAB5DB ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 16:05:01.0065 0x12dc WSDPrintDevice - ok 16:05:01.0068 0x12dc WSearch - ok 16:05:01.0270 0x12dc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll 16:05:01.0311 0x12dc wuauserv - ok 16:05:01.0378 0x12dc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:05:01.0380 0x12dc WudfPf - ok 16:05:01.0447 0x12dc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:05:01.0450 0x12dc WUDFRd - ok 16:05:01.0493 0x12dc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:05:01.0496 0x12dc wudfsvc - ok 16:05:01.0549 0x12dc [ F22E443518BC599D12888DAF292A56D8, B83E06985639F2DD7FB675FC48794C6BB424F330C6E8F030B34F128245CCE0D1 ] XAudio C:\Windows\system32\DRIVERS\xaudio64.sys 16:05:01.0550 0x12dc XAudio - ok 16:05:01.0617 0x12dc [ 963C27034BBA4AC52A13F7A3C657C708, BE104B9E4978F16A023364621CFFAE95BC629A18AA82B2DA890E5DC18ADADDE1 ] XAudioService C:\Windows\system32\DRIVERS\xaudio64.exe 16:05:01.0624 0x12dc XAudioService - ok 16:05:01.0631 0x12dc ================ Scan global =============================== 16:05:01.0678 0x12dc [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll 16:05:01.0729 0x12dc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll 16:05:01.0751 0x12dc [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll 16:05:01.0817 0x12dc [ 934E0B7D77FF78C18D9F8891221B6DE3, BB1ACD3CD6482D8B7C5931E8733B8094D2CE59C4FBC4012BD0799C8DC367FB74 ] C:\Windows\system32\services.exe 16:05:01.0825 0x12dc [ Global ] - ok 16:05:01.0825 0x12dc ================ Scan MBR ================================== 16:05:01.0859 0x12dc [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0 16:05:02.0102 0x12dc \Device\Harddisk0\DR0 - ok 16:05:02.0103 0x12dc ================ Scan VBR ================================== 16:05:02.0105 0x12dc [ 057C6E92173CEF79D6520A9BEE6BB22D ] \Device\Harddisk0\DR0\Partition1 16:05:02.0141 0x12dc \Device\Harddisk0\DR0\Partition1 - ok 16:05:02.0144 0x12dc [ 5E8A6344E68F207A86ACBC2C9CE0F152 ] \Device\Harddisk0\DR0\Partition2 16:05:02.0172 0x12dc \Device\Harddisk0\DR0\Partition2 - ok 16:05:02.0172 0x12dc Waiting for KSN requests completion. In queue: 69 16:05:03.0177 0x12dc Win FW state via NFP2: enabled 16:05:03.0355 0x12dc ============================================================ 16:05:03.0355 0x12dc Scan finished 16:05:03.0355 0x12dc ============================================================ 16:05:03.0364 0x146c Detected object count: 0 16:05:03.0364 0x146c Actual detected object count: 0 16:05:07.0384 0x1570 Deinitialize success

#12 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 08 May 2014 - 08:32 AM

Hi biggary1689 ,
 

I unselected wordwrap in notepad. When I paste it in the text box everything looks good with the times lining up on the left side. However, when I click preview Post everything get mixed up. Any suggestions?

 

I was able to decipher the text as is, but in the future try clicking the toggle switch to see if that changes the format in your next post. Either that or try posting without previewing your reply.

WTTtoggleswitch_zpsd2b76942.gif

=========================

bullseye_zpse9eaf36e.gif Re-run OTL (it should be located on your desktop).

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Uncheck the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
    Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:

  • OTL.txt
  • How is the computer running, any symptoms?

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#13 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 08 May 2014 - 09:22 AM

Everything appears to be running smoothly. I am not seeing any popup ads or redirects



OTL logfile created on: 5/8/2014 11:01:38 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gary\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.29 Gb Available Physical Memory | 71.49% Memory free
12.11 Gb Paging File | 10.48 Gb Available in Paging File | 86.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.32 Gb Total Space | 109.86 Gb Free Space | 15.98% Space Free | Partition Type: NTFS
Drive D: | 11.31 Gb Total Space | 1.10 Gb Free Space | 9.77% Space Free | Partition Type: NTFS

Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Users\Gary\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
PRC - C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
PRC - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (System Update kb70007) -- C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdblockerSrv) -- C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (npggsvc) -- C:\WINDOWS\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (hitmanpro37) -- C:\Windows\SysNative\drivers\hitmanpro37.sys ()
DRV:64bit: - (asdnet) -- C:\Windows\SysNative\DRIVERS\asdnet.sys ()
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMTDI.SYS (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMFW.SYS (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMNDISV.SYS (Symantec Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\BHDrvx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DP) -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys (Conexant Systems, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (SaiHFF0C) -- C:\Windows\SysNative\DRIVERS\SaiHFF0C.sys (Saitek)
DRV:64bit: - (SaiUFF0C) -- C:\Windows\SysNative\DRIVERS\SaiUFF0C.sys (Saitek)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.022\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140507.022\eng64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20140507.001\IDSviA64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/01 07:15:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/30 18:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/07 15:47:55 | 000,000,000 | ---D | M]

[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2014/05/01 09:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\yeag246i.default-1398948955132\extensions
[2014/05/07 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/30 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/30 18:03:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2006/08/09 06:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/05/01 09:02:43 | 000,039,317 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.egdating.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 647 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\GatesofAndaron\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [Anvi AD Blocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [ScrewDrivers RDP Plugin] C:\Program Files (x86)\triCerat\Simplify Printing\ScrewDrivers Client v4\install_rdp.exe ()
O4 - HKCU..\Run: [VirtualDub.org] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE92507-B466-474D-9E8F-F4A5EC774184}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D8B5987-8491-4898-9A1B-88C11ECF028C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/07 15:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/07 15:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/07 15:44:36 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/07 15:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/07 15:43:57 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/07 15:43:57 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/07 15:43:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/07 15:19:35 | 000,921,512 | ---- | C] (Oracle Corporation) -- C:\Users\Gary\Desktop\jxpiinstall.exe
[2014/05/07 09:07:30 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/07 08:19:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/06 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\DropboxMaster
[2014/05/05 11:36:38 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/01 09:54:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/01 09:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/01 09:21:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/01 09:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/01 08:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/04/30 21:04:38 | 010,971,424 | ---- | C] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 21:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/30 20:22:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/30 20:22:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[2014/04/30 20:06:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/30 18:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/04/30 13:19:52 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/04/30 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/04/30 13:18:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Wise
[2014/04/23 08:53:59 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\p90x3
[2014/04/09 08:57:58 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/04/09 08:57:58 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/09 08:57:56 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/09 08:57:56 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/04/09 08:57:56 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/09 08:57:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/04/09 08:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/04/09 08:57:56 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/09 08:57:56 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/04/09 08:57:56 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/09 08:57:56 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/09 08:57:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/09 08:57:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2014/04/09 08:57:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2014/04/09 08:57:55 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/09 08:57:52 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/05/08 10:59:24 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/08 10:54:34 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/08 10:54:34 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/08 10:54:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/08 10:31:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/08 10:18:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/07 16:03:10 | 004,143,997 | ---- | M] () -- C:\Users\Gary\Desktop\tdsskiller.zip
[2014/05/07 15:47:56 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/05/07 15:43:18 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/07 15:43:10 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/07 15:43:10 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/07 15:43:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/07 15:25:38 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/07 15:19:36 | 000,921,512 | ---- | M] (Oracle Corporation) -- C:\Users\Gary\Desktop\jxpiinstall.exe
[2014/05/07 12:03:50 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/05/07 09:06:35 | 001,310,621 | ---- | M] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 10:19:03 | 000,000,957 | ---- | M] () -- C:\Users\Gary\Desktop\Dropbox.lnk
[2014/05/06 09:24:55 | 000,000,570 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:52 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/05 11:36:15 | 000,854,355 | ---- | M] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:19:07 | 837,171,865 | ---- | M] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:24:17 | 733,867,381 | ---- | M] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:31:48 | 1479,689,302 | ---- | M] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:06 | 000,239,107 | ---- | M] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:36 | 001,611,202 | ---- | M] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:54:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:37:40 | 000,002,051 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:21:45 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:19:14 | 006,369,640 | ---- | M] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/01 09:02:43 | 000,039,317 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/30 21:29:12 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/30 21:05:09 | 010,971,424 | ---- | M] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 13:25:27 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 13:25:26 | 000,000,914 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/30 08:38:23 | 1502,076,584 | ---- | M] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 16:58:02 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Gary.job
[2014/04/29 13:31:15 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 13:31:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/29 08:11:23 | 1467,971,725 | ---- | M] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:55:02 | 967,586,375 | ---- | M] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:42 | 006,195,323 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:13 | 003,000,315 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/16 10:52:03 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2014/04/13 15:22:17 | 851,125,388 | ---- | M] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:39 | 000,222,166 | ---- | M] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:41:09 | 837,117,006 | ---- | M] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:18:06 | 002,290,165 | ---- | M] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:44 | 002,024,146 | ---- | M] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | M] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/05/07 15:57:39 | 004,143,997 | ---- | C] () -- C:\Users\Gary\Desktop\tdsskiller.zip
[2014/05/07 15:47:56 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/05/07 15:47:55 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/05/07 09:06:32 | 001,310,621 | ---- | C] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 09:24:55 | 000,000,570 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:12 | 000,854,355 | ---- | C] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:03:53 | 837,171,865 | ---- | C] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:11:27 | 733,867,381 | ---- | C] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:01:58 | 1479,689,302 | ---- | C] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:05 | 000,239,107 | ---- | C] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:33 | 001,611,202 | ---- | C] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:21:45 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:21:44 | 000,019,280 | ---- | C] () -- C:\Windows\SysNative\drivers\asdnet.sys
[2014/05/01 09:19:08 | 006,369,640 | ---- | C] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,051 | ---- | C] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:10:57 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/30 21:29:12 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/04/30 13:19:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/30 08:27:39 | 1502,076,584 | ---- | C] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 08:01:21 | 1467,971,725 | ---- | C] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:48:18 | 967,586,375 | ---- | C] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:41 | 006,195,323 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:10 | 003,000,315 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/13 14:20:20 | 851,125,388 | ---- | C] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:37 | 000,222,166 | ---- | C] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:33:54 | 837,117,006 | ---- | C] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:12:20 | 002,290,165 | ---- | C] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:42 | 002,024,146 | ---- | C] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | C] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[2014/03/30 09:41:21 | 000,000,732 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps64.dat
[2014/02/18 19:15:33 | 000,012,005 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\alsoft.ini
[2012/07/15 09:49:45 | 000,000,680 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps.dat
[2011/12/13 09:20:01 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE3.dat
[2011/12/13 09:13:07 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE2.dat
[2011/12/12 23:41:34 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE1.dat
[2011/12/12 21:29:01 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2011/12/12 21:29:01 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat
[2011/05/23 08:44:15 | 000,000,000 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2011/05/18 17:47:00 | 000,001,940 | ---- | C] () -- C:\Users\Gary\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 07:55:03 | 000,000,092 | ---- | C] () -- C:\Users\Gary\AppData\Local\fusioncache.dat
[2010/03/21 21:09:21 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/21 20:58:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/18 17:07:28 | 000,036,352 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
"ThreadingModel" = Apartment

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\tehhobtextd72.mkv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\escpepln72-G.mkv:TOC.WMV
@Alternate Data Stream - 453 bytes -> C:\Users\Gary\Desktop\2-5.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-4.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-1.jpg:com.dropbox.attributes
@Alternate Data Stream - 448 bytes -> C:\Users\Gary\Desktop\2-2.jpg:com.dropbox.attributes
@Alternate Data Stream - 446 bytes -> C:\Users\Gary\Desktop\2-3.jpg:com.dropbox.attributes
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B2AA1B61

< End of report >

#14 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 08 May 2014 - 09:01 PM

Hi biggary1689,

Did you upgrade your version of Internet Explorer?

=========================

Go here: and locate the Fix it button to reset your Proxy Setting in Internet Explorer

IEproxysettingsreset_zps1d7d5bd6.gif

=========================

bullseye_zpse9eaf36e.gif Reboot

=========================

bullseye_zpse9eaf36e.gif Run OTL.exe
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
    IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
    
    :Commands
    [purity]
    [createrestorepoint]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then re-run OTL and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
=========================

In your next post please provide the following:
  • OTL fix log
  • fresh OTL.txt
  • Answer about IE

Edited by OCD, 08 May 2014 - 09:13 PM.
added additional steps

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#15 biggary1689

biggary1689

    Authentic Member

  • Authentic Member
  • PipPip
  • 32 posts

Posted 09 May 2014 - 07:54 AM

I was unable to get the newer version of IE installed. It went to step 3 of 3 at 100% and said that the install was unsucessful.  Below are the two logs.

 

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

 

 

OTL logfile created on: 5/9/2014 8:41:46 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gary\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
6.00 Gb Total Physical Memory | 4.02 Gb Available Physical Memory | 67.05% Memory free
12.11 Gb Paging File | 10.24 Gb Available in Paging File | 84.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.32 Gb Total Space | 111.81 Gb Free Space | 16.27% Space Free | Partition Type: NTFS
Drive D: | 11.31 Gb Total Space | 1.10 Gb Free Space | 9.77% Space Free | Partition Type: NTFS
 
Computer Name: GARY-PC | User Name: Gary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\MSR\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
PRC - C:\Users\Gary\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
PRC - C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (System Update kb70007) -- C:\WINDOWS\Microsoft\System Update kb70007\WindowsUpdater.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdblockerSrv) -- C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerSrv.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\WINDOWS\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (npggsvc) -- C:\WINDOWS\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\ccSvcHst.exe (Symantec Corporation)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (hitmanpro37) -- C:\Windows\SysNative\drivers\hitmanpro37.sys ()
DRV:64bit: - (asdnet) -- C:\Windows\SysNative\DRIVERS\asdnet.sys ()
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\DRIVERS\SaiMini.sys (Saitek)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMTDI.SYS (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMFW.SYS (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SYMNDISV.SYS (Symantec Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308030.006\BHDrvx64.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0308030.006\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\DRIVERS\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation                                            )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (CAXHWBS2) -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DP) -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys (Conexant Systems, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (SaiHFF0C) -- C:\Windows\SysNative\DRIVERS\SaiHFF0C.sys (Saitek)
DRV:64bit: - (SaiUFF0C) -- C:\Windows\SysNative\DRIVERS\SaiUFF0C.sys (Saitek)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140508.034\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20140508.034\eng64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20140507.001\IDSviA64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{DB4376FF-E866-4999-8C9A-FF552D841782}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/11/01 07:15:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/04/30 18:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/07 15:47:55 | 000,000,000 | ---D | M]
 
[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions
[2011/06/16 19:16:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2014/05/01 09:44:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\yeag246i.default-1398948955132\extensions
[2014/05/09 08:21:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/04/30 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/30 18:03:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/12 23:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009/09/12 23:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009/09/12 23:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009/09/12 23:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009/09/12 23:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2006/08/09 06:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npWebLaunch.dll
[2009/09/12 23:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/05/01 09:02:43 | 000,039,317 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.adorika.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.egdating.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 647 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\GatesofAndaron\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [Anvi AD Blocker] C:\Program Files (x86)\Anvisoft\Anvi AD Blocker\ADBlockerTray.exe (Anvisoft)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [ScrewDrivers RDP Plugin] C:\Program Files (x86)\triCerat\Simplify Printing\ScrewDrivers Client v4\install_rdp.exe ()
O4 - HKCU..\Run: [VirtualDub.org] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE92507-B466-474D-9E8F-F4A5EC774184}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D8B5987-8491-4898-9A1B-88C11ECF028C}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\symres - No CLSID value found
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Security Suite\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gary\Desktop\Photos\Cactus\Cactus Background-1.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/07 15:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/07 15:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/07 15:44:36 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/07 15:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/07 15:43:57 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/07 15:43:57 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/07 15:43:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/07 15:19:35 | 000,921,512 | ---- | C] (Oracle Corporation) -- C:\Users\Gary\Desktop\jxpiinstall.exe
[2014/05/07 09:07:30 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/07 08:19:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/06 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\DropboxMaster
[2014/05/05 11:36:38 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/01 09:54:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2014/05/01 09:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2014/05/01 09:21:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2014/05/01 09:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/05/01 08:57:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/04/30 21:04:38 | 010,971,424 | ---- | C] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 21:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/04/30 20:22:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/30 20:22:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Gary\Desktop\JRT_NEW.exe
[2014/04/30 20:06:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/30 18:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/04/30 13:19:52 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/04/30 13:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSR
[2014/04/30 13:18:35 | 000,000,000 | ---D | C] -- C:\Users\Gary\AppData\Roaming\Wise
[2014/04/23 08:53:59 | 000,000,000 | ---D | C] -- C:\Users\Gary\Desktop\p90x3
[2014/04/09 08:57:58 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/04/09 08:57:58 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/04/09 08:57:56 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/09 08:57:56 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/04/09 08:57:56 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/09 08:57:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/04/09 08:57:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/04/09 08:57:56 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/09 08:57:56 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/04/09 08:57:56 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/09 08:57:56 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/04/09 08:57:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/04/09 08:57:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\corpol.dll
[2014/04/09 08:57:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\corpol.dll
[2014/04/09 08:57:55 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/09 08:57:52 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/09 08:31:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/09 08:24:45 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/09 08:21:36 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 08:21:36 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 08:21:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/08 18:18:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/08 15:49:30 | 000,036,352 | ---- | M] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/05/08 15:49:28 | 1685,016,590 | ---- | M] () -- C:\Users\Gary\Desktop\Riddick.2013.DVDRip.x264.AC3-EVO.avi
[2014/05/08 11:45:51 | 000,117,127 | ---- | M] () -- C:\Users\Gary\Desktop\Request_12043555_Archival.pdf
[2014/05/07 16:03:10 | 004,143,997 | ---- | M] () -- C:\Users\Gary\Desktop\tdsskiller.zip
[2014/05/07 15:47:56 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/05/07 15:43:18 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/05/07 15:43:10 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/05/07 15:43:10 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/05/07 15:43:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/05/07 15:25:38 | 000,000,975 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/05/07 15:19:36 | 000,921,512 | ---- | M] (Oracle Corporation) -- C:\Users\Gary\Desktop\jxpiinstall.exe
[2014/05/07 12:03:50 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/05/07 09:06:35 | 001,310,621 | ---- | M] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 10:19:03 | 000,000,957 | ---- | M] () -- C:\Users\Gary\Desktop\Dropbox.lnk
[2014/05/06 09:24:55 | 000,000,570 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | M] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:52 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Gary\Desktop\aswMBR.exe
[2014/05/05 11:36:15 | 000,854,355 | ---- | M] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:19:07 | 837,171,865 | ---- | M] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:24:17 | 733,867,381 | ---- | M] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:31:48 | 1479,689,302 | ---- | M] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:06 | 000,239,107 | ---- | M] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:36 | 001,611,202 | ---- | M] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:54:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gary\Desktop\OTL.exe
[2014/05/01 09:37:40 | 000,002,051 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:21:45 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:19:14 | 006,369,640 | ---- | M] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/01 09:02:43 | 000,039,317 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/30 21:29:12 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/30 21:05:09 | 010,971,424 | ---- | M] (SurfRight B.V.) -- C:\Users\Gary\Desktop\HitmanPro_x64.exe
[2014/04/30 13:25:27 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/30 13:25:26 | 000,000,914 | ---- | M] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/30 08:38:23 | 1502,076,584 | ---- | M] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 16:58:02 | 000,000,450 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Gary.job
[2014/04/29 13:31:15 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 13:31:14 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/29 08:11:23 | 1467,971,725 | ---- | M] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:55:02 | 967,586,375 | ---- | M] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:42 | 006,195,323 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:13 | 003,000,315 | ---- | M] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/16 10:52:03 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGary.job
[2014/04/13 15:22:17 | 851,125,388 | ---- | M] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:39 | 000,222,166 | ---- | M] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:41:09 | 837,117,006 | ---- | M] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:18:06 | 002,290,165 | ---- | M] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:44 | 002,024,146 | ---- | M] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | M] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[1 C:\Users\Gary\*.tmp files -> C:\Users\Gary\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/08 11:45:51 | 000,117,127 | ---- | C] () -- C:\Users\Gary\Desktop\Request_12043555_Archival.pdf
[2014/05/07 15:57:39 | 004,143,997 | ---- | C] () -- C:\Users\Gary\Desktop\tdsskiller.zip
[2014/05/07 15:47:56 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/05/07 15:47:55 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/05/07 09:06:32 | 001,310,621 | ---- | C] () -- C:\Users\Gary\Desktop\adwcleaner.exe
[2014/05/06 09:24:55 | 000,000,570 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.zip
[2014/05/06 09:21:36 | 000,000,512 | ---- | C] () -- C:\Users\Gary\Desktop\MBR.dat
[2014/05/05 11:36:12 | 000,854,355 | ---- | C] () -- C:\Users\Gary\Desktop\SecurityCheck.exe
[2014/05/03 09:03:53 | 837,171,865 | ---- | C] () -- C:\Users\Gary\Desktop\pmpeiibd72.mkv
[2014/05/02 08:11:27 | 733,867,381 | ---- | C] () -- C:\Users\Gary\Desktop\The Lego Movie 2014 WEBRip Upscaled 720p x264 AAC-HeartAttack.mp4
[2014/05/01 19:01:58 | 1479,689,302 | ---- | C] () -- C:\Users\Gary\Desktop\monmen72-hbs.mp4
[2014/05/01 15:59:05 | 000,239,107 | ---- | C] () -- C:\Users\Gary\Desktop\print.xps
[2014/05/01 15:30:33 | 001,611,202 | ---- | C] () -- C:\Users\Gary\Desktop\PrincipalDownload.pdf
[2014/05/01 09:21:45 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Anvi AD Blocker.lnk
[2014/05/01 09:21:44 | 000,019,280 | ---- | C] () -- C:\Windows\SysNative\drivers\asdnet.sys
[2014/05/01 09:19:08 | 006,369,640 | ---- | C] () -- C:\Users\Gary\Desktop\adblocker_setup.exe
[2014/05/01 09:10:57 | 000,002,051 | ---- | C] () -- C:\Users\Gary\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/01 09:10:57 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/30 21:29:12 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/04/30 21:27:02 | 000,003,866 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/04/30 13:19:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/30 08:27:39 | 1502,076,584 | ---- | C] () -- C:\Users\Gary\Desktop\The_Lego_Movie_2014_Webrip_x264_AC3_TiTAN.mkv
[2014/04/29 08:01:21 | 1467,971,725 | ---- | C] () -- C:\Users\Gary\Desktop\rbocpweb72-hbs.mp4
[2014/04/25 07:48:18 | 967,586,375 | ---- | C] () -- C:\Users\Gary\Desktop\300.roae.2014.hdrip.x264-hbs.mp4
[2014/04/20 19:20:41 | 006,195,323 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.rtf
[2014/04/20 11:03:10 | 003,000,315 | ---- | C] () -- C:\Users\Gary\Desktop\P90X3_Worksheets_Hres.pdf
[2014/04/13 14:20:20 | 851,125,388 | ---- | C] () -- C:\Users\Gary\Desktop\Zulu.2013.720p.BluRay.x264.YIFY.mp4
[2014/04/13 08:14:37 | 000,222,166 | ---- | C] () -- C:\Users\Gary\Desktop\401k unenroll.xps
[2014/04/11 15:33:54 | 837,117,006 | ---- | C] () -- C:\Users\Gary\Desktop\joeweb72-G.mkv
[2014/04/10 12:12:20 | 002,290,165 | ---- | C] () -- C:\Users\Gary\Desktop\2.jpg
[2014/04/10 12:11:42 | 002,024,146 | ---- | C] () -- C:\Users\Gary\Desktop\1.jpg
[2014/04/09 19:42:49 | 000,394,339 | ---- | C] () -- C:\Users\Gary\Desktop\OF306- 2011 version-1111.pdf
[2014/03/30 09:41:21 | 000,000,732 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps64.dat
[2014/02/18 19:15:33 | 000,012,005 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\alsoft.ini
[2012/07/15 09:49:45 | 000,000,680 | ---- | C] () -- C:\Users\Gary\AppData\Local\d3d9caps.dat
[2011/12/13 09:20:01 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE3.dat
[2011/12/13 09:13:07 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE2.dat
[2011/12/12 23:41:34 | 000,000,044 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE1.dat
[2011/12/12 21:29:01 | 000,000,043 | ---- | C] () -- C:\Users\Gary\jagex_cl_runescape_LIVE.dat
[2011/12/12 21:29:01 | 000,000,024 | ---- | C] () -- C:\Users\Gary\random.dat
[2011/05/23 08:44:15 | 000,000,000 | ---- | C] () -- C:\Users\Gary\AppData\Roaming\wklnhst.dat
[2011/05/18 17:47:00 | 000,001,940 | ---- | C] () -- C:\Users\Gary\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/08 07:55:03 | 000,000,092 | ---- | C] () -- C:\Users\Gary\AppData\Local\fusioncache.dat
[2010/03/21 21:09:21 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/21 20:58:31 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/03/18 17:07:28 | 000,036,352 | ---- | C] () -- C:\Users\Gary\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
"ThreadingModel" = Apartment
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\tehhobtextd72.mkv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\Riddick.2013.DVDRip.x264.AC3-EVO.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Gary\Desktop\escpepln72-G.mkv:TOC.WMV
@Alternate Data Stream - 453 bytes -> C:\Users\Gary\Desktop\2-5.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-4.jpg:com.dropbox.attributes
@Alternate Data Stream - 449 bytes -> C:\Users\Gary\Desktop\2-1.jpg:com.dropbox.attributes
@Alternate Data Stream - 448 bytes -> C:\Users\Gary\Desktop\2-2.jpg:com.dropbox.attributes
@Alternate Data Stream - 446 bytes -> C:\Users\Gary\Desktop\2-3.jpg:com.dropbox.attributes
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:B2AA1B61

< End of report >
 


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users