Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Sudden crawl with Internet and Applications

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Sudden crawl with Internet and Applications

Unread postby jwvista » August 7th, 2012, 10:16 pm

Past week has been painful with sudden slowdown of programs. Windows in Chrome have to reload, look different, and a lot of programs read 'Not Responding'. Simple things like Word start up seems to churn, like something is running under the hood of the system. Outlook sometimes randomly pops open a blank email with a random address of someone I maybe wrote awhile ago. Have Norton running and am generally careful about downloading programs. Temp files and restore points, etc. are cleared. Very strange. Hope you can help.

Thanks for taking alook. I'm cool with uninstalling something if needed it's due for a reformat anyway I was just hoping not to have to right now.

DDS/Attach files:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Amy at 18:43:32 on 2012-08-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5859 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Dwm.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Program Files (x86)\AirPort\APAgent.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: &Accessibility Toolbar: {11352a67-0178-46b1-8855-d50b2f81c054} - C:\PROGRA~2\WAT_EN\ACCESS~1.DLL
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge]
uRun: [Google Update] "C:\Users\Amy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Akamai NetSession Interface] "C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe"
uRun: [Xmarks] C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe -q
uRun: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
uRun: [GBMPro9Agent] C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
mRun: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Amy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OUTLOO~1.LNK - C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C2B78FF1-6E5A-4854-AC24-E09A0E2411BA} - hxxp://static1.meetupstatic.com/applet/ ... 200909.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.co ... 4.24.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 10.0.1.1
TCP: Interfaces\{7BCA191B-162D-4E55-AD59-E338696EE5A0} : DhcpNameServer = 10.0.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB-X64: &Accessibility Toolbar: {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~2\WAT_EN\ACCESS~1.DLL
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [AirPort Base Station Agent] "C:\Program Files (x86)\AirPort\APAgent.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
IE-X64: {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\
FF - prefs.js: browser.search.selectedEngine - Search-Results
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com
FF - prefs.js: keyword.URL - hxxp://websearch.search-results.com/red ... 001YYUS&q=
FF - component: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\components\Contribute.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Amy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Amy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120803.001\BHDrvx64.sys [2012-8-6 1161376]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120807.001\IDSviA64.sys [2012-8-6 509088]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe [2012-5-17 138232]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-2 2253120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-17 450848]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-7-24 118272]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-2 138912]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
R3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-6 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-28 250056]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 glideusb;GlidePoint USB Touchpad Filter;C:\Windows\system32\DRIVERS\glideusb.sys --> C:\Windows\system32\DRIVERS\glideusb.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-6 136176]
S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-26 129976]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2012-08-08 01:41:30 -------- d-----w- C:\Program Files (x86)\3CXPhone
2012-08-06 15:21:46 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2012-07-30 16:07:55 -------- d-----w- C:\Users\Amy\AppData\Local\3CX VoIP Phone
2012-07-30 15:54:05 -------- d-----w- C:\Users\Amy\AppData\Roaming\Spark
2012-07-30 15:53:45 -------- d-----w- C:\Program Files (x86)\Spark
2012-07-30 03:21:23 -------- d-----w- C:\Program Files\Core Temp
2012-07-30 02:31:56 -------- d-----w- C:\Users\Amy\AppData\Roaming\JAM Software
2012-07-30 02:31:54 -------- d-----w- C:\Program Files (x86)\JAM Software
2012-07-29 03:09:59 -------- d-----w- C:\Program Files\Common Files\MAPILab Ltd
2012-07-29 02:48:41 -------- d-----w- C:\Users\Amy\AppData\Roaming\4Team
2012-07-29 02:46:18 101888 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL
2012-07-29 02:46:17 209608 ----a-w- C:\Windows\SysWow64\Tabctl32.ocx
2012-07-29 02:46:17 1081616 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-07-20 22:12:05 -------- d-----w- C:\ProgramData\DesktopServer
2012-07-20 22:11:04 -------- d-----w- C:\xampplite
2012-07-19 20:48:08 -------- d-----w- C:\Users\Amy\AppData\Roaming\Sublime Text 2
2012-07-19 20:47:57 -------- d-----w- C:\Program Files\Sublime Text 2
2012-07-17 20:59:27 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-17 20:59:02 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-17 20:01:06 -------- d-----w- C:\Program Files\Genie9
2012-07-16 10:32:16 -------- d-----w- C:\Users\Amy\AppData\Local\Modulus
2012-07-16 10:27:32 -------- d-----w- C:\Users\Amy\AppData\Roaming\ca.spartanPrograms.codeBank.6BD92E568CB40635FEFD3EA1C997F4D0AB4D1A2F.1
2012-07-16 10:27:20 -------- d-----w- C:\Program Files (x86)\Code Bank
2012-07-11 10:08:11 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 09:08:25 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-10 04:48:42 -------- d-----w- C:\Users\Amy\.codeintel
.
==================== Find3M ====================
.
2012-08-03 15:36:09 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-03 15:36:09 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-13 20:56:05 60304 ----a-w- C:\Users\Amy\g2mdlhlpx.exe
2012-07-06 05:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 18:44:22.97 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/21/2010 3:42:33 PM
System Uptime: 8/7/2012 6:32:41 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0FM586
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 596 GiB total, 342.447 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (FAT32) - 931 GiB total, 425.934 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
==== System Restore Points ===================
.
RP372: 7/30/2012 9:06:26 AM - Installed 3CXPhone
RP373: 8/6/2012 5:34:36 PM - Scheduled Checkpoint
RP374: 8/7/2012 6:41:04 PM - Installed 3CXPhone
.
==== Installed Programs ======================
.
.
3CXPhone
64 bit Windows Card Reader Driver
Acrobat.com
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.5.1 - CPSID_83708
Adobe AIR
Adobe Color Video Profiles CS CS4
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5 Web Premium
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Adobe Widget Browser
AdobeColorCommonSetRGB
AirPort
Akamai NetSession Interface
Akamai NetSession Interface Service
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Aptana Studio 3
AVS Audio Converter version 6.2
AVS Audio Converter version 6.3
AVS Audio Editor version 6.1
AVS Audio Recorder version 3.9
AVS Cover Editor 2.0.1.3
AVS Disc Creator version 4.1
AVS DVD Authoring
AVS DVD Copy version 4.1.2
AVS Image Converter 1.3.3.146
AVS Photo Editor
AVS Ringtone Maker version 1.6
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS Video Editor 6
AVS Video Recorder 2.4
AVS Video ReMaker 3.1.2.102
AVS4YOU Software Navigator 1.4
Axure RP Pro 6.5
BufferChm
Business Plan Pro 15th Anniversary Edition
C4700
CameraHelperMsi
Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide
ColorSchemer Studio 2
CompanionLink
D3DX10
Data Lifeguard Diagnostic for Windows
dBpoweramp CD Writer
dBpoweramp DSP Effects
dBpoweramp m4a Codec
dBpoweramp m4a Nero AAC Encoder
dBpoweramp Music Converter
Destinations
DeviceDiscovery
Digital Line Detect
DisplayFusion 4.0.1
Dropbox
erLT
Facebook Plug-In
Family Tree Maker 2012
FileZilla Client 3.5.3
Google Chrome
Google Talk Plugin
Google Update Helper
GoToMeeting 5.2.0.952
GPBaseService2
Hewlett-Packard ACLM.NET v1.1.0.0
HP Product Detection
HP Update
HPDiagnosticAlert
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
HTML-Kit 292
iSEEK AnswerWorks English Runtime
jAlbum
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 5
JavaFX 2.1.1
Jing
Junk Mail filter update
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Live Meeting 2007
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Store Download Manager
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster Download Manager
NetWaiting
Norton Internet Security
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
PayPal Payment Request Wizard For Outlook
PS_AIO_06_C4700_SW_Min
Quicken 2010
Quicken 2012
Quicken WillMaker Plus 2012
QuickTime
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Skype™ 5.9
SmartWebPrinting
SolutionCenter
Spark 2.6.3.12555
Status
swMSM
Symantec Technical Support Web Controls
System Requirements Lab for Intel
Tag&Rename 3.5.7
TagCreator for Windows Live Writer
Toolbox
TrayApp
TreeSize Free V2.7
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Web Accessibility Toolbar Uninstall
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
WPF Toolkit February 2010 (Version 3.5.50211.1)
Xmarks for IE
.
==== Event Viewer Messages From Past Week ========
.
8/7/2012 5:02:11 PM, Error: Service Control Manager [7034] - The wampmysqld service terminated unexpectedly. It has done this 1 time(s).
8/7/2012 4:23:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
8/6/2012 8:27:24 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/2/2012 10:00:10 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/1/2012 4:11:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
7/31/2012 8:42:13 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
.
==== End Of File ===========================
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm
Advertisement
Register to Remove

Re: Sudden crawl with Internet and Applications

Unread postby Alander » August 9th, 2012, 2:48 pm

Hello, I Am Alander :)

I would be glad to take a look at your log and help you with solving any malware problems.

DDS logs can take a while to research so please be patient while I work on your log and I will post back here with any recommendations.

As I am still training, everything that I post to you, must be checked by an Admin or Moderator.

Thus, there may be a tiny bit of a delay between posts. While it shouldn't be too long, you can be assured you will get the best possible advice.


  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Sudden crawl with Internet and Applications

Unread postby Alander » August 9th, 2012, 2:48 pm

Hello, I Am Alander :)

I would be glad to take a look at your log and help you with solving any malware problems.

DDS logs can take a while to research so please be patient while I work on your log and I will post back here with any recommendations.

As I am still training, everything that I post to you, must be checked by an Admin or Moderator.

Thus, there may be a tiny bit of a delay between posts. While it shouldn't be too long, you can be assured you will get the best possible advice.


  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 9th, 2012, 8:44 pm

Awesome Alander, thanks for taking a look. I will wait to hear next steps from you.
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby Alander » August 10th, 2012, 1:15 pm

Hi :)

Is this machine used for any kind of business activity? I need to know to give the appropriate instructions.
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 10th, 2012, 5:04 pm

Hi Alander, thanks for the help. No its a personal computer.
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby Alander » August 11th, 2012, 1:10 pm

Hi,
May I know why you have
Axure RP Pro 6.5
Business Plan Pro 15th Anniversary Edition
Intuit components

installed on your computer?
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 12th, 2012, 10:26 am

I take community college classes as a hobby to keep the noodle running and they were helpful programs.
Last edited by jwvista on August 12th, 2012, 10:33 am, edited 1 time in total.
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 12th, 2012, 10:28 am

The class is finished if thats the issue i can uninstall them.
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby Alander » August 13th, 2012, 4:51 am

Step 1
Please download OTL by Old Timer and save it to your Desktop.

  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Step 2
TDSSKiller

Please download TDSSKiller.exe and save it to your Desktop.
  • Right click on TDSSKiller.exe And select Run as administrator to run it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Step 3.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. OTL.txt and extras.txt
  3. TDSSKiller Log
Thanks
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 15th, 2012, 10:14 pm

Thanks again for the help. No issues running any of the requests
--------------------------
OTL

OTL logfile created on: 8/15/2012 6:09:13 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Amy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.30 Gb Available Physical Memory | 66.27% Memory free
15.99 Gb Paging File | 13.16 Gb Available in Paging File | 82.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.12 Gb Total Space | 340.16 Gb Free Space | 57.06% Space Free | Partition Type: NTFS
Drive I: | 931.28 Gb Total Space | 370.60 Gb Free Space | 39.79% Space Free | Partition Type: FAT32

Computer Name: AMY-PC | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/15 13:40:48 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
PRC - [2012/06/15 19:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe
PRC - [2012/05/31 11:37:24 | 000,550,872 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
PRC - [2012/05/26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/26 09:00:48 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2012/03/07 15:33:00 | 001,122,848 | ---- | M] (Xmarks.com) -- C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe
PRC - [2012/01/17 23:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/15 01:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/11/11 16:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2007/09/06 20:20:26 | 000,888,987 | ---- | M] (A-1 Technology, Inc.) -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/13 21:30:59 | 000,442,392 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012/08/13 21:30:58 | 012,235,288 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
MOD - [2012/08/13 21:30:57 | 003,997,720 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012/08/13 21:29:41 | 000,526,872 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\libglesv2.dll
MOD - [2012/08/13 21:29:39 | 000,104,984 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\libegl.dll
MOD - [2012/08/13 21:29:28 | 000,144,424 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012/08/13 21:29:27 | 000,266,792 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012/08/13 21:29:26 | 002,480,680 | ---- | M] () -- C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012/06/14 03:38:14 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:38:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 03:36:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:35:07 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/01/08 06:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/11 15:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 13:20:56 | 000,053,784 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\UMVPLMutePS.dll
MOD - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/02 00:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/02 00:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/02 00:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/02 00:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/02 00:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009/02/27 16:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009/02/27 16:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2007/09/01 04:47:52 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OELogger.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/01/26 22:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/07/24 16:22:40 | 000,118,272 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2012/08/14 20:36:19 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/10 12:02:13 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/15 19:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/02 14:34:57 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/05/26 18:10:38 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/17 23:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/15 01:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/05 19:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 19:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 21:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 18:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/17 19:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 18:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/22 23:26:34 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/17 23:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUVC64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/17 23:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/08/10 16:40:58 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/25 19:18:35 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/07 16:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 22:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/17 05:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/09/23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (VST64_DPV)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2009/06/10 14:01:11 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTBS26.SYS -- (VST64HWBS2)
DRV:64bit: - [2009/06/10 13:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1e6032e.sys -- (e1express)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/09 09:37:31 | 000,099,240 | ---- | M] (Cirque Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\glideusb.sys -- (glideusb)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/01/18 14:10:30 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/08/15 12:10:50 | 002,068,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120815.002\ex64.sys -- (NAVEX15)
DRV - [2012/08/15 12:10:50 | 000,120,440 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120815.002\eng64.sys -- (NAVENG)
DRV - [2012/08/11 16:35:34 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 17:25:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/09 06:09:48 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/06/14 11:39:24 | 000,509,088 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120814.005\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 3C 45 5A 00 9B CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {89654729-691F-453F-8066-1A1658F7C496}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{112A7E09-6595-D1C3-2C4E-CDFD9E56B66C}: "URL" = http://bing.zugo.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Bing&cfg=2-76-0-Vuzk
IE - HKCU\..\SearchScopes\{89654729-691F-453F-8066-1A1658F7C496}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Search-Results"
FF - prefs.js..browser.search.defaultenginename: "Search-Results"
FF - prefs.js..browser.search.order.1: "Search-Results"
FF - prefs.js..browser.search.selectedEngine: "Search-Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3
FF - prefs.js..extensions.enabledItems: pencil@evolus.vn:1.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:4.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.88.2
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2012.2.0.2
FF - prefs.js..keyword.URL: "http://websearch.search-results.com/redirect?client=ff&src=kw&tb=GET-SRS&o=16705&locale=en_US&apn_uid=BC0732BA-0C13-4A83-BE1A-D0691A1A18B0&apn_ptnrs=2R&apn_sauid=E182472A-6B34-429D-8F31-16B5150D7B56&apn_dtid=get001YYUS&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Amy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Amy\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Amy\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/06 08:23:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/02/17 20:34:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/02/02 17:34:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/08/15 03:24:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/10 19:33:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/17 13:59:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/08/06 08:23:54 | 000,000,000 | ---D | M]

[2011/02/21 15:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amy\AppData\Roaming\Mozilla\Extensions
[2011/02/21 15:19:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amy\AppData\Roaming\Mozilla\Extensions\pencil@evolus.vn
[2012/07/07 17:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\extensions
[2012/07/07 17:56:42 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012/01/12 18:38:12 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\extensions\foxmarks@kei.com
[2012/04/20 20:28:01 | 000,000,000 | ---D | M] (Screen Capture Elite) -- C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\extensions\screencaptureelite@plugin
[2010/06/16 17:05:15 | 000,001,836 | ---- | M] () -- C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\837srqpn.default\searchplugins\bing-ff.xml
[2012/05/26 18:10:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/31 20:59:18 | 000,023,443 | ---- | M] () (No name found) -- C:\USERS\AMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\837SRQPN.DEFAULT\EXTENSIONS\{68836A21-FC7D-4EA1-A065-7EFABD99D414}.XPI
[2012/03/31 21:09:20 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\AMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\837SRQPN.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012/05/24 19:06:53 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\AMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\837SRQPN.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/03/23 13:39:41 | 000,197,358 | ---- | M] () (No name found) -- C:\USERS\AMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\837SRQPN.DEFAULT\EXTENSIONS\YSLOW@YAHOO-INC.COM.XPI
[2012/05/26 18:10:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/03/27 19:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
[2012/03/15 17:31:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/15 17:31:55 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/ig
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Amy\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.4_0\plugins/screen_capture.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Adobe Contribute CS5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Amy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Amy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.22_0\.bak
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.3.7_0\
CHR - Extension: Web Developer = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm\0.4.1_0\
CHR - Extension: ColorZilla = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp\0.5.2_0\
CHR - Extension: YouTube = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Google Search = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Pendule = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkffbkamcejhkcaocmkdeiiccpmjfdi\1.0.0_0\
CHR - Extension: Pastebin.com = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghipmampnddcpdlppkkamoankmkmcbmh\2.4_0\
CHR - Extension: bitly | \u2665 your bitmarks = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.15_0\
CHR - Extension: Toggl = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idlodjlnhgndgamohpahdopfchaepgfl\1_0\
CHR - Extension: ShiftEdit = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij\1.35_0\
CHR - Extension: Norton Identity Protection = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: YSlow = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh\3.1.2_0\
CHR - Extension: Buffer = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh\2.2.22_0\
CHR - Extension: Stylebot = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha\1.6_0\
CHR - Extension: Gmail = C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/13 16:21:28 | 000,000,967 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.devcamp0511.dev
O1 - Hosts: 127.0.0.1 www.devcamp05112.dev
O1 - Hosts: 127.0.0.1 www.reneedavenport.dev
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files (x86)\WAT_EN\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files (x86)\WAT_EN\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [GBMPro9Agent] C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe (Genie-soft)
O4 - HKCU..\Run: [Xmarks] C:\Program Files (x86)\Xmarks\IE Extension\xmarkssync.exe (Xmarks.com)
O4 - Startup: C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {C2B78FF1-6E5A-4854-AC24-E09A0E2411BA} http://static1.meetupstatic.com/applet/ ... 200909.cab (MeetUploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 4.24.0.cab (SysInfo Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BCA191B-162D-4E55-AD59-E338696EE5A0}: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/15 15:11:36 | 000,000,052 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/04/28 09:27:06 | 000,000,000 | ---D | M] - I:\autorun -- [ FAT32 ]
O33 - MountPoints2\{2fb2633f-1737-11df-aa2e-00219b044701}\Shell - "" = AutoRun
O33 - MountPoints2\{2fb2633f-1737-11df-aa2e-00219b044701}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/15 13:40:51 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2012/08/11 11:25:00 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\moving
[2012/08/11 08:43:20 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\couches
[2012/08/09 18:11:52 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\themeforest-164366-alyeska-responsive-wordpress-theme
[2012/08/09 06:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeBuilder 2011
[2012/08/09 06:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WeBuilder 2011
[2012/08/09 06:55:02 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Blumentals
[2012/08/08 16:40:21 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\wp-content
[2012/08/08 16:40:15 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\daitg
[2012/08/07 18:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3CXPhone
[2012/08/07 18:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3CX Phone
[2012/08/06 08:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/08/06 08:21:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012/08/01 06:47:43 | 000,000,000 | ---D | C] -- C:\Users\Amy\Documents\GreenGeeks
[2012/07/30 09:07:55 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Local\3CX VoIP Phone
[2012/07/30 08:54:05 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Spark
[2012/07/30 08:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spark
[2012/07/30 08:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spark
[2012/07/29 20:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2012/07/29 20:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2012/07/29 19:31:56 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\JAM Software
[2012/07/29 19:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
[2012/07/29 19:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JAM Software
[2012/07/28 20:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAPILab Ltd
[2012/07/28 20:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAPILab
[2012/07/28 19:48:41 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\4Team
[2012/07/28 16:19:54 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\PasteBins
[2012/07/20 15:12:16 | 000,000,000 | ---D | C] -- C:\Users\Amy\Documents\Websites
[2012/07/20 15:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DesktopServer
[2012/07/20 15:11:38 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DesktopServer
[2012/07/20 15:11:04 | 000,000,000 | ---D | C] -- C:\xampplite
[2012/07/20 14:42:48 | 000,000,000 | ---D | C] -- C:\Users\Amy\Desktop\BBBups
[2012/07/19 13:48:08 | 000,000,000 | ---D | C] -- C:\Users\Amy\AppData\Roaming\Sublime Text 2
[2012/07/19 13:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 2
[2012/07/17 14:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/17 13:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/17 13:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/07/17 13:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genie9
[2012/07/17 13:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Genie9
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/15 17:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/15 17:29:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1318609676-3269229932-3239810256-1000UA.job
[2012/08/15 17:28:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/15 13:40:48 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Amy\Desktop\OTL.exe
[2012/08/15 12:10:50 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\VT20120731.038
[2012/08/15 03:34:29 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 03:34:29 | 000,009,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 03:24:52 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/15 03:24:33 | 000,002,501 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/15 03:24:25 | 005,047,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 03:24:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 03:23:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012/08/15 03:23:49 | 001,984,072 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/08/15 03:23:31 | 2146,045,951 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/15 03:21:23 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\GBM - Amy's Backup-Full.job
[2012/08/14 23:29:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1318609676-3269229932-3239810256-1000Core.job
[2012/08/14 08:12:33 | 000,000,079 | ---- | M] () -- C:\Users\Amy\Desktop\Casita.url
[2012/08/13 16:21:28 | 000,000,967 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/13 11:20:28 | 000,466,514 | ---- | M] () -- C:\Users\Amy\Desktop\AmyLondonRentalApplication.pdf
[2012/08/13 11:09:27 | 001,243,891 | ---- | M] () -- C:\Users\Amy\Desktop\scan0002.pdf
[2012/08/12 09:32:32 | 000,000,132 | ---- | M] () -- C:\Users\Amy\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/08/11 09:28:57 | 000,000,079 | ---- | M] () -- C:\Users\Amy\Desktop\Large Vintage Remodeled Charmer Creative-Arts District Central AC.url
[2012/08/11 07:48:50 | 000,349,513 | ---- | M] () -- C:\Users\Amy\Desktop\photo.jpg
[2012/08/10 17:04:56 | 000,000,079 | ---- | M] () -- C:\Users\Amy\Desktop\Central Phoenix Downtown Historic 2BD. IMMEDIATE Move IN.url
[2012/08/10 14:36:34 | 000,020,280 | ---- | M] () -- C:\Users\Amy\Desktop\5Nc5Gd5H13G83Fc3L6c89c339661194e41d07.jpg
[2012/08/10 08:10:56 | 049,933,609 | ---- | M] () -- C:\Users\Amy\Desktop\design1pdf.zip
[2012/08/09 22:28:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\isolate.ini
[2012/08/09 18:09:23 | 024,107,719 | ---- | M] () -- C:\Users\Amy\Desktop\themeforest-164366-alyeska-responsive-wordpress-theme.zip
[2012/08/09 06:55:04 | 000,000,970 | ---- | M] () -- C:\Users\Amy\Desktop\WeBuilder 2011.lnk
[2012/08/08 17:41:04 | 000,055,568 | ---- | M] () -- C:\Users\Amy\Desktop\Futura Medium Condensed BT.ttf
[2012/08/08 17:38:46 | 000,045,052 | ---- | M] () -- C:\Users\Amy\Desktop\FUTURAMC.TTF
[2012/08/08 16:46:40 | 000,023,069 | ---- | M] () -- C:\Users\Amy\Desktop\Unabletolocate.JPG
[2012/08/08 16:41:25 | 003,644,371 | ---- | M] () -- C:\Users\Amy\Desktop\daitg.zip
[2012/08/08 08:17:52 | 023,706,900 | ---- | M] () -- C:\Users\Amy\Desktop\html2.epub
[2012/08/08 08:17:44 | 026,807,192 | ---- | M] () -- C:\Users\Amy\Desktop\html2pdf.zip
[2012/08/08 08:17:29 | 009,088,040 | ---- | M] () -- C:\Users\Amy\Desktop\html2.mobi
[2012/08/07 20:45:47 | 000,000,119 | ---- | M] () -- C:\Users\Amy\Desktop\DownTown LA Apartments- LA Lofts - Apartments Rent Los Angeles.url
[2012/08/06 08:31:13 | 000,195,627 | ---- | M] () -- C:\Windows\hpoins43.dat
[2012/08/06 08:26:31 | 000,783,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/06 08:26:31 | 000,663,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/06 08:26:31 | 000,122,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/06 08:22:56 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/08/05 15:19:48 | 005,081,237 | ---- | M] () -- C:\Users\Amy\Desktop\WDC-August2012-BetaFinal.pdf
[2012/08/03 11:04:20 | 000,000,868 | ---- | M] () -- C:\Users\Amy\Desktop\Core Temp.lnk
[2012/08/03 11:04:20 | 000,000,854 | ---- | M] () -- C:\Users\Amy\Desktop\Sublime Text 2.lnk
[2012/07/31 12:38:08 | 000,000,120 | ---- | M] () -- C:\Users\Amy\Desktop\Student Login.url
[2012/07/29 20:51:28 | 000,001,760 | ---- | M] () -- C:\Users\Amy\Desktop\Client Sites ServerPress.lnk
[2012/07/29 20:48:18 | 000,000,429 | ---- | M] () -- C:\Users\Amy\Desktop\DesktopServer.lnk
[2012/07/29 20:22:04 | 000,000,412 | ---- | M] () -- C:\Users\Amy\AppData\Roaming\All CPU Meter_Settings.ini
[2012/07/29 10:55:30 | 000,000,111 | ---- | M] () -- C:\Users\Amy\Desktop\User Folders - Restore Default Location - Windows 7 Forums.url
[2012/07/28 16:51:01 | 000,002,227 | ---- | M] () -- C:\Users\Amy\Desktop\Plugins WP.lnk
[2012/07/28 16:50:20 | 000,002,279 | ---- | M] () -- C:\Users\Amy\Desktop\Lynda.com Exercise Files - Shortcut.lnk
[2012/07/28 16:49:08 | 000,001,443 | ---- | M] () -- C:\Users\Amy\Desktop\WebDesign.com PDFs - Shortcut.lnk
[2012/07/28 16:48:24 | 000,001,173 | ---- | M] () -- C:\Users\Amy\Desktop\Web Design Reads.lnk
[2012/07/23 00:38:45 | 000,000,048 | ---- | M] () -- C:\Users\Amy\Desktop\ThemeTrade - Unlimited Downloads for $10 Per Year.url
[2012/07/21 02:42:40 | 000,000,110 | ---- | M] () -- C:\Users\Amy\Desktop\WordPress - Foobar - WordPress Notification Bars - CodeCanyon.url
[2012/07/21 02:25:14 | 000,000,125 | ---- | M] () -- C:\Users\Amy\Desktop\Sugar Slider - Premium WordPress Slider Manager Preview - CodeCanyon.url
[2012/07/21 02:13:19 | 000,000,095 | ---- | M] () -- C:\Users\Amy\Desktop\WordPress - Post Type Column Editor - CodeCanyon.url
[2012/07/18 20:14:41 | 000,001,456 | ---- | M] () -- C:\Users\Amy\AppData\Local\Adobe Save for Web 12.0 Prefs
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/15 03:24:33 | 000,002,501 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/08/14 08:12:33 | 000,000,079 | ---- | C] () -- C:\Users\Amy\Desktop\Casita.url
[2012/08/13 11:17:37 | 000,466,514 | ---- | C] () -- C:\Users\Amy\Desktop\AmyLondonRentalApplication.pdf
[2012/08/13 11:09:27 | 001,243,891 | ---- | C] () -- C:\Users\Amy\Desktop\scan0002.pdf
[2012/08/11 09:28:57 | 000,000,079 | ---- | C] () -- C:\Users\Amy\Desktop\Large Vintage Remodeled Charmer Creative-Arts District Central AC.url
[2012/08/11 07:48:43 | 000,349,513 | ---- | C] () -- C:\Users\Amy\Desktop\photo.jpg
[2012/08/10 14:36:39 | 000,020,280 | ---- | C] () -- C:\Users\Amy\Desktop\5Nc5Gd5H13G83Fc3L6c89c339661194e41d07.jpg
[2012/08/10 08:10:09 | 049,933,609 | ---- | C] () -- C:\Users\Amy\Desktop\design1pdf.zip
[2012/08/10 07:10:15 | 000,000,079 | ---- | C] () -- C:\Users\Amy\Desktop\Central Phoenix Downtown Historic 2BD. IMMEDIATE Move IN.url
[2012/08/09 18:09:14 | 024,107,719 | ---- | C] () -- C:\Users\Amy\Desktop\themeforest-164366-alyeska-responsive-wordpress-theme.zip
[2012/08/09 06:55:04 | 000,000,970 | ---- | C] () -- C:\Users\Amy\Desktop\WeBuilder 2011.lnk
[2012/08/08 17:41:07 | 000,055,568 | ---- | C] () -- C:\Users\Amy\Desktop\Futura Medium Condensed BT.ttf
[2012/08/08 17:38:50 | 000,045,052 | ---- | C] () -- C:\Users\Amy\Desktop\FUTURAMC.TTF
[2012/08/08 16:46:40 | 000,023,069 | ---- | C] () -- C:\Users\Amy\Desktop\Unabletolocate.JPG
[2012/08/08 16:41:24 | 003,644,371 | ---- | C] () -- C:\Users\Amy\Desktop\daitg.zip
[2012/08/08 08:17:21 | 009,088,040 | ---- | C] () -- C:\Users\Amy\Desktop\html2.mobi
[2012/08/08 08:17:15 | 023,706,900 | ---- | C] () -- C:\Users\Amy\Desktop\html2.epub
[2012/08/08 08:17:08 | 026,807,192 | ---- | C] () -- C:\Users\Amy\Desktop\html2pdf.zip
[2012/08/07 20:45:47 | 000,000,119 | ---- | C] () -- C:\Users\Amy\Desktop\DownTown LA Apartments- LA Lofts - Apartments Rent Los Angeles.url
[2012/08/06 08:22:56 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/08/06 08:17:49 | 000,195,627 | ---- | C] () -- C:\Windows\hpoins43.dat
[2012/08/05 15:19:51 | 005,081,237 | ---- | C] () -- C:\Users\Amy\Desktop\WDC-August2012-BetaFinal.pdf
[2012/07/29 20:51:28 | 000,001,760 | ---- | C] () -- C:\Users\Amy\Desktop\Client Sites ServerPress.lnk
[2012/07/29 20:48:18 | 000,000,429 | ---- | C] () -- C:\Users\Amy\Desktop\DesktopServer.lnk
[2012/07/29 20:21:24 | 000,000,868 | ---- | C] () -- C:\Users\Amy\Desktop\Core Temp.lnk
[2012/07/29 10:55:30 | 000,000,111 | ---- | C] () -- C:\Users\Amy\Desktop\User Folders - Restore Default Location - Windows 7 Forums.url
[2012/07/23 00:38:45 | 000,000,048 | ---- | C] () -- C:\Users\Amy\Desktop\ThemeTrade - Unlimited Downloads for $10 Per Year.url
[2012/07/21 02:42:40 | 000,000,110 | ---- | C] () -- C:\Users\Amy\Desktop\WordPress - Foobar - WordPress Notification Bars - CodeCanyon.url
[2012/07/21 02:25:14 | 000,000,125 | ---- | C] () -- C:\Users\Amy\Desktop\Sugar Slider - Premium WordPress Slider Manager Preview - CodeCanyon.url
[2012/07/21 02:13:19 | 000,000,095 | ---- | C] () -- C:\Users\Amy\Desktop\WordPress - Post Type Column Editor - CodeCanyon.url
[2012/07/20 19:48:01 | 000,002,227 | ---- | C] () -- C:\Users\Amy\Desktop\Plugins WP.lnk
[2012/07/19 13:56:00 | 000,000,854 | ---- | C] () -- C:\Users\Amy\Desktop\Sublime Text 2.lnk
[2012/07/19 13:47:58 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
[2012/07/12 22:59:25 | 000,000,600 | ---- | C] () -- C:\Users\Amy\AppData\Local\PUTTY.RND
[2012/06/12 13:31:28 | 000,195,475 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2012/04/21 14:39:14 | 000,000,264 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\settings.set
[2012/04/19 00:22:42 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012/04/11 15:16:21 | 000,000,101 | ---- | C] () -- C:\Users\Amy\webphonecfgb.dat
[2012/04/06 01:30:46 | 000,204,720 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/21 20:43:40 | 000,000,614 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/17 23:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/17 23:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/17 23:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/10 12:56:55 | 000,003,627 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Nero AAC Encoder.dat
[2012/01/10 12:52:09 | 000,003,232 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp m4a Codec.dat
[2012/01/10 12:49:51 | 000,005,477 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp CD Writer.dat
[2012/01/10 12:44:14 | 000,013,082 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2012/01/10 12:44:10 | 000,017,950 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/12/27 15:19:21 | 000,024,109 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\UserTile.png
[2011/12/25 16:22:19 | 000,000,352 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Network Meter_Settings.ini
[2011/12/25 16:15:50 | 000,000,412 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\All CPU Meter_Settings.ini
[2011/12/23 20:58:12 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2011/12/23 11:42:31 | 002,427,882 | ---- | C] () -- C:\Users\Amy\AppData\Local\[j0008]-[p34].bmp
[2011/12/14 16:05:17 | 000,060,304 | ---- | C] () -- C:\Users\Amy\g2mdlhlpx.exe
[2011/11/28 17:45:25 | 000,004,096 | -H-- | C] () -- C:\Users\Amy\AppData\Local\keyfile3.drm
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/19 00:25:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/09 17:38:36 | 000,000,132 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/08/04 13:02:07 | 000,000,032 | RHS- | C] () -- C:\Users\Amy\AppData\Local\t60.dat
[2011/07/25 16:01:31 | 000,006,144 | ---- | C] () -- C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/20 11:00:08 | 000,000,132 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/04/02 00:13:15 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/27 09:29:59 | 000,001,456 | ---- | C] () -- C:\Users\Amy\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/03/27 02:28:47 | 000,000,132 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011/03/23 22:28:06 | 000,007,609 | ---- | C] () -- C:\Users\Amy\AppData\Local\resmon.resmoncfg
[2010/12/21 02:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/10/01 00:19:32 | 000,949,992 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2010/09/14 02:00:28 | 000,038,420 | ---- | C] () -- C:\Users\Amy\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/01/21 19:45:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== LOP Check ==========

[2012/07/28 19:48:41 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\4Team
[2010/05/13 12:59:18 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Auslogics
[2011/08/04 13:02:03 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Axure
[2012/08/09 06:55:02 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Blumentals
[2011/04/03 22:53:23 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\bppenu11
[2012/07/16 03:27:32 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\ca.spartanPrograms.codeBank.6BD92E568CB40635FEFD3EA1C997F4D0AB4D1A2F.1
[2011/02/22 13:43:39 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/04/14 00:41:54 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\CoffeeCup Software
[2011/05/30 01:16:49 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\ColorSchemer
[2011/08/21 12:49:41 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2011/12/23 00:12:19 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/03/14 20:35:36 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.adobe.kuler.Desktop.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/04/11 13:09:25 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/04 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012/03/09 21:07:14 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.socialbro.air
[2012/04/02 00:01:12 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\com.springbox.mobilizer
[2011/10/20 02:34:57 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\CompanionLink
[2012/01/10 12:53:38 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\dBpoweramp
[2012/08/13 07:54:47 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\DisplayFusion
[2012/08/15 03:26:48 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Dropbox
[2012/03/25 09:46:14 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Dropbox Folder Sync
[2012/02/01 12:26:08 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\e-academy Inc
[2010/03/10 02:04:23 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Facebook
[2012/03/21 17:38:01 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\FamilyTreeMaker
[2012/05/14 19:51:16 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\FileZilla
[2012/07/07 14:17:23 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Genie-Soft
[2012/01/26 19:39:58 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Genie9
[2012/04/23 09:19:57 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\invoiceSync
[2011/12/10 19:03:22 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\jAlbum
[2012/07/29 19:31:56 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\JAM Software
[2010/01/21 19:24:58 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Leadertech
[2011/08/04 13:28:54 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\MockFlow
[2012/01/10 11:44:29 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\No Company Name
[2012/03/31 21:18:02 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Nolo
[2012/08/07 16:38:23 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Notepad++
[2011/12/24 03:00:14 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2010/09/30 17:43:25 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Publish Providers
[2010/09/30 17:46:21 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Sony
[2012/07/30 13:05:35 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Spark
[2010/07/29 02:29:07 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/07/19 13:48:08 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Sublime Text 2
[2012/03/26 13:22:09 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\TechSmith
[2011/02/25 00:54:48 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/10/26 00:56:08 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Windows Live Writer
[2012/03/15 01:32:36 | 000,000,000 | ---D | M] -- C:\Users\Amy\AppData\Roaming\Yoono
[2012/08/15 03:21:23 | 000,000,398 | ---- | M] () -- C:\Windows\Tasks\GBM - Amy's Backup-Full.job
[2011/12/14 22:59:11 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:D287FACF
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9638A27E

< End of report >

---------------------------------
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 15th, 2012, 10:16 pm

EXTRAS
------------------------

OTL Extras logfile created on: 8/15/2012 6:09:13 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Amy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.30 Gb Available Physical Memory | 66.27% Memory free
15.99 Gb Paging File | 13.16 Gb Available in Paging File | 82.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.12 Gb Total Space | 340.16 Gb Free Space | 57.06% Space Free | Partition Type: NTFS
Drive I: | 931.28 Gb Total Space | 370.60 Gb Free Space | 39.79% Space Free | Partition Type: FAT32

Computer Name: AMY-PC | User Name: Amy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe (Adobe Systems, Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Sync with Dropbox] -- "C:\Program Files (x86)\Dropbox Folder Sync\Dropbox Folder Sync.exe" "%1" "sync" ()
Directory [UnSync with Dropbox] -- "C:\Program Files (x86)\Dropbox Folder Sync\Dropbox Folder Sync.exe" "%1" "unsync" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Sync with Dropbox] -- "C:\Program Files (x86)\Dropbox Folder Sync\Dropbox Folder Sync.exe" "%1" "sync" ()
Directory [UnSync with Dropbox] -- "C:\Program Files (x86)\Dropbox Folder Sync\Dropbox Folder Sync.exe" "%1" "unsync" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024B7D42-CFAF-4727-96E8-89D7F66F6A44}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{0716559A-5295-405A-840B-8BB95106CAF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{167DEB44-974B-48A4-83D3-2ADCF2DDBF46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{245C6030-06DB-4975-9739-BC78640E2432}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{267CEEF1-D923-4CE0-876C-F5CB46D6638F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{29FF73E1-40EC-4123-A526-6CEB1FA84713}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface |
"{2B8D7064-EA8E-4DE6-9387-C8FF1C42D95B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31D53361-F02E-462F-8481-FCA87E6052B1}" = lport=138 | protocol=17 | dir=in | app=system |
"{4CB6F7FC-C016-4FAD-9DAC-16F3B010E988}" = rport=139 | protocol=6 | dir=out | app=system |
"{59D8D8EA-4E46-480F-941D-4AC19E8EF198}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5C91E2F7-F8F2-4DE6-982F-DC664295878B}" = lport=49185 | protocol=6 | dir=in | name=akamai netsession interface |
"{63374272-2B0D-431A-A3BC-126AEB686AC9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6D9FD3B7-7BD4-40D4-AC94-C2AE5E04EBFE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{728B06A3-F512-4C70-A6E6-93E42497B37F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7A14C4EC-8BFE-4A04-85FB-457A69AF0B84}" = lport=445 | protocol=6 | dir=in | app=system |
"{7E31CC2B-BA99-496D-AC1E-488691336170}" = rport=10243 | protocol=6 | dir=out | app=system |
"{887B6E96-DBB8-42BF-8518-A0DDA066F60F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8DA73D67-F1F6-42B1-AA61-9757506A91AA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90B72BF6-A422-4E87-9441-E0ED6E34D6CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{933C2F26-A12E-417B-9F98-F36AC99E0451}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{94D5D8EF-F079-4EAF-B17D-789A12F7D9C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{969736D1-2E54-4F37-A2AB-69174EEFF975}" = lport=137 | protocol=17 | dir=in | app=system |
"{98F765BB-B95C-4957-A985-A8BCEBC3EA7D}" = lport=5353 | protocol=17 | dir=in | name=bonjour |
"{A31154B6-3E50-4B1D-91C3-C7A560692B10}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A8AE2010-EC10-4777-BFEA-46222791D4C5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A9D2ECC7-5094-49BD-93B8-32B96716C2DE}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{BB89BE94-24AC-455A-B409-D2E413F3E65D}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{BE2C9A33-C3DA-4913-B1BA-DEA6562070E6}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{C413B4D1-F1FF-4160-87D7-415979AFF9CB}" = rport=138 | protocol=17 | dir=out | app=system |
"{D8B76F20-94CB-4C87-B656-E1883B286A65}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{DE40A69E-6352-46E2-A040-0AF605038E28}" = rport=445 | protocol=6 | dir=out | app=system |
"{E573849A-2DE0-4FC1-8EEE-4AA018CFF4E2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E732677D-55B6-4989-BF2B-31F16C7D3447}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E790C90C-4F88-4DCE-B573-A950271AC2D7}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{EB0B4C64-588F-41F5-ADD1-E81DFBD6AF10}" = lport=49163 | protocol=6 | dir=in | name=akamai netsession interface |
"{ED87C8D2-9B6D-4FBF-8CD6-89EA6D51E306}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F78C42B4-5DE9-47E4-8898-82D6721FC9A5}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07784E3D-C7DB-435B-B5D7-40FC571D91AD}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{12C0E39D-0318-49B5-A57A-EA222F20C110}" = dir=in | app=d:\setup\hpznui40.exe |
"{15545B1C-43CE-4963-B778-7AB792FE05D2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{17C12E9B-A603-43F6-B456-C7C4F2EB5466}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A271F7F-CD57-48B2-9020-A7A2550797D9}" = protocol=6 | dir=in | app=c:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe |
"{1CF08E06-9E09-48D3-8EF1-EA3E5FD5E3D6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2365772E-E84D-4AC4-89B9-347FD5DCDC6E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{27B29E1E-1F7D-4898-B623-D9069BAF73C0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{27DFA007-1CCA-4B91-97F9-20D1EF3F0223}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{31A25030-BEE6-4975-9F96-3C2FEC86F089}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{373B199F-3033-4090-9A38-FA040CA454B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{39BE0B7B-AB75-47C7-9864-9EEB612AF5E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{3E2D96CA-88A1-46B7-AE99-0A87A83B8BF5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4199FF90-1D87-4DDB-94F9-BFF2A2E6D6F2}" = dir=in | app=c:\program files (x86)\3cxphone\3cxphone.exe |
"{46873CA2-DFEB-4DC3-BCC0-A19E120874EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4738D573-D192-4206-88F0-1692DB6CA712}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{48C3FA05-7EBD-4A7B-8CEB-B2EA549BECEE}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{4A4DA128-F210-4278-B144-4163F7DBF6EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C52DFF1-DD7E-4619-B49A-848D61418387}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{51061338-9237-42A5-AA7C-EAD7F93EB269}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{51284C16-41D1-47B3-982E-DC8DABA8B58E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{5282F397-2BF7-471D-8397-C6AE94531C1B}" = protocol=17 | dir=in | app=c:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe |
"{579D7382-16B8-4020-88D5-59A7E7799E3B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{5932E2A0-547D-49CC-A1A1-99E061E6846D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5CDD5A5F-2C31-49B6-96E2-C03F32694894}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5EC6EE90-02B8-4BB4-9C6E-31B684CB59EB}" = protocol=6 | dir=in | app=c:\users\amy\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6A9B63FD-FA82-4183-8F22-9C79F2A38EE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6C0074CE-77FE-41F9-BAF7-5D77A1D1C3BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74874848-F97E-4B0E-ABBE-8FF3E4970B89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79F41F6F-EA1F-4DC3-89E0-A1F5065BF97F}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{79F8C5D0-F508-45C2-88F5-9814CF4ED804}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8778D822-5E20-4CB7-BB84-9A32B5476203}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{8858B7CC-DF49-4ED9-82D3-CAB8E4F4E9D2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{91A09A9D-CB08-4B55-AA9F-DFC1B440D552}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{9A64CCA4-2101-484A-823A-5C238203401B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9AB7AA77-3636-4F10-A1BD-4FEB3987B185}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B0C8DA9-242B-4382-A523-328C007FA4ED}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A1B3F111-42B9-4BD8-AA1A-77411DBA4E55}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A4BC097D-E35F-41DC-89B6-E1D3866FFDBE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A5FBD929-D979-4434-A8A9-F1D8FCCBF868}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6046EE3-616D-4A64-A898-C18776A55610}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A620112E-E718-41F5-AEA4-D87B27464EE6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6A127AF-C156-4B46-98BB-44D7A8C2A4AE}" = protocol=6 | dir=out | app=system |
"{A95A346E-CB19-4DD3-9905-283374429944}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{AF6739CD-FE59-4C5F-ADD8-F963098C38A7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{B17D62E8-FB1D-4252-80D9-418175448750}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B6D65A90-C072-45C0-A57D-B67B94508A64}" = protocol=17 | dir=in | app=c:\users\amy\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CA605980-9D97-4A59-B30E-445B67D4B7A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CB5CEC0A-7E74-4287-BCDD-13F4C37F8CDB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{CC1F8B65-47D3-42B4-A500-2AE966E460D3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CDDAB989-AB90-40DA-80F7-F58CD76291D6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D05ADCD9-3ECB-4939-97FC-5075B8ADAC91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D96D4B53-D113-4C37-AE57-16A9F06AEA37}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3D046AA-8AA2-416A-8D1E-0E186E50EEC0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{EAD09563-8A39-4AA1-91CA-5AC478132928}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F6C550D3-D704-4B49-A253-64201547D205}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB0B41F0-B400-4ABD-8C09-AFAFE2A2227E}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"TCP Query User{1D586DA3-D8A0-4250-9C15-8932437827FD}C:\program files (x86)\airport\aputil.exe" = protocol=6 | dir=in | app=c:\program files (x86)\airport\aputil.exe |
"TCP Query User{710DA8E2-6877-46FD-8F17-47F835F75789}C:\users\amy\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\amy\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8A61B9B3-392F-428C-88C2-2171238ACD03}C:\users\amy\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\amy\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C9DF43CE-E25F-45FD-A13B-BB5AF23625B4}C:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{871231FE-D89E-4AAA-A980-91F3861FE9CC}C:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\amy\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{935AEA3E-EDE8-483A-8212-7D28501B7747}C:\users\amy\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\amy\appdata\local\akamai\netsession_win.exe |
"UDP Query User{972038D0-AF50-4335-A473-9B74E0019D9D}C:\users\amy\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\amy\appdata\local\akamai\netsession_win.exe |
"UDP Query User{F0B9931A-02B1-4273-B012-9CDD4368F48D}C:\program files (x86)\airport\aputil.exe" = protocol=17 | dir=in | app=c:\program files (x86)\airport\aputil.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4EF6A3C5-7B7A-453A-A887-7252A1A65596}" = WD Drive Manager (x64)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{888D0F50-FF0A-4808-966E-23D63277BF2A}" = Intel(R) Network Connections 12.4.38.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SingleImage_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.SingleImage_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.SingleImage_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.SingleImage_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.SingleImage_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.SingleImage_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007D-0409-1000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
"{95140000-0081-0409-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-bit
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Genie Backup Manager" = Genie Backup Manager
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Office14.SingleImage" = Microsoft Office Professional 2010
"PROSetDX" = Intel(R) Network Connections 12.4.38.0
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"Speccy" = Speccy
"Sublime Text 2_is1" = Sublime Text 2.0.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CB0993B-1CD4-4A18-9C85-9732AFD9843F}" = Family Tree Maker 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24176A21-AFC8-3DCC-A2BB-901734AA64B9}" = Google Talk Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2B21DAC6-647F-497F-918F-9A389EE24C1D}" = Quicken WillMaker Plus 2012
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3E9E68FB-49FA-410A-8787-424F2A506E0F}" = Business Plan Pro 15th Anniversary Edition
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40184457-4514-4B18-84A8-6BB8A3AB6A81}" = AirPort
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{56B563EE-2616-4A9D-AF35-14A7535AC5A8}" = PayPal Payment Request Wizard For Outlook
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58192647-B4DD-45E1-9C3C-1614B4A03897}" = 64 bit Windows Card Reader Driver
"{5BD6DE00-9A77-4A63-801C-AEDD38C5176B}" = TagCreator for Windows Live Writer
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{753E8DBC-6115-49C6-929C-DA7637FEBE19}" = jAlbum
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797511D8-6C88-4605-B278-552756A3D4C3}" = Microsoft Store Download Manager
"{7AB01508-C2B2-43C8-8B44-514801E7CCC9}" = Jing
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{80ED0C15-0B08-49E1-931B-CAB5E9AB7E34}" = 3CXPhone
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A657DCB7-18E8-2012-9FB0-23F29A908CF5}" = Axure RP Pro 6.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_951" = Adobe Acrobat 9.5.1 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C56BBAC8-0DD2-4CE4-86E0-F2BDEABDD0CF}" = Xmarks for IE
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C89269D9-DD02-45DD-99DD-6AE592F6C447}" = TurboTax 2011 wcaiper
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CD8B8A40-DC1E-48FB-9510-3829614C96D7}" = CompanionLink
"{CDC08463-9303-4BF1-BF8C-E1A2ECEE3248}" = Adobe Creative Suite 5 Web Premium
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF3B76-EEF9-4868-9B2B-42ABF60B279A}" = Microsoft_VC80_CRT_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"Aptana Studio 3" = Aptana Studio 3
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS Audio Converter 6.3_is1" = AVS Audio Converter version 6.3
"AVS Audio Editor_is1" = AVS Audio Editor version 6.1
"AVS Audio Recorder 3.9_is1" = AVS Audio Recorder version 3.9
"AVS Disc Creator_is1" = AVS Disc Creator version 4.1
"AVS DVD Authoring_is1" = AVS DVD Authoring
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.2
"AVS Image Converter_is1" = AVS Image Converter 1.3.3.146
"AVS Photo Editor_is1" = AVS Photo Editor
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 3.1.2.102
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"AVSCoverEditor2_is1" = AVS Cover Editor 2.0.1.3
"Axure RP Pro 6.5" = Axure RP Pro 6.5
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 4.0.1
"CameraUserGuide-PSELPH300HS_IXUS220HS" = Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ColorSchemerStudio2_is1" = ColorSchemer Studio 2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"dBpoweramp CD Writer" = dBpoweramp CD Writer
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp m4a Nero AAC Encoder" = dBpoweramp m4a Nero AAC Encoder
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Family Tree Maker 2012" = Family Tree Maker 2012
"FileZilla Client" = FileZilla Client 3.5.3
"HTMLKit_is1" = HTML-Kit 292
"Logitech Vid" = Logitech Vid HD
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Spark 2.6.3.12555" = Spark 2.6.3.12555
"Tag&Rename_is1" = Tag&Rename 3.5.7
"TreeSize Free_is1" = TreeSize Free V2.7
"TurboTax 2011" = TurboTax 2011
"Web Accessibility Toolbar EN 1.2_is1" = Web Accessibility Toolbar Uninstall
"WeBuilder 2011_is1" = WeBuilder 2011 v11.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"61240c64869513c2" = Napster Download Manager
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.2.0.952

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/12/2012 1:18:17 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10998

Error - 8/12/2012 1:18:18 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/12/2012 1:18:18 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12012

Error - 8/12/2012 1:18:18 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12012

Error - 8/12/2012 1:18:19 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/12/2012 1:18:19 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13010

Error - 8/12/2012 1:18:19 AM | Computer Name = Amy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13010

Error - 8/12/2012 1:39:01 PM | Computer Name = Amy-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/15/2012 6:25:20 AM | Computer Name = Amy-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/15/2012 4:51:53 PM | Computer Name = Amy-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.57.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 169c Start Time:
01cd7b2651485ee0 Termination Time: 6 Application Path: C:\Users\Amy\Desktop\OTL.exe

Report
Id: 093635e8-e71b-11e1-a0e8-00219b044701

[ System Events ]
Error - 8/14/2012 12:02:11 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/14/2012 9:00:36 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/14/2012 2:06:41 PM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/14/2012 5:09:26 PM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/14/2012 9:13:27 PM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/15/2012 12:01:23 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/15/2012 6:00:28 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/15/2012 9:00:21 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 8/15/2012 10:54:03 AM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 8/15/2012 5:07:26 PM | Computer Name = Amy-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.


< End of report >
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby jwvista » August 15th, 2012, 10:19 pm

TDSSKiller
------------------


19:08:20.0370 6584 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
19:08:20.0883 6584 ============================================================
19:08:20.0883 6584 Current date / time: 2012/08/15 19:08:20.0883
19:08:20.0883 6584 SystemInfo:
19:08:20.0883 6584
19:08:20.0884 6584 OS Version: 6.1.7601 ServicePack: 1.0
19:08:20.0884 6584 Product type: Workstation
19:08:20.0884 6584 ComputerName: AMY-PC
19:08:20.0884 6584 UserName: Amy
19:08:20.0884 6584 Windows directory: C:\Windows
19:08:20.0884 6584 System windows directory: C:\Windows
19:08:20.0884 6584 Running under WOW64
19:08:20.0884 6584 Processor architecture: Intel x64
19:08:20.0884 6584 Number of processors: 4
19:08:20.0884 6584 Page size: 0x1000
19:08:20.0884 6584 Boot type: Normal boot
19:08:20.0884 6584 ============================================================
19:08:22.0188 6584 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:08:22.0234 6584 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:08:29.0200 6584 ============================================================
19:08:29.0200 6584 \Device\Harddisk0\DR0:
19:08:29.0200 6584 MBR partitions:
19:08:29.0200 6584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x4A83F800
19:08:29.0200 6584 \Device\Harddisk5\DR5:
19:08:29.0201 6584 MBR partitions:
19:08:29.0201 6584 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
19:08:29.0201 6584 ============================================================
19:08:29.0243 6584 C: <-> \Device\Harddisk0\DR0\Partition1
19:08:29.0243 6584 I: <-> \Device\Harddisk5\DR5\Partition1
19:08:29.0244 6584 ============================================================
19:08:29.0244 6584 Initialize success
19:08:29.0244 6584 ============================================================
19:08:36.0897 5316 ============================================================
19:08:36.0897 5316 Scan started
19:08:36.0897 5316 Mode: Manual;
19:08:36.0897 5316 ============================================================
19:08:37.0924 5316 ================ Scan services =============================
19:08:38.0076 5316 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:08:38.0080 5316 1394ohci - ok
19:08:38.0112 5316 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:08:38.0117 5316 ACPI - ok
19:08:38.0140 5316 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:08:38.0141 5316 AcpiPmi - ok
19:08:38.0170 5316 [ 2f0683fd2df1d92e891caca14b45a8c1 ] adfs C:\Windows\system32\drivers\adfs.sys
19:08:38.0171 5316 adfs - ok
19:08:38.0260 5316 [ 62b7936f9036dd6ed36e6a7efa805dc0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:08:38.0261 5316 AdobeARMservice - ok
19:08:38.0381 5316 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:08:38.0385 5316 AdobeFlashPlayerUpdateSvc - ok
19:08:38.0438 5316 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:08:38.0453 5316 adp94xx - ok
19:08:38.0480 5316 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:08:38.0485 5316 adpahci - ok
19:08:38.0497 5316 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:08:38.0500 5316 adpu320 - ok
19:08:38.0525 5316 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:08:38.0526 5316 AeLookupSvc - ok
19:08:38.0568 5316 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:08:38.0583 5316 AFD - ok
19:08:38.0605 5316 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:08:38.0607 5316 agp440 - ok
19:08:38.0787 5316 [ 29584f02a43e427c4227e3b1d9ff1b22 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
19:08:38.0787 5316 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
19:08:38.0796 5316 Akamai ( HiddenFile.Multi.Generic ) - warning
19:08:38.0796 5316 Akamai - detected HiddenFile.Multi.Generic (1)
19:08:38.0842 5316 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
19:08:38.0843 5316 ALG - ok
19:08:38.0864 5316 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:08:38.0865 5316 aliide - ok
19:08:38.0953 5316 ALSysIO - ok
19:08:38.0984 5316 [ 5eba5e837d6635aea999bae47e186c6f ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:08:38.0987 5316 AMD External Events Utility - ok
19:08:39.0011 5316 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
19:08:39.0012 5316 amdide - ok
19:08:39.0048 5316 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:08:39.0049 5316 AmdK8 - ok
19:08:39.0218 5316 [ dcc8177244fe79c61c4e73c65e63922a ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:08:39.0363 5316 amdkmdag - ok
19:08:39.0391 5316 [ 7fe67d107329dc2cf89136a8e19bceb7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:08:39.0395 5316 amdkmdap - ok
19:08:39.0410 5316 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:08:39.0411 5316 AmdPPM - ok
19:08:39.0438 5316 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:08:39.0440 5316 amdsata - ok
19:08:39.0465 5316 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:08:39.0468 5316 amdsbs - ok
19:08:39.0476 5316 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:08:39.0477 5316 amdxata - ok
19:08:39.0506 5316 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
19:08:39.0507 5316 AppID - ok
19:08:39.0528 5316 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:08:39.0529 5316 AppIDSvc - ok
19:08:39.0548 5316 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:08:39.0549 5316 Appinfo - ok
19:08:39.0618 5316 [ 7ef47644b74ebe721cc32211d3c35e76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:08:39.0620 5316 Apple Mobile Device - ok
19:08:39.0639 5316 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
19:08:39.0641 5316 arc - ok
19:08:39.0655 5316 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:08:39.0657 5316 arcsas - ok
19:08:39.0774 5316 [ 9217d874131ae6ff8f642f124f00a555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:08:39.0775 5316 aspnet_state - ok
19:08:39.0792 5316 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:39.0793 5316 AsyncMac - ok
19:08:39.0814 5316 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
19:08:39.0815 5316 atapi - ok
19:08:39.0865 5316 [ 4bf5bca6e2608cd8a00bc4a6673a9f47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:08:39.0866 5316 AtiHDAudioService - ok
19:08:39.0907 5316 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:08:39.0924 5316 AudioEndpointBuilder - ok
19:08:39.0973 5316 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:08:39.0977 5316 AudioSrv - ok
19:08:40.0006 5316 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:08:40.0008 5316 AxInstSV - ok
19:08:40.0035 5316 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:08:40.0050 5316 b06bdrv - ok
19:08:40.0084 5316 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:08:40.0088 5316 b57nd60a - ok
19:08:40.0112 5316 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:08:40.0114 5316 BDESVC - ok
19:08:40.0125 5316 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:08:40.0126 5316 Beep - ok
19:08:40.0174 5316 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
19:08:40.0188 5316 BFE - ok
19:08:40.0361 5316 [ e99f59342171101ee2446d0cd1a60a8d ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx64.sys
19:08:40.0372 5316 BHDrvx64 - ok
19:08:40.0413 5316 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
19:08:40.0439 5316 BITS - ok
19:08:40.0457 5316 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:08:40.0458 5316 blbdrive - ok
19:08:40.0540 5316 [ ebbcd5dfbb1de70e8f4af8fa59e401fd ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:08:40.0547 5316 Bonjour Service - ok
19:08:40.0574 5316 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:08:40.0576 5316 bowser - ok
19:08:40.0589 5316 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:08:40.0590 5316 BrFiltLo - ok
19:08:40.0604 5316 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:08:40.0605 5316 BrFiltUp - ok
19:08:40.0636 5316 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll
19:08:40.0637 5316 Browser - ok
19:08:40.0655 5316 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:08:40.0660 5316 Brserid - ok
19:08:40.0674 5316 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:08:40.0675 5316 BrSerWdm - ok
19:08:40.0690 5316 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:08:40.0691 5316 BrUsbMdm - ok
19:08:40.0700 5316 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:08:40.0701 5316 BrUsbSer - ok
19:08:40.0719 5316 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:08:40.0721 5316 BTHMODEM - ok
19:08:40.0748 5316 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
19:08:40.0749 5316 bthserv - ok
19:08:40.0805 5316 [ 2c6ffcca37b002aab3c7c31a6d780a76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys
19:08:40.0806 5316 ccSet_NIS - ok
19:08:40.0824 5316 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:08:40.0826 5316 cdfs - ok
19:08:40.0868 5316 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:08:40.0871 5316 cdrom - ok
19:08:40.0897 5316 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
19:08:40.0899 5316 CertPropSvc - ok
19:08:40.0912 5316 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:08:40.0913 5316 circlass - ok
19:08:40.0928 5316 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
19:08:40.0932 5316 CLFS - ok
19:08:40.0989 5316 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:08:41.0005 5316 clr_optimization_v2.0.50727_32 - ok
19:08:41.0156 5316 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:08:41.0157 5316 clr_optimization_v2.0.50727_64 - ok
19:08:41.0214 5316 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:08:41.0216 5316 clr_optimization_v4.0.30319_32 - ok
19:08:41.0233 5316 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:08:41.0236 5316 clr_optimization_v4.0.30319_64 - ok
19:08:41.0255 5316 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:08:41.0256 5316 CmBatt - ok
19:08:41.0280 5316 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:08:41.0281 5316 cmdide - ok
19:08:41.0310 5316 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys
19:08:41.0317 5316 CNG - ok
19:08:41.0332 5316 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:08:41.0333 5316 Compbatt - ok
19:08:41.0362 5316 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:08:41.0363 5316 CompositeBus - ok
19:08:41.0371 5316 COMSysApp - ok
19:08:41.0389 5316 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:08:41.0390 5316 crcdisk - ok
19:08:41.0428 5316 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:08:41.0431 5316 CryptSvc - ok
19:08:41.0457 5316 [ 8491cb08bd8248eaa31fbca5135794b1 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
19:08:41.0458 5316 dc3d - ok
19:08:41.0487 5316 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:08:41.0504 5316 DcomLaunch - ok
19:08:41.0526 5316 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
19:08:41.0531 5316 defragsvc - ok
19:08:41.0553 5316 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:08:41.0555 5316 DfsC - ok
19:08:41.0580 5316 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
19:08:41.0584 5316 Dhcp - ok
19:08:41.0595 5316 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
19:08:41.0596 5316 discache - ok
19:08:41.0621 5316 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:08:41.0622 5316 Disk - ok
19:08:41.0642 5316 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:08:41.0644 5316 Dnscache - ok
19:08:41.0730 5316 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:08:41.0734 5316 dot3svc - ok
19:08:41.0780 5316 [ b42ed0320c6e41102fde0005154849bb ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:08:41.0782 5316 Dot4 - ok
19:08:41.0818 5316 [ e9f5969233c5d89f3c35e3a66a52a361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:08:41.0819 5316 Dot4Print - ok
19:08:41.0829 5316 [ fd05a02b0370bc3000f402e543ca5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:08:41.0830 5316 dot4usb - ok
19:08:41.0841 5316 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
19:08:41.0842 5316 DPS - ok
19:08:41.0866 5316 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:08:41.0866 5316 drmkaud - ok
19:08:41.0900 5316 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:08:41.0905 5316 DXGKrnl - ok
19:08:41.0941 5316 [ 416a2007878ed1d6fc5dddb9e1f6db3e ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
19:08:41.0945 5316 e1express - ok
19:08:41.0971 5316 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:08:41.0973 5316 EapHost - ok
19:08:42.0048 5316 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:08:42.0103 5316 ebdrv - ok
19:08:42.0171 5316 [ 4353ff94d47a0a9d52b89eccf0cdb013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:08:42.0176 5316 eeCtrl - ok
19:08:42.0202 5316 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
19:08:42.0203 5316 EFS - ok
19:08:42.0245 5316 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:08:42.0263 5316 ehRecvr - ok
19:08:42.0284 5316 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
19:08:42.0286 5316 ehSched - ok
19:08:42.0308 5316 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:08:42.0324 5316 elxstor - ok
19:08:42.0362 5316 [ c5bccb378d0a896304a3e71be7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:08:42.0363 5316 EraserUtilRebootDrv - ok
19:08:42.0384 5316 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:08:42.0385 5316 ErrDev - ok
19:08:42.0426 5316 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
19:08:42.0429 5316 EventSystem - ok
19:08:42.0449 5316 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
19:08:42.0452 5316 exfat - ok
19:08:42.0467 5316 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:08:42.0469 5316 fastfat - ok
19:08:42.0506 5316 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
19:08:42.0523 5316 Fax - ok
19:08:42.0531 5316 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:08:42.0532 5316 fdc - ok
19:08:42.0539 5316 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:08:42.0540 5316 fdPHost - ok
19:08:42.0547 5316 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:08:42.0548 5316 FDResPub - ok
19:08:42.0559 5316 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:08:42.0560 5316 FileInfo - ok
19:08:42.0565 5316 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:08:42.0566 5316 Filetrace - ok
19:08:42.0604 5316 [ f76d04f7413b07daa029f6520b64b4e8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:08:42.0622 5316 FLEXnet Licensing Service - ok
19:08:42.0645 5316 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:08:42.0646 5316 flpydisk - ok
19:08:42.0683 5316 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:08:42.0687 5316 FltMgr - ok
19:08:42.0724 5316 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll
19:08:42.0742 5316 FontCache - ok
19:08:42.0773 5316 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:42.0774 5316 FontCache3.0.0.0 - ok
19:08:42.0784 5316 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:08:42.0786 5316 FsDepends - ok
19:08:42.0802 5316 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:08:42.0803 5316 Fs_Rec - ok
19:08:42.0824 5316 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:08:42.0827 5316 fvevol - ok
19:08:42.0844 5316 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:08:42.0846 5316 gagp30kx - ok
19:08:42.0871 5316 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:42.0871 5316 GEARAspiWDM - ok
19:08:42.0903 5316 [ 8450cd67f842cc4d4832acebcdc22fb1 ] glideusb C:\Windows\system32\DRIVERS\glideusb.sys
19:08:42.0905 5316 glideusb - ok
19:08:42.0934 5316 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
19:08:42.0951 5316 gpsvc - ok
19:08:42.0996 5316 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:42.0997 5316 gupdate - ok
19:08:43.0029 5316 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:43.0030 5316 gupdatem - ok
19:08:43.0045 5316 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:08:43.0046 5316 hcw85cir - ok
19:08:43.0078 5316 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:08:43.0082 5316 HdAudAddService - ok
19:08:43.0105 5316 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:08:43.0106 5316 HDAudBus - ok
19:08:43.0117 5316 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:08:43.0118 5316 HidBatt - ok
19:08:43.0132 5316 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:08:43.0133 5316 HidBth - ok
19:08:43.0150 5316 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:08:43.0151 5316 HidIr - ok
19:08:43.0172 5316 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
19:08:43.0173 5316 hidserv - ok
19:08:43.0195 5316 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:08:43.0196 5316 HidUsb - ok
19:08:43.0210 5316 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:08:43.0212 5316 hkmsvc - ok
19:08:43.0231 5316 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:08:43.0234 5316 HomeGroupListener - ok
19:08:43.0249 5316 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:08:43.0252 5316 HomeGroupProvider - ok
19:08:43.0348 5316 [ 0a3c6aa4a9fc38c20ba4eac2c3351c05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:08:43.0351 5316 hpqcxs08 - ok
19:08:43.0379 5316 [ f3f72a2a86c22610bca5439fa789dd52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:08:43.0380 5316 hpqddsvc - ok
19:08:43.0398 5316 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:08:43.0399 5316 HpSAMD - ok
19:08:43.0468 5316 [ f37882f128efacefe353e0bae2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:08:43.0477 5316 HPSLPSVC - ok
19:08:43.0548 5316 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:08:43.0566 5316 HTTP - ok
19:08:43.0591 5316 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:08:43.0592 5316 hwpolicy - ok
19:08:43.0619 5316 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:08:43.0621 5316 i8042prt - ok
19:08:43.0665 5316 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:08:43.0690 5316 iaStorV - ok
19:08:43.0755 5316 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:43.0773 5316 idsvc - ok
19:08:43.0870 5316 [ ce0bf35c79e03bb89da6b14fac838605 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120814.005\IDSvia64.sys
19:08:43.0874 5316 IDSVia64 - ok
19:08:44.0035 5316 [ 24cc43ecdeefd4c19fbbee4951b647f1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:08:44.0141 5316 igfx - ok
19:08:44.0179 5316 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:08:44.0180 5316 iirsp - ok
19:08:44.0208 5316 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
19:08:44.0223 5316 IKEEXT - ok
19:08:44.0280 5316 [ 04c6489a44e340574daae64a6062541c ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:08:44.0290 5316 IntcAzAudAddService - ok
19:08:44.0309 5316 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
19:08:44.0310 5316 intelide - ok
19:08:44.0325 5316 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:08:44.0326 5316 intelppm - ok
19:08:44.0395 5316 [ 1663a135865f0ba6e853353e98e67f2a ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:08:44.0395 5316 IntuitUpdateServiceV4 - ok
19:08:44.0414 5316 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:08:44.0416 5316 IPBusEnum - ok
19:08:44.0437 5316 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:44.0439 5316 IpFilterDriver - ok
19:08:44.0458 5316 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:08:44.0465 5316 iphlpsvc - ok
19:08:44.0503 5316 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:08:44.0504 5316 IPMIDRV - ok
19:08:44.0522 5316 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:08:44.0524 5316 IPNAT - ok
19:08:44.0575 5316 [ 50d6ccc6ff5561f9f56946b3e6164fb8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:08:44.0592 5316 iPod Service - ok
19:08:44.0611 5316 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:08:44.0613 5316 IRENUM - ok
19:08:44.0634 5316 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:08:44.0635 5316 isapnp - ok
19:08:44.0663 5316 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:08:44.0668 5316 iScsiPrt - ok
19:08:44.0698 5316 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:44.0699 5316 kbdclass - ok
19:08:44.0725 5316 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:08:44.0726 5316 kbdhid - ok
19:08:44.0743 5316 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
19:08:44.0745 5316 KeyIso - ok
19:08:44.0769 5316 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:08:44.0770 5316 KSecDD - ok
19:08:44.0798 5316 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:08:44.0800 5316 KSecPkg - ok
19:08:44.0813 5316 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:08:44.0814 5316 ksthunk - ok
19:08:44.0835 5316 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
19:08:44.0840 5316 KtmRm - ok
19:08:44.0873 5316 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:08:44.0876 5316 LanmanServer - ok
19:08:44.0896 5316 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:08:44.0898 5316 LanmanWorkstation - ok
19:08:44.0924 5316 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:08:44.0925 5316 lltdio - ok
19:08:44.0949 5316 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:08:44.0953 5316 lltdsvc - ok
19:08:44.0961 5316 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:08:44.0963 5316 lmhosts - ok
19:08:44.0986 5316 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:08:44.0988 5316 LSI_FC - ok
19:08:45.0002 5316 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:08:45.0003 5316 LSI_SAS - ok
19:08:45.0016 5316 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:08:45.0017 5316 LSI_SAS2 - ok
19:08:45.0029 5316 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:08:45.0031 5316 LSI_SCSI - ok
19:08:45.0049 5316 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
19:08:45.0050 5316 luafv - ok
19:08:45.0072 5316 [ b3944d06eb4b64d57bd7e5fe89415f58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:08:45.0073 5316 LVPr2M64 - ok
19:08:45.0077 5316 [ b3944d06eb4b64d57bd7e5fe89415f58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:08:45.0078 5316 LVPr2Mon - ok
19:08:45.0114 5316 [ 0c85b2b6fb74b36a251792d45e0ef860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:08:45.0116 5316 LVRS64 - ok
19:08:45.0208 5316 [ ff3a488924b0032b1a9ca6948c1fa9e8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:08:45.0233 5316 LVUVC64 - ok
19:08:45.0281 5316 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:08:45.0283 5316 Mcx2Svc - ok
19:08:45.0295 5316 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:08:45.0296 5316 megasas - ok
19:08:45.0319 5316 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:08:45.0323 5316 MegaSR - ok
19:08:45.0349 5316 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
19:08:45.0352 5316 MMCSS - ok
19:08:45.0361 5316 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:08:45.0362 5316 Modem - ok
19:08:45.0383 5316 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:08:45.0384 5316 monitor - ok
19:08:45.0412 5316 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:08:45.0413 5316 mouclass - ok
19:08:45.0428 5316 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:08:45.0429 5316 mouhid - ok
19:08:45.0454 5316 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:08:45.0455 5316 mountmgr - ok
19:08:45.0474 5316 [ 96aa8ba23142cc8e2b30f3cae0c80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:08:45.0476 5316 MozillaMaintenance - ok
19:08:45.0498 5316 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:08:45.0501 5316 mpio - ok
19:08:45.0513 5316 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:08:45.0515 5316 mpsdrv - ok
19:08:45.0547 5316 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:08:45.0562 5316 MpsSvc - ok
19:08:45.0588 5316 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:08:45.0590 5316 MRxDAV - ok
19:08:45.0615 5316 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:45.0617 5316 mrxsmb - ok
19:08:45.0643 5316 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:45.0647 5316 mrxsmb10 - ok
19:08:45.0665 5316 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:45.0667 5316 mrxsmb20 - ok
19:08:45.0687 5316 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:08:45.0688 5316 msahci - ok
19:08:45.0707 5316 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:08:45.0709 5316 msdsm - ok
19:08:45.0728 5316 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
19:08:45.0731 5316 MSDTC - ok
19:08:45.0756 5316 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:08:45.0757 5316 Msfs - ok
19:08:45.0771 5316 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:08:45.0772 5316 mshidkmdf - ok
19:08:45.0782 5316 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:08:45.0782 5316 msisadrv - ok
19:08:45.0815 5316 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:08:45.0817 5316 MSiSCSI - ok
19:08:45.0822 5316 msiserver - ok
19:08:45.0843 5316 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:08:45.0844 5316 MSKSSRV - ok
19:08:45.0871 5316 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:45.0871 5316 MSPCLOCK - ok
19:08:45.0876 5316 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:08:45.0877 5316 MSPQM - ok
19:08:45.0900 5316 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:08:45.0904 5316 MsRPC - ok
19:08:45.0925 5316 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:08:45.0926 5316 mssmbios - ok
19:08:45.0941 5316 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:08:45.0942 5316 MSTEE - ok
19:08:45.0950 5316 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:08:45.0951 5316 MTConfig - ok
19:08:45.0974 5316 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:08:45.0975 5316 Mup - ok
19:08:45.0989 5316 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
19:08:46.0004 5316 napagent - ok
19:08:46.0028 5316 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:08:46.0032 5316 NativeWifiP - ok
19:08:46.0099 5316 [ 8043d41f881d6ace40b854ad6e32217f ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120815.002\ENG64.SYS
19:08:46.0100 5316 NAVENG - ok
19:08:46.0156 5316 [ 9a9ab2fc45d701daed465d14980f1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120815.002\EX64.SYS
19:08:46.0168 5316 NAVEX15 - ok
19:08:46.0209 5316 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
19:08:46.0226 5316 NDIS - ok
19:08:46.0241 5316 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:08:46.0242 5316 NdisCap - ok
19:08:46.0260 5316 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:46.0261 5316 NdisTapi - ok
19:08:46.0289 5316 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:46.0290 5316 Ndisuio - ok
19:08:46.0318 5316 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:46.0320 5316 NdisWan - ok
19:08:46.0349 5316 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:08:46.0350 5316 NDProxy - ok
19:08:46.0377 5316 [ 2334dc48997ba203b794df3ee70521db ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:08:46.0379 5316 Net Driver HPZ12 - ok
19:08:46.0398 5316 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:08:46.0399 5316 NetBIOS - ok
19:08:46.0428 5316 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:08:46.0431 5316 NetBT - ok
19:08:46.0443 5316 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
19:08:46.0444 5316 Netlogon - ok
19:08:46.0472 5316 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
19:08:46.0477 5316 Netman - ok
19:08:46.0498 5316 [ d22cd77d4f0d63d1169bb35911bff12d ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:46.0501 5316 NetMsmqActivator - ok
19:08:46.0510 5316 [ d22cd77d4f0d63d1169bb35911bff12d ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:46.0511 5316 NetPipeActivator - ok
19:08:46.0526 5316 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
19:08:46.0533 5316 netprofm - ok
19:08:46.0543 5316 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:46.0544 5316 NetTcpActivator - ok
19:08:46.0549 5316 [ d22cd77d4f0d63d1169bb35911bff12d ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:46.0550 5316 NetTcpPortSharing - ok
19:08:46.0574 5316 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:08:46.0576 5316 nfrd960 - ok
19:08:46.0699 5316 [ f2840dbfe9322f35557219ae82cc4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
19:08:46.0700 5316 NIS - ok
19:08:46.0735 5316 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:08:46.0739 5316 NlaSvc - ok
19:08:46.0752 5316 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:08:46.0753 5316 Npfs - ok
19:08:46.0764 5316 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:08:46.0766 5316 nsi - ok
19:08:46.0776 5316 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:08:46.0777 5316 nsiproxy - ok
19:08:46.0824 5316 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:08:46.0850 5316 Ntfs - ok
19:08:46.0862 5316 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
19:08:46.0862 5316 Null - ok
19:08:46.0887 5316 [ 10204955027011e08a9dc27737a48a54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:08:46.0889 5316 NVHDA - ok
19:08:47.0127 5316 [ b15258b1f45f9571758ac6bb2f043b01 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:08:47.0195 5316 nvlddmkm - ok
19:08:47.0232 5316 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:08:47.0234 5316 nvraid - ok
19:08:47.0260 5316 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:08:47.0262 5316 nvstor - ok
19:08:47.0306 5316 [ 2d7092fec9bd2aca199673bba2ba9277 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:08:47.0340 5316 nvsvc - ok
19:08:47.0405 5316 [ 7e22de30e222bfdfcec7e77032baf3cd ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:08:47.0444 5316 nvUpdatusService - ok
19:08:47.0470 5316 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:08:47.0471 5316 nv_agp - ok
19:08:47.0500 5316 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:08:47.0501 5316 ohci1394 - ok
19:08:47.0547 5316 [ 4965b005492cba7719e82b71e3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:08:47.0549 5316 ose64 - ok
19:08:47.0674 5316 [ 61bffb5f57ad12f83ab64b7181829b34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:08:47.0761 5316 osppsvc - ok
19:08:47.0796 5316 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:08:47.0801 5316 p2pimsvc - ok
19:08:47.0819 5316 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:08:47.0825 5316 p2psvc - ok
19:08:47.0845 5316 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:08:47.0847 5316 Parport - ok
19:08:47.0869 5316 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:08:47.0870 5316 partmgr - ok
19:08:47.0879 5316 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:08:47.0882 5316 PcaSvc - ok
19:08:47.0907 5316 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
19:08:47.0909 5316 pci - ok
19:08:47.0917 5316 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
19:08:47.0918 5316 pciide - ok
19:08:47.0932 5316 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:08:47.0934 5316 pcmcia - ok
19:08:47.0951 5316 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:08:47.0951 5316 pcw - ok
19:08:47.0970 5316 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:08:47.0987 5316 PEAUTH - ok
19:08:48.0057 5316 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:08:48.0059 5316 PerfHost - ok
19:08:48.0109 5316 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
19:08:48.0136 5316 pla - ok
19:08:48.0166 5316 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:08:48.0171 5316 PlugPlay - ok
19:08:48.0205 5316 [ ac78df349f0e4cfb8b667c0cfff83cce ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:08:48.0206 5316 Pml Driver HPZ12 - ok
19:08:48.0218 5316 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:08:48.0220 5316 PNRPAutoReg - ok
19:08:48.0238 5316 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:08:48.0241 5316 PNRPsvc - ok
19:08:48.0284 5316 [ 4f0878fd62d5f7444c5f1c4c66d9d293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:08:48.0285 5316 Point64 - ok
19:08:48.0310 5316 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:08:48.0315 5316 PolicyAgent - ok
19:08:48.0338 5316 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
19:08:48.0340 5316 Power - ok
19:08:48.0366 5316 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:08:48.0368 5316 PptpMiniport - ok
19:08:48.0377 5316 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:08:48.0379 5316 Processor - ok
19:08:48.0405 5316 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:08:48.0408 5316 ProfSvc - ok
19:08:48.0419 5316 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:08:48.0420 5316 ProtectedStorage - ok
19:08:48.0451 5316 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:08:48.0453 5316 Psched - ok
19:08:48.0489 5316 [ 87b04878a6d59d6c79251dc960c674c1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
19:08:48.0490 5316 PxHlpa64 - ok
19:08:48.0544 5316 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:08:48.0579 5316 ql2300 - ok
19:08:48.0603 5316 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:08:48.0605 5316 ql40xx - ok
19:08:48.0622 5316 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
19:08:48.0627 5316 QWAVE - ok
19:08:48.0643 5316 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:08:48.0644 5316 QWAVEdrv - ok
19:08:48.0657 5316 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:08:48.0658 5316 RasAcd - ok
19:08:48.0678 5316 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:08:48.0679 5316 RasAgileVpn - ok
19:08:48.0688 5316 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
19:08:48.0690 5316 RasAuto - ok
19:08:48.0714 5316 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:08:48.0716 5316 Rasl2tp - ok
19:08:48.0748 5316 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
19:08:48.0756 5316 RasMan - ok
19:08:48.0769 5316 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:08:48.0771 5316 RasPppoe - ok
19:08:48.0784 5316 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:08:48.0786 5316 RasSstp - ok
19:08:48.0805 5316 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:08:48.0809 5316 rdbss - ok
19:08:48.0828 5316 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:08:48.0829 5316 rdpbus - ok
19:08:48.0843 5316 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:08:48.0844 5316 RDPCDD - ok
19:08:48.0865 5316 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:08:48.0866 5316 RDPENCDD - ok
19:08:48.0883 5316 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:08:48.0884 5316 RDPREFMP - ok
19:08:48.0907 5316 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:08:48.0908 5316 RDPWD - ok
19:08:48.0924 5316 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:08:48.0927 5316 rdyboost - ok
19:08:48.0946 5316 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:08:48.0949 5316 RemoteAccess - ok
19:08:48.0958 5316 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:08:48.0962 5316 RemoteRegistry - ok
19:08:48.0975 5316 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:08:48.0978 5316 RpcEptMapper - ok
19:08:49.0001 5316 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
19:08:49.0003 5316 RpcLocator - ok
19:08:49.0028 5316 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
19:08:49.0033 5316 RpcSs - ok
19:08:49.0044 5316 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:08:49.0046 5316 rspndr - ok
19:08:49.0060 5316 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
19:08:49.0062 5316 SamSs - ok
19:08:49.0088 5316 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:08:49.0089 5316 sbp2port - ok
19:08:49.0106 5316 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:08:49.0110 5316 SCardSvr - ok
19:08:49.0131 5316 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:08:49.0132 5316 scfilter - ok
19:08:49.0168 5316 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
19:08:49.0186 5316 Schedule - ok
19:08:49.0214 5316 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
19:08:49.0215 5316 SCPolicySvc - ok
19:08:49.0226 5316 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:08:49.0230 5316 SDRSVC - ok
19:08:49.0238 5316 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:08:49.0240 5316 secdrv - ok
19:08:49.0253 5316 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
19:08:49.0255 5316 seclogon - ok
19:08:49.0267 5316 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
19:08:49.0269 5316 SENS - ok
19:08:49.0287 5316 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:08:49.0289 5316 SensrSvc - ok
19:08:49.0299 5316 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:08:49.0300 5316 Serenum - ok
19:08:49.0314 5316 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:08:49.0316 5316 Serial - ok
19:08:49.0336 5316 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:08:49.0338 5316 sermouse - ok
19:08:49.0373 5316 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:08:49.0376 5316 SessionEnv - ok
19:08:49.0402 5316 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:08:49.0403 5316 sffdisk - ok
19:08:49.0410 5316 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:08:49.0411 5316 sffp_mmc - ok
19:08:49.0421 5316 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:08:49.0422 5316 sffp_sd - ok
19:08:49.0432 5316 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:08:49.0433 5316 sfloppy - ok
19:08:49.0462 5316 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:08:49.0467 5316 SharedAccess - ok
19:08:49.0492 5316 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:08:49.0496 5316 ShellHWDetection - ok
19:08:49.0522 5316 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:08:49.0523 5316 SiSRaid2 - ok
19:08:49.0544 5316 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:08:49.0546 5316 SiSRaid4 - ok
19:08:49.0577 5316 [ c70aebd3608ed9fcea2a1bae83567ffc ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:08:49.0579 5316 SkypeUpdate - ok
19:08:49.0595 5316 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:08:49.0597 5316 Smb - ok
19:08:49.0623 5316 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:08:49.0625 5316 SNMPTRAP - ok
19:08:49.0634 5316 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:08:49.0634 5316 spldr - ok
19:08:49.0670 5316 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:08:49.0674 5316 Spooler - ok
19:08:49.0757 5316 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
19:08:49.0821 5316 sppsvc - ok
19:08:49.0837 5316 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:08:49.0840 5316 sppuinotify - ok
19:08:49.0910 5316 [ 891793e00432fa055cf040605c260e49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS
19:08:49.0914 5316 SRTSP - ok
19:08:49.0948 5316 [ 1cb7bb3b0561fb5ecfe37f7731e8bf3e ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS
19:08:49.0949 5316 SRTSPX - ok
19:08:49.0977 5316 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
19:08:49.0984 5316 srv - ok
19:08:50.0009 5316 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:08:50.0014 5316 srv2 - ok
19:08:50.0032 5316 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:08:50.0034 5316 srvnet - ok
19:08:50.0055 5316 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:08:50.0058 5316 SSDPSRV - ok
19:08:50.0073 5316 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:08:50.0075 5316 SstpSvc - ok
19:08:50.0109 5316 [ 9e1222c417291bc836210743624a8e5e ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:08:50.0112 5316 Stereo Service - ok
19:08:50.0130 5316 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:08:50.0131 5316 stexstor - ok
19:08:50.0157 5316 [ decacb6921ded1a38642642685d77dac ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:08:50.0159 5316 StillCam - ok
19:08:50.0196 5316 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
19:08:50.0213 5316 stisvc - ok
19:08:50.0259 5316 [ 1d0063597c3666404fcf97698abeb019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:08:50.0261 5316 stllssvr - ok
19:08:50.0276 5316 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:08:50.0277 5316 swenum - ok
19:08:50.0366 5316 [ f577910a133a592234ebaad3f3afa258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:08:50.0383 5316 SwitchBoard - ok
19:08:50.0412 5316 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
19:08:50.0429 5316 swprv - ok
19:08:50.0440 5316 Symantec RemoteAssist - ok
19:08:50.0470 5316 [ 8b2430762099598da40686f754632efd ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS
19:08:50.0476 5316 SymDS - ok
19:08:50.0513 5316 [ 5cb7f2fd7e30a0f52f93574bfc3a8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS
19:08:50.0522 5316 SymEFA - ok
19:08:50.0564 5316 [ 894579207e39c465737e850a252ce4f2 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:08:50.0566 5316 SymEvent - ok
19:08:50.0593 5316 [ 5013a76caaa1d7cf1c55214b490b4e35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS
19:08:50.0595 5316 SymIRON - ok
19:08:50.0627 5316 [ 3911bd0e68c010e5438a87706abbe9ab ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS
19:08:50.0630 5316 SymNetS - ok
19:08:50.0678 5316 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
19:08:50.0713 5316 SysMain - ok
19:08:50.0735 5316 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:08:50.0738 5316 TabletInputService - ok
19:08:50.0757 5316 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:08:50.0765 5316 TapiSrv - ok
19:08:50.0788 5316 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
19:08:50.0791 5316 TBS - ok
19:08:50.0840 5316 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:08:50.0875 5316 Tcpip - ok
19:08:50.0921 5316 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:08:50.0935 5316 TCPIP6 - ok
19:08:50.0961 5316 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:08:50.0962 5316 tcpipreg - ok
19:08:50.0988 5316 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:08:50.0989 5316 TDPIPE - ok
19:08:51.0004 5316 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:08:51.0005 5316 TDTCP - ok
19:08:51.0030 5316 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:08:51.0032 5316 tdx - ok
19:08:51.0057 5316 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:08:51.0057 5316 TermDD - ok
19:08:51.0082 5316 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
19:08:51.0097 5316 TermService - ok
19:08:51.0116 5316 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
19:08:51.0118 5316 Themes - ok
19:08:51.0141 5316 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
19:08:51.0143 5316 THREADORDER - ok
19:08:51.0152 5316 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
19:08:51.0155 5316 TrkWks - ok
19:08:51.0192 5316 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:08:51.0224 5316 TrustedInstaller - ok
19:08:51.0264 5316 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:08:51.0285 5316 tssecsrv - ok
19:08:51.0369 5316 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:08:51.0370 5316 TsUsbFlt - ok
19:08:51.0411 5316 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:08:51.0413 5316 tunnel - ok
19:08:51.0443 5316 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:08:51.0445 5316 uagp35 - ok
19:08:51.0462 5316 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:08:51.0467 5316 udfs - ok
19:08:51.0488 5316 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:08:51.0491 5316 UI0Detect - ok
19:08:51.0508 5316 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:08:51.0510 5316 uliagpkx - ok
19:08:51.0542 5316 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:08:51.0543 5316 umbus - ok
19:08:51.0554 5316 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:08:51.0555 5316 UmPass - ok
19:08:51.0610 5316 [ 67a95b9d129ed5399e7965cd09cf30e7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
19:08:51.0615 5316 UMVPFSrv - ok
19:08:51.0641 5316 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
19:08:51.0647 5316 upnphost - ok
19:08:51.0676 5316 [ fb251567f41bc61988b26731dec19e4b ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:08:51.0677 5316 USBAAPL64 - ok
19:08:51.0713 5316 [ 82e8f44688e6fac57b5b7c6fc7adbc2a ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:08:51.0715 5316 usbaudio - ok
19:08:51.0743 5316 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:08:51.0745 5316 usbccgp - ok
19:08:51.0773 5316 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:08:51.0775 5316 usbcir - ok
19:08:51.0804 5316 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:08:51.0805 5316 usbehci - ok
19:08:51.0839 5316 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:08:51.0844 5316 usbhub - ok
19:08:51.0858 5316 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:08:51.0859 5316 usbohci - ok
19:08:51.0875 5316 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:08:51.0876 5316 usbprint - ok
19:08:51.0896 5316 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:08:51.0897 5316 usbscan - ok
19:08:51.0913 5316 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:08:51.0914 5316 USBSTOR - ok
19:08:51.0934 5316 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:08:51.0935 5316 usbuhci - ok
19:08:51.0952 5316 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
19:08:51.0954 5316 usbvideo - ok
19:08:51.0980 5316 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
19:08:51.0982 5316 UxSms - ok
19:08:51.0993 5316 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
19:08:51.0995 5316 VaultSvc - ok
19:08:52.0019 5316 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:08:52.0020 5316 vdrvroot - ok
19:08:52.0048 5316 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
19:08:52.0065 5316 vds - ok
19:08:52.0080 5316 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:08:52.0081 5316 vga - ok
19:08:52.0095 5316 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
19:08:52.0096 5316 VgaSave - ok
19:08:52.0122 5316 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:08:52.0124 5316 vhdmp - ok
19:08:52.0143 5316 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:08:52.0144 5316 viaide - ok
19:08:52.0153 5316 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:08:52.0155 5316 volmgr - ok
19:08:52.0186 5316 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:08:52.0190 5316 volmgrx - ok
19:08:52.0205 5316 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:08:52.0208 5316 volsnap - ok
19:08:52.0228 5316 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:08:52.0230 5316 vsmraid - ok
19:08:52.0271 5316 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
19:08:52.0296 5316 VSS - ok
19:08:52.0329 5316 [ 93132c69394a99d992095d8cfe464801 ] VST64HWBS2 C:\Windows\system32\DRIVERS\VSTBS26.SYS
19:08:52.0334 5316 VST64HWBS2 - ok
19:08:52.0367 5316 [ 02071d207a9858fbe3a48cbfd59c4a04 ] VST64_DPV C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:08:52.0394 5316 VST64_DPV - ok
19:08:52.0401 5316 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:08:52.0403 5316 vwifibus - ok
19:08:52.0430 5316 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
19:08:52.0435 5316 W32Time - ok
19:08:52.0448 5316 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:08:52.0450 5316 WacomPen - ok
19:08:52.0472 5316 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:08:52.0473 5316 WANARP - ok
19:08:52.0480 5316 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:08:52.0481 5316 Wanarpv6 - ok
19:08:52.0527 5316 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:08:52.0551 5316 WatAdminSvc - ok
19:08:52.0590 5316 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
19:08:52.0616 5316 wbengine - ok
19:08:52.0632 5316 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:08:52.0636 5316 WbioSrvc - ok
19:08:52.0666 5316 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:08:52.0673 5316 wcncsvc - ok
19:08:52.0685 5316 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:08:52.0688 5316 WcsPlugInService - ok
19:08:52.0706 5316 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:08:52.0707 5316 Wd - ok
19:08:52.0763 5316 [ da631fee06408776e52795ac7d2f8cef ] WDBtnMgrSvc.exe C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
19:08:52.0765 5316 WDBtnMgrSvc.exe - ok
19:08:52.0786 5316 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:08:52.0803 5316 Wdf01000 - ok
19:08:52.0814 5316 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:08:52.0817 5316 WdiServiceHost - ok
19:08:52.0820 5316 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:08:52.0823 5316 WdiSystemHost - ok
19:08:52.0848 5316 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:08:52.0853 5316 WebClient - ok
19:08:52.0868 5316 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:08:52.0873 5316 Wecsvc - ok
19:08:52.0884 5316 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:08:52.0886 5316 wercplsupport - ok
19:08:52.0903 5316 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:08:52.0906 5316 WerSvc - ok
19:08:52.0917 5316 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:08:52.0918 5316 WfpLwf - ok
19:08:52.0935 5316 [ 52ded146e4797e6ccf94799e8e22bb2a ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
19:08:52.0937 5316 WimFltr - ok
19:08:52.0950 5316 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:08:52.0951 5316 WIMMount - ok
19:08:52.0986 5316 [ 18e40c245dbfaf36fd0134a7ef2df396 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:08:53.0004 5316 winachsf - ok
19:08:53.0017 5316 WinDefend - ok
19:08:53.0025 5316 WinHttpAutoProxySvc - ok
19:08:53.0065 5316 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:08:53.0069 5316 Winmgmt - ok
19:08:53.0125 5316 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
19:08:53.0169 5316 WinRM - ok
19:08:53.0237 5316 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:08:53.0239 5316 WinUsb - ok
19:08:53.0275 5316 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
19:08:53.0301 5316 Wlansvc - ok
19:08:53.0352 5316 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:08:53.0353 5316 wlcrasvc - ok
19:08:53.0443 5316 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:08:53.0483 5316 wlidsvc - ok
19:08:53.0502 5316 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:08:53.0503 5316 WmiAcpi - ok
19:08:53.0525 5316 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:08:53.0528 5316 wmiApSrv - ok
19:08:53.0549 5316 WMPNetworkSvc - ok
19:08:53.0565 5316 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:08:53.0568 5316 WPCSvc - ok
19:08:53.0591 5316 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:08:53.0594 5316 WPDBusEnum - ok
19:08:53.0610 5316 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:08:53.0611 5316 ws2ifsl - ok
19:08:53.0640 5316 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll
19:08:53.0644 5316 wscsvc - ok
19:08:53.0678 5316 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:08:53.0679 5316 WSDPrintDevice - ok
19:08:53.0685 5316 WSearch - ok
19:08:53.0745 5316 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:08:53.0789 5316 wuauserv - ok
19:08:53.0805 5316 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:08:53.0807 5316 WudfPf - ok
19:08:53.0835 5316 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:08:53.0838 5316 WUDFRd - ok
19:08:53.0860 5316 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:08:53.0862 5316 wudfsvc - ok
19:08:53.0875 5316 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
19:08:53.0880 5316 WwanSvc - ok
19:08:53.0885 5316 ================ Scan global ===============================
19:08:53.0899 5316 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
19:08:53.0924 5316 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:08:53.0941 5316 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
19:08:53.0957 5316 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
19:08:53.0987 5316 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
19:08:53.0992 5316 [Global] - ok
19:08:53.0992 5316 ================ Scan MBR ==================================
19:08:54.0003 5316 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:08:54.0233 5316 \Device\Harddisk0\DR0 - ok
19:08:54.0238 5316 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk5\DR5
19:08:54.0243 5316 \Device\Harddisk5\DR5 - ok
19:08:54.0244 5316 ================ Scan VBR ==================================
19:08:54.0247 5316 Boot (0x1200) (8e532c48375bcf9e7c33293bf3122b5f) \Device\Harddisk0\DR0\Partition1
19:08:54.0248 5316 \Device\Harddisk0\DR0\Partition1 - ok
19:08:54.0251 5316 Boot (0x1200) (c68b21b1039de2bf5d99bf1059b041b8) \Device\Harddisk5\DR5\Partition1
19:08:54.0721 5316 \Device\Harddisk5\DR5\Partition1 - ok
19:08:54.0722 5316 ============================================================
19:08:54.0722 5316 Scan finished
19:08:54.0722 5316 ============================================================
19:08:54.0735 5052 Detected object count: 1
19:08:54.0735 5052 Actual detected object count: 1
jwvista
Active Member
 
Posts: 8
Joined: August 7th, 2012, 10:01 pm

Re: Sudden crawl with Internet and Applications

Unread postby Cypher » August 16th, 2012, 5:50 am

Hi jwvista,
Alander is unavailable so if it's ok with you, i will take over for him.
There are a few things to do here, just take your time and you will be fine.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Java(TM) 6 Update 31
Java(TM) 7 Update 5

Next.

Java SE Runtime Environment (JRE).

Please download from HERE

  • Find Java SE 7u6.
  • Click the Download JRE button to the right.
  • Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
  • Click the Continue button.
  • Click on the filename under Windows Offline Installation and save it to your desktop.
  • Close all active windows.
  • Install the program.

Next.

Create a new System Restore point

  • Click Start, Right Click on Computer, and select Properties.
  • In the left pane, click System Protection > Create.
  • Give this restore point a descriptive name and click Create.
  • Click Apply and OK.

Next.

We need to run an OTL Fix

  • Right-click OTL.exe and select " Run as administrator " to run it.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :processes
    killallprocesses
    
    :otl
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {89654729-691F-453F-8066-1A1658F7C496}
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.88.2
    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2012.2.0.2
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
    O33 - MountPoints2\{2fb2633f-1737-11df-aa2e-00219b044701}\Shell - "" = AutoRun
    O33 - MountPoints2\{2fb2633f-1737-11df-aa2e-00219b044701}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    @Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:D287FACF
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:9638A27E
    
    :files
    ipconfig /flushdns /c
    
    :commands
    [purity]
    [emptytemp]
    [clearallrestorepoints]
    
    
  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Next.

Please download Malwarebytes' Anti-Malware and save to your desktop.
  • Right-click mbam-setup.exe and select " Run as administrator " to run it.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • When the program loads, Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you wish)
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Logs/Information to Post in your Next Reply

  • OTL Fix log.
  • Malwarebytes log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Sudden crawl with Internet and Applications

Unread postby Cypher » August 19th, 2012, 6:05 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 317 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware