Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox/IE launching multiple instances

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Firefox/IE launching multiple instances

Unread postby baf » October 19th, 2012, 8:03 am

Both Firefox and IE will, at some point during use, start rapidly opening multiple instances of my home page. This does not occur in Safe Mode. I have run a number of the more popular malware removal programs with no effect.

Here are my logs:

DDS (Ver_2012-10-19.01) - NTFS_AMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by Brad at 7:41:20 on 2012-10-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5887.5071 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN26I5FHKF05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\Users\Brad\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\wkcalrem.LNK - C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{FBBBE36F-F340-4CE6-BE40-75613EBEE305} : DHCPNameServer = 192.168.2.1
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
SSODL: WebCheck - <orphaned>
x64-Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\5hdqr631.default\
FF - prefs.js: browser.search.selectedEngine - Creative Commons
FF - prefs.js: browser.startup.homepage - hxxp://lolcats.icanhascheezburger.com/
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Brad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
FF - ExtSQL: !HIDDEN! 2010-05-07 15:17; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-9-21 61792]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-9-13 151904]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
S1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-10-16 27800]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-16 84256]
S2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-10-16 108320]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-10-2 5783672]
S2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-10-16 99248]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-2 193568]
S2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-25 189736]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-2 136176]
S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe [2010-1-12 126392]
S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 253600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-2 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-1 115168]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-7 1255736]
S3 WFMC_VAD;WFMCVAD (WDM);C:\Windows\System32\drivers\wfmcvad.sys [2011-10-15 24064]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2012-10-18 10:44:56 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{74611476-E5A9-4525-9577-00DA7694D1ED}\mpengine.dll
2012-10-17 10:37:29 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-16 10:19:29 -------- d-----w- C:\Users\Brad\AppData\Roaming\Avira
2012-10-16 10:18:40 99248 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-10-16 10:18:40 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-10-16 10:18:40 -------- d-----w- C:\ProgramData\Avira
2012-10-16 10:18:40 -------- d-----w- C:\Program Files (x86)\Avira
2012-10-14 13:46:39 -------- d-----w- C:\Users\Brad\AppData\Roaming\AVG2013
2012-10-14 13:45:39 -------- d-----w- C:\Users\Brad\AppData\Roaming\TuneUp Software
2012-10-14 13:43:48 -------- d--h--w- C:\$AVG
2012-10-14 13:43:47 -------- d-----w- C:\ProgramData\AVG2013
2012-10-14 13:42:15 -------- d-----w- C:\Program Files (x86)\AVG
2012-10-14 13:25:57 -------- d-----w- C:\Users\Brad\AppData\Local\MFAData
2012-10-14 13:25:57 -------- d-----w- C:\Users\Brad\AppData\Local\Avg2013
2012-10-14 13:25:57 -------- d-----w- C:\ProgramData\MFAData
2012-10-14 04:34:38 -------- d-----w- C:\Users\Brad\AppData\Roaming\SUPERAntiSpyware.com
2012-10-14 04:34:17 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-10-14 04:34:17 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-10-13 18:03:22 -------- d-----w- C:\Users\Brad\AppData\Roaming\Malwarebytes
2012-10-13 18:03:15 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-13 18:03:14 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-13 18:03:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-12 08:05:19 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-12 08:05:19 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-09 19:56:15 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-09 19:56:14 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-10-09 19:56:14 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-10-09 19:56:06 1462784 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-09 19:56:05 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-09 19:56:05 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-09 19:56:05 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-09 19:56:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-09 19:56:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-09 19:55:26 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-09 19:55:25 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-09 19:55:13 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-09 19:55:13 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-09 19:54:53 714752 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-09 19:54:53 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-05 21:08:35 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-05 21:08:34 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18C7D21D-8FBB-4C01-AA55-5958B720B6AC}\gapaengine.dll
2012-10-05 07:26:22 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2012-10-03 10:50:05 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-10-03 10:48:37 -------- d-----w- C:\Program Files\iPod
2012-10-03 10:48:36 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-10-03 10:48:36 -------- d-----w- C:\Program Files\iTunes
2012-10-03 10:48:36 -------- d-----w- C:\Program Files (x86)\iTunes
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-10-03 10:36:34 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-10-02 07:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2012-10-02 07:04:38 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2012-10-02 02:52:42 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-02 01:53:07 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-10-02 01:52:55 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-10-02 01:52:27 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-28 09:59:09 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0FD9E7A5-9BC0-478D-9E5C-BF64F9EDACDA}\mpengine.dll
2012-09-21 07:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-09-21 07:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2012-09-21 07:45:50 61792 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
.
==================== Find3M ====================
.
2012-09-14 07:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2012-09-13 07:11:18 151904 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
.
============= FINISH: 7:42:26.61 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/7/2010 1:14:43 AM
System Uptime: 10/19/2012 7:26:26 AM (0 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLET6
Processor: AMD Athlon(tm) II X4 630 Processor | CPU 1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 920 GiB total, 743.559 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.579 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
K: is FIXED (NTFS) - 466 GiB total, 178.213 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP333: 10/13/2012 11:39:33 PM - Windows Update
RP334: 10/14/2012 9:41:58 AM - Installed AVG 2013
RP335: 10/14/2012 9:42:22 AM - Installed AVG 2013
RP336: 10/15/2012 6:04:31 AM - Windows Update
RP337: 10/18/2012 6:43:20 AM - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
AceMoney Lite
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin 64-bit
Adobe Reader 9.3
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.12 (Unicode)
AVG 2013
Avira Free Antivirus
Bonjour
BufferChm
Carbonite Online Backup Setup
Compatibility Pack for the 2007 Office system
Copy
CyberLink DVD Suite Deluxe
Destinations
DeviceDiscovery
DirectX for Managed Code Update (Summer 2004)
DJ_AIO_05_F4400_Software_Min
DVD Menu Pack for HP MediaSmart Video
Eudora
F4400
FileZilla Client 3.3.2.1
Google Earth
Google Update Helper
GPBaseService2
H&R Block Deluxe + Efile + State 2010
H&R Block Deluxe + Efile + State 2011
H&R Block Virginia 2010
H&R Block Virginia 2011
Hardware Diagnostic Tools
HP Advisor
HP Customer Experience Enhancements
HP Deskjet 3050A J611 series Basic Device Software
HP Deskjet 3050A J611 series Help
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5
HP Games
HP Imaging Device Functions 14.0
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart SmartMenu
HP MediaSmart/TouchSmart Netflix
HP Odometer
HP Photo Creations
HP Remote Solution
HP Setup
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
HPPhotoGadget
HPProductAssistant
Hulu Desktop
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) SE Development Kit 6 Update 20
Junk Mail filter update
LabelPrint
LEGO Island
LightScribe System Software
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Live Search Toolbar
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Firefox 16.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Norton Internet Security
Norton Online Backup
NVIDIA Drivers
OpenOffice.org 3.2
PhotoScape
PictureMover
PlayReady PC Runtime amd64
Power2Go
PowerDirector
Quantum GIS Copiapo 1.6.0
QuickBooks
QuickBooks Pro 2010
QuickTime
Radegast
Realtek High Definition Audio Driver
Recovery Manager
Scan
Scholastic's I SPY Mystery
Seagate Manager Installer
SecondLife (remove only)
Security Update for CAPICOM (KB931906)
SmartWebPrinting
SolutionCenter
SourceGear DiffMerge
Status
SUPERAntiSpyware
TightVNC 2.0beta3
TomTom HOME 2.8.0.2146
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
Unity Web Player
Visual Studio 2010 x64 Redistributables
VNC Free Edition 4.1.3
WebReg
Wi-Fi MediaConnect
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
10/19/2012 7:41:12 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
10/19/2012 7:37:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.63.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
10/19/2012 7:37:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
10/19/2012 7:27:21 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/19/2012 7:27:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/19/2012 7:27:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/19/2012 7:27:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/19/2012 7:27:07 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/19/2012 7:26:56 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 avipbb avkmgr discache MpFilter SASDIFSV SASKUTIL spldr SRTSP SRTSPX Wanarpv6
10/19/2012 7:26:56 AM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.
10/19/2012 7:25:52 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
10/18/2012 8:40:50 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/18/2012 12:26:05 PM, Error: Service Control Manager [7031] - The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
10/16/2012 6:23:07 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.
10/16/2012 6:17:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
10/16/2012 6:11:08 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache MpFilter SASDIFSV SASKUTIL spldr SRTSP SRTSPX Wanarpv6
10/14/2012 9:29:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
10/14/2012 4:07:48 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/14/2012 2:01:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1752.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
10/14/2012 12:40:51 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter SASDIFSV SASKUTIL spldr SRTSP SRTSPX Wanarpv6
10/13/2012 11:43:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr SRTSP SRTSPX Wanarpv6
10/13/2012 1:53:25 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/13/2012 1:53:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
10/13/2012 1:53:09 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX tdx Wanarpv6 WfpLwf
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/13/2012 1:53:08 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/12/2012 6:07:29 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.137.1560.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8800.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
.
==== End Of File ===========================


Thanks,

baf
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am
Advertisement
Register to Remove

Re: Firefox/IE launching multiple instances

Unread postby askey127 » October 19th, 2012, 1:22 pm

Hi baf
You have Four Antivirus applications running at once.
It's quite remarkable that anything works at all.
You need to decide which One to keep and Uninstall the other Three.

------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features

Click on THREE of the following entries, one by one, choose Uninstall, and give permission to Continue:

Norton Internet Security
Microsoft Security Essentials
AVG 2013
Avira Free Antivirus

Take extra care in answering questions posed by any Uninstaller.

This should leave one antivirus only installed
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox/IE launching multiple instances

Unread postby baf » October 19th, 2012, 10:22 pm

OTL logfile created on: 10/19/2012 10:05:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brad\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.59 Gb Available Physical Memory | 79.80% Memory free
11.50 Gb Paging File | 10.30 Gb Available in Paging File | 89.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.49 Gb Total Space | 743.79 Gb Free Space | 80.80% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.58 Gb Free Space | 14.46% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive K: | 465.76 Gb Total Space | 178.21 Gb Free Space | 38.26% Space Free | Partition Type: NTFS

Computer Name: BRAD-PC | User Name: Brad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/19 22:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brad\Desktop\OTL.exe
PRC - [2012/07/25 18:12:04 | 001,155,472 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2012/07/25 17:03:12 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2010/12/10 08:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/12/10 08:28:56 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/10/22 22:50:40 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/08/24 22:11:15 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/06/20 10:04:52 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/10/22 22:50:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/09/12 21:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/09/12 21:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/12 04:05:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/25 17:03:12 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/04/12 06:06:46 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2010/12/10 08:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 20:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/30 22:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/02/08 05:45:06 | 000,024,064 | ---- | M] (WiFi Media Connect) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfmcvad.sys -- (WFMC_VAD)
DRV:64bit: - [2009/07/30 13:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9C75948A-3001-49F0-8C51-4CF2BAC9C759}
IE:64bit: - HKLM\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{9C75948A-3001-49F0-8C51-4CF2BAC9C759}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {9C75948A-3001-49F0-8C51-4CF2BAC9C759}
IE - HKLM\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{9C75948A-3001-49F0-8C51-4CF2BAC9C759}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\SearchScopes,DefaultScope = {A670A25C-D9C7-4AE8-AD6C-B338A2E10AA9}
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\SearchScopes\{9C75948A-3001-49F0-8C51-4CF2BAC9C759}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\SearchScopes\{A670A25C-D9C7-4AE8-AD6C-B338A2E10AA9}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Creative Commons"
FF - prefs.js..browser.startup.homepage: "http://lolcats.icanhascheezburger.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brad\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/07 15:17:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:05:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/12 04:04:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/07 15:17:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/12 04:05:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/12 04:04:46 | 000,000,000 | ---D | M]

[2011/02/25 23:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brad\AppData\Roaming\Mozilla\Extensions
[2011/02/25 23:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brad\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/07/25 17:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\5hdqr631.default\extensions
[2012/07/25 17:26:33 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Brad\AppData\Roaming\Mozilla\Firefox\Profiles\5hdqr631.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/12 04:04:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/12 04:05:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/06/28 13:23:03 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/09/05 21:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 04:04:49 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBBBE36F-F340-4CE6-BE40-75613EBEE305}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\intu-help-qb3 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/10/19 06:00:33 | 000,000,000 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/19 22:01:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brad\Desktop\OTL.exe
[2012/10/19 18:04:44 | 000,000,000 | ---D | C] -- C:\Users\Brad\AppData\Local\Avg2013
[2012/10/19 07:39:40 | 000,687,724 | R--- | C] (Swearware) -- C:\Users\Brad\Desktop\dds.scr
[2012/10/14 09:45:39 | 000,000,000 | ---D | C] -- C:\Users\Brad\AppData\Roaming\TuneUp Software
[2012/10/14 09:25:57 | 000,000,000 | ---D | C] -- C:\Users\Brad\AppData\Local\MFAData
[2012/10/14 09:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/10/13 14:03:22 | 000,000,000 | ---D | C] -- C:\Users\Brad\AppData\Roaming\Malwarebytes
[2012/10/13 14:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/13 14:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/13 14:03:14 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/13 14:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/12 04:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/10/09 15:56:15 | 005,505,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/09 15:56:14 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/10/09 15:56:14 | 003,902,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/10/09 15:56:06 | 001,462,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/09 15:56:05 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/09 15:55:26 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/03 06:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/10/03 06:50:05 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/10/03 06:48:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/10/03 06:48:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/10/03 06:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/10/03 06:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/10/03 06:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/10/03 06:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/10/02 06:14:34 | 062,164,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012/10/02 03:04:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2012/10/02 03:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/10/02 03:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/10/02 03:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/10/01 22:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/10/01 21:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/10/01 21:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/10/01 21:52:27 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/23 03:00:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/23 03:00:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/23 03:00:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/23 03:00:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/23 03:00:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/23 03:00:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/23 03:00:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/23 03:00:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/23 03:00:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/23 03:00:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/23 03:00:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/23 03:00:37 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/23 03:00:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/23 03:00:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/23 03:00:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

========== Files - Modified Within 30 Days ==========

[2012/10/19 22:03:44 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/19 22:03:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/19 22:03:23 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/19 22:01:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brad\Desktop\OTL.exe
[2012/10/19 18:05:44 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/19 18:05:44 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/19 17:50:05 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/19 17:41:46 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/19 07:39:44 | 000,687,724 | R--- | M] (Swearware) -- C:\Users\Brad\Desktop\dds.scr
[2012/10/14 16:10:42 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/14 16:10:42 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/14 16:10:42 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/13 14:03:15 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/09 06:26:50 | 000,029,458 | ---- | M] () -- C:\Users\Brad\AppData\Roaming\wklnhst.dat
[2012/10/03 06:50:09 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/10/02 02:15:48 | 1251,996,572 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/01 22:52:44 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/01 21:53:58 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/09/30 11:26:20 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job

========== Files Created - No Company Name ==========

[2012/10/13 14:03:15 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/03 06:50:09 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/10/01 22:52:44 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/01 22:52:43 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/10/01 21:53:51 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/10/01 21:42:30 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/08/20 20:18:35 | 000,365,120 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpCOUSINS.JPG
[2012/08/20 20:00:50 | 000,217,444 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpSCAN0001_CROP.JPG
[2012/08/19 15:35:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/06/21 15:46:36 | 000,014,841 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmp403462_10150892680608613_615649068_N.JPG
[2012/06/21 15:46:35 | 000,007,674 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmp403462_10150892680608613_615649068_N.0
[2012/03/11 19:03:05 | 000,989,860 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_1986.JPG
[2012/03/11 19:03:04 | 002,351,591 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_1986.0
[2012/02/29 17:05:37 | 000,928,240 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3549.JPG
[2012/02/29 17:05:36 | 002,276,841 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3549.0
[2011/12/07 17:36:37 | 002,560,871 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmp039.JPG
[2011/11/24 14:30:30 | 001,763,874 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3592.JPG
[2011/11/24 14:30:29 | 007,166,252 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3592.0
[2011/11/24 14:29:31 | 005,873,330 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3586.0
[2011/11/24 14:29:31 | 001,382,881 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpIMG_3586.JPG
[2011/10/27 13:29:42 | 000,000,083 | ---- | C] () -- C:\Users\Brad\.grassrc6
[2011/06/04 19:00:06 | 000,068,218 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmp255052_2054391327834_1486087558_2360239_231290_N.JPG
[2011/04/18 15:28:57 | 002,004,046 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF1627.JPG
[2011/04/17 21:12:20 | 002,797,812 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpMARCH 14 908.JPG
[2011/04/11 19:26:31 | 000,290,234 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpPHOTO04051413 - COPY.JPG
[2011/04/11 19:26:30 | 000,296,980 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpPHOTO04051413 - COPY.0
[2011/02/23 21:00:31 | 000,407,555 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED4_CROP.JPG
[2010/11/08 19:40:07 | 001,910,735 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF2648.JPG
[2010/09/19 21:08:55 | 002,103,315 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF2529.JPG
[2010/09/19 21:04:27 | 002,095,758 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF2513.JPG
[2010/09/19 21:02:06 | 002,013,538 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF2532.JPG
[2010/07/30 19:57:15 | 000,810,390 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED4.JPG
[2010/07/30 19:55:39 | 000,702,984 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED7.JPG
[2010/07/30 19:53:38 | 001,058,466 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED3.JPG
[2010/07/30 19:32:33 | 000,932,134 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED2.JPG
[2010/07/30 19:31:24 | 000,385,423 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpUNTITLED.JPG
[2010/07/29 19:36:29 | 000,443,099 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpAL CHURCH.JPG
[2010/07/01 21:44:26 | 002,954,888 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSC_3814.JPG
[2010/06/04 10:02:08 | 000,000,218 | ---- | C] () -- C:\Users\Brad\.recently-used.xbel
[2010/05/24 20:27:37 | 002,247,328 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF1986.JPG
[2010/05/24 20:26:23 | 002,073,349 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF0808.JPG
[2010/05/24 20:25:41 | 002,075,907 | ---- | C] () -- C:\Users\Brad\AppData\Local\tmpDSCF0745.JPG
[2010/05/07 15:48:34 | 000,029,458 | ---- | C] () -- C:\Users\Brad\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/06 08:16:07 | 000,000,000 | -HSD | M] -- C:\Users\Brad\AppData\Roaming\.#
[2012/04/20 20:28:02 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Audacity
[2010/09/19 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\CVS
[2011/03/06 22:08:36 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\eTeks
[2011/10/13 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\FileZilla
[2010/06/04 10:02:07 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\gtk-2.0
[2010/05/08 19:47:55 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Leadertech
[2010/06/04 10:13:42 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\MechCAD
[2010/07/07 14:54:47 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\OpenOffice.org
[2011/01/30 16:52:44 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\PhotoScape
[2010/05/07 13:22:58 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\PictureMover
[2010/05/31 10:45:43 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Qualcomm
[2010/05/25 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Radegast
[2011/09/24 14:47:59 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Scholastic
[2010/06/01 13:47:06 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\SecondLife
[2012/04/12 20:17:39 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\TaxCut
[2010/10/26 17:44:30 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Template
[2010/05/12 14:32:16 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\TightVNC
[2011/02/25 23:11:00 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\TomTom
[2012/10/14 09:45:39 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\TuneUp Software
[2012/03/02 08:01:02 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\Unity
[2010/05/08 20:27:34 | 000,000,000 | ---D | M] -- C:\Users\Brad\AppData\Roaming\WildTangent
[2012/10/16 08:18:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/10/16 08:18:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 10/19/2012 10:05:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brad\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.75 Gb Total Physical Memory | 4.59 Gb Available Physical Memory | 79.80% Memory free
11.50 Gb Paging File | 10.30 Gb Available in Paging File | 89.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.49 Gb Total Space | 743.79 Gb Free Space | 80.80% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.58 Gb Free Space | 14.46% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive K: | 465.76 Gb Total Space | 178.21 Gb Free Space | 38.26% Space Free | Partition Type: NTFS

Computer Name: BRAD-PC | User Name: Brad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2098286208-1520350693-3533541266-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039B53A9-64CA-4EDB-BFE4-7DE32AD4B8D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{03A35DF4-CB9B-460D-8D24-D3D8A34CFD75}" = lport=445 | protocol=6 | dir=in | app=system |
"{060913F3-9BD8-4BAF-8B89-0DA559031061}" = rport=445 | protocol=6 | dir=out | app=system |
"{0B3AD1A5-2F8C-4937-B8C0-655286311390}" = rport=10243 | protocol=6 | dir=out | app=system |
"{19872E8B-20F1-46F0-A1A3-9936FA7BD938}" = lport=137 | protocol=17 | dir=in | app=system |
"{229ACE0F-E606-4D52-A7FA-54432E2649C0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2517E24F-18D7-4B96-B394-710BEC0E6983}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28666924-CC4D-4459-B0EC-A79F1BF9FBE0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2CC54AA1-23F1-4FC6-B8FF-6E8667A8C399}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31F05B7F-8A10-46B3-B4E4-0575E3C32475}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3EFECFD1-4761-4A42-A8C3-A5E43D26DD14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{572FD2F2-BFAB-4E2F-991B-D36BA5734139}" = rport=139 | protocol=6 | dir=out | app=system |
"{59E2F23D-ABA3-4747-8957-ABB52D6CA825}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B8697D4-A189-43B5-8146-E1F1689721A1}" = rport=137 | protocol=17 | dir=out | app=system |
"{655A402B-28B6-42AC-B030-166B09328A38}" = lport=138 | protocol=17 | dir=in | app=system |
"{72B0415D-C37A-446A-B48C-8EA835E91189}" = rport=138 | protocol=17 | dir=out | app=system |
"{74C54B65-0362-435C-83C0-3824903EA945}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7607344B-0A92-4C68-A71F-10C1389B257B}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F95B9F8-9D13-4D22-BBD9-1AF340C640E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{94FDB4B2-BE6A-4232-B66B-CC72CB1CAB96}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A503467B-6CA9-40F1-AC79-78D00B4CB175}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F3616D82-F543-48CD-8479-DA9C724BD81A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF44B4B4-4C28-43EA-8F4A-E1CA1A06A4BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01107D62-5800-4CD0-97B7-C7954A486BE1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{09B00A88-357C-40F7-9087-6CCD16A88327}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09F8AC6C-F6C4-4B15-BA1F-57B34F6BA4AB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0B72673F-B697-4817-BA34-9BB1182E561E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0BCF051A-9C31-4F13-9F2E-6514B16BFC49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{0CD8B1AA-BAEB-4617-9529-3E7FCB9B9B53}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{0D1059F9-FDFB-405C-9E5E-1D0F0F3B472A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E6D34CB-21FC-4E29-A2B0-A6EF772623E3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{104C6AF6-B438-427C-A5AD-695B9667DEDC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1261C708-09D5-4EAB-8A05-8E6BD87A16B2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1413102A-9409-48DC-8CF0-3FDF65ADF8C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{173FA246-1588-48F9-99A9-84FB8D8F0316}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{18BFD916-52B4-4E29-B15F-0F04E06FD19B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{27A51EF5-0C5A-40FC-BFB0-BC09998A5DA5}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{2BBAC39B-A419-47F1-BC63-591B82D44ED5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{38A7A020-2B7E-4F30-93F3-3F8EDB5897C2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{3EDB45AC-A691-4189-8303-E6B7DB93B536}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{416E44A9-0C9A-41D4-A10E-0AACC38436AE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{465DAE23-F73E-44DC-9E4E-D7A508BA4C42}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4F7B2F66-1EE4-4993-B824-EE1E912591D7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{55EB75D1-75CE-46FE-86AE-AE41DF111A61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{560B0C2C-D21C-4809-92EB-0E80B9CC426D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{598CC6C1-92CA-4103-B10C-4359344D8665}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{5CFAF7F1-C93F-436B-B987-29A0DA2AEC09}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{5D9438B0-F734-4614-89BE-D68AB9372A6B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6686EC61-4D27-4335-8B52-649FCB845DE3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{7BBC1EB0-0461-4973-9CF0-9688FCBECBC7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7FE9274E-7EC2-41EB-A5FA-588B8C8C5FCF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{8096A0EF-7B57-4793-B312-F13D6890B9B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8450180A-F5D6-4084-A725-F7646AAC9AB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{84ED3666-15B3-4493-895F-BAFACC30D2BB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{882ABA65-06D7-4CD2-BAB5-F0D3CEC8664E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{89286D9C-577D-4B61-90B5-4BCBBACD7F6E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8A8B29EF-C41F-47AE-A167-3D1F3EBE46F7}" = protocol=17 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe |
"{8EDB9E55-4A04-47F0-AD44-DB9D106CC9AC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{965BEEB3-7978-4C4E-86CA-19FE8C1AEF9F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A01C0055-A76E-497D-9ED2-64BD7A0B36AB}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{A3791639-EE28-4898-B1A1-6813CECA09E5}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A6751FBA-A4D4-4E7E-BFB5-0AD8DE9A2BFD}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{A854E6FE-DC29-497F-A037-386CC1C68387}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{AB3238C9-1576-4A7C-A9BD-FC1AE9DBA22D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{AD663C31-783C-4C01-B99D-2FB8DFA9898A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD70BD50-A5A5-4B22-A12D-1BA443680E37}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9638987-B2DA-4CD1-B6CC-2894F402E4C8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{BA06E9A0-6546-4845-89EA-D1773B3F5B5A}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{BAEEAFC7-961F-4AFC-8DB3-950DA14300A1}" = protocol=6 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe |
"{C00EB276-E44D-4389-96D2-9E05831A47D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{C1B9F850-5A8F-4306-BCEA-E04C88910F71}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2831760-AE45-49A9-9197-223B3F6DED0F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C55A574C-7DBB-4EB7-965C-E8638663D3AC}" = protocol=6 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe |
"{C7A7261C-E0CC-4447-95E0-D4417BFAD158}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{CA9719E8-E92F-4F08-85C0-348947C013D5}" = protocol=6 | dir=out | app=system |
"{CC643DE7-F1E1-4285-8E68-8FB6FEFEB575}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCA35B6B-746D-4CD3-9F81-F2B89D3ED283}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D8B39BBB-EDE0-40B2-A034-592F578068B6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{DBE8DB2F-B4AB-425C-A50E-A4F54BAAAE72}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{E6FC3244-12E4-4791-BABE-965C7A24E240}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EDE6E900-F55F-4CEA-8003-7C6A061BAD3F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{F613D56B-C08C-416F-A362-66F98FBC3EF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F63D8B01-52C6-4A38-90DD-BD757AB5D729}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{F6E23D1B-08F2-4C14-A98B-23E52AAD4ADE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FB17FD06-AF23-462E-88C0-104730CDA850}" = protocol=17 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe |
"TCP Query User{2E5EE921-AFA4-404C-9D6D-EBF9987557A7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{59B46CDD-2B80-4E26-8039-B418CFEB0326}C:\program files (x86)\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe |
"TCP Query User{862CDB1C-C099-42F3-B9D1-EEFB8E5DED98}C:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe" = protocol=6 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe |
"TCP Query User{A6D6B7C3-1118-429A-BF25-9D910E637A3B}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C6C90B74-4514-4F5E-9843-DBBED7CF5C96}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{DA29AED6-B464-4F3A-8827-A86F52B1C4CC}C:\program files (x86)\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"TCP Query User{DDE68777-D0C6-4403-B458-5E822C110452}C:\program files (x86)\realvnc\vnc4\winvnc4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realvnc\vnc4\winvnc4.exe |
"UDP Query User{293272DA-9572-4F8D-9DBE-F928C7DBF2B6}C:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe" = protocol=17 | dir=in | app=c:\program files (x86)\philips\wi-fi mediaconnect\wfmcdms.exe |
"UDP Query User{4A0CCC9A-6A74-4D23-956C-441A3D457533}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{60A7A573-51BC-4BEA-8D7B-3536957AF2D0}C:\program files (x86)\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlife\slvoice.exe |
"UDP Query User{62C37D48-7C69-4C33-A9A6-7A0079BC82B7}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{74161726-1176-49E7-BB68-940E44DC936D}C:\program files (x86)\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eclipse\eclipse.exe |
"UDP Query User{8CEBC2D1-9FA6-4C6B-9EB0-9D2AC564FB96}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{96EE965D-83A6-4F1B-857C-EA86B1013F41}C:\program files (x86)\realvnc\vnc4\winvnc4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realvnc\vnc4\winvnc4.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{FB555BCF-9202-4886-9203-88C9A210D727}" = HP Deskjet 3050A J611 series Basic Device Software
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A422-40A5-BD20-04BF618CA0F9}" = QuickBooks Pro 2010
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08067AFD-4ECE-4454-80B4-31C859D4EDC1}" = F4400
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010
"{130D6C62-8CDD-4FA0-9767-264576163A90}" = SourceGear DiffMerge
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java(TM) SE Development Kit 6 Update 20
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}" = HP Support Assistant
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FC8C210-A319-4835-A87D-B935EFB4C148}" = Microsoft Live Search Toolbar
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A0E58844-DC3E-4A18-BE2B-A48824105344}" = Eudora
"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA58346A-A5D7-4659-91D6-38D07345BDCF}" = Wi-Fi MediaConnect
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}" = H&R Block Deluxe + Efile + State 2011
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C7AEF8E5-A62C-4BFD-8044-AF96219AA390}" = H&R Block Virginia 2010
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EC0C80B6-4C15-4E83-9E40-7173C6759249}" = H&R Block Virginia 2011
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"AceMoney Lite_is1" = AceMoney Lite
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"FileZilla Client" = FileZilla Client 3.3.2.1
"HP Photo Creations" = HP Photo Creations
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"LEGOIsland" = LEGO Island
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"Quantum GIS Copiapo" = Quantum GIS Copiapo 1.6.0
"Radegast" = Radegast
"RealVNC_is1" = VNC Free Edition 4.1.3
"Scholastic's I SPY Mystery" = Scholastic's I SPY Mystery
"SecondLife" = SecondLife (remove only)
"TightVNC" = TightVNC 2.0beta3
"TomTom HOME" = TomTom HOME 2.8.0.2146
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2098286208-1520350693-3533541266-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"Mozilla Firefox 16.0.1 (x86 en-US)" = Mozilla Firefox 16.0.1 (x86 en-US)
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2012 5:40:45 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2012 5:40:45 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27154829

Error - 10/15/2012 5:40:45 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 27154829

Error - 10/15/2012 5:41:01 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2012 5:41:01 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27170429

Error - 10/15/2012 5:41:01 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 27170429

Error - 10/15/2012 5:41:16 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2012 5:41:16 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27186029

Error - 10/15/2012 5:41:16 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 27186029

Error - 10/15/2012 5:41:32 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2012 5:41:32 AM | Computer Name = Brad-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 27201629

[ Hewlett-Packard Events ]
Error - 5/7/2011 5:10:25 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 5/7/2011 5:10:26 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 5/7/2011 5:15:56 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 11/7/2011 6:18:10 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 1/21/2012 7:43:25 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 1/21/2012 7:43:25 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 2/18/2012 7:27:12 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 2/18/2012 7:27:13 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 3/7/2012 6:20:28 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 8/11/2012 6:36:05 PM | Computer Name = Brad-PC | Source = Hewlett-Packard | ID = 0
Description =

[ System Events ]
Error - 10/19/2012 9:59:30 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 9:59:30 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 9:59:30 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 9:59:30 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 9:59:30 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 9:59:31 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 10/19/2012 10:01:29 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 10:01:29 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 10:01:29 PM | Computer Name = Brad-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 10/19/2012 10:09:19 PM | Computer Name = Brad-PC | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.2.3. The computer with the IP address 192.168.2.2 did not
allow the name to be claimed by this computer.


< End of report >
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am

Re: Firefox/IE launching multiple instances

Unread postby askey127 » October 20th, 2012, 8:49 am

baf,
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Java(TM) 6 Update 20
Java(TM) SE Development Kit 6 Update 20
Unity Web Player

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://www.oracle.com/technetwork/java/javase/downloads/index.html, and install it to your computer.
Under Java Platform, Standard Edition, labeled Java SE 7 Update 9, click on the button labeled JRE Download. Do NOT choose the button labeled "JDK Download". If it won't allow you to get past the "Agree to the license" dialog, you will need to set your browser to temporarily allow scripts.
Check the button to agree to the license.
Select the link for your Platform jre-7u9-windows-i586.exe for 32-bit, or jre-7u9-windows-x64.exe for 64-bit, and click it.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, and it will install the newest version of Java for you to use.

During installation, be certain to Uncheck and Refuse any offer for "partner software" or toolbars.
When it finishes, you can remove the Installer from your desktop.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator")
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    O3 - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    IE - HKU\S-1-5-21-2098286208-1520350693-3533541266-1001\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
    IE - HKLM\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
    IE:64bit: - HKLM\..\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash] 
    [EMPTYTEMP]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, and click to allow the Reboot when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply.
    The file will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    (Vista - W7 users: Right-click and select "Run As Administrator")
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
    If you try to change the filename and extension, you may get a warning message from Windows because of the change of file extension. OK the change.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

So we are looking for the Fix log from OTL, and the log from TDSSKiller.
I also notice you have Quickbooks on there. Is this machine used for business?
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox/IE launching multiple instances

Unread postby baf » October 20th, 2012, 10:35 am

So we are looking for the Fix log from OTL, and the log from TDSSKiller.
I also notice you have Quickbooks on there. Is this machine used for business?
askey127

It's not used for business. My wife does the books for a local non-profit recreation association.

Here are the logs:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2098286208-1520350693-3533541266-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_USERS\S-1-5-21-2098286208-1520350693-3533541266-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6B711C-E2A1-48AB-A965-F3BDA5106806}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Brad\Desktop\cmd.bat deleted successfully.
C:\Users\Brad\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Brad
->Flash cache emptied: 258997 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Brad
->Temp folder emptied: 1168809483 bytes
->Temporary Internet Files folder emptied: 319269191 bytes
->Java cache emptied: 20391809 bytes
->FireFox cache emptied: 91881870 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 308438321 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46356671 bytes
RecycleBin emptied: 11864191973 bytes

Total Files Cleaned = 13,179.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10202012_101727

Files\Folders moved on Reboot...
C:\Users\Brad\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\TMP000000019346D05C19F9FA79 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




10:27:03.0204 4344 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
10:27:03.0641 4344 ============================================================
10:27:03.0641 4344 Current date / time: 2012/10/20 10:27:03.0641
10:27:03.0641 4344 SystemInfo:
10:27:03.0641 4344
10:27:03.0641 4344 OS Version: 6.1.7600 ServicePack: 0.0
10:27:03.0641 4344 Product type: Workstation
10:27:03.0641 4344 ComputerName: BRAD-PC
10:27:03.0641 4344 UserName: Brad
10:27:03.0641 4344 Windows directory: C:\Windows
10:27:03.0641 4344 System windows directory: C:\Windows
10:27:03.0641 4344 Running under WOW64
10:27:03.0641 4344 Processor architecture: Intel x64
10:27:03.0641 4344 Number of processors: 4
10:27:03.0641 4344 Page size: 0x1000
10:27:03.0641 4344 Boot type: Normal boot
10:27:03.0641 4344 ============================================================
10:27:05.0622 4344 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:27:05.0622 4344 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:27:05.0654 4344 ============================================================
10:27:05.0654 4344 \Device\Harddisk0\DR0:
10:27:05.0654 4344 MBR partitions:
10:27:05.0654 4344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:27:05.0654 4344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x730FC000
10:27:05.0654 4344 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7312E800, BlocksNum 0x15D7800
10:27:05.0654 4344 \Device\Harddisk1\DR1:
10:27:05.0654 4344 MBR partitions:
10:27:05.0654 4344 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
10:27:05.0654 4344 ============================================================
10:27:05.0685 4344 C: <-> \Device\Harddisk0\DR0\Partition2
10:27:05.0747 4344 D: <-> \Device\Harddisk0\DR0\Partition3
10:27:05.0763 4344 K: <-> \Device\Harddisk1\DR1\Partition1
10:27:05.0763 4344 ============================================================
10:27:05.0763 4344 Initialize success
10:27:05.0763 4344 ============================================================
10:27:26.0121 4764 ============================================================
10:27:26.0121 4764 Scan started
10:27:26.0121 4764 Mode: Manual;
10:27:26.0121 4764 ============================================================
10:27:27.0852 4764 ================ Scan system memory ========================
10:27:27.0852 4764 System memory - ok
10:27:27.0852 4764 ================ Scan services =============================
10:27:28.0149 4764 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:27:28.0149 4764 1394ohci - ok
10:27:28.0180 4764 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
10:27:28.0180 4764 ACPI - ok
10:27:28.0211 4764 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
10:27:28.0211 4764 AcpiPmi - ok
10:27:28.0336 4764 [ 0D4C486A24A711A45FD83ACDF4D18506 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:27:28.0352 4764 AdobeFlashPlayerUpdateSvc - ok
10:27:28.0383 4764 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:27:28.0383 4764 adp94xx - ok
10:27:28.0414 4764 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:27:28.0414 4764 adpahci - ok
10:27:28.0445 4764 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:27:28.0445 4764 adpu320 - ok
10:27:28.0461 4764 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:27:28.0476 4764 AeLookupSvc - ok
10:27:28.0523 4764 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
10:27:28.0539 4764 AFD - ok
10:27:28.0570 4764 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
10:27:28.0570 4764 agp440 - ok
10:27:28.0601 4764 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:27:28.0601 4764 ALG - ok
10:27:28.0632 4764 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
10:27:28.0632 4764 aliide - ok
10:27:28.0648 4764 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
10:27:28.0648 4764 amdide - ok
10:27:28.0695 4764 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:27:28.0695 4764 AmdK8 - ok
10:27:28.0710 4764 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:27:28.0710 4764 AmdPPM - ok
10:27:28.0742 4764 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
10:27:28.0742 4764 amdsata - ok
10:27:28.0757 4764 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:27:28.0773 4764 amdsbs - ok
10:27:28.0788 4764 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
10:27:28.0788 4764 amdxata - ok
10:27:28.0820 4764 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
10:27:28.0820 4764 AppID - ok
10:27:28.0851 4764 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:27:28.0851 4764 AppIDSvc - ok
10:27:28.0866 4764 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
10:27:28.0866 4764 Appinfo - ok
10:27:29.0007 4764 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:27:29.0007 4764 Apple Mobile Device - ok
10:27:29.0038 4764 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:27:29.0054 4764 arc - ok
10:27:29.0069 4764 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:27:29.0085 4764 arcsas - ok
10:27:29.0100 4764 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:27:29.0100 4764 AsyncMac - ok
10:27:29.0132 4764 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
10:27:29.0132 4764 atapi - ok
10:27:29.0178 4764 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:27:29.0194 4764 AudioEndpointBuilder - ok
10:27:29.0225 4764 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:27:29.0241 4764 AudioSrv - ok
10:27:29.0272 4764 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:27:29.0272 4764 AxInstSV - ok
10:27:29.0319 4764 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:27:29.0334 4764 b06bdrv - ok
10:27:29.0381 4764 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:27:29.0381 4764 b57nd60a - ok
10:27:29.0412 4764 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:27:29.0412 4764 BDESVC - ok
10:27:29.0428 4764 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:27:29.0428 4764 Beep - ok
10:27:29.0475 4764 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
10:27:29.0490 4764 BFE - ok
10:27:29.0600 4764 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
10:27:29.0631 4764 BITS - ok
10:27:29.0646 4764 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:27:29.0662 4764 blbdrive - ok
10:27:29.0756 4764 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:27:29.0756 4764 Bonjour Service - ok
10:27:29.0818 4764 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:27:29.0818 4764 bowser - ok
10:27:29.0849 4764 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:27:29.0849 4764 BrFiltLo - ok
10:27:29.0865 4764 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:27:29.0865 4764 BrFiltUp - ok
10:27:29.0912 4764 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
10:27:29.0912 4764 Browser - ok
10:27:29.0958 4764 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:27:29.0958 4764 Brserid - ok
10:27:29.0990 4764 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:27:29.0990 4764 BrSerWdm - ok
10:27:30.0021 4764 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:27:30.0036 4764 BrUsbMdm - ok
10:27:30.0052 4764 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:27:30.0052 4764 BrUsbSer - ok
10:27:30.0083 4764 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:27:30.0083 4764 BTHMODEM - ok
10:27:30.0114 4764 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:27:30.0130 4764 bthserv - ok
10:27:30.0161 4764 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:27:30.0161 4764 cdfs - ok
10:27:30.0208 4764 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:27:30.0208 4764 cdrom - ok
10:27:30.0239 4764 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
10:27:30.0239 4764 CertPropSvc - ok
10:27:30.0255 4764 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:27:30.0255 4764 circlass - ok
10:27:30.0286 4764 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:27:30.0286 4764 CLFS - ok
10:27:30.0380 4764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:27:30.0380 4764 clr_optimization_v2.0.50727_32 - ok
10:27:30.0458 4764 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:27:30.0473 4764 clr_optimization_v2.0.50727_64 - ok
10:27:30.0489 4764 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:27:30.0504 4764 CmBatt - ok
10:27:30.0520 4764 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
10:27:30.0520 4764 cmdide - ok
10:27:30.0692 4764 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
10:27:30.0707 4764 CNG - ok
10:27:30.0738 4764 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:27:30.0738 4764 Compbatt - ok
10:27:30.0770 4764 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:27:30.0770 4764 CompositeBus - ok
10:27:30.0785 4764 COMSysApp - ok
10:27:30.0816 4764 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:27:30.0816 4764 crcdisk - ok
10:27:30.0863 4764 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:27:30.0863 4764 CryptSvc - ok
10:27:30.0926 4764 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:27:30.0941 4764 DcomLaunch - ok
10:27:30.0972 4764 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:27:30.0972 4764 defragsvc - ok
10:27:31.0004 4764 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:27:31.0004 4764 DfsC - ok
10:27:31.0035 4764 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
10:27:31.0035 4764 Dhcp - ok
10:27:31.0066 4764 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:27:31.0066 4764 discache - ok
10:27:31.0066 4764 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:27:31.0082 4764 Disk - ok
10:27:31.0128 4764 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:27:31.0128 4764 Dnscache - ok
10:27:31.0160 4764 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
10:27:31.0160 4764 dot3svc - ok
10:27:31.0206 4764 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:27:31.0222 4764 Dot4 - ok
10:27:31.0238 4764 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:27:31.0238 4764 Dot4Print - ok
10:27:31.0269 4764 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:27:31.0284 4764 dot4usb - ok
10:27:31.0300 4764 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
10:27:31.0300 4764 DPS - ok
10:27:31.0331 4764 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:27:31.0347 4764 drmkaud - ok
10:27:31.0565 4764 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:27:31.0581 4764 DXGKrnl - ok
10:27:31.0628 4764 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:27:31.0643 4764 EapHost - ok
10:27:31.0721 4764 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:27:31.0815 4764 ebdrv - ok
10:27:31.0862 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
10:27:31.0862 4764 EFS - ok
10:27:32.0111 4764 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:27:32.0127 4764 ehRecvr - ok
10:27:32.0142 4764 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:27:32.0158 4764 ehSched - ok
10:27:32.0236 4764 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:27:32.0267 4764 elxstor - ok
10:27:32.0314 4764 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
10:27:32.0314 4764 ErrDev - ok
10:27:32.0501 4764 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:27:32.0501 4764 EventSystem - ok
10:27:32.0548 4764 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:27:32.0564 4764 exfat - ok
10:27:32.0626 4764 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:27:32.0626 4764 fastfat - ok
10:27:32.0704 4764 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
10:27:32.0720 4764 Fax - ok
10:27:32.0751 4764 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:27:32.0751 4764 fdc - ok
10:27:32.0782 4764 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:27:32.0782 4764 fdPHost - ok
10:27:32.0782 4764 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:27:32.0782 4764 FDResPub - ok
10:27:32.0813 4764 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:27:32.0813 4764 FileInfo - ok
10:27:32.0813 4764 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:27:32.0829 4764 Filetrace - ok
10:27:32.0844 4764 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:27:32.0844 4764 flpydisk - ok
10:27:32.0860 4764 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:27:32.0876 4764 FltMgr - ok
10:27:33.0063 4764 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
10:27:33.0094 4764 FontCache - ok
10:27:33.0156 4764 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:27:33.0156 4764 FontCache3.0.0.0 - ok
10:27:33.0312 4764 [ 9513B437B7ADB1E6065B7F0D83D11ECF ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
10:27:33.0312 4764 FreeAgentGoNext Service - ok
10:27:33.0359 4764 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:27:33.0359 4764 FsDepends - ok
10:27:33.0422 4764 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:27:33.0422 4764 Fs_Rec - ok
10:27:33.0453 4764 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:27:33.0453 4764 fvevol - ok
10:27:33.0484 4764 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:27:33.0484 4764 gagp30kx - ok
10:27:33.0546 4764 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:27:33.0562 4764 GameConsoleService - ok
10:27:33.0609 4764 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:27:33.0609 4764 GEARAspiWDM - ok
10:27:33.0858 4764 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
10:27:33.0874 4764 gpsvc - ok
10:27:33.0999 4764 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:27:33.0999 4764 gupdate - ok
10:27:34.0061 4764 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:27:34.0061 4764 gupdatem - ok
10:27:34.0108 4764 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:27:34.0108 4764 hcw85cir - ok
10:27:34.0155 4764 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:27:34.0155 4764 HDAudBus - ok
10:27:34.0186 4764 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:27:34.0186 4764 HidBatt - ok
10:27:34.0217 4764 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:27:34.0217 4764 HidBth - ok
10:27:34.0248 4764 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:27:34.0248 4764 HidIr - ok
10:27:34.0264 4764 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:27:34.0264 4764 hidserv - ok
10:27:34.0280 4764 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:27:34.0295 4764 HidUsb - ok
10:27:34.0326 4764 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:27:34.0326 4764 hkmsvc - ok
10:27:34.0358 4764 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:27:34.0373 4764 HomeGroupListener - ok
10:27:34.0389 4764 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:27:34.0389 4764 HomeGroupProvider - ok
10:27:34.0467 4764 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:27:34.0467 4764 HP Health Check Service - ok
10:27:34.0810 4764 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:27:34.0857 4764 hpqcxs08 - ok
10:27:34.0872 4764 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:27:34.0888 4764 hpqddsvc - ok
10:27:34.0919 4764 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:27:34.0919 4764 hpqwmiex - ok
10:27:34.0950 4764 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
10:27:34.0950 4764 HpSAMD - ok
10:27:34.0982 4764 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:27:34.0997 4764 HTTP - ok
10:27:35.0044 4764 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:27:35.0044 4764 hwpolicy - ok
10:27:35.0075 4764 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:27:35.0075 4764 i8042prt - ok
10:27:35.0091 4764 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
10:27:35.0106 4764 iaStorV - ok
10:27:35.0153 4764 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:27:35.0153 4764 idsvc - ok
10:27:35.0200 4764 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:27:35.0200 4764 iirsp - ok
10:27:35.0231 4764 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
10:27:35.0247 4764 IKEEXT - ok
10:27:35.0309 4764 [ EF75C94792187A143871FBB87611B0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:27:35.0325 4764 IntcAzAudAddService - ok
10:27:35.0340 4764 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
10:27:35.0340 4764 intelide - ok
10:27:35.0372 4764 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:27:35.0372 4764 intelppm - ok
10:27:35.0387 4764 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:27:35.0387 4764 IPBusEnum - ok
10:27:35.0403 4764 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:27:35.0403 4764 IpFilterDriver - ok
10:27:35.0418 4764 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:27:35.0434 4764 iphlpsvc - ok
10:27:35.0434 4764 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
10:27:35.0434 4764 IPMIDRV - ok
10:27:35.0450 4764 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:27:35.0450 4764 IPNAT - ok
10:27:35.0559 4764 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:27:35.0590 4764 iPod Service - ok
10:27:35.0621 4764 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:27:35.0621 4764 IRENUM - ok
10:27:35.0637 4764 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
10:27:35.0637 4764 isapnp - ok
10:27:35.0668 4764 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:27:35.0668 4764 iScsiPrt - ok
10:27:35.0699 4764 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:27:35.0699 4764 kbdclass - ok
10:27:35.0715 4764 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:27:35.0715 4764 kbdhid - ok
10:27:35.0746 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
10:27:35.0746 4764 KeyIso - ok
10:27:35.0777 4764 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:27:35.0777 4764 KSecDD - ok
10:27:35.0793 4764 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:27:35.0793 4764 KSecPkg - ok
10:27:35.0808 4764 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:27:35.0808 4764 ksthunk - ok
10:27:35.0871 4764 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:27:35.0871 4764 KtmRm - ok
10:27:35.0933 4764 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:27:35.0949 4764 LanmanServer - ok
10:27:35.0996 4764 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:27:35.0996 4764 LanmanWorkstation - ok
10:27:36.0058 4764 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:27:36.0058 4764 LightScribeService - ok
10:27:36.0074 4764 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:27:36.0089 4764 lltdio - ok
10:27:36.0120 4764 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:27:36.0136 4764 lltdsvc - ok
10:27:36.0152 4764 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:27:36.0152 4764 lmhosts - ok
10:27:36.0167 4764 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:27:36.0167 4764 LSI_FC - ok
10:27:36.0198 4764 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:27:36.0214 4764 LSI_SAS - ok
10:27:36.0245 4764 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:27:36.0245 4764 LSI_SAS2 - ok
10:27:36.0276 4764 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:27:36.0276 4764 LSI_SCSI - ok
10:27:36.0323 4764 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:27:36.0339 4764 luafv - ok
10:27:36.0386 4764 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:27:36.0386 4764 Mcx2Svc - ok
10:27:36.0417 4764 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:27:36.0417 4764 megasas - ok
10:27:36.0432 4764 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:27:36.0448 4764 MegaSR - ok
10:27:36.0464 4764 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:27:36.0479 4764 MMCSS - ok
10:27:36.0495 4764 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:27:36.0495 4764 Modem - ok
10:27:36.0526 4764 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:27:36.0526 4764 monitor - ok
10:27:36.0557 4764 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:27:36.0557 4764 mouclass - ok
10:27:36.0588 4764 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:27:36.0588 4764 mouhid - ok
10:27:36.0620 4764 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:27:36.0620 4764 mountmgr - ok
10:27:36.0666 4764 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:27:36.0682 4764 MozillaMaintenance - ok
10:27:36.0760 4764 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:27:36.0760 4764 MpFilter - ok
10:27:36.0791 4764 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
10:27:36.0791 4764 mpio - ok
10:27:36.0822 4764 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:27:36.0822 4764 mpsdrv - ok
10:27:36.0869 4764 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:27:36.0885 4764 MpsSvc - ok
10:27:36.0916 4764 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:27:36.0916 4764 MRxDAV - ok
10:27:36.0963 4764 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:27:36.0963 4764 mrxsmb - ok
10:27:37.0010 4764 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:27:37.0025 4764 mrxsmb10 - ok
10:27:37.0041 4764 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:27:37.0041 4764 mrxsmb20 - ok
10:27:37.0072 4764 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
10:27:37.0072 4764 msahci - ok
10:27:37.0103 4764 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
10:27:37.0103 4764 msdsm - ok
10:27:37.0134 4764 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:27:37.0134 4764 MSDTC - ok
10:27:37.0166 4764 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:27:37.0166 4764 Msfs - ok
10:27:37.0181 4764 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:27:37.0181 4764 mshidkmdf - ok
10:27:37.0197 4764 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
10:27:37.0197 4764 msisadrv - ok
10:27:37.0228 4764 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:27:37.0228 4764 MSiSCSI - ok
10:27:37.0244 4764 msiserver - ok
10:27:37.0275 4764 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:27:37.0275 4764 MSKSSRV - ok
10:27:37.0353 4764 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:27:37.0353 4764 MsMpSvc - ok
10:27:37.0384 4764 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:27:37.0384 4764 MSPCLOCK - ok
10:27:37.0400 4764 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:27:37.0400 4764 MSPQM - ok
10:27:37.0462 4764 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:27:37.0478 4764 MsRPC - ok
10:27:37.0509 4764 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:27:37.0509 4764 mssmbios - ok
10:27:37.0540 4764 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:27:37.0540 4764 MSTEE - ok
10:27:37.0571 4764 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:27:37.0571 4764 MTConfig - ok
10:27:37.0602 4764 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:27:37.0602 4764 Mup - ok
10:27:37.0649 4764 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
10:27:37.0649 4764 napagent - ok
10:27:37.0696 4764 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:27:37.0712 4764 NativeWifiP - ok
10:27:37.0743 4764 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
10:27:37.0774 4764 NDIS - ok
10:27:37.0805 4764 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:27:37.0805 4764 NdisCap - ok
10:27:37.0836 4764 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:27:37.0836 4764 NdisTapi - ok
10:27:37.0868 4764 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:27:37.0868 4764 Ndisuio - ok
10:27:37.0883 4764 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:27:37.0883 4764 NdisWan - ok
10:27:37.0899 4764 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:27:37.0914 4764 NDProxy - ok
10:27:37.0977 4764 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:27:37.0977 4764 Net Driver HPZ12 - ok
10:27:37.0992 4764 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:27:37.0992 4764 NetBIOS - ok
10:27:38.0024 4764 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:27:38.0024 4764 NetBT - ok
10:27:38.0039 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
10:27:38.0039 4764 Netlogon - ok
10:27:38.0086 4764 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:27:38.0086 4764 Netman - ok
10:27:38.0117 4764 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:27:38.0133 4764 netprofm - ok
10:27:38.0164 4764 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:27:38.0180 4764 NetTcpPortSharing - ok
10:27:38.0226 4764 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:27:38.0226 4764 nfrd960 - ok
10:27:38.0304 4764 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:27:38.0304 4764 NisDrv - ok
10:27:38.0351 4764 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:27:38.0351 4764 NisSrv - ok
10:27:38.0414 4764 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:27:38.0429 4764 NlaSvc - ok
10:27:38.0445 4764 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:27:38.0445 4764 Npfs - ok
10:27:38.0460 4764 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:27:38.0460 4764 nsi - ok
10:27:38.0492 4764 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:27:38.0492 4764 nsiproxy - ok
10:27:38.0554 4764 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:27:38.0585 4764 Ntfs - ok
10:27:38.0601 4764 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:27:38.0601 4764 Null - ok
10:27:39.0147 4764 [ 1CF597C9F0745735A6C5181ECB83706E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:27:39.0209 4764 nvlddmkm - ok
10:27:39.0272 4764 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
10:27:39.0272 4764 NVNET - ok
10:27:39.0318 4764 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
10:27:39.0318 4764 nvraid - ok
10:27:39.0350 4764 [ AFDE3015BB8D76E26BEC3B287C5443A0 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:27:39.0350 4764 nvsmu - ok
10:27:39.0412 4764 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
10:27:39.0412 4764 nvstor - ok
10:27:39.0459 4764 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
10:27:39.0459 4764 nvstor64 - ok
10:27:39.0506 4764 [ E71CFA7AE5E7518E29073D7C20A8FCA1 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:27:39.0521 4764 nvsvc - ok
10:27:39.0584 4764 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
10:27:39.0584 4764 nv_agp - ok
10:27:39.0646 4764 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:27:39.0646 4764 ohci1394 - ok
10:27:39.0708 4764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:27:39.0724 4764 p2pimsvc - ok
10:27:39.0786 4764 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:27:39.0786 4764 p2psvc - ok
10:27:39.0818 4764 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:27:39.0833 4764 Parport - ok
10:27:39.0880 4764 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:27:39.0880 4764 partmgr - ok
10:27:39.0911 4764 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:27:39.0911 4764 PcaSvc - ok
10:27:39.0927 4764 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
10:27:39.0942 4764 pci - ok
10:27:39.0958 4764 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
10:27:39.0958 4764 pciide - ok
10:27:39.0958 4764 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:27:39.0974 4764 pcmcia - ok
10:27:40.0005 4764 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:27:40.0005 4764 pcw - ok
10:27:40.0036 4764 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:27:40.0052 4764 PEAUTH - ok
10:27:40.0176 4764 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:27:40.0176 4764 PerfHost - ok
10:27:40.0254 4764 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
10:27:40.0286 4764 pla - ok
10:27:40.0457 4764 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:27:40.0473 4764 PlugPlay - ok
10:27:40.0520 4764 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:27:40.0520 4764 Pml Driver HPZ12 - ok
10:27:40.0535 4764 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:27:40.0535 4764 PNRPAutoReg - ok
10:27:40.0551 4764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:27:40.0551 4764 PNRPsvc - ok
10:27:40.0598 4764 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:27:40.0613 4764 PolicyAgent - ok
10:27:40.0644 4764 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:27:40.0644 4764 Power - ok
10:27:40.0691 4764 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:27:40.0691 4764 PptpMiniport - ok
10:27:40.0738 4764 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:27:40.0738 4764 Processor - ok
10:27:40.0754 4764 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
10:27:40.0769 4764 ProfSvc - ok
10:27:40.0785 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:27:40.0785 4764 ProtectedStorage - ok
10:27:40.0800 4764 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:27:40.0800 4764 Psched - ok
10:27:40.0878 4764 [ 2631FC0676CC310B2E85FDE46B1560D9 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
10:27:40.0878 4764 QBCFMonitorService - ok
10:27:40.0925 4764 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
10:27:40.0925 4764 QBFCService - ok
10:27:41.0034 4764 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:27:41.0066 4764 ql2300 - ok
10:27:41.0097 4764 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:27:41.0097 4764 ql40xx - ok
10:27:41.0112 4764 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:27:41.0128 4764 QWAVE - ok
10:27:41.0128 4764 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:27:41.0144 4764 QWAVEdrv - ok
10:27:41.0175 4764 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:27:41.0175 4764 RasAcd - ok
10:27:41.0206 4764 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:27:41.0206 4764 RasAgileVpn - ok
10:27:41.0222 4764 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:27:41.0222 4764 RasAuto - ok
10:27:41.0237 4764 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:27:41.0237 4764 Rasl2tp - ok
10:27:41.0268 4764 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
10:27:41.0268 4764 RasMan - ok
10:27:41.0315 4764 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:27:41.0315 4764 RasPppoe - ok
10:27:41.0315 4764 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:27:41.0331 4764 RasSstp - ok
10:27:41.0346 4764 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:27:41.0346 4764 rdbss - ok
10:27:41.0378 4764 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:27:41.0378 4764 rdpbus - ok
10:27:41.0378 4764 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:27:41.0393 4764 RDPCDD - ok
10:27:41.0409 4764 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:27:41.0424 4764 RDPENCDD - ok
10:27:41.0440 4764 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:27:41.0440 4764 RDPREFMP - ok
10:27:41.0487 4764 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:27:41.0487 4764 RDPWD - ok
10:27:41.0518 4764 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:27:41.0534 4764 rdyboost - ok
10:27:41.0596 4764 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:27:41.0596 4764 RemoteAccess - ok
10:27:41.0612 4764 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:27:41.0627 4764 RemoteRegistry - ok
10:27:41.0643 4764 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:27:41.0643 4764 RpcEptMapper - ok
10:27:41.0674 4764 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:27:41.0674 4764 RpcLocator - ok
10:27:41.0705 4764 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
10:27:41.0721 4764 RpcSs - ok
10:27:41.0721 4764 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:27:41.0736 4764 rspndr - ok
10:27:41.0752 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
10:27:41.0752 4764 SamSs - ok
10:27:41.0814 4764 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
10:27:41.0814 4764 sbp2port - ok
10:27:41.0830 4764 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:27:41.0846 4764 SCardSvr - ok
10:27:41.0861 4764 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:27:41.0861 4764 scfilter - ok
10:27:41.0955 4764 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
10:27:42.0002 4764 Schedule - ok
10:27:42.0033 4764 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:27:42.0033 4764 SCPolicySvc - ok
10:27:42.0080 4764 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:27:42.0095 4764 SDRSVC - ok
10:27:42.0126 4764 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:27:42.0126 4764 secdrv - ok
10:27:42.0158 4764 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
10:27:42.0158 4764 seclogon - ok
10:27:42.0173 4764 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:27:42.0173 4764 SENS - ok
10:27:42.0204 4764 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:27:42.0204 4764 SensrSvc - ok
10:27:42.0236 4764 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:27:42.0236 4764 Serenum - ok
10:27:42.0267 4764 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:27:42.0267 4764 Serial - ok
10:27:42.0298 4764 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:27:42.0298 4764 sermouse - ok
10:27:42.0329 4764 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
10:27:42.0329 4764 SessionEnv - ok
10:27:42.0360 4764 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
10:27:42.0360 4764 sffdisk - ok
10:27:42.0376 4764 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
10:27:42.0376 4764 sffp_mmc - ok
10:27:42.0392 4764 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
10:27:42.0392 4764 sffp_sd - ok
10:27:42.0407 4764 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:27:42.0407 4764 sfloppy - ok
10:27:42.0438 4764 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:27:42.0438 4764 SharedAccess - ok
10:27:42.0454 4764 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:27:42.0470 4764 ShellHWDetection - ok
10:27:42.0485 4764 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:27:42.0485 4764 SiSRaid2 - ok
10:27:42.0516 4764 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:27:42.0516 4764 SiSRaid4 - ok
10:27:42.0548 4764 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:27:42.0548 4764 Smb - ok
10:27:42.0579 4764 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:27:42.0579 4764 SNMPTRAP - ok
10:27:42.0594 4764 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:27:42.0594 4764 spldr - ok
10:27:42.0626 4764 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe
10:27:42.0641 4764 Spooler - ok
10:27:42.0766 4764 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
10:27:42.0828 4764 sppsvc - ok
10:27:42.0844 4764 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:27:42.0844 4764 sppuinotify - ok
10:27:42.0875 4764 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:27:42.0891 4764 srv - ok
10:27:43.0000 4764 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:27:43.0016 4764 srv2 - ok
10:27:43.0062 4764 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:27:43.0062 4764 srvnet - ok
10:27:43.0094 4764 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:27:43.0094 4764 SSDPSRV - ok
10:27:43.0125 4764 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:27:43.0125 4764 SstpSvc - ok
10:27:43.0156 4764 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:27:43.0156 4764 stexstor - ok
10:27:43.0203 4764 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:27:43.0203 4764 StillCam - ok
10:27:43.0250 4764 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
10:27:43.0265 4764 stisvc - ok
10:27:43.0296 4764 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:27:43.0296 4764 swenum - ok
10:27:43.0359 4764 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:27:43.0359 4764 swprv - ok
10:27:43.0421 4764 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
10:27:43.0452 4764 SysMain - ok
10:27:43.0468 4764 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:27:43.0468 4764 TabletInputService - ok
10:27:43.0484 4764 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
10:27:43.0499 4764 TapiSrv - ok
10:27:43.0499 4764 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:27:43.0499 4764 TBS - ok
10:27:43.0577 4764 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:27:43.0624 4764 Tcpip - ok
10:27:43.0671 4764 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:27:43.0686 4764 TCPIP6 - ok
10:27:43.0718 4764 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:27:43.0718 4764 tcpipreg - ok
10:27:43.0733 4764 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:27:43.0733 4764 TDPIPE - ok
10:27:43.0780 4764 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:27:43.0780 4764 TDTCP - ok
10:27:43.0811 4764 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:27:43.0811 4764 tdx - ok
10:27:43.0842 4764 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:27:43.0842 4764 TermDD - ok
10:27:43.0874 4764 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
10:27:43.0889 4764 TermService - ok
10:27:43.0905 4764 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:27:43.0905 4764 Themes - ok
10:27:43.0920 4764 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:27:43.0936 4764 THREADORDER - ok
10:27:44.0030 4764 [ 572A16FBAD52AB1AC8E3D44BAAF99694 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:27:44.0030 4764 TomTomHOMEService - ok
10:27:44.0045 4764 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:27:44.0045 4764 TrkWks - ok
10:27:44.0123 4764 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:27:44.0139 4764 TrustedInstaller - ok
10:27:44.0154 4764 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:27:44.0154 4764 tssecsrv - ok
10:27:44.0186 4764 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:27:44.0201 4764 tunnel - ok
10:27:44.0232 4764 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:27:44.0232 4764 uagp35 - ok
10:27:44.0264 4764 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:27:44.0279 4764 udfs - ok
10:27:44.0310 4764 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:27:44.0326 4764 UI0Detect - ok
10:27:44.0357 4764 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
10:27:44.0373 4764 uliagpkx - ok
10:27:44.0388 4764 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:27:44.0404 4764 umbus - ok
10:27:44.0466 4764 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:27:44.0466 4764 UmPass - ok
10:27:44.0482 4764 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:27:44.0498 4764 upnphost - ok
10:27:44.0544 4764 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:27:44.0544 4764 USBAAPL64 - ok
10:27:44.0576 4764 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:27:44.0576 4764 usbccgp - ok
10:27:44.0607 4764 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
10:27:44.0607 4764 usbcir - ok
10:27:44.0622 4764 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:27:44.0622 4764 usbehci - ok
10:27:44.0669 4764 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:27:44.0669 4764 usbhub - ok
10:27:44.0700 4764 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:27:44.0700 4764 usbohci - ok
10:27:44.0732 4764 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:27:44.0747 4764 usbprint - ok
10:27:44.0763 4764 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:27:44.0778 4764 usbscan - ok
10:27:44.0794 4764 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:27:44.0794 4764 USBSTOR - ok
10:27:44.0810 4764 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:27:44.0810 4764 usbuhci - ok
10:27:44.0825 4764 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:27:44.0825 4764 UxSms - ok
10:27:44.0841 4764 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
10:27:44.0841 4764 VaultSvc - ok
10:27:44.0856 4764 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
10:27:44.0856 4764 vdrvroot - ok
10:27:44.0903 4764 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
10:27:44.0919 4764 vds - ok
10:27:44.0950 4764 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:27:44.0950 4764 vga - ok
10:27:44.0981 4764 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:27:44.0981 4764 VgaSave - ok
10:27:44.0997 4764 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
10:27:44.0997 4764 vhdmp - ok
10:27:45.0012 4764 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
10:27:45.0012 4764 viaide - ok
10:27:45.0028 4764 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
10:27:45.0028 4764 volmgr - ok
10:27:45.0044 4764 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:27:45.0059 4764 volmgrx - ok
10:27:45.0059 4764 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
10:27:45.0075 4764 volsnap - ok
10:27:45.0090 4764 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:27:45.0090 4764 vsmraid - ok
10:27:45.0137 4764 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
10:27:45.0168 4764 VSS - ok
10:27:45.0200 4764 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:27:45.0200 4764 vwifibus - ok
10:27:45.0231 4764 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:27:45.0246 4764 W32Time - ok
10:27:45.0262 4764 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:27:45.0262 4764 WacomPen - ok
10:27:45.0262 4764 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:27:45.0262 4764 WANARP - ok
10:27:45.0278 4764 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:27:45.0278 4764 Wanarpv6 - ok
10:27:45.0356 4764 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:27:45.0387 4764 WatAdminSvc - ok
10:27:45.0449 4764 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
10:27:45.0527 4764 wbengine - ok
10:27:45.0543 4764 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:27:45.0558 4764 WbioSrvc - ok
10:27:45.0574 4764 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:27:45.0590 4764 wcncsvc - ok
10:27:45.0605 4764 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:45.0605 4764 WcsPlugInService - ok
10:27:45.0636 4764 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:27:45.0636 4764 Wd - ok
10:27:45.0668 4764 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:27:45.0683 4764 Wdf01000 - ok
10:27:45.0714 4764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:27:45.0714 4764 WdiServiceHost - ok
10:27:45.0730 4764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:27:45.0730 4764 WdiSystemHost - ok
10:27:45.0746 4764 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
10:27:45.0761 4764 WebClient - ok
10:27:45.0761 4764 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:27:45.0777 4764 Wecsvc - ok
10:27:45.0792 4764 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:27:45.0792 4764 wercplsupport - ok
10:27:45.0808 4764 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:27:45.0824 4764 WerSvc - ok
10:27:45.0855 4764 [ C48CA80FDC6926A9FC2F520379BDB635 ] WFMC_VAD C:\Windows\system32\DRIVERS\wfmcvad.sys
10:27:45.0855 4764 WFMC_VAD - ok
10:27:45.0886 4764 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:27:45.0886 4764 WfpLwf - ok
10:27:45.0902 4764 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:27:45.0902 4764 WIMMount - ok
10:27:45.0933 4764 WinDefend - ok
10:27:45.0933 4764 WinHttpAutoProxySvc - ok
10:27:45.0995 4764 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:27:46.0011 4764 Winmgmt - ok
10:27:46.0292 4764 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
10:27:46.0323 4764 WinRM - ok
10:27:46.0416 4764 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:27:46.0416 4764 WinUsb - ok
10:27:46.0463 4764 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:27:46.0494 4764 Wlansvc - ok
10:27:46.0526 4764 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:27:46.0526 4764 WmiAcpi - ok
10:27:46.0541 4764 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:27:46.0557 4764 wmiApSrv - ok
10:27:46.0572 4764 WMPNetworkSvc - ok
10:27:46.0604 4764 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:27:46.0604 4764 WPCSvc - ok
10:27:46.0619 4764 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:27:46.0619 4764 WPDBusEnum - ok
10:27:46.0650 4764 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:27:46.0650 4764 ws2ifsl - ok
10:27:46.0666 4764 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:27:46.0666 4764 wscsvc - ok
10:27:46.0666 4764 WSearch - ok
10:27:46.0760 4764 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:27:46.0853 4764 wuauserv - ok
10:27:46.0884 4764 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:27:46.0900 4764 WudfPf - ok
10:27:46.0947 4764 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:46.0947 4764 WUDFRd - ok
10:27:46.0962 4764 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:27:46.0962 4764 wudfsvc - ok
10:27:46.0994 4764 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:27:46.0994 4764 WwanSvc - ok
10:27:47.0009 4764 ================ Scan global ===============================
10:27:47.0025 4764 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:27:47.0103 4764 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
10:27:47.0118 4764 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
10:27:47.0150 4764 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:27:47.0196 4764 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:27:47.0196 4764 [Global] - ok
10:27:47.0196 4764 ================ Scan MBR ==================================
10:27:47.0196 4764 [ 9D886421B38975FB45EF62935E7B4A55 ] \Device\Harddisk0\DR0
10:27:47.0477 4764 \Device\Harddisk0\DR0 - ok
10:27:47.0477 4764 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
10:27:47.0477 4764 \Device\Harddisk1\DR1 - ok
10:27:47.0477 4764 ================ Scan VBR ==================================
10:27:47.0493 4764 [ C451240810DD06BDB2C8629DD24E3082 ] \Device\Harddisk0\DR0\Partition1
10:27:47.0508 4764 \Device\Harddisk0\DR0\Partition1 - ok
10:27:47.0524 4764 [ 34A1A58CBA6FD40A763619550EFB6858 ] \Device\Harddisk0\DR0\Partition2
10:27:47.0555 4764 \Device\Harddisk0\DR0\Partition2 - ok
10:27:47.0586 4764 [ 0E6EAD3D4963AF87C6F79B4445998D7D ] \Device\Harddisk0\DR0\Partition3
10:27:47.0618 4764 \Device\Harddisk0\DR0\Partition3 - ok
10:27:47.0618 4764 [ A443FA7E1DC7C8E3E689335784AF5943 ] \Device\Harddisk1\DR1\Partition1
10:27:47.0633 4764 \Device\Harddisk1\DR1\Partition1 - ok
10:27:47.0633 4764 ============================================================
10:27:47.0633 4764 Scan finished
10:27:47.0633 4764 ============================================================
10:27:47.0649 4756 Detected object count: 0
10:27:47.0649 4756 Actual detected object count: 0
10:27:50.0613 4336 Deinitialize success
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am

Re: Firefox/IE launching multiple instances

Unread postby askey127 » October 20th, 2012, 1:56 pm

baf,
I would right click the Microsoft Security Essentials icon in the System Tray, then click on Open. (icon looks like a little building with flag on top)
The click on the Update tab and have it update itself.
When it's through updating, back to the Home tab, click the scan option Full
Start the scan and have it remove anything it finds.

Those logs look OK.
How is the machine running?

Let me know how it goes.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox/IE launching multiple instances

Unread postby baf » October 20th, 2012, 8:31 pm

Ran full scan with MSE, no problems reported. I will use Firefox for a while and see if the symptoms repeat.
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am

Re: Firefox/IE launching multiple instances

Unread postby baf » October 20th, 2012, 9:52 pm

Ran Firefox for about an hour with no problems, but it just loaded my homepage in a tab that was on another site with no action on my part. Looks like there's still a problem.
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am

Re: Firefox/IE launching multiple instances

Unread postby askey127 » October 21st, 2012, 8:14 am

I don't see anything else on the machine that would corrupt normal operation.
I would tend to focus on the add-ons, extensions and settings for Firefox.
You may be having trouble with that Creative Commons Search engine.
I would remove it and just use Google for a while, as a test.

You can also disable Plug-Ins one at a time to check which may be related to the problem.
Tools> Add-Ons > Click on Plug-ins
You can choose Disable for any of them.

As a last resort, you can uninstall and Re-Install Firefox.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Firefox/IE launching multiple instances

Unread postby baf » October 22nd, 2012, 10:08 pm

OK, I'll work with Firefox some more. It's behaving much better, but I've still seen an open tab change to my home page on a couple of occasions. It hasn't launched the rapid-fire bunch of Firefox instances yet today. I'll report back again later.
baf
Active Member
 
Posts: 6
Joined: October 19th, 2012, 7:50 am

Re: Firefox/IE launching multiple instances

Unread postby askey127 » October 24th, 2012, 7:36 pm

Since this issue is likely resolved, we will close this thread.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 68 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware