Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer slowdown please help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer slowdown please help

Unread postby DougSr » December 13th, 2013, 9:30 pm

Hello all, long time no see. I have been relatively problem free with the computer for some time. Thanks all. Now however I am having some problems, slow running, just over all slow computer. When I upload photos to the computer it seems to drag it down and take forever. When I try to run Photoshop or Lightroom same thing I have tried a lot of things including CCleaner and I recently added a new hard drive of 3Tb for my photos. I decided to give you all a shout to see if I am having another bout with infections. Below are the scans made with DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by Father at 20:15:50 on 2013-12-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.4717 [GMT -5:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Helper.exe
C:\Program Files\CrashPlan\CrashPlanService.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mercercountysports.com/
mWinlogon: Userinit = userinit.exe
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [AdobeBridge] <no file>
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
StartupFolder: C:\Users\Father\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{85B0CB91-2B52-4929-B0F4-F2C16A0DC2F7} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{85B0CB91-2B52-4929-B0F4-F2C16A0DC2F7}\E45445745414255323 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{9BB40488-3159-406F-8CB0-DB4A831CF4F6} : DHCPNameServer = 10.0.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\
FF - prefs.js: browser.startup.homepage - hxxp://www.mercercountysports.com/
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Users\Father\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-12-13 15:35; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-11-25 718840]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2011-2-27 316248]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-11-25 121928]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-11-25 148696]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-10-27 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-12-2 282648]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-12-2 397784]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-1-20 92160]
R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2013-4-8 222720]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-11-25 69368]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-11-20 109352]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-14 15122208]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-12-2 1444120]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe [2009-5-5 206064]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-8-9 413472]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe [2012-9-19 1157056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD Smartware\WDRulesEngine.exe [2012-9-19 1177536]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-10-9 621336]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-11-25 593144]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-1-20 56344]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-1-20 233984]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-1-20 320040]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-14 39200]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-8-12 35840]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-10-9 14136]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 htcusbnet;HTC USB-NDIS miniport;C:\Windows\System32\drivers\htcusbnet.sys [2011-4-14 153600]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-13 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-28 29720]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-19 19456]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-19 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-10-9 89912]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-10-9 15160]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-27 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-3-30 47128]
S4 SQLAgent$MSSMLBIZ;SQL Server Agent (MSSMLBIZ);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== File Associations ===============
.
.txt: <filetype is not registered>
.js: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-12-13 08:04:53 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-13 08:04:53 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 08:04:52 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2013-12-13 08:04:51 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2013-12-13 08:02:57 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-12-13 08:02:57 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-12-11 18:18:15 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-11 18:17:44 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-11 18:05:31 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2013-12-03 03:09:37 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-12-03 03:09:26 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-03 02:17:35 -------- d-----w- C:\ProgramData\Licenses
2013-12-03 02:17:29 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
2013-11-26 03:15:53 230195 ----a-w- C:\ProgramData\1385435154.bdinstall.bin
2013-11-26 03:13:37 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-11-26 03:13:37 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-11-26 03:08:55 -------- d-----w- C:\Program Files\Bitdefender
2013-11-26 03:07:08 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2013-11-26 03:06:21 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-11-26 03:01:32 -------- d-s---w- C:\Windows\SysWow64\Microsoft
2013-11-26 03:00:26 45467 ----a-w- C:\ProgramData\1385434760.bdinstall.bin
2013-11-22 07:03:19 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D574AB99-C108-4C63-A2D1-5B734536CF58}\mpengine.dll
2013-11-20 11:37:18 -------- d-----w- C:\Program Files\HitmanPro
2013-11-18 01:24:14 -------- d-----w- C:\Users\Father\AppData\Local\NVIDIA
2013-11-17 22:56:46 -------- d-----w- C:\Users\Father\AppData\Roaming\Malwarebytes
2013-11-17 22:56:30 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-17 22:56:28 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-17 22:56:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-17 22:22:12 -------- d-----w- C:\Users\Father\AppData\Roaming\QuickScan
2013-11-17 21:50:57 -------- d-----w- C:\Program Files\iPod
2013-11-17 21:50:56 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 21:50:56 -------- d-----w- C:\Program Files\iTunes
2013-11-17 21:50:56 -------- d-----w- C:\Program Files (x86)\iTunes
2013-11-16 22:06:23 -------- d-----w- C:\Users\Father\AppData\Roaming\NVIDIA
2013-11-16 12:38:59 92272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
2013-11-15 02:58:33 1063200 ----a-w- C:\Windows\System32\nvspcap64.dll
2013-11-15 02:58:32 955168 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2013-11-15 02:49:44 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-15 02:44:26 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-11-15 02:44:26 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-15 02:44:26 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-11-15 02:44:26 28960 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-15 02:44:26 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-15 02:44:26 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
2013-11-15 02:44:25 1884448 ----a-w- C:\Windows\System32\nvdispco6433165.dll
2013-11-15 02:44:25 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433165.dll
2013-11-14 02:30:50 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-11-14 02:30:47 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-11-14 02:30:38 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-14 02:30:27 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-11-14 02:30:26 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-14 02:30:26 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-11-14 02:30:25 197120 ----a-w- C:\Windows\System32\credui.dll
2013-11-14 02:30:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-11-14 02:30:25 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
.
==================== Find3M ====================
.
2013-12-11 10:41:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 10:41:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-03 00:00:04 316248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-12 21:47:08 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-12 21:47:08 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-11 10:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-04 02:16:30 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys
2013-10-04 01:36:04 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-10-04 00:00:26 1938712 ----a-w- C:\Windows\System32\Wacom_Touch_Tablet.dll
2013-10-04 00:00:26 1808152 ----a-w- C:\Windows\System32\Wintab32.dll
2013-10-04 00:00:25 1945880 ----a-w- C:\Windows\System32\Wacom_Tablet.dll
2013-10-04 00:00:25 1805080 ----a-w- C:\Windows\System32\WacomMT.dll
2013-10-04 00:00:22 1604376 ----a-w- C:\Windows\SysWow64\Wacom_Tablet.dll
2013-10-04 00:00:22 1596696 ----a-w- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
2013-10-04 00:00:22 1483032 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2013-10-04 00:00:22 1479960 ----a-w- C:\Windows\SysWow64\WacomMT.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-18 22:12:13 89912 ----a-w- C:\Windows\System32\drivers\wachidrouter.sys
2013-09-18 22:12:13 15160 ----a-w- C:\Windows\System32\drivers\wacomrouterfilter.sys
2013-09-18 22:12:13 14136 ----a-w- C:\Windows\System32\drivers\hidkmdf.sys
2013-05-14 04:47:37 4096000 ----a-w- C:\Program Files (x86)\GUT5AEC.tmp
.
============= FINISH: 20:23:55.73 ===============

And following is the Attach file:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/26/2010 9:45:27 PM
System Uptime: 12/13/2013 4:43:57 PM (4 hours ago)
.
Motherboard: Dell Inc. | | 033FF6
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 917 GiB total, 467.23 GiB free.
D: is CDROM ()
G: is Removable
I: is FIXED (NTFS) - 2794 GiB total, 1466.493 GiB free.
K: is Removable
L: is Removable
M: is Removable
N: is FIXED (NTFS) - 3726 GiB total, 2041.813 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: DW1525 (802.11n) WLAN PCIe Card
Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_0203168C&REV_01\4&149856BC&0&00E4
Manufacturer: Atheros Communications Inc.
Name: DW1525 (802.11n) WLAN PCIe Card
PNP Device ID: PCI\VEN_168C&DEV_002A&SUBSYS_0203168C&REV_01\4&149856BC&0&00E4
Service: athr
.
==== System Restore Points ===================
.
RP515: 12/3/2013 3:32:37 AM - Scheduled Checkpoint
RP516: 12/11/2013 11:12:37 PM - Scheduled Checkpoint
RP517: 12/13/2013 3:00:43 AM - Windows Update
RP518: 12/13/2013 3:25:00 AM - Installed Rapport
RP519: 12/13/2013 8:09:45 PM - Installed Adobe Photoshop Lightroom 5.3 64-bit.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Creative Cloud
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CC
Adobe Photoshop CS6
Adobe Photoshop Lightroom 3.6 64-bit
Adobe Photoshop Lightroom 5.3 64-bit
Adobe Reader X (10.1.8)
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Banctec Service Agreement
Bejeweled 3
Bitdefender Antivirus Free Edition
Bonjour
Business Contact Manager for Microsoft Outlook 2010
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator EX 3.0
Canon MP560 series MP Drivers
Canon MP560 series User Registration
Canon Utilities Digital Photo Professional
Canon Utilities Easy-PhotoPrint EX
Canon Utilities EOS Utility
Canon Utilities My Printer
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities Solution Menu
Canon Utilities WFT Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
CDBurnerXP
Compatibility Pack for the 2007 Office system
CrashPlan
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Dell Communications (Support Software)
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Driver Download Manager
Dell Edoc Viewer
Dell Getting Started Guide
Dell System Detect
Dropbox
Garmin BaseCamp
Garmin City Navigator North America NT 2013.10 Update
Garmin USB Drivers
Garmin WebUpdater
GeForce Experience NvStream Client Components
Google Chrome
Google Update Helper
HitmanPro 3.7
Intel(R) Processor ID Utility
iTunes
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.1.0 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Music Manager
My Dell
NVIDIA 3D Vision Controller Driver 331.65
NVIDIA 3D Vision Driver 320.78
NVIDIA Control Panel 320.78
NVIDIA GeForce Experience 1.7
NVIDIA Graphics Driver 320.78
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 9.3.16
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 9.3.16
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.9
onOne PerfectPresets
PDF Settings CC
PDF Settings CS6
QuickTime
Rapport
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951)
SHIELD Streaming
SmartFTP Client
SmartFTP Client Setup Files 4.1 (x64) (remove only)
SpeechRedist
SpywareBlaster 5.0
Sql Server Customer Experience Improvement Program
Trusteer Endpoint Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VD64Inst
Wacom Tablet
WD SmartWare
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WModem Driver Installer
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
12/9/2013 1:32:36 PM, Error: volsnap [8] - The flush and hold writes operation on volume C: timed out while waiting for a release writes command.
12/13/2013 4:39:12 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
12/13/2013 4:34:46 PM, Error: Service Control Manager [7001] - The WD Backup service depends on the WD Rules service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
12/13/2013 4:34:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WD Rules service to connect.
12/13/2013 4:34:43 PM, Error: Service Control Manager [7000] - The WD Rules service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/12/2013 1:05:25 PM, Error: Service Control Manager [7034] - The CrashPlan Backup Service service terminated unexpectedly. It has done this 1 time(s).
12/11/2013 12:51:18 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
12/11/2013 12:51:18 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/11/2013 12:47:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.
12/10/2013 4:35:22 PM, Error: Service Control Manager [7034] - The CrashPlan Backup Service service terminated unexpectedly. It has done this 2 time(s).
.
==== End Of File ===========================


Thanks all for your assitance.

Doug
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am
Advertisement
Register to Remove

Re: Computer slowdown please help

Unread postby Gary R » December 17th, 2013, 12:33 pm

Looking over your logs, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer slowdown please help

Unread postby Gary R » December 17th, 2013, 12:49 pm

Hi Doug,

There's nothing jumping out at me from your logs that suggests your slow down is caused by Malware, but I do notice that you have quite a few defensive programs installed on your computer ....

Bitdefender Antivirus Free Edition
HitmanPro 3.7
Malwarebytes Anti-Malware version 1.75.0.1300
SpywareBlaster 5.0
Remnants of a Spybot S&D install


... you really don't need them all.

If you're using Bitdefender as your AV and Firewall (which it seems you are), then personally I'd uninstall HitmanPro and SpwareBlaster, the first may be causing conflicts with BitDefender, and the second really is surplus to requirements and is not really offering you any real addition to your defenses. The remnants of Spybot could really do with removing also, along with a few other "orphans" that are present in your logs.

Although the above needs doing, whether it's going to make any real improvement to your slow down problems is debateable. You're running a lot of programs on auto startup and quite a few are likely to be memory intensive, whether you actually need them all to be launching at startup is up to you. We can go through them if you wish, and you can decide which ones are essential to you, and we can remove the "auto-start" provision from the ones that aren't if you wish.

This does not mean the programs will cease to function, it just means that if you want them running, you'll need to launch them manually.

Before we do that (if you do in fact wish to do it), I'd like you to run some further scans for me, just to make sure that there's nothing lurking on your machine that the DDS scan didn't detect.

First ...

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next ...

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING IT MIGHT FIND AT THIS POINT

Finally ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • TDSSKiller log
  • E-Set log (ESET.txt)


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 3:17 pm

Ok I will do so and try to get it all correct Here is the first: OTL.Txt

OTL logfile created on: 12/17/2013 1:33:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Father\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.93 Gb Total Physical Memory | 2.53 Gb Available Physical Memory | 31.91% Memory free
15.86 Gb Paging File | 12.22 Gb Available in Paging File | 77.09% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.82 Gb Total Space | 487.15 Gb Free Space | 53.13% Space Free | Partition Type: NTFS
Drive I: | 2794.39 Gb Total Space | 1447.25 Gb Free Space | 51.79% Space Free | Partition Type: NTFS
Drive N: | 3725.99 Gb Total Space | 2041.81 Gb Free Space | 54.80% Space Free | Partition Type: NTFS

Computer Name: FATHER-PC | User Name: Father | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/17 13:31:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Father\Desktop\OTL.exe
PRC - [2013/12/02 18:59:50 | 002,484,504 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/12/02 18:59:50 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/11/16 07:39:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/09 15:37:04 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/08 18:15:51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Wacom\WacomHost.exe
PRC - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD Smartware\WDRulesEngine.exe
PRC - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) -- C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe
PRC - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2010/03/25 14:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/05/19 16:11:52 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/05/05 06:39:18 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
PRC - [2009/02/10 02:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/16 07:39:11 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/10/27 20:56:25 | 001,127,152 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/06/27 14:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 18:24:26 | 000,069,368 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV:64bit: - [2013/10/17 20:35:48 | 015,122,208 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/10/03 19:00:24 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/08 18:37:56 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)
SRV:64bit: - [2009/06/09 11:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/31 17:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/12/11 05:41:10 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/02 18:59:50 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/11/16 07:39:12 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/17 20:34:26 | 001,914,656 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/08/09 15:37:04 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/19 21:10:10 | 001,177,536 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/09/19 21:10:06 | 001,157,056 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/09/19 21:02:48 | 000,248,248 | R--- | M] (Western Digital) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2010/03/25 14:45:36 | 000,031,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 19:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/05 06:39:18 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms)
SRV - [2009/02/10 02:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/02 19:00:04 | 000,316,248 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2013/09/27 18:01:44 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/09/18 17:12:13 | 000,089,912 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/09/18 17:12:13 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/09/18 17:12:13 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/07/02 14:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2013/06/27 09:35:46 | 000,079,872 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2013/06/16 07:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/28 12:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/04/22 13:21:00 | 000,148,696 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/04/17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013/04/17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/10 14:48:02 | 000,044,544 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/14 23:08:06 | 000,153,600 | ---- | M] (HTC Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcusbnet.sys -- (htcusbnet)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/07/28 23:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/06/30 03:27:08 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/11/12 13:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009/11/01 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/10/24 00:49:46 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/26 10:42:58 | 000,233,984 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/06 07:43:00 | 000,320,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/12/02 19:00:04 | 000,397,784 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2013/12/02 19:00:04 | 000,282,648 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2013/10/27 20:56:22 | 000,606,672 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys -- (RapportCerberus_59849)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B48F689A-875F-451B-BAA9-FF226F37BD50}
IE:64bit: - HKLM\..\SearchScopes\{B48F689A-875F-451B-BAA9-FF226F37BD50}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {1FBC9806-4711-4D06-9B0C-83F52F2CB6AA}
IE - HKLM\..\SearchScopes\{1FBC9806-4711-4D06-9B0C-83F52F2CB6AA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mercercountysports.com/
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\SearchScopes,DefaultScope = {B48F689A-875F-451B-BAA9-FF226F37BD50}
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\SearchScopes\{D04D1149-7A5D-4256-A7DA-D58772D595F3}: "URL" = http://search1.brandthunder.com/?q={searchTerms}&tid={tid?}
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.mercercountysports.com/"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Father\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Father\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/16 07:38:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/16 07:39:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/11/04 21:08:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/16 07:38:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/16 07:39:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/11/04 21:08:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010/04/24 20:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Father\AppData\Roaming\Mozilla\Extensions
[2010/04/24 20:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Father\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/12/13 15:35:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\extensions
[2013/12/02 21:16:16 | 000,535,138 | ---- | M] () (No name found) -- C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/12/13 15:35:12 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/16 07:38:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/16 07:39:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.mercercountysports.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16263 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Father\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.1.0_0\
CHR - Extension: Screen Capture (by Google) = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.1.3_0\
CHR - Extension: avast! Online Security = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Tom Sachs = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj\3_0\
CHR - Extension: Google Wallet = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCEPServiceManager] C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Father\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\UpdatusUser.Father-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85B0CB91-2B52-4929-B0F4-F2C16A0DC2F7}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB40488-3159-406F-8CB0-DB4A831CF4F6}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0d70a4a4-14e9-11e3-87c0-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{0d70a4a4-14e9-11e3-87c0-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{25abff98-74e0-11e0-ab9e-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{25abff98-74e0-11e0-ab9e-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{2b24ba45-ad78-11e2-a85c-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{2b24ba45-ad78-11e2-a85c-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{2b24ba4f-ad78-11e2-a85c-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{2b24ba4f-ad78-11e2-a85c-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{33d43db6-e404-11df-9d8b-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{33d43db6-e404-11df-9d8b-002564e8ca4b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{488d8a27-9b1a-11e1-b8ca-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{488d8a27-9b1a-11e1-b8ca-002564e8ca4b}\Shell\AutoRun\command - "" = H:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{511f2451-1341-11e3-a894-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{511f2451-1341-11e3-a894-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{579feb48-8fb9-11e2-9c25-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{579feb48-8fb9-11e2-9c25-002564e8ca4b}\Shell\AutoRun\command - "" = J:\TL-Bootstrap.exe
O33 - MountPoints2\{579feb55-8fb9-11e2-9c25-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{579feb55-8fb9-11e2-9c25-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{a5d917d4-6731-11e0-ad33-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d917d4-6731-11e0-ad33-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{b34b254e-0462-11e2-9c35-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{b34b254e-0462-11e2-9c35-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL_Bootstrap.exe
O33 - MountPoints2\{bdfc3633-85d9-11e2-80d2-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{bdfc3633-85d9-11e2-80d2-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{c0fbb6bf-64da-11e0-ab83-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{c0fbb6bf-64da-11e0-ab83-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{cd55b5ca-73b1-11e2-abdc-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{cd55b5ca-73b1-11e2-abdc-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{cd55b62b-73b1-11e2-abdc-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{cd55b62b-73b1-11e2-abdc-002564e8ca4b}\Shell\AutoRun\command - "" = H:\setup.exe -a
O33 - MountPoints2\{da5874dd-6f40-11e2-bc2f-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{da5874dd-6f40-11e2-bc2f-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{e04d3b75-6f99-11e0-a78b-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{e04d3b75-6f99-11e0-a78b-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/17 13:31:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Father\Desktop\OTL.exe
[2013/12/13 20:15:21 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Father\Desktop\dds.scr
[2013/12/13 03:04:52 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/13 03:04:51 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/13 03:04:51 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/13 03:04:50 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/13 03:03:06 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/13 03:03:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/13 03:03:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/13 03:03:05 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/13 03:03:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/13 03:03:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/13 03:03:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/13 03:03:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/13 03:03:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/13 03:03:03 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/13 03:03:03 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/13 03:03:02 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/13 03:03:02 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/13 03:03:00 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/13 03:03:00 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/13 03:02:57 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/12 02:51:24 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/12 02:51:24 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/12 02:51:19 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/12 02:51:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/12 02:51:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/12 02:51:16 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/12 02:51:16 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/12 02:51:05 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/12 02:51:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/12 02:51:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/12 02:51:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/12 02:51:04 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/12 02:51:04 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/11 18:52:50 | 000,000,000 | ---D | C] -- C:\Users\Father\Desktop\2013 Hickory South Fayette Football
[2013/12/11 18:08:12 | 000,000,000 | ---D | C] -- C:\Users\Father\Desktop\2013 Sharpsville Conneaut Football
[2013/12/11 13:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/12/11 13:17:44 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/12/11 13:05:31 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/12/02 22:34:59 | 000,000,000 | ---D | C] -- C:\Users\Father\Documents\ProcAlyzer Dumps
[2013/12/02 22:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/12/02 22:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/12/02 21:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2013/12/02 21:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/12/02 21:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2013/12/02 21:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2013/11/25 22:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2013/11/25 22:13:37 | 000,718,840 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013/11/25 22:13:37 | 000,593,144 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013/11/25 22:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/11/25 22:07:08 | 000,148,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/11/25 22:06:21 | 000,382,536 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/11/25 22:01:32 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013/11/17 20:24:14 | 000,000,000 | ---D | C] -- C:\Users\Father\AppData\Local\NVIDIA
[2013/11/17 17:56:46 | 000,000,000 | ---D | C] -- C:\Users\Father\AppData\Roaming\Malwarebytes
[2013/11/17 17:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/17 17:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/17 17:56:28 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/17 17:56:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/17 17:22:12 | 000,000,000 | ---D | C] -- C:\Users\Father\AppData\Roaming\QuickScan
[2013/11/17 16:52:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/17 16:50:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/17 16:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/17 16:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/11/17 16:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2010/02/26 23:52:25 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Father\AppData\Roaming\DataSafeDotNet.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/17 13:34:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000UA.job
[2013/12/17 13:31:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Father\Desktop\OTL.exe
[2013/12/17 12:50:30 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/17 12:50:30 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/17 12:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/17 12:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/17 11:34:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000Core.job
[2013/12/17 07:45:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/16 21:27:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/16 21:26:59 | 2090,164,223 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/16 19:04:34 | 000,007,644 | ---- | M] () -- C:\Users\Father\AppData\Local\Resmon.ResmonCfg
[2013/12/16 18:44:28 | 000,872,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/16 18:44:28 | 000,726,434 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/16 18:44:28 | 000,146,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/14 12:44:16 | 005,369,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/13 20:15:24 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Father\Desktop\dds.scr
[2013/12/13 20:15:06 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
[2013/12/11 13:17:44 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013/12/11 13:14:34 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/11 13:05:31 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/12/11 12:55:09 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2013/12/11 05:41:10 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/11 05:41:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/08 17:14:56 | 000,007,688 | ---- | M] () -- C:\Users\Father\AppData\Roaming\wklnhst.dat
[2013/12/02 21:17:31 | 000,001,041 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/12/02 19:00:04 | 000,316,248 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2013/11/26 05:18:23 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/26 04:48:07 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/26 04:46:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/26 04:27:54 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/26 04:21:24 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/26 04:18:39 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/26 04:16:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/26 03:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/26 03:35:02 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/26 03:32:08 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/26 03:28:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/26 03:02:16 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/26 02:32:06 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/26 01:34:55 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/26 01:34:27 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/25 22:15:53 | 000,230,195 | ---- | M] () -- C:\ProgramData\1385435154.bdinstall.bin
[2013/11/25 22:13:53 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2013/11/25 22:00:26 | 000,045,467 | ---- | M] () -- C:\ProgramData\1385434760.bdinstall.bin
[2013/11/24 18:32:02 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2013/11/23 13:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/11/23 12:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/11/17 17:31:10 | 000,000,036 | ---- | M] () -- C:\Users\Father\AppData\Local\housecall.guid.cache
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/16 18:36:03 | 000,001,980 | ---- | C] () -- C:\Users\Father\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2013/12/14 15:05:56 | 000,001,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
[2013/12/13 20:15:06 | 000,002,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.3 64-bit.lnk
[2013/12/13 20:15:06 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
[2013/12/13 17:55:56 | 000,001,070 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk
[2013/12/13 17:54:15 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
[2013/12/11 12:54:34 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013/12/02 21:17:31 | 000,001,041 | ---- | C] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2013/11/25 22:15:53 | 000,230,195 | ---- | C] () -- C:\ProgramData\1385435154.bdinstall.bin
[2013/11/25 22:13:53 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
[2013/11/25 22:00:26 | 000,045,467 | ---- | C] () -- C:\ProgramData\1385434760.bdinstall.bin
[2013/11/17 17:56:31 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/17 17:31:10 | 000,000,036 | ---- | C] () -- C:\Users\Father\AppData\Local\housecall.guid.cache
[2012/10/17 23:40:29 | 000,001,456 | ---- | C] () -- C:\Users\Father\AppData\Local\Adobe Save for Web 13.0 Prefs
[2011/01/23 22:28:31 | 000,007,680 | ---- | C] () -- C:\Users\Father\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/23 00:47:15 | 000,000,000 | ---- | C] () -- C:\Users\Father\.gtk-bookmarks
[2011/01/23 00:46:26 | 000,861,554 | ---- | C] () -- C:\Users\Father\.fonts.cache-1
[2011/01/23 00:39:13 | 000,000,868 | ---- | C] () -- C:\Users\Father\.recently-used.xbel
[2010/03/16 06:59:50 | 000,007,688 | ---- | C] () -- C:\Users\Father\AppData\Roaming\wklnhst.dat
[2010/03/01 08:51:50 | 000,007,644 | ---- | C] () -- C:\Users\Father\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2011/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2012/11/26 19:26:00 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Ashisoft
[2013/10/23 21:54:02 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\AVAST Software
[2010/08/29 18:33:57 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Canneverbe Limited
[2012/08/16 23:56:34 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Canon
[2012/10/08 19:50:40 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Canon_Inc_IC
[2013/10/23 21:16:50 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\CrashPlan
[2013/11/19 20:04:42 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\DisplayTune
[2013/08/07 10:00:15 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Dropbox
[2013/02/16 23:11:29 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\FileZilla
[2012/11/30 13:57:39 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\GARMIN
[2011/01/23 00:39:13 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\gtk-2.0
[2012/08/20 14:05:42 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\IObit
[2011/09/15 17:18:38 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Outlook
[2010/12/11 08:23:45 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\PCDr
[2013/11/25 22:09:41 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\QuickScan
[2012/07/15 21:11:08 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/04/04 14:21:52 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Template
[2010/04/24 20:30:15 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Thunderbird
[2011/12/31 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Tific
[2010/11/11 17:17:56 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\Trusteer
[2011/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\Trusteer
[2011/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser.Father-PC\AppData\Roaming\Trusteer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 3:18 pm

Extras.Txt

OTL Extras logfile created on: 12/17/2013 1:33:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Father\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.93 Gb Total Physical Memory | 2.53 Gb Available Physical Memory | 31.91% Memory free
15.86 Gb Paging File | 12.22 Gb Available in Paging File | 77.09% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.82 Gb Total Space | 487.15 Gb Free Space | 53.13% Space Free | Partition Type: NTFS
Drive I: | 2794.39 Gb Total Space | 1447.25 Gb Free Space | 51.79% Space Free | Partition Type: NTFS
Drive N: | 3725.99 Gb Total Space | 2041.81 Gb Free Space | 54.80% Space Free | Partition Type: NTFS

Computer Name: FATHER-PC | User Name: Father | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-246240781-1227866155-2015313242-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043A869F-4612-4A96-B752-EFD8A3C6929F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{04FF9090-0543-4A6B-9517-00B4A3E2524E}" = lport=137 | protocol=17 | dir=in | app=system |
"{099DE32C-3272-4445-8B0C-965FB77760EB}" = lport=139 | protocol=6 | dir=in | app=system |
"{09ACE479-7E3D-4AD5-A95F-8D86979607F0}" = lport=138 | protocol=17 | dir=in | app=system |
"{0C933D8C-9604-49D9-B950-CFA5323F4B66}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{105BF9F9-B76E-4497-91DD-BF52C3D8C121}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{15677FC0-E8F4-4946-A604-30ED803A5086}" = rport=138 | protocol=17 | dir=out | app=system |
"{170F0943-9B22-4E26-AEC7-0D075FBA6D89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1751F786-5621-4B73-8C69-7DDAF3776BB0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{18447F1C-C9E8-48E2-B42A-E78F579ABE26}" = rport=137 | protocol=17 | dir=out | app=system |
"{282B38A8-8D15-49FF-B152-A26B899855DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{2A12F64B-22C5-4AFE-A508-4ED65143B482}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{2BE05A3E-E2E1-4383-BAE6-1A3B7880F0E3}" = rport=445 | protocol=6 | dir=out | app=system |
"{2D91E606-2CC0-42D5-9CC1-3257E628D577}" = lport=445 | protocol=6 | dir=in | app=system |
"{31B07DF1-2FC1-456A-A031-62FCEAA6F58C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3468DEA2-C3D8-4892-BB40-2D993569BC18}" = rport=139 | protocol=6 | dir=out | app=system |
"{3E552E31-3A58-4EC4-8406-EC1B0038E0B8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{4F397CB6-75B4-470A-88C2-3C96708C84FA}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{543AAEA1-24DF-4E0D-BF33-4C58C94BD5E5}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{61E76C38-7CAB-427D-B741-D10FAC61DA03}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{6B6DB14C-9B22-4465-A92F-9B965CC908B9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6BBF12B3-9467-45CB-BD71-73B24E5F4FBA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{717C14D2-C2D9-474F-BEE6-4CF405FC1E00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{7AA28444-5E45-4275-9062-E9DF1DA6A3AD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7C22C827-BC58-4401-90E5-469E8D0BF9CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8646528B-61A3-46D4-99EF-2C964D1F43A7}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{8DC2F6E8-8614-4569-B891-65FEBBE87790}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F3C1F0B-6851-467D-A4E6-DD3E64157A89}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{A42D1F4D-5B00-4176-9D54-CF5C84D2EE0D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B9E20174-F1AE-4B06-B98B-540FDB1C0EDD}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BCBD0DEF-4CBB-490E-8234-9204CB577139}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{BD847970-5BA1-4372-B38F-4FC08DDFB12C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{BE46CAAF-A06A-4D15-9034-AE464A1FC9EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C8A41E37-2F26-49AB-8D16-E2714EAE4DE2}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{CD2B1125-04D0-45B4-A2C5-D22E8BFCB74B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{D1E5DA58-9D0E-4DAF-8B2D-405605A226B9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D5D876AF-8134-4BCA-81AC-58BC36BB15B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{DAA0A068-A9BA-4296-AD46-8382C06BC06A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBAE99B1-CB51-451D-8E38-43C8BEF27C70}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F9BD7E13-B729-4EE7-9EE2-1B46517CB000}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00923BE1-46F2-4477-9AA9-8C0778638814}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{07265509-C654-497B-B899-BF6EAADEFCAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0A9238B9-6DCB-4C8E-A684-A9627692BB82}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0BDE6197-A5E8-4748-B0C7-F3023BE26FB9}" = protocol=17 | dir=in | app=c:\users\father\appdata\roaming\dropbox\bin\dropbox.exe |
"{1702915D-1FCF-41C0-A319-66F0BC9C8055}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{188E1AF3-792B-46E4-9954-FD5A0CD3F5A1}" = protocol=6 | dir=in | app=c:\users\father\appdata\roaming\dropbox\bin\dropbox.exe |
"{19E29FFF-DFE1-4CD3-985E-2D54EF5023D3}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{2B99DBC5-AEAD-49D8-981F-6BB99E081668}" = protocol=17 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{2DD8BA56-09A1-43D6-93A4-1D4C93F0E3B4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{344D7BAC-87C3-409D-A728-D47C06AA29F7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3BC156D5-9A92-4040-A128-5B0844482A3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C17AFC5-E176-4FCC-9A7E-6901BA1A85B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3CF97CBF-C0E0-482C-8C46-9C3AA89EEAD5}" = protocol=6 | dir=in | app=c:\program files\crashplan\crashplanservice.exe |
"{3E2E08F0-C041-47BA-9D28-4712256A4242}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{434797FF-35DD-4E35-8C32-301C8D74C7E1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{492A8908-4307-4775-80AB-71FF17F6F935}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{4D00D1DE-50CF-4120-9B9B-CDF88FAD6D16}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5B82036A-2C51-4486-8906-85F5EAE0FC9E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62AFC303-A2D7-46A6-B80E-BBF6B30467FC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{638B98A9-3757-4490-9290-254FF20E7872}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6453DEEF-CCFA-4FC3-A62D-051D93A69F90}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6EAB9FF5-5827-4B29-967A-218FB71AD998}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70F09E7B-FB30-4FE0-90BD-E0983F7963BA}" = protocol=6 | dir=out | app=system |
"{756F8292-19AF-4DA2-B4D0-E8A31A02E872}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{827015B0-E197-4749-ABFE-3568A7C7E7CE}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{83E036F2-6D89-41A4-8846-5EDC13E76D3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8AC67B07-B12B-4BD3-B3B4-50B0786CEFB1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{8C4BC993-CE70-4A9F-9B6C-176EE9EDC1EC}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{8D458C9F-99BD-4D5E-918C-E3350B3A4721}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{93F1C127-6D47-41B3-ACAE-E303B78B294E}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{96060B4A-FBCB-4B60-9922-3DCCA819FE1F}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{AA067BAC-F9E5-4568-A2BF-691977AB2A36}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AAFF792F-93D9-4EA3-9B7D-E01CBC8064BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB8F05CD-5ADF-40E6-B484-7338CDF7DFC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B20E84BC-6CDC-42AB-BC0A-50E7A285AA74}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CF90A390-9881-4FBD-A4BC-28BF10E58CAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DFEABB24-7D65-4003-8E1C-48F584535F47}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E5A95C63-14CB-4AF0-A88E-78E82C343FB0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E7BE6678-D354-4A52-BB25-6A5C88EE5708}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E80215B7-D4C7-4DC6-A0BA-604B100651F3}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"{FD967801-859F-48A4-81C5-1B53DCEC6ECF}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe |
"TCP Query User{1EA68BEC-3ABC-4593-9B9B-66933D7B847E}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{2674B59B-0C88-431A-ADD7-3F6530C30E54}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{502AD8FE-233D-4FAC-8FBA-D8F549B9AEFF}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{26F16EE3-6328-44FA-9015-B9F05E673E14}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{5C5D0C04-0A80-4AB7-B49A-6E41556039D6}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{67FD48A3-8882-4FCB-AB05-873F2DB447AA}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{2DD71ACB-552D-402C-9529-7906ACB95C30}" = Adobe Photoshop Lightroom 5.3 64-bit
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AFF6A80-67F8-4540-B567-14F93E37AA08}" = SmartFTP Client
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}" = WD SmartWare
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.78
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.78
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.78
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.7
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 9.3.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.9
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCE35118-DD2F-4DB8-A5B6-D857F95669E0}" = CrashPlan
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00FE2935-FB56-4410-AB5F-D6E70C1771D2}" = Garmin WebUpdater
"{050BF7DA-82C4-416A-8294-7AFEB8ED94E1}" = Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18E928DE-ABBA-4CEB-A9E4-205769B03FE8}" = Garmin BaseCamp
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{351DE0AB-7787-4497-9A7A-4AA9E3A4E290}" = Dell Communications (Support Software)
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B4B0AA9-F97E-49C4-AE6F-D40580B65A22}" = onOne PerfectPresets
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Processor ID Utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE2E1909-12C2-4249-8003-7978BEA3A14F}" = Garmin City Navigator North America NT 2013.10 Update
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4B48349-A165-4097-8D78-AC950BD8638E}" = Business Contact Manager for Microsoft Outlook 2010
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Bejeweled 3" = Bejeweled 3
"Business Contact Manager" = Business Contact Manager for Microsoft Outlook 2010
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MP560 series User Registration" = Canon MP560 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Digital Photo Professional" = Canon Utilities Digital Photo Professional
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"HTC_WModemDriver" = WModem Driver Installer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"Mozilla Thunderbird 24.1.0 (x86 en-US)" = Mozilla Thunderbird 24.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Rapport_msi" = Trusteer Endpoint Protection
"SmartFTP Client 4.1 (x64) Setup Files" = SmartFTP Client Setup Files 4.1 (x64) (remove only)
"SpywareBlaster_is1" = SpywareBlaster 5.0
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"WFTK" = Canon Utilities WFT Utility
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-246240781-1227866155-2015313242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"MusicManager" = Music Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/14/2013 4:29:56 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:13:23 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:13:30 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:13:30 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:13:30 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:47:07 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:47:14 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:47:14 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/14/2013 7:47:14 PM | Computer Name = Father-PC | Source = VSS | ID = 12294
Description =

Error - 12/16/2013 7:33:12 PM | Computer Name = Father-PC | Source = Application Hang | ID = 1002
Description = The program Defraggler64.exe version 2.16.0.809 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b80 Start
Time: 01cef9093685e3fb Termination Time: 93 Application Path: C:\Program Files\Defraggler\Defraggler64.exe

Report
Id: 3296453d-66aa-11e3-9cbb-002564e8ca4b

[ Dell Events ]
Error - 2/27/2010 1:03:38 AM | Computer Name = Father-PC | Source = DataSafe | ID = 3
Description = An error occurred during the Recovery Disc creation process: Split
Failed.

Error - 2/27/2010 1:07:10 AM | Computer Name = Father-PC | Source = DataSafe | ID = 3
Description = An error occurred during the Recovery Disc creation process: Split
Failed.

[ Media Center Events ]
Error - 12/16/2010 7:18:37 PM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 6:18:35 PM - Error connecting to the internet. 6:18:35 PM - Unable
to contact server..

Error - 12/23/2010 7:56:13 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 6:56:13 AM - Failed to retrieve SportsV2 (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)


Error - 1/1/2011 7:23:08 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 6:23:08 AM - Error connecting to the internet. 6:23:08 AM - Unable
to contact server..

Error - 1/1/2011 7:23:17 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 6:23:13 AM - Error connecting to the internet. 6:23:13 AM - Unable
to contact server..

Error - 1/1/2011 8:23:22 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 7:23:22 AM - Error connecting to the internet. 7:23:22 AM - Unable
to contact server..

Error - 1/1/2011 8:23:28 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 7:23:27 AM - Error connecting to the internet. 7:23:27 AM - Unable
to contact server..

Error - 1/1/2011 9:23:32 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 8:23:32 AM - Error connecting to the internet. 8:23:32 AM - Unable
to contact server..

Error - 1/1/2011 9:23:38 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 8:23:37 AM - Error connecting to the internet. 8:23:37 AM - Unable
to contact server..

Error - 1/1/2011 10:23:42 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 9:23:42 AM - Error connecting to the internet. 9:23:42 AM - Unable
to contact server..

Error - 1/1/2011 10:23:48 AM | Computer Name = Father-PC | Source = MCUpdate | ID = 0
Description = 9:23:47 AM - Error connecting to the internet. 9:23:47 AM - Unable
to contact server..

[ System Events ]
Error - 12/14/2013 7:39:58 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:39:59 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:53:58 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:53:58 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:53:59 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:53:59 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/14/2013 7:54:00 PM | Computer Name = Father-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk6\DR6.

Error - 12/16/2013 7:37:45 PM | Computer Name = Father-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the gzserv service.

Error - 12/16/2013 8:03:07 PM | Computer Name = Father-PC | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/16/2013 11:38:15 PM | Computer Name = Father-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 3:30 pm

TDSS report

14:23:38.0053 0x1480 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
14:24:09.0435 0x1480 ============================================================
14:24:09.0435 0x1480 Current date / time: 2013/12/17 14:24:09.0435
14:24:09.0435 0x1480 SystemInfo:
14:24:09.0435 0x1480
14:24:09.0435 0x1480 OS Version: 6.1.7601 ServicePack: 1.0
14:24:09.0435 0x1480 Product type: Workstation
14:24:09.0435 0x1480 ComputerName: FATHER-PC
14:24:09.0435 0x1480 UserName: Father
14:24:09.0435 0x1480 Windows directory: C:\Windows
14:24:09.0435 0x1480 System windows directory: C:\Windows
14:24:09.0436 0x1480 Running under WOW64
14:24:09.0436 0x1480 Processor architecture: Intel x64
14:24:09.0436 0x1480 Number of processors: 4
14:24:09.0436 0x1480 Page size: 0x1000
14:24:09.0436 0x1480 Boot type: Normal boot
14:24:09.0436 0x1480 ============================================================
14:24:12.0424 0x1480 KLMD registered as C:\Windows\system32\drivers\15530927.sys
14:24:12.0778 0x1480 System UUID: {30375DDD-CF93-67F4-6BF7-A6C2C4278870}
14:24:13.0405 0x1480 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:13.0417 0x1480 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:24:13.0421 0x1480 Drive \Device\Harddisk10\DR10 - Size: 0x3A37F700000 (3725.99 Gb), SectorSize: 0x1000, Cylinders: 0xED7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:24:13.0513 0x1480 ============================================================
14:24:13.0513 0x1480 \Device\Harddisk0\DR0:
14:24:13.0513 0x1480 MBR partitions:
14:24:13.0513 0x1480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
14:24:13.0513 0x1480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x729A65B0
14:24:13.0513 0x1480 \Device\Harddisk1\DR1:
14:24:13.0513 0x1480 GPT partitions:
14:24:13.0539 0x1480 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {628E7CE9-9FE3-4A5F-98D1-C0BF8EBF9FB1}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
14:24:13.0539 0x1480 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8399CD44-DEB4-498B-88D9-BA11A967066E}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
14:24:13.0539 0x1480 MBR partitions:
14:24:13.0539 0x1480 \Device\Harddisk10\DR10:
14:24:13.0540 0x1480 MBR partitions:
14:24:13.0540 0x1480 \Device\Harddisk10\DR10\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x3A37F600
14:24:13.0540 0x1480 ============================================================
14:24:13.0561 0x1480 C: <-> \Device\Harddisk0\DR0\Partition2
14:24:13.0577 0x1480 I: <-> \Device\Harddisk1\DR1\Partition2
14:24:13.0682 0x1480 N: <-> \Device\Harddisk10\DR10\Partition1
14:24:13.0682 0x1480 ============================================================
14:24:13.0682 0x1480 Initialize success
14:24:13.0682 0x1480 ============================================================
14:24:22.0056 0x17a8 ============================================================
14:24:22.0056 0x17a8 Scan started
14:24:22.0056 0x17a8 Mode: Manual;
14:24:22.0056 0x17a8 ============================================================
14:24:22.0056 0x17a8 KSN ping started
14:24:25.0051 0x17a8 KSN ping finished: true
14:24:30.0417 0x17a8 ================ Scan system memory ========================
14:24:30.0417 0x17a8 System memory - ok
14:24:30.0417 0x17a8 ================ Scan services =============================
14:24:31.0166 0x17a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:24:31.0166 0x17a8 1394ohci - ok
14:24:31.0260 0x17a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:24:31.0260 0x17a8 ACPI - ok
14:24:31.0306 0x17a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:24:31.0306 0x17a8 AcpiPmi - ok
14:24:31.0447 0x17a8 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:24:31.0447 0x17a8 AdobeARMservice - ok
14:24:31.0540 0x17a8 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:24:31.0556 0x17a8 AdobeFlashPlayerUpdateSvc - ok
14:24:31.0634 0x17a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:24:31.0650 0x17a8 adp94xx - ok
14:24:31.0681 0x17a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:24:31.0696 0x17a8 adpahci - ok
14:24:31.0712 0x17a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:24:31.0712 0x17a8 adpu320 - ok
14:24:31.0743 0x17a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:24:31.0759 0x17a8 AeLookupSvc - ok
14:24:31.0806 0x17a8 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:24:31.0806 0x17a8 AERTFilters - ok
14:24:31.0852 0x17a8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
14:24:31.0868 0x17a8 AFD - ok
14:24:31.0899 0x17a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:24:31.0899 0x17a8 agp440 - ok
14:24:31.0915 0x17a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:24:31.0915 0x17a8 ALG - ok
14:24:31.0962 0x17a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:24:31.0962 0x17a8 aliide - ok
14:24:32.0024 0x17a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:24:32.0024 0x17a8 amdide - ok
14:24:32.0055 0x17a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:24:32.0055 0x17a8 AmdK8 - ok
14:24:32.0086 0x17a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:24:32.0086 0x17a8 AmdPPM - ok
14:24:32.0149 0x17a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:24:32.0149 0x17a8 amdsata - ok
14:24:32.0180 0x17a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:24:32.0180 0x17a8 amdsbs - ok
14:24:32.0211 0x17a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:24:32.0211 0x17a8 amdxata - ok
14:24:32.0242 0x17a8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
14:24:32.0242 0x17a8 AppID - ok
14:24:32.0289 0x17a8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:24:32.0289 0x17a8 AppIDSvc - ok
14:24:32.0320 0x17a8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:24:32.0320 0x17a8 Appinfo - ok
14:24:32.0398 0x17a8 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:24:32.0398 0x17a8 Apple Mobile Device - ok
14:24:32.0445 0x17a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:24:32.0445 0x17a8 arc - ok
14:24:32.0476 0x17a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:24:32.0476 0x17a8 arcsas - ok
14:24:32.0617 0x17a8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:24:32.0617 0x17a8 aspnet_state - ok
14:24:32.0664 0x17a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:24:32.0664 0x17a8 AsyncMac - ok
14:24:32.0695 0x17a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:24:32.0695 0x17a8 atapi - ok
14:24:32.0851 0x17a8 [ 195786ED7A26E1913A4F9799FDBC2C71, FF37757AC50301D29FFAF3EC3C853B11353B4FD21731B112E7FAA31AF7D0659D ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:24:32.0882 0x17a8 athr - ok
14:24:33.0007 0x17a8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:24:33.0038 0x17a8 AudioEndpointBuilder - ok
14:24:33.0054 0x17a8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:24:33.0069 0x17a8 AudioSrv - ok
14:24:33.0241 0x17a8 [ AAE1DAE483DD57D0E267FCA42FCB5133, CB0A2DE350E975015C4601F66294B54DEFA9708082272DCB57E1BBB288ACE280 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
14:24:33.0256 0x17a8 avc3 - ok
14:24:33.0442 0x17a8 [ 8183B715BD56561C27BEBB68B1192B7A, 19C65D0684D24956CDB3A3369AFFF4ECAC3FB7D2AA38ED41AD75AF3DDDFE882B ] avckf C:\Windows\system32\DRIVERS\avckf.sys
14:24:33.0452 0x17a8 avckf - ok
14:24:33.0551 0x17a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:24:33.0551 0x17a8 AxInstSV - ok
14:24:33.0629 0x17a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:24:33.0629 0x17a8 b06bdrv - ok
14:24:33.0660 0x17a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:24:33.0660 0x17a8 b57nd60a - ok
14:24:33.0785 0x17a8 [ 2E552B658273B90251E0441631DE2CA3, EE6D42A9D95E8D53B5DBF9A3F195C63505CCB9C59C63E4BF7014CDC528217723 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:24:33.0785 0x17a8 BcmSqlStartupSvc - ok
14:24:33.0816 0x17a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:24:33.0816 0x17a8 BDESVC - ok
14:24:33.0879 0x17a8 [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
14:24:33.0879 0x17a8 bdfwfpf - ok
14:24:33.0894 0x17a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:24:33.0894 0x17a8 Beep - ok
14:24:33.0972 0x17a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:24:33.0988 0x17a8 BFE - ok
14:24:34.0035 0x17a8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:24:34.0066 0x17a8 BITS - ok
14:24:34.0097 0x17a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:24:34.0097 0x17a8 blbdrive - ok
14:24:34.0144 0x17a8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:24:34.0159 0x17a8 Bonjour Service - ok
14:24:34.0206 0x17a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:24:34.0206 0x17a8 bowser - ok
14:24:34.0237 0x17a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:24:34.0237 0x17a8 BrFiltLo - ok
14:24:34.0253 0x17a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:24:34.0253 0x17a8 BrFiltUp - ok
14:24:34.0300 0x17a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:24:34.0300 0x17a8 Browser - ok
14:24:34.0331 0x17a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:24:34.0347 0x17a8 Brserid - ok
14:24:34.0347 0x17a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:24:34.0347 0x17a8 BrSerWdm - ok
14:24:34.0362 0x17a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:24:34.0362 0x17a8 BrUsbMdm - ok
14:24:34.0378 0x17a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:24:34.0378 0x17a8 BrUsbSer - ok
14:24:34.0393 0x17a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:24:34.0409 0x17a8 BTHMODEM - ok
14:24:34.0440 0x17a8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:24:34.0456 0x17a8 BTHPORT - ok
14:24:34.0487 0x17a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:24:34.0487 0x17a8 bthserv - ok
14:24:34.0534 0x17a8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:24:34.0534 0x17a8 BTHUSB - ok
14:24:34.0596 0x17a8 [ 9887CA12F407D7FBC7F48F3678F5F0B6, 1EA21563AE990CE4EF407AB349DE5A66CB93CD7602FE6E450E119ADF0343914E ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
14:24:34.0596 0x17a8 BVRPMPR5a64 - ok
14:24:34.0643 0x17a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:24:34.0659 0x17a8 cdfs - ok
14:24:34.0705 0x17a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:24:34.0705 0x17a8 cdrom - ok
14:24:34.0783 0x17a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:24:34.0783 0x17a8 CertPropSvc - ok
14:24:34.0877 0x17a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:24:34.0877 0x17a8 circlass - ok
14:24:34.0924 0x17a8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:24:34.0955 0x17a8 CLFS - ok
14:24:35.0220 0x17a8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:24:35.0236 0x17a8 clr_optimization_v2.0.50727_32 - ok
14:24:35.0454 0x17a8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:24:35.0470 0x17a8 clr_optimization_v2.0.50727_64 - ok
14:24:35.0813 0x17a8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:24:35.0813 0x17a8 clr_optimization_v4.0.30319_32 - ok
14:24:35.0860 0x17a8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:24:35.0860 0x17a8 clr_optimization_v4.0.30319_64 - ok
14:24:35.0922 0x17a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:24:35.0922 0x17a8 CmBatt - ok
14:24:35.0985 0x17a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:24:36.0468 0x17a8 cmdide - ok
14:24:36.0531 0x17a8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
14:24:36.0546 0x17a8 CNG - ok
14:24:36.0562 0x17a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:24:36.0562 0x17a8 Compbatt - ok
14:24:36.0593 0x17a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:24:36.0609 0x17a8 CompositeBus - ok
14:24:36.0624 0x17a8 COMSysApp - ok
14:24:36.0718 0x17a8 [ 2C0197886BB851E6589087434D890926, 345AC2F80DB3FB530F6AD89FDB1BFF0423E27EF59B2DC46B65F9E2DB0D9D2E89 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe
14:24:36.0733 0x17a8 CrashPlanService - ok
14:24:36.0749 0x17a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:24:36.0749 0x17a8 crcdisk - ok
14:24:36.0796 0x17a8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:24:36.0811 0x17a8 CryptSvc - ok
14:24:36.0874 0x17a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:24:36.0889 0x17a8 DcomLaunch - ok
14:24:36.0936 0x17a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:24:36.0936 0x17a8 defragsvc - ok
14:24:36.0967 0x17a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:24:36.0967 0x17a8 DfsC - ok
14:24:37.0014 0x17a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:24:37.0030 0x17a8 Dhcp - ok
14:24:37.0045 0x17a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:24:37.0061 0x17a8 discache - ok
14:24:37.0108 0x17a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:24:37.0108 0x17a8 Disk - ok
14:24:37.0170 0x17a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:24:37.0170 0x17a8 Dnscache - ok
14:24:37.0233 0x17a8 [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
14:24:37.0233 0x17a8 DockLoginService - ok
14:24:37.0295 0x17a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:24:37.0295 0x17a8 dot3svc - ok
14:24:37.0342 0x17a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:24:37.0342 0x17a8 DPS - ok
14:24:37.0404 0x17a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:24:37.0404 0x17a8 drmkaud - ok
14:24:37.0482 0x17a8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:24:37.0498 0x17a8 DXGKrnl - ok
14:24:37.0545 0x17a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:24:37.0545 0x17a8 EapHost - ok
14:24:37.0654 0x17a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:24:37.0716 0x17a8 ebdrv - ok
14:24:37.0763 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
14:24:37.0763 0x17a8 EFS - ok
14:24:37.0825 0x17a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:24:37.0841 0x17a8 ehRecvr - ok
14:24:37.0872 0x17a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:24:37.0888 0x17a8 ehSched - ok
14:24:37.0950 0x17a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:24:37.0950 0x17a8 elxstor - ok
14:24:37.0981 0x17a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:24:37.0981 0x17a8 ErrDev - ok
14:24:38.0044 0x17a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:24:38.0059 0x17a8 EventSystem - ok
14:24:38.0091 0x17a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:24:38.0106 0x17a8 exfat - ok
14:24:38.0137 0x17a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:24:38.0153 0x17a8 fastfat - ok
14:24:38.0200 0x17a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:24:38.0215 0x17a8 Fax - ok
14:24:38.0231 0x17a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:24:38.0231 0x17a8 fdc - ok
14:24:38.0262 0x17a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:24:38.0278 0x17a8 fdPHost - ok
14:24:38.0278 0x17a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:24:38.0293 0x17a8 FDResPub - ok
14:24:38.0325 0x17a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:24:38.0325 0x17a8 FileInfo - ok
14:24:38.0371 0x17a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:24:38.0371 0x17a8 Filetrace - ok
14:24:38.0387 0x17a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:24:38.0387 0x17a8 flpydisk - ok
14:24:38.0434 0x17a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:24:38.0449 0x17a8 FltMgr - ok
14:24:38.0512 0x17a8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:24:38.0543 0x17a8 FontCache - ok
14:24:38.0605 0x17a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:38.0605 0x17a8 FontCache3.0.0.0 - ok
14:24:38.0621 0x17a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:24:38.0637 0x17a8 FsDepends - ok
14:24:38.0652 0x17a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:24:38.0652 0x17a8 Fs_Rec - ok
14:24:38.0699 0x17a8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:24:38.0699 0x17a8 fvevol - ok
14:24:38.0746 0x17a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:24:38.0746 0x17a8 gagp30kx - ok
14:24:38.0824 0x17a8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:24:38.0824 0x17a8 GEARAspiWDM - ok
14:24:38.0980 0x17a8 [ 360FC9E29EBCD7CB75320E2663EBA0F2, 00A9D79ABBC2D6D414EF9C55B1C18346A94CC81822B05F61EBE32FAC901922EF ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
14:24:38.0980 0x17a8 getPlusHelper - ok
14:24:39.0089 0x17a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:24:39.0120 0x17a8 gpsvc - ok
14:24:39.0276 0x17a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:39.0276 0x17a8 gupdate - ok
14:24:39.0339 0x17a8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:39.0354 0x17a8 gupdatem - ok
14:24:39.0401 0x17a8 [ 408B664926675C270D911160F1631D6B, 6BF7E613B708E2E81916DE6C83256F969797B9D039C16A20003541D698055BC7 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
14:24:39.0401 0x17a8 gzflt - ok
14:24:39.0448 0x17a8 [ B5CBEB9EB25A8230463037A647BC1469, 03643B05F9309ED4EF415CB6455D8B1FC39707745982C31AF0A42398C5A30B52 ] gzserv C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
14:24:39.0448 0x17a8 gzserv - ok
14:24:39.0495 0x17a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:24:39.0495 0x17a8 hcw85cir - ok
14:24:39.0526 0x17a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:24:39.0541 0x17a8 HDAudBus - ok
14:24:39.0604 0x17a8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:24:39.0604 0x17a8 HECIx64 - ok
14:24:39.0635 0x17a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:24:39.0635 0x17a8 HidBatt - ok
14:24:39.0666 0x17a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:24:39.0666 0x17a8 HidBth - ok
14:24:39.0697 0x17a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:24:39.0697 0x17a8 HidIr - ok
14:24:39.0729 0x17a8 [ C30862BF87640B707B2AE8BED00EFDD5, 0A4E25C467C03FD6E2CBBF77B807BD3C6177160F3D8007C841A1ED91934B94DC ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
14:24:39.0729 0x17a8 hidkmdf - ok
14:24:39.0760 0x17a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:24:39.0760 0x17a8 hidserv - ok
14:24:39.0807 0x17a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:24:39.0807 0x17a8 HidUsb - ok
14:24:39.0853 0x17a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:24:39.0853 0x17a8 hkmsvc - ok
14:24:39.0900 0x17a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:39.0900 0x17a8 HomeGroupListener - ok
14:24:39.0947 0x17a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:39.0947 0x17a8 HomeGroupProvider - ok
14:24:39.0978 0x17a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:24:39.0994 0x17a8 HpSAMD - ok
14:24:40.0025 0x17a8 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:24:40.0025 0x17a8 HTCAND64 - ok
14:24:40.0072 0x17a8 [ 6B2A1B01B79036A265734964CBA73AAB, 62411CC40494C5ACFD633311296074D2FEF6FC071683353E77D38BB7123BF280 ] htcusbnet C:\Windows\system32\DRIVERS\htcusbnet.sys
14:24:40.0072 0x17a8 htcusbnet - ok
14:24:40.0134 0x17a8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:24:40.0150 0x17a8 HTTP - ok
14:24:40.0212 0x17a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:24:40.0212 0x17a8 hwpolicy - ok
14:24:40.0259 0x17a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:24:40.0259 0x17a8 i8042prt - ok
14:24:40.0290 0x17a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:24:40.0306 0x17a8 iaStorV - ok
14:24:40.0353 0x17a8 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:24:40.0368 0x17a8 IDriverT - ok
14:24:40.0399 0x17a8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:24:40.0415 0x17a8 idsvc - ok
14:24:40.0431 0x17a8 IEEtwCollectorService - ok
14:24:40.0462 0x17a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:24:40.0477 0x17a8 iirsp - ok
14:24:40.0602 0x17a8 [ A06EFD4965F8A3F97A8C9A291D032678, 3B78AFB110A115F7C2136EBFE715CBC073EC341AA0457A1E41D64F9B269DE5BC ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:24:40.0602 0x17a8 IJPLMSVC - ok
14:24:40.0649 0x17a8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:24:40.0680 0x17a8 IKEEXT - ok
14:24:40.0899 0x17a8 [ F04D22D7A49A1B2210DBADF0B803E870, EC3CB81392784E1FBA79846D9241A8F58B5C0B03733A161AAB3EA5ECF4105A11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:24:40.0945 0x17a8 IntcAzAudAddService - ok
14:24:41.0039 0x17a8 [ 49072EDBC5C2F964917D1B585C90ED0A, 23B39F2813229CBB88A987A4A0B04C6D86234B1B8684E4E51A2F05ADDF06084B ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:24:41.0070 0x17a8 IntcDAud - ok
14:24:41.0133 0x17a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:24:41.0148 0x17a8 intelide - ok
14:24:41.0195 0x17a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:24:41.0195 0x17a8 intelppm - ok
14:24:41.0242 0x17a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:24:41.0257 0x17a8 IPBusEnum - ok
14:24:41.0398 0x17a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:41.0413 0x17a8 IpFilterDriver - ok
14:24:41.0491 0x17a8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:24:41.0523 0x17a8 iphlpsvc - ok
14:24:41.0569 0x17a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:24:41.0601 0x17a8 IPMIDRV - ok
14:24:41.0663 0x17a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:24:41.0663 0x17a8 IPNAT - ok
14:24:41.0866 0x17a8 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:24:41.0881 0x17a8 iPod Service - ok
14:24:41.0959 0x17a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:24:41.0975 0x17a8 IRENUM - ok
14:24:42.0037 0x17a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:24:42.0053 0x17a8 isapnp - ok
14:24:42.0100 0x17a8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:24:42.0131 0x17a8 iScsiPrt - ok
14:24:42.0225 0x17a8 [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
14:24:42.0240 0x17a8 ivusb - ok
14:24:42.0349 0x17a8 [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:24:42.0365 0x17a8 k57nd60a - ok
14:24:42.0396 0x17a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:24:42.0427 0x17a8 kbdclass - ok
14:24:42.0474 0x17a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:24:42.0490 0x17a8 kbdhid - ok
14:24:42.0521 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
14:24:42.0521 0x17a8 KeyIso - ok
14:24:42.0646 0x17a8 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:24:42.0677 0x17a8 KSecDD - ok
14:24:42.0771 0x17a8 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:24:42.0802 0x17a8 KSecPkg - ok
14:24:42.0911 0x17a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:24:42.0927 0x17a8 ksthunk - ok
14:24:43.0083 0x17a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:24:43.0129 0x17a8 KtmRm - ok
14:24:43.0348 0x17a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:24:43.0379 0x17a8 LanmanServer - ok
14:24:43.0504 0x17a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:24:43.0535 0x17a8 LanmanWorkstation - ok
14:24:43.0597 0x17a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:24:43.0597 0x17a8 lltdio - ok
14:24:43.0629 0x17a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:24:43.0644 0x17a8 lltdsvc - ok
14:24:43.0660 0x17a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:24:43.0660 0x17a8 lmhosts - ok
14:24:43.0707 0x17a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:24:43.0707 0x17a8 LSI_FC - ok
14:24:43.0738 0x17a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:24:43.0753 0x17a8 LSI_SAS - ok
14:24:43.0769 0x17a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:24:43.0769 0x17a8 LSI_SAS2 - ok
14:24:43.0831 0x17a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:24:43.0831 0x17a8 LSI_SCSI - ok
14:24:43.0878 0x17a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:24:43.0878 0x17a8 luafv - ok
14:24:43.0941 0x17a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:24:43.0956 0x17a8 Mcx2Svc - ok
14:24:44.0065 0x17a8 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:24:44.0081 0x17a8 MDM - ok
14:24:44.0097 0x17a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:24:44.0112 0x17a8 megasas - ok
14:24:44.0128 0x17a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:24:44.0143 0x17a8 MegaSR - ok
14:24:44.0221 0x17a8 Microsoft SharePoint Workspace Audit Service - ok
14:24:44.0253 0x17a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:24:44.0253 0x17a8 MMCSS - ok
14:24:44.0284 0x17a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:24:44.0299 0x17a8 Modem - ok
14:24:44.0346 0x17a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:24:44.0346 0x17a8 monitor - ok
14:24:44.0409 0x17a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:24:44.0424 0x17a8 mouclass - ok
14:24:44.0455 0x17a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:24:44.0471 0x17a8 mouhid - ok
14:24:44.0518 0x17a8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:24:44.0518 0x17a8 mountmgr - ok
14:24:44.0596 0x17a8 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:24:44.0611 0x17a8 MozillaMaintenance - ok
14:24:44.0674 0x17a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:24:44.0689 0x17a8 mpio - ok
14:24:44.0861 0x17a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:24:44.0861 0x17a8 mpsdrv - ok
14:24:44.0955 0x17a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:24:45.0017 0x17a8 MpsSvc - ok
14:24:45.0079 0x17a8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:24:45.0111 0x17a8 MRxDAV - ok
14:24:45.0157 0x17a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:24:45.0189 0x17a8 mrxsmb - ok
14:24:45.0251 0x17a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:24:45.0267 0x17a8 mrxsmb10 - ok
14:24:45.0345 0x17a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:24:45.0360 0x17a8 mrxsmb20 - ok
14:24:45.0407 0x17a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:24:45.0407 0x17a8 msahci - ok
14:24:45.0438 0x17a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:24:45.0454 0x17a8 msdsm - ok
14:24:45.0532 0x17a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:24:45.0547 0x17a8 MSDTC - ok
14:24:45.0625 0x17a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:24:45.0625 0x17a8 Msfs - ok
14:24:45.0703 0x17a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:24:45.0703 0x17a8 mshidkmdf - ok
14:24:45.0719 0x17a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:24:45.0719 0x17a8 msisadrv - ok
14:24:45.0735 0x17a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:24:45.0735 0x17a8 MSiSCSI - ok
14:24:45.0750 0x17a8 msiserver - ok
14:24:45.0797 0x17a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:24:45.0797 0x17a8 MSKSSRV - ok
14:24:45.0813 0x17a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:24:45.0813 0x17a8 MSPCLOCK - ok
14:24:45.0844 0x17a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:24:45.0844 0x17a8 MSPQM - ok
14:24:45.0875 0x17a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:24:45.0875 0x17a8 MsRPC - ok
14:24:45.0906 0x17a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:24:45.0906 0x17a8 mssmbios - ok
14:24:46.0000 0x17a8 MSSQL$MSSMLBIZ - ok
14:24:46.0062 0x17a8 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:24:46.0062 0x17a8 MSSQLServerADHelper100 - ok
14:24:46.0078 0x17a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:24:46.0078 0x17a8 MSTEE - ok
14:24:46.0093 0x17a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:24:46.0093 0x17a8 MTConfig - ok
14:24:46.0125 0x17a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:24:46.0125 0x17a8 Mup - ok
14:24:46.0156 0x17a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:24:46.0187 0x17a8 napagent - ok
14:24:46.0312 0x17a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:24:46.0327 0x17a8 NativeWifiP - ok
14:24:46.0702 0x17a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:24:46.0717 0x17a8 NDIS - ok
14:24:46.0749 0x17a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:24:46.0749 0x17a8 NdisCap - ok
14:24:46.0811 0x17a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:24:46.0811 0x17a8 NdisTapi - ok
14:24:46.0842 0x17a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:24:46.0842 0x17a8 Ndisuio - ok
14:24:46.0905 0x17a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:24:46.0905 0x17a8 NdisWan - ok
14:24:46.0967 0x17a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:24:46.0967 0x17a8 NDProxy - ok
14:24:47.0014 0x17a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:24:47.0014 0x17a8 NetBIOS - ok
14:24:47.0029 0x17a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:24:47.0045 0x17a8 NetBT - ok
14:24:47.0076 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
14:24:47.0076 0x17a8 Netlogon - ok
14:24:47.0107 0x17a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:24:47.0107 0x17a8 Netman - ok
14:24:47.0185 0x17a8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:47.0201 0x17a8 NetMsmqActivator - ok
14:24:47.0201 0x17a8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:47.0217 0x17a8 NetPipeActivator - ok
14:24:47.0232 0x17a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:24:47.0248 0x17a8 netprofm - ok
14:24:47.0248 0x17a8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:47.0248 0x17a8 NetTcpActivator - ok
14:24:47.0263 0x17a8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:24:47.0263 0x17a8 NetTcpPortSharing - ok
14:24:47.0279 0x17a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:24:47.0295 0x17a8 nfrd960 - ok
14:24:47.0310 0x17a8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:24:47.0326 0x17a8 NlaSvc - ok
14:24:47.0341 0x17a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:24:47.0357 0x17a8 Npfs - ok
14:24:47.0388 0x17a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:24:47.0388 0x17a8 nsi - ok
14:24:47.0419 0x17a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:24:47.0419 0x17a8 nsiproxy - ok
14:24:47.0482 0x17a8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:24:47.0529 0x17a8 Ntfs - ok
14:24:47.0529 0x17a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:24:47.0544 0x17a8 Null - ok
14:24:47.0560 0x17a8 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:24:47.0560 0x17a8 NVHDA - ok
14:24:47.0872 0x17a8 [ F4269CD67AD5141BBCD6652682ED6758, FE67E8513E40ED3BF128A14688431296DCBA2C50C4AB248D487D6D5EA0066448 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:24:48.0106 0x17a8 nvlddmkm - ok
14:24:48.0153 0x17a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:24:48.0153 0x17a8 nvraid - ok
14:24:48.0184 0x17a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:24:48.0184 0x17a8 nvstor - ok
14:24:48.0636 0x17a8 [ 99BC3E05B906F359901647EF852EF353, A872B9A265EE75313647B4B85EC6DB5F57593D31CB6FEAB453DAA0B331895D9A ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:24:48.0870 0x17a8 NvStreamSvc - ok
14:24:48.0948 0x17a8 [ 138AEEC8C947C3BBD6180BB327627325, 50F5353476AF9A2555EE0AA3D97101D5205CFE9B34AF254C64A85498A49D4878 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:24:48.0964 0x17a8 nvsvc - ok
14:24:49.0120 0x17a8 [ 10DEF604B1929D9515969E1CAE7D250A, AC343E716453B9CA16B4763A714FB4B09671D8EB56A8C46C22CBD769EB7937C4 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:24:49.0151 0x17a8 nvUpdatusService - ok
14:24:49.0182 0x17a8 [ 31B16657118E439B77B0A527F7EA66CB, 8C375D2AFF56125E08587DDDCE6AD31DE6D2DEEDC9AD95ADE95B7499F79A5B56 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:24:49.0182 0x17a8 nvvad_WaveExtensible - ok
14:24:49.0213 0x17a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:24:49.0229 0x17a8 nv_agp - ok
14:24:49.0245 0x17a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:24:49.0260 0x17a8 ohci1394 - ok
14:24:49.0276 0x17a8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:24:49.0291 0x17a8 ose - ok
14:24:49.0494 0x17a8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:24:49.0603 0x17a8 osppsvc - ok
14:24:49.0635 0x17a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:24:49.0650 0x17a8 p2pimsvc - ok
14:24:49.0681 0x17a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:24:49.0697 0x17a8 p2psvc - ok
14:24:49.0713 0x17a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:24:49.0728 0x17a8 Parport - ok
14:24:49.0744 0x17a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:24:49.0744 0x17a8 partmgr - ok
14:24:49.0775 0x17a8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
14:24:49.0775 0x17a8 PcaSvc - ok
14:24:49.0791 0x17a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:24:49.0791 0x17a8 pci - ok
14:24:49.0822 0x17a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:24:49.0822 0x17a8 pciide - ok
14:24:49.0837 0x17a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:24:49.0837 0x17a8 pcmcia - ok
14:24:49.0853 0x17a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:24:49.0853 0x17a8 pcw - ok
14:24:49.0884 0x17a8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:24:49.0900 0x17a8 PEAUTH - ok
14:24:49.0962 0x17a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:24:49.0962 0x17a8 PerfHost - ok
14:24:50.0025 0x17a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:24:50.0056 0x17a8 pla - ok
14:24:50.0103 0x17a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:24:50.0118 0x17a8 PlugPlay - ok
14:24:50.0149 0x17a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:24:50.0149 0x17a8 PNRPAutoReg - ok
14:24:50.0165 0x17a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:24:50.0165 0x17a8 PNRPsvc - ok
14:24:50.0196 0x17a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:24:50.0212 0x17a8 PolicyAgent - ok
14:24:50.0243 0x17a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:24:50.0259 0x17a8 Power - ok
14:24:50.0290 0x17a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:24:50.0290 0x17a8 PptpMiniport - ok
14:24:50.0321 0x17a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:24:50.0321 0x17a8 Processor - ok
14:24:50.0352 0x17a8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
14:24:50.0352 0x17a8 ProfSvc - ok
14:24:50.0368 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:24:50.0368 0x17a8 ProtectedStorage - ok
14:24:50.0399 0x17a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:24:50.0399 0x17a8 Psched - ok
14:24:50.0461 0x17a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:24:50.0493 0x17a8 ql2300 - ok
14:24:50.0508 0x17a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:24:50.0508 0x17a8 ql40xx - ok
14:24:50.0539 0x17a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:24:50.0539 0x17a8 QWAVE - ok
14:24:50.0586 0x17a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:24:50.0586 0x17a8 QWAVEdrv - ok
14:24:50.0742 0x17a8 [ 000D82CC258E2D341605A6F350C4D1E6, 59EC5BA95D8B9EC739BC7D0BBE0E244CA2AE2DF01A8B65BFF7741DFBE38C2940 ] RapportCerberus_59849 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys
14:24:50.0758 0x17a8 RapportCerberus_59849 - ok
14:24:50.0883 0x17a8 [ 65F38060719F254E445EBC33E42BF1AF, 3A101571ABAF5BAD37105A3E47490118BD050FB6AE1FBEFA2A5B448ECAD441A4 ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
14:24:50.0898 0x17a8 RapportEI64 - ok
14:24:50.0929 0x17a8 [ 0C9F7D59A83DF19897B60742E0D3F205, 7DB9B1A6FD9E9D8F9C836F22396AEDB0DBFD2687F532FBC57363C163A9D710A7 ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
14:24:50.0945 0x17a8 RapportKE64 - ok
14:24:50.0992 0x17a8 [ AD5B5C2C88A4D7E8D5AAA68576CB79C2, EBED14980CF4BC34839D81C49CE34DBBEA12282FBA890DF0DC90C013E70B41B2 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
14:24:51.0023 0x17a8 RapportMgmtService - ok
14:24:51.0070 0x17a8 [ 400FC02504B250B86AA374689884B92B, 822D6F8BEBF5BBD78192BB688069F624F28EE195E23427BABFC56408D28002EC ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
14:24:51.0070 0x17a8 RapportPG64 - ok
14:24:51.0101 0x17a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:24:51.0101 0x17a8 RasAcd - ok
14:24:51.0132 0x17a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:24:51.0132 0x17a8 RasAgileVpn - ok
14:24:51.0148 0x17a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:24:51.0163 0x17a8 RasAuto - ok
14:24:51.0195 0x17a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:24:51.0195 0x17a8 Rasl2tp - ok
14:24:51.0210 0x17a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:24:51.0210 0x17a8 RasMan - ok
14:24:51.0226 0x17a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:24:51.0226 0x17a8 RasPppoe - ok
14:24:51.0241 0x17a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:24:51.0257 0x17a8 RasSstp - ok
14:24:51.0288 0x17a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:24:51.0304 0x17a8 rdbss - ok
14:24:51.0335 0x17a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:24:51.0335 0x17a8 rdpbus - ok
14:24:51.0351 0x17a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:24:51.0351 0x17a8 RDPCDD - ok
14:24:51.0351 0x17a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:24:51.0351 0x17a8 RDPENCDD - ok
14:24:51.0366 0x17a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:24:51.0366 0x17a8 RDPREFMP - ok
14:24:51.0413 0x17a8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:24:51.0413 0x17a8 RDPWD - ok
14:24:51.0444 0x17a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:24:51.0460 0x17a8 rdyboost - ok
14:24:51.0491 0x17a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:24:51.0491 0x17a8 RemoteAccess - ok
14:24:51.0507 0x17a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:24:51.0507 0x17a8 RemoteRegistry - ok
14:24:51.0538 0x17a8 [ 010C9C26AF2464023D1F084975E69F80, 52404C1FA02CDBD5787C80F417E770D4C467FA70F58382FCFD17ABD4BDC076DC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:24:51.0553 0x17a8 RimUsb - ok
14:24:51.0585 0x17a8 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:24:51.0585 0x17a8 RimVSerPort - ok
14:24:51.0616 0x17a8 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
14:24:51.0631 0x17a8 ROOTMODEM - ok
14:24:51.0709 0x17a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:24:51.0709 0x17a8 RpcEptMapper - ok
14:24:51.0725 0x17a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:24:51.0725 0x17a8 RpcLocator - ok
14:24:51.0772 0x17a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:24:51.0772 0x17a8 RpcSs - ok
14:24:51.0803 0x17a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:24:51.0803 0x17a8 rspndr - ok
14:24:51.0819 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
14:24:51.0819 0x17a8 SamSs - ok
14:24:51.0850 0x17a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:24:51.0850 0x17a8 sbp2port - ok
14:24:51.0865 0x17a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:24:51.0865 0x17a8 SCardSvr - ok
14:24:51.0897 0x17a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:24:51.0897 0x17a8 scfilter - ok
14:24:51.0943 0x17a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:24:51.0959 0x17a8 Schedule - ok
14:24:51.0990 0x17a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:24:52.0006 0x17a8 SCPolicySvc - ok
14:24:52.0021 0x17a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:24:52.0037 0x17a8 SDRSVC - ok
14:24:52.0099 0x17a8 [ 16A252022535B680046F6E34E136D378, 31BCDAA742FDEC9E062C61E78D9E72A7ACBF77D5FEEE76933D0D378787F88E53 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
14:24:52.0115 0x17a8 SeaPort - ok
14:24:52.0115 0x17a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:24:52.0131 0x17a8 seclogon - ok
14:24:52.0131 0x17a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:24:52.0146 0x17a8 SENS - ok
14:24:52.0162 0x17a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:24:52.0162 0x17a8 SensrSvc - ok
14:24:52.0193 0x17a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:24:52.0193 0x17a8 Serenum - ok
14:24:52.0193 0x17a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:24:52.0209 0x17a8 Serial - ok
14:24:52.0224 0x17a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:24:52.0224 0x17a8 sermouse - ok
14:24:52.0255 0x17a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:24:52.0255 0x17a8 SessionEnv - ok
14:24:52.0271 0x17a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:24:52.0271 0x17a8 sffdisk - ok
14:24:52.0287 0x17a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:24:52.0287 0x17a8 sffp_mmc - ok
14:24:52.0318 0x17a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:24:52.0318 0x17a8 sffp_sd - ok
14:24:52.0349 0x17a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:24:52.0349 0x17a8 sfloppy - ok
14:24:52.0396 0x17a8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:24:52.0396 0x17a8 SharedAccess - ok
14:24:52.0427 0x17a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:24:52.0443 0x17a8 ShellHWDetection - ok
14:24:52.0489 0x17a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:24:52.0489 0x17a8 SiSRaid2 - ok
14:24:52.0521 0x17a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:24:52.0521 0x17a8 SiSRaid4 - ok
14:24:52.0552 0x17a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:24:52.0567 0x17a8 Smb - ok
14:24:52.0677 0x17a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:24:52.0677 0x17a8 SNMPTRAP - ok
14:24:52.0723 0x17a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:24:52.0723 0x17a8 spldr - ok
14:24:52.0801 0x17a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:24:52.0817 0x17a8 Spooler - ok
14:24:52.0942 0x17a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:24:53.0020 0x17a8 sppsvc - ok
14:24:53.0035 0x17a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:24:53.0035 0x17a8 sppuinotify - ok
14:24:53.0129 0x17a8 [ D630B6F2E8379B6F10DC16E82A426552, 9F7949B11BCEF55B38119ED45BD92117A8551BEC8A2BCD88EA89707C48120F1B ] sprtsvc_DellComms C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
14:24:53.0145 0x17a8 sprtsvc_DellComms - ok
14:24:53.0254 0x17a8 [ A892134C28777978ECDE8283DC57AC0F, 00D3663C38C82AC8EFF1E2731E7BCD1F3F16B126DDF7FC0DC88C4A5136F05D2D ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
14:24:53.0269 0x17a8 SQLAgent$MSSMLBIZ - ok
14:24:53.0301 0x17a8 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:24:53.0320 0x17a8 SQLBrowser - ok
14:24:53.0347 0x17a8 [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:24:53.0351 0x17a8 SQLWriter - ok
14:24:53.0390 0x17a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:24:53.0401 0x17a8 srv - ok
14:24:53.0421 0x17a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:24:53.0431 0x17a8 srv2 - ok
14:24:53.0449 0x17a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:24:53.0454 0x17a8 srvnet - ok
14:24:53.0488 0x17a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:24:53.0493 0x17a8 SSDPSRV - ok
14:24:53.0504 0x17a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:24:53.0507 0x17a8 SstpSvc - ok
14:24:53.0557 0x17a8 [ E57B778208C783D8DEBAB320C16A1B82, D9B0ACAF219D377E91737337466137F1AC78731659C1F0531BA3D9191DADC483 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
14:24:53.0557 0x17a8 StarOpen - ok
14:24:53.0619 0x17a8 [ 40356C93EB28C97111A63F4893CC7E3E, 75C82024B955ED82F0E20A6AF9524FD95A4A40D18DEF6FB6CC1C061FF0163421 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:24:53.0635 0x17a8 Stereo Service - ok
14:24:53.0666 0x17a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:24:53.0666 0x17a8 stexstor - ok
14:24:53.0729 0x17a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:24:53.0729 0x17a8 stisvc - ok
14:24:53.0807 0x17a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:24:53.0838 0x17a8 swenum - ok
14:24:53.0947 0x17a8 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:24:53.0963 0x17a8 SwitchBoard - ok
14:24:53.0978 0x17a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:24:53.0994 0x17a8 swprv - ok
14:24:54.0056 0x17a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:24:54.0087 0x17a8 SysMain - ok
14:24:54.0119 0x17a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:24:54.0119 0x17a8 TabletInputService - ok
14:24:54.0134 0x17a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:24:54.0134 0x17a8 TapiSrv - ok
14:24:54.0181 0x17a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:24:54.0197 0x17a8 TBS - ok
14:24:54.0275 0x17a8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:24:54.0306 0x17a8 Tcpip - ok
14:24:54.0368 0x17a8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:24:54.0399 0x17a8 TCPIP6 - ok
14:24:54.0431 0x17a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:24:54.0431 0x17a8 tcpipreg - ok
14:24:54.0446 0x17a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:24:54.0446 0x17a8 TDPIPE - ok
14:24:54.0477 0x17a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:24:54.0477 0x17a8 TDTCP - ok
14:24:54.0509 0x17a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:24:54.0509 0x17a8 tdx - ok
14:24:54.0524 0x17a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:24:54.0524 0x17a8 TermDD - ok
14:24:54.0571 0x17a8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
14:24:54.0587 0x17a8 TermService - ok
14:24:54.0618 0x17a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:24:54.0633 0x17a8 Themes - ok
14:24:54.0649 0x17a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:24:54.0649 0x17a8 THREADORDER - ok
14:24:54.0680 0x17a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:24:54.0680 0x17a8 TrkWks - ok
14:24:54.0774 0x17a8 [ 132C0E39AF0312E6B9611E2E1B344D41, 8B26EB55C5E0721498FF28A2865697FF761D237626A920608B5A80360BBD1285 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
14:24:54.0774 0x17a8 trufos - ok
14:24:54.0836 0x17a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:24:54.0852 0x17a8 TrustedInstaller - ok
14:24:54.0883 0x17a8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:24:54.0883 0x17a8 tssecsrv - ok
14:24:54.0914 0x17a8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:24:54.0914 0x17a8 TsUsbFlt - ok
14:24:54.0961 0x17a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:24:54.0961 0x17a8 tunnel - ok
14:24:54.0992 0x17a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:24:55.0008 0x17a8 uagp35 - ok
14:24:55.0055 0x17a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:24:55.0070 0x17a8 udfs - ok
14:24:55.0133 0x17a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:24:55.0148 0x17a8 UI0Detect - ok
14:24:55.0164 0x17a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:24:55.0164 0x17a8 uliagpkx - ok
14:24:55.0211 0x17a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:24:55.0211 0x17a8 umbus - ok
14:24:55.0242 0x17a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:24:55.0242 0x17a8 UmPass - ok
14:24:55.0257 0x17a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:24:55.0273 0x17a8 upnphost - ok
14:24:55.0320 0x17a8 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:24:55.0320 0x17a8 USBAAPL64 - ok
14:24:55.0367 0x17a8 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:24:55.0367 0x17a8 usbccgp - ok
14:24:55.0429 0x17a8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:24:55.0429 0x17a8 usbcir - ok
14:24:55.0460 0x17a8 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:24:55.0460 0x17a8 usbehci - ok
14:24:55.0538 0x17a8 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:24:55.0554 0x17a8 usbhub - ok
14:24:55.0569 0x17a8 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:24:55.0569 0x17a8 usbohci - ok
14:24:55.0617 0x17a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:24:55.0617 0x17a8 usbprint - ok
14:24:55.0648 0x17a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:24:55.0648 0x17a8 USBSTOR - ok
14:24:55.0680 0x17a8 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:24:55.0680 0x17a8 usbuhci - ok
14:24:55.0726 0x17a8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
14:24:55.0726 0x17a8 usb_rndisx - ok
14:24:55.0742 0x17a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:24:55.0742 0x17a8 UxSms - ok
14:24:55.0789 0x17a8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
14:24:55.0789 0x17a8 VaultSvc - ok
14:24:55.0836 0x17a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:24:55.0836 0x17a8 vdrvroot - ok
14:24:55.0867 0x17a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:24:55.0882 0x17a8 vds - ok
14:24:55.0929 0x17a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:24:55.0929 0x17a8 vga - ok
14:24:55.0929 0x17a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:24:55.0929 0x17a8 VgaSave - ok
14:24:55.0992 0x17a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:24:56.0007 0x17a8 vhdmp - ok
14:24:56.0085 0x17a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:24:56.0085 0x17a8 viaide - ok
14:24:56.0148 0x17a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:24:56.0148 0x17a8 volmgr - ok
14:24:56.0226 0x17a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:24:56.0226 0x17a8 volmgrx - ok
14:24:56.0272 0x17a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:24:56.0288 0x17a8 volsnap - ok
14:24:56.0366 0x17a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:24:56.0366 0x17a8 vsmraid - ok
14:24:56.0460 0x17a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:24:56.0491 0x17a8 VSS - ok
14:24:56.0506 0x17a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:24:56.0506 0x17a8 vwifibus - ok
14:24:56.0538 0x17a8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:24:56.0538 0x17a8 vwififlt - ok
14:24:56.0584 0x17a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:24:56.0584 0x17a8 W32Time - ok
14:24:56.0631 0x17a8 [ 36F235D558DCEB2F6FC69CCEA670F8E3, 08B395F68CD763EE0B0E636E19E30EF7E98E4889E0A0F8E580751E0446C56E0D ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
14:24:56.0631 0x17a8 WacHidRouter - ok
14:24:56.0662 0x17a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:24:56.0662 0x17a8 WacomPen - ok
14:24:56.0709 0x17a8 [ 60635598BE4DA3007A5D378F682A9510, 36B9495AA3223E0FA4E8658D4D7600ABA820C535E74C8B9ABBAD481F0EDAC75C ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
14:24:56.0709 0x17a8 wacomrouterfilter - ok
14:24:56.0756 0x17a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:24:56.0756 0x17a8 WANARP - ok
14:24:56.0756 0x17a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:24:56.0772 0x17a8 Wanarpv6 - ok
14:24:56.0850 0x17a8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:24:56.0865 0x17a8 WatAdminSvc - ok
14:24:56.0943 0x17a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:24:56.0974 0x17a8 wbengine - ok
14:24:57.0084 0x17a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:24:57.0084 0x17a8 WbioSrvc - ok
14:24:57.0146 0x17a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:24:57.0146 0x17a8 wcncsvc - ok
14:24:57.0177 0x17a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:24:57.0177 0x17a8 WcsPlugInService - ok
14:24:57.0224 0x17a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:24:57.0224 0x17a8 Wd - ok
14:24:57.0302 0x17a8 [ 96C4C98FE4866C16FC64E4578A0AA975, 978942885AE949BC131E991B8FB6C773FA4F925E5CF5EC653F3E1ED8CCB8886F ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
14:24:57.0333 0x17a8 WDBackup - ok
14:24:57.0364 0x17a8 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:24:57.0364 0x17a8 WDC_SAM - ok
14:24:57.0427 0x17a8 [ 80F8944EA183004D6EDCBBDCEC166404, AA89D6A49AB0B0E049485977E36E54A06AB1BC7D92DD3924AA8A12C5005BF5F6 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
14:24:57.0427 0x17a8 WDDriveService - ok
14:24:57.0474 0x17a8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:24:57.0489 0x17a8 Wdf01000 - ok
14:24:57.0520 0x17a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:24:57.0520 0x17a8 WdiServiceHost - ok
14:24:57.0520 0x17a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:24:57.0536 0x17a8 WdiSystemHost - ok
14:24:57.0661 0x17a8 [ FD2D1C60CDBDFAB63EF182539D8FFC2D, 6774CACC3EAC8764E860C2AABD6F3843AD2C8E6E8D4943B3785E8C7A85FAB1E0 ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
14:24:57.0692 0x17a8 WDRulesService - ok
14:24:57.0723 0x17a8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:24:57.0723 0x17a8 WebClient - ok
14:24:57.0770 0x17a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:24:57.0786 0x17a8 Wecsvc - ok
14:24:57.0832 0x17a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:24:57.0848 0x17a8 wercplsupport - ok
14:24:57.0879 0x17a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:24:57.0895 0x17a8 WerSvc - ok
14:24:57.0973 0x17a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:24:57.0973 0x17a8 WfpLwf - ok
14:24:58.0113 0x17a8 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:24:58.0129 0x17a8 WimFltr - ok
14:24:58.0176 0x17a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:24:58.0191 0x17a8 WIMMount - ok
14:24:58.0207 0x17a8 WinDefend - ok
14:24:58.0222 0x17a8 WinHttpAutoProxySvc - ok
14:24:58.0269 0x17a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:24:58.0285 0x17a8 Winmgmt - ok
14:24:58.0378 0x17a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:24:58.0425 0x17a8 WinRM - ok
14:24:58.0472 0x17a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:24:58.0472 0x17a8 WinUsb - ok
14:24:58.0550 0x17a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:24:58.0566 0x17a8 Wlansvc - ok
14:24:58.0722 0x17a8 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:24:58.0768 0x17a8 wlidsvc - ok
14:24:58.0800 0x17a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:24:58.0815 0x17a8 WmiAcpi - ok
14:24:58.0909 0x17a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:24:58.0909 0x17a8 wmiApSrv - ok
14:24:58.0924 0x17a8 WMPNetworkSvc - ok
14:24:58.0940 0x17a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:24:58.0940 0x17a8 WPCSvc - ok
14:24:58.0971 0x17a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:24:58.0987 0x17a8 WPDBusEnum - ok
14:24:59.0002 0x17a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:24:59.0002 0x17a8 ws2ifsl - ok
14:24:59.0034 0x17a8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:24:59.0034 0x17a8 wscsvc - ok
14:24:59.0034 0x17a8 WSearch - ok
14:24:59.0127 0x17a8 [ BD52D2B799A101C7C11F422F77CAC529, 15FDA608810C9C3D12875469F5E8360E68C1BE0F2305ED6617DD958D9C8A9D7A ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
14:24:59.0143 0x17a8 WTabletServicePro - ok
14:24:59.0221 0x17a8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
14:24:59.0268 0x17a8 wuauserv - ok
14:24:59.0314 0x17a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:24:59.0314 0x17a8 WudfPf - ok
14:24:59.0346 0x17a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:24:59.0346 0x17a8 WUDFRd - ok
14:24:59.0361 0x17a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:24:59.0361 0x17a8 wudfsvc - ok
14:24:59.0392 0x17a8 [ FE90B750AB808FB9DD8FBB428B5FF83B,
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 3:30 pm

3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:24:59.0408 0x17a8 WwanSvc - ok
14:24:59.0439 0x17a8 ================ Scan global ===============================
14:24:59.0470 0x17a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:24:59.0548 0x17a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:24:59.0611 0x17a8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:24:59.0689 0x17a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:24:59.0829 0x17a8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:24:59.0845 0x17a8 [ Global ] - ok
14:24:59.0845 0x17a8 ================ Scan MBR ==================================
14:24:59.0876 0x17a8 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
14:25:00.0079 0x17a8 \Device\Harddisk0\DR0 - ok
14:25:00.0110 0x17a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:25:00.0110 0x17a8 \Device\Harddisk1\DR1 - ok
14:25:00.0126 0x17a8 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk10\DR10
14:25:00.0126 0x17a8 \Device\Harddisk10\DR10 - ok
14:25:00.0141 0x17a8 ================ Scan VBR ==================================
14:25:00.0157 0x17a8 [ 3147503FE7615020D12D6407532493D2 ] \Device\Harddisk0\DR0\Partition1
14:25:00.0172 0x17a8 \Device\Harddisk0\DR0\Partition1 - ok
14:25:00.0188 0x17a8 [ 917241E3F1D1D5DB45DAEBF0AC3C9D2F ] \Device\Harddisk0\DR0\Partition2
14:25:00.0188 0x17a8 \Device\Harddisk0\DR0\Partition2 - ok
14:25:00.0188 0x17a8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
14:25:00.0188 0x17a8 \Device\Harddisk1\DR1\Partition1 - ok
14:25:00.0204 0x17a8 [ C6028127D64894CF8E892F8261775C0B ] \Device\Harddisk1\DR1\Partition2
14:25:00.0204 0x17a8 \Device\Harddisk1\DR1\Partition2 - ok
14:25:00.0204 0x17a8 [ 775092D264CAF1D0F47CB4867E1746DD ] \Device\Harddisk10\DR10\Partition1
14:25:00.0204 0x17a8 \Device\Harddisk10\DR10\Partition1 - ok
14:25:00.0219 0x17a8 Waiting for KSN requests completion. In queue: 71
14:25:01.0233 0x17a8 Waiting for KSN requests completion. In queue: 71
14:25:02.0247 0x17a8 Waiting for KSN requests completion. In queue: 71
14:25:03.0261 0x17a8 Waiting for KSN requests completion. In queue: 71
14:25:04.0275 0x17a8 AV detected via SS2: Bitdefender Antivirus Free Edition, C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe ( 1.0.21.1099 ), 0x41000 ( enabled : updated )
14:25:04.0306 0x17a8 Win FW state via NFP2: enabled
14:25:07.0192 0x17a8 ============================================================
14:25:07.0192 0x17a8 Scan finished
14:25:07.0192 0x17a8 ============================================================
14:25:07.0192 0x0738 Detected object count: 0
14:25:07.0192 0x0738 Actual detected object count: 0
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 3:41 pm

If it would not take up too much time I would love to go through the start up programs and the orphans of the defensive programs but that is up to you, I do not want to take away time shopping for presents.
I digress, back to the important stuff. The Eset was problematic, it gave me the following on Firefox;

The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

This problem can sometimes be caused by disabling or refusing to accept cookies.

And this message on Explorer;

This page can’t be displayed

•Make sure the web address http://www.eset.com is correct.
•Look for the page with your search engine.
•Refresh the page in a few minutes.


I am not sure if you wanted me to remove the other Anti Malware programs, Although I had removed Hitman prior to your initial response. Not sure if the extra protection would be part of the not allowing my use of eset or not. I appreciate your help and please let me know what to do next.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby Gary R » December 17th, 2013, 7:32 pm

Don't worry about e-set for the moment, we'll come back to it later if necessary.

For the moment I'm going through the other logs. As it's getting late where I am, it will probably be tomorrow morning (my time) before I get back to you.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer slowdown please help

Unread postby DougSr » December 17th, 2013, 7:41 pm

Get some sleep, it is no problem I appreciate the help.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby Gary R » December 18th, 2013, 5:50 am

OK, lets get started on cleaning up things a bit, and we'll see where that takes us.

First ...

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following if you haven't already done so:

HitmanPro 3.7
SpywareBlaster 5.0
Rapport
Trusteer Endpoint Protection


Reboot your computer once all of them have been uninstalled.

Next ...

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box. (do not inclued the line Code: Select all)
Code: Select all
:OTL
SRV - [2013/12/02 18:59:50 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
DRV:64bit: - [2013/12/02 19:00:04 | 000,316,248 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV - [2013/12/02 19:00:04 | 000,397,784 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2013/12/02 19:00:04 | 000,282,648 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2013/10/27 20:56:22 | 000,606,672 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys -- (RapportCerberus_59849)
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\SearchScopes,DefaultScope = {B48F689A-875F-451B-BAA9-FF226F37BD50}
IE - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\SearchScopes\{D04D1149-7A5D-4256-A7DA-D58772D595F3}: "URL" = http://search1.brandthunder.com/?q= {searchTerms}&tid={tid?}
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-246240781-1227866155-2015313242-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O33 - MountPoints2\{0d70a4a4-14e9-11e3-87c0-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{0d70a4a4-14e9-11e3-87c0-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{25abff98-74e0-11e0-ab9e-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{25abff98-74e0-11e0-ab9e-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{2b24ba45-ad78-11e2-a85c-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{2b24ba45-ad78-11e2-a85c-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{2b24ba4f-ad78-11e2-a85c-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{2b24ba4f-ad78-11e2-a85c-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{33d43db6-e404-11df-9d8b-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{33d43db6-e404-11df-9d8b-002564e8ca4b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{488d8a27-9b1a-11e1-b8ca-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{488d8a27-9b1a-11e1-b8ca-002564e8ca4b}\Shell\AutoRun\command - "" = H:\ToolLauncher-Bootstrap.exe
O33 - MountPoints2\{511f2451-1341-11e3-a894-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{511f2451-1341-11e3-a894-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{579feb48-8fb9-11e2-9c25-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{579feb48-8fb9-11e2-9c25-002564e8ca4b}\Shell\AutoRun\command - "" = J:\TL-Bootstrap.exe
O33 - MountPoints2\{579feb55-8fb9-11e2-9c25-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{579feb55-8fb9-11e2-9c25-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{a5d917d4-6731-11e0-ad33-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{a5d917d4-6731-11e0-ad33-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{b34b254e-0462-11e2-9c35-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{b34b254e-0462-11e2-9c35-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL_Bootstrap.exe
O33 - MountPoints2\{bdfc3633-85d9-11e2-80d2-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{bdfc3633-85d9-11e2-80d2-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{c0fbb6bf-64da-11e0-ab83-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{c0fbb6bf-64da-11e0-ab83-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{cd55b5ca-73b1-11e2-abdc-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{cd55b5ca-73b1-11e2-abdc-002564e8ca4b}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{cd55b62b-73b1-11e2-abdc-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{cd55b62b-73b1-11e2-abdc-002564e8ca4b}\Shell\AutoRun\command - "" = H:\setup.exe -a
O33 - MountPoints2\{da5874dd-6f40-11e2-bc2f-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{da5874dd-6f40-11e2-bc2f-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
O33 - MountPoints2\{e04d3b75-6f99-11e0-a78b-002564e8ca4b}\Shell - "" = AutoRun
O33 - MountPoints2\{e04d3b75-6f99-11e0-a78b-002564e8ca4b}\Shell\AutoRun\command - "" = H:\TL-Bootstrap.exe
[2013/12/02 22:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/12/02 22:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/12/02 19:00:04 | 000,316,248 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2013/12/02 21:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2013/12/02 21:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[2012/08/20 14:05:42 | 000,000,000 | ---D | M] -- C:\Users\Father\AppData\Roaming\IObit
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

:Files
C:\Program Files\HitmanPro
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\Program Files (x86)\SpywareBlaster
C:\Program Files (x86)\Trusteer
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]


  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Please also let me know how your computer is running now, and whether there has been any improvement in performance.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer slowdown please help

Unread postby DougSr » December 18th, 2013, 8:00 am

When I click the Run Fix button I get the following message;

There is no disk in the drive. Please insert a disk into drove \Device\Harddisk4\DRV4

Come to think of it I think I got this message previously when I ran OTL, I apologize for not mentioning it. I stopped the program and will wait to see what you say before proceeding.
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby Gary R » December 18th, 2013, 8:58 am

I don't see a Hard Drive 4 on your machine, there's only 0 (:C),1 (:I), and 10 (:N), so at the moment I've no idea why you're getting that message.

Lets try running a scan with something different since OTL does not appear to be interacting well with your setup. Once I've got the log from the new tool I should be able to compose a new "fix" that does the same as what I was trying to do with OTL.

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer slowdown please help

Unread postby DougSr » December 18th, 2013, 3:42 pm

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 03
Ran by Father (administrator) on FATHER-PC on 18-12-2013 14:36:05
Running from C:\Users\Father\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD Smartware\WDRulesEngine.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital ) C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanDesktop.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2184520 2009-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {488d8a27-9b1a-11e1-b8ca-002564e8ca4b} - H:\ToolLauncher-Bootstrap.exe
MountPoints2: {511f2451-1341-11e3-a894-002564e8ca4b} - H:\TL-Bootstrap.exe
MountPoints2: {579feb48-8fb9-11e2-9c25-002564e8ca4b} - J:\TL-Bootstrap.exe
MountPoints2: {579feb55-8fb9-11e2-9c25-002564e8ca4b} - H:\TL-Bootstrap.exe
MountPoints2: {a5d917d4-6731-11e0-ad33-002564e8ca4b} - H:\TL-Bootstrap.exe
MountPoints2: {b34b254e-0462-11e2-9c35-002564e8ca4b} - H:\TL_Bootstrap.exe
MountPoints2: {bdfc3633-85d9-11e2-80d2-002564e8ca4b} - H:\TL-Bootstrap.exe
MountPoints2: {c0fbb6bf-64da-11e0-ab83-002564e8ca4b} - E:\TL-Bootstrap.exe
MountPoints2: {cd55b5ca-73b1-11e2-abdc-002564e8ca4b} - E:\TL-Bootstrap.exe
MountPoints2: {cd55b62b-73b1-11e2-abdc-002564e8ca4b} - H:\setup.exe -a
MountPoints2: {da5874dd-6f40-11e2-bc2f-002564e8ca4b} - H:\TL-Bootstrap.exe
MountPoints2: {e04d3b75-6f99-11e0-a78b-002564e8ca4b} - H:\TL-Bootstrap.exe
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Father\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser.Father-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
BootExecute:

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mercercountysports.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1FBC9806-4711-4D06-9B0C-83F52F2CB6AA} URL =
SearchScopes: HKCU - {B48F689A-875F-451B-BAA9-FF226F37BD50} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203
FF Homepage: hxxp://www.mercercountysports.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Father\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Father\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: noscript - C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Father\AppData\Roaming\Mozilla\Firefox\Profiles\pcqhthr6.default-1372563767203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.mercercountysports.com/
CHR RestoreOnStartup: "hxxp://www.mercercountysports.com/"
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Father\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (getPlusPlus for Adobe 16263) - C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Father\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Screen Capture (by Google)) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.6_0
CHR Extension: (avast! Online Security) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Tom Sachs) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj\3_0
CHR Extension: (Google Wallet) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Father\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-08] (CrashPlan)
S3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [67360 2010-02-19] (NOS Microsystems Ltd.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-17] (NVIDIA Corporation)
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-10-03] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 htcusbnet; C:\Windows\System32\DRIVERS\htcusbnet.sys [153600 2010-12-14] (HTC Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] ()
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-12-11] (BitDefender)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-18 14:36 - 2013-12-18 14:36 - 00021794 _____ C:\Users\Father\Desktop\FRST.txt
2013-12-18 14:35 - 2013-12-18 14:35 - 00000000 ____D C:\FRST
2013-12-18 14:34 - 2013-12-18 14:34 - 01929306 _____ (Farbar) C:\Users\Father\Desktop\FRST64.exe
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\_OTL
2013-12-17 13:58 - 2013-12-17 13:58 - 00082186 _____ C:\Users\Father\Desktop\Extras.Txt
2013-12-17 13:57 - 2013-12-17 13:57 - 00123496 _____ C:\Users\Father\Desktop\OTL.Txt
2013-12-17 13:31 - 2013-12-17 13:31 - 00602112 _____ (OldTimer Tools) C:\Users\Father\Desktop\OTL.exe
2013-12-13 20:24 - 2013-12-13 20:24 - 00014498 _____ C:\Users\Father\Desktop\Attach12-13-13.txt
2013-12-13 20:24 - 2013-12-13 20:24 - 00014498 _____ C:\Users\Father\Desktop\attach.txt
2013-12-13 20:24 - 2013-12-13 20:23 - 00027373 _____ C:\Users\Father\Desktop\dds.txt
2013-12-13 20:15 - 2013-12-13 20:15 - 00688992 ____R (Swearware) C:\Users\Father\Desktop\dds.scr
2013-12-13 20:15 - 2013-12-13 20:15 - 00002057 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
2013-12-13 03:04 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 03:04 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 03:04 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 03:04 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 03:03 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 03:03 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 03:03 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-13 03:03 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 03:03 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-13 03:03 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 03:03 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 03:03 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 03:03 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 03:03 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 03:03 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 03:03 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-13 03:03 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-13 03:03 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 03:03 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 03:03 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 03:03 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 03:03 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-13 03:03 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 03:03 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-13 03:03 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 03:03 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 03:03 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-13 03:03 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-13 03:03 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 03:03 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 03:02 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 03:02 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 03:02 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 03:02 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 03:02 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 02:51 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 02:51 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 02:51 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 02:51 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 02:51 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 02:51 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 02:51 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 02:51 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 02:51 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 02:51 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 02:51 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 02:51 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 02:51 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 02:51 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 02:51 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 02:51 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 02:51 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 02:51 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 02:51 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 18:52 - 2013-12-11 19:05 - 00000000 ____D C:\Users\Father\Desktop\2013 Hickory South Fayette Football
2013-12-11 18:08 - 2013-12-11 18:08 - 00000000 ____D C:\Users\Father\Desktop\2013 Sharpsville Conneaut Football
2013-12-11 13:18 - 2013-12-11 14:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-11 13:17 - 2013-12-11 13:17 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-11 13:05 - 2013-12-11 13:05 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2013-12-11 12:54 - 2013-12-11 12:55 - 00000085 _____ C:\Windows\wininit.ini
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Users\Father\Documents\ProcAlyzer Dumps
2013-12-02 22:09 - 2013-12-11 12:56 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-02 22:09 - 2013-12-11 12:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-02 22:09 - 2013-12-02 22:09 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 21:17 - 2013-12-18 06:43 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-12-02 21:17 - 2013-12-02 21:17 - 00000000 ____D C:\ProgramData\Licenses
2013-11-25 22:15 - 2013-11-25 22:15 - 00230195 _____ C:\ProgramData\1385435154.bdinstall.bin
2013-11-25 22:13 - 2013-11-25 22:13 - 00002174 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2013-11-25 22:13 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-11-25 22:13 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-11-25 22:08 - 2013-11-25 22:14 - 00000000 ____D C:\Program Files\Bitdefender
2013-11-25 22:07 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2013-11-25 22:06 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-11-25 22:03 - 2013-12-18 06:49 - 00320892 _____ C:\Windows\PFRO.log
2013-11-25 22:00 - 2013-11-25 22:00 - 00045467 _____ C:\ProgramData\1385434760.bdinstall.bin
2013-11-25 10:01 - 2013-12-18 06:50 - 00004118 _____ C:\Windows\setupact.log
2013-11-25 10:01 - 2013-11-25 10:01 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 09:28 - 2013-12-17 14:23 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Father\Desktop\TDSSKiller.exe

==================== One Month Modified Files and Folders =======

2013-12-18 14:36 - 2013-12-18 14:36 - 00021794 _____ C:\Users\Father\Desktop\FRST.txt
2013-12-18 14:35 - 2013-12-18 14:35 - 00000000 ____D C:\FRST
2013-12-18 14:34 - 2013-12-18 14:34 - 01929306 _____ (Farbar) C:\Users\Father\Desktop\FRST64.exe
2013-12-18 14:34 - 2010-05-06 06:34 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000UA.job
2013-12-18 14:08 - 2009-07-14 00:10 - 01704322 _____ C:\Windows\WindowsUpdate.log
2013-12-18 13:45 - 2013-05-13 23:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-18 13:41 - 2012-03-31 04:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-18 11:34 - 2010-05-06 06:34 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000Core.job
2013-12-18 10:04 - 2013-05-22 08:13 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-12-18 09:47 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 09:47 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-18 07:45 - 2013-05-13 23:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-18 06:55 - 2013-12-18 06:55 - 00000000 ____D C:\_OTL
2013-12-18 06:50 - 2013-11-25 10:01 - 00004118 _____ C:\Windows\setupact.log
2013-12-18 06:50 - 2010-01-20 15:27 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-18 06:50 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-18 06:49 - 2013-11-25 22:03 - 00320892 _____ C:\Windows\PFRO.log
2013-12-18 06:47 - 2010-03-29 23:15 - 00000000 ____D C:\Users\Father\AppData\Local\CrashDumps
2013-12-18 06:43 - 2013-12-02 21:17 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-12-18 02:00 - 2010-02-27 01:40 - 00000000 ____D C:\Users\Father\AppData\Local\Adobe
2013-12-17 14:23 - 2013-11-18 09:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Father\Desktop\TDSSKiller.exe
2013-12-17 13:58 - 2013-12-17 13:58 - 00082186 _____ C:\Users\Father\Desktop\Extras.Txt
2013-12-17 13:57 - 2013-12-17 13:57 - 00123496 _____ C:\Users\Father\Desktop\OTL.Txt
2013-12-17 13:31 - 2013-12-17 13:31 - 00602112 _____ (OldTimer Tools) C:\Users\Father\Desktop\OTL.exe
2013-12-16 19:04 - 2010-03-01 08:51 - 00007644 _____ C:\Users\Father\AppData\Local\Resmon.ResmonCfg
2013-12-16 18:44 - 2009-07-14 00:13 - 00872634 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-16 18:36 - 2012-07-28 21:00 - 00000000 ____D C:\Windows\pss
2013-12-16 18:36 - 2010-02-26 21:45 - 00000000 ___RD C:\Users\Father\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-15 09:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-14 12:44 - 2009-07-13 23:45 - 05369512 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 10:42 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-14 10:41 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 10:34 - 2010-02-27 00:28 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 20:24 - 2013-12-13 20:24 - 00014498 _____ C:\Users\Father\Desktop\Attach12-13-13.txt
2013-12-13 20:24 - 2013-12-13 20:24 - 00014498 _____ C:\Users\Father\Desktop\attach.txt
2013-12-13 20:23 - 2013-12-13 20:24 - 00027373 _____ C:\Users\Father\Desktop\dds.txt
2013-12-13 20:15 - 2013-12-13 20:15 - 00688992 ____R (Swearware) C:\Users\Father\Desktop\dds.scr
2013-12-13 20:15 - 2013-12-13 20:15 - 00002057 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-bit.lnk
2013-12-13 20:13 - 2011-08-18 13:17 - 00000000 ____D C:\Program Files\Adobe
2013-12-13 20:03 - 2011-08-18 13:41 - 00000000 ____D C:\Users\Father\Desktop\Adobe
2013-12-13 18:09 - 2012-06-16 07:11 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-12-13 17:57 - 2010-02-26 21:45 - 00110808 _____ C:\Users\Father\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-13 17:55 - 2011-08-18 13:17 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-13 17:54 - 2010-02-26 23:51 - 00000000 ____D C:\Users\Father\AppData\Roaming\Adobe
2013-12-13 17:52 - 2010-01-20 15:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-13 11:25 - 2013-05-22 08:12 - 00000000 ____D C:\Program Files\My Dell
2013-12-13 11:25 - 2010-01-20 15:37 - 00000000 ____D C:\ProgramData\PCDr
2013-12-13 09:49 - 2013-02-08 16:02 - 00000000 ____D C:\Users\Father\Desktop\Lebanon Deacons
2013-12-13 03:04 - 2010-10-11 09:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 19:05 - 2013-12-11 18:52 - 00000000 ____D C:\Users\Father\Desktop\2013 Hickory South Fayette Football
2013-12-11 18:08 - 2013-12-11 18:08 - 00000000 ____D C:\Users\Father\Desktop\2013 Sharpsville Conneaut Football
2013-12-11 14:59 - 2013-12-11 13:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-11 13:17 - 2013-12-11 13:17 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-11 13:14 - 2013-11-17 17:56 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-11 13:14 - 2013-11-17 17:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-11 13:05 - 2013-12-11 13:05 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2013-12-11 12:56 - 2013-12-02 22:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-11 12:55 - 2013-12-11 12:54 - 00000085 _____ C:\Windows\wininit.ini
2013-12-11 12:55 - 2013-12-02 22:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-11 05:41 - 2012-03-31 04:56 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 05:41 - 2012-03-31 04:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 05:41 - 2011-05-25 23:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 18:50 - 2013-09-30 07:45 - 00000000 ____D C:\Users\Father\Desktop\senior football and cheerleaders 2013 (2)
2013-12-08 17:14 - 2010-03-16 06:59 - 00007688 _____ C:\Users\Father\AppData\Roaming\wklnhst.dat
2013-12-08 17:14 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-08 17:13 - 2011-08-02 11:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-02 22:34 - 2013-12-02 22:34 - 00000000 ____D C:\Users\Father\Documents\ProcAlyzer Dumps
2013-12-02 22:09 - 2013-12-02 22:09 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 21:17 - 2013-12-02 21:17 - 00000000 ____D C:\ProgramData\Licenses
2013-12-01 07:40 - 2013-05-13 23:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-01 07:40 - 2013-05-13 23:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-29 11:29 - 2010-05-06 06:34 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000UA
2013-11-29 11:29 - 2010-05-06 06:34 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000Core
2013-11-26 06:54 - 2013-12-13 03:03 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 05:19 - 2013-12-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 05:18 - 2013-12-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 05:11 - 2013-12-13 03:02 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 04:48 - 2013-12-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 04:46 - 2013-12-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 04:41 - 2013-12-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 04:29 - 2013-12-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 04:27 - 2013-12-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 04:23 - 2013-12-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 04:21 - 2013-12-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 04:18 - 2013-12-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 04:18 - 2013-12-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 04:16 - 2013-12-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 03:57 - 2013-12-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 03:38 - 2013-12-13 03:03 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 03:38 - 2013-12-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 03:35 - 2013-12-13 03:02 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 03:32 - 2013-12-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 03:28 - 2013-12-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 03:16 - 2013-12-13 03:02 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 03:02 - 2013-12-13 03:03 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 02:48 - 2013-12-13 03:02 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 02:32 - 2013-12-13 03:03 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 02:26 - 2013-12-13 03:02 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 02:07 - 2013-12-13 03:03 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 01:40 - 2013-12-13 03:03 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 01:34 - 2013-12-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 01:34 - 2013-12-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 01:33 - 2013-12-13 03:03 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 01:27 - 2013-12-13 03:03 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 22:15 - 2013-11-25 22:15 - 00230195 _____ C:\ProgramData\1385435154.bdinstall.bin
2013-11-25 22:14 - 2013-11-25 22:08 - 00000000 ____D C:\Program Files\Bitdefender
2013-11-25 22:13 - 2013-11-25 22:13 - 00002174 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2013-11-25 22:09 - 2013-11-17 17:22 - 00000000 ____D C:\Users\Father\AppData\Roaming\QuickScan
2013-11-25 22:03 - 2012-04-09 15:57 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-25 22:00 - 2013-11-25 22:00 - 00045467 _____ C:\ProgramData\1385434760.bdinstall.bin
2013-11-25 10:01 - 2013-11-25 10:01 - 00000000 _____ C:\Windows\setuperr.log
2013-11-23 13:26 - 2013-12-12 02:51 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 12:47 - 2013-12-12 02:51 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-20 13:29 - 2012-07-05 21:27 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-19 21:14 - 2010-01-20 15:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-19 21:11 - 2012-10-20 22:38 - 00003198 _____ C:\Windows\System32\Tasks\{EF8F5101-717B-4D8E-BCE2-2B5C23F4A8AF}
2013-11-19 21:08 - 2010-01-20 15:37 - 00000000 ____D C:\ProgramData\Cozi
2013-11-19 20:04 - 2010-11-30 08:04 - 00000000 ____D C:\Users\Father\AppData\Roaming\DisplayTune
2013-11-19 18:38 - 2013-11-14 21:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-19 17:07 - 2013-11-06 19:54 - 00000000 ____D C:\Users\Father\Desktop\Senior Night Orders
2013-11-19 08:10 - 2011-08-02 11:22 - 00000000 ____D C:\ProgramData\CanonIJ

Some content of TEMP:
====================
C:\Users\Father\AppData\Local\Temp\HitmanPro.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 00:17

==================== End Of Log ============================
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am

Re: Computer slowdown please help

Unread postby DougSr » December 18th, 2013, 3:42 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-12-2013 03
Ran by Father at 2013-12-18 14:36:53
Running from C:\Users\Father\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Creative Cloud (x32 Version: 2.2.1.260)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
Adobe Photoshop Lightroom 5.3 64-bit (Version: 5.3.1)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
AnswerWorks 5.0 English Runtime (x32 Version: 5.0.7)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Banctec Service Agreement (x32 Version: 2.0.0)
Bejeweled 3 (x32)
Bitdefender Antivirus Free Edition (Version: 1.0.21.1099)
Bonjour (Version: 3.0.0.10)
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.2.11)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9)
Canon MOV Decoder (x32 Version: 1.5.0.7)
Canon MOV Encoder (x32 Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.4.1.9)
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series MP Drivers
Canon MP560 series User Registration (x32)
Canon Utilities Digital Photo Professional (x32 Version: 3.13.45.0)
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities EOS Utility (x32 Version: 2.13.25.1)
Canon Utilities My Printer (x32)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)
Canon Utilities Picture Style Editor (x32 Version: 1.7.0.0)
Canon Utilities Solution Menu (x32)
Canon Utilities WFT Utility (x32 Version: 3.5.1.1)
Canon Utilities ZoomBrowser EX (x32 Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.3.0.4)
CCleaner (Version: 4.07)
CDBurnerXP (x32 Version: 4.5.1.4003)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
CrashPlan (Version: 3.5.3)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell Communications (Support Software) (x32 Version: 1.0.09094)
Dell DataSafe Local Backup - Support Software (x32 Version: 2.31)
Dell DataSafe Local Backup (x32 Version: 9.3.44)
Dell DataSafe Online (x32 Version: 1.2.0011)
Dell Dock (Version: 2.0.0)
Dell Driver Download Manager (HKCU Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell System Detect (HKCU Version: 4.0.5.6)
Dropbox (HKCU Version: 2.0.22)
Garmin BaseCamp (x32 Version: 4.0.5)
Garmin City Navigator North America NT 2013.10 Update (x32 Version: 16.10.0.0)
Garmin USB Drivers (x32 Version: 2.3.1.0)
Garmin WebUpdater (x32 Version: 2.5.6)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Update Helper (x32 Version: 1.3.22.3)
Intel(R) Processor ID Utility (x32 Version: 4.23.0000)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (x32)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files (x32 Version: 10.3.5500.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft® Office Language Pack 2010 – English (Business Contact Manager for Microsoft Outlook 2010) (x32 Version: 4.0.11308.0)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mozilla Thunderbird 24.1.0 (x86 en-US) (x32 Version: 24.1.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Manager (HKCU)
My Dell (Version: 3.5.6422.14)
NVIDIA 3D Vision Controller Driver 331.65 (Version: 331.65)
NVIDIA 3D Vision Driver 320.78 (Version: 320.78)
NVIDIA Control Panel 320.78 (Version: 320.78)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Graphics Driver 320.78 (Version: 320.78)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2078)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
onOne PerfectPresets (x32 Version: 1.0)
PDF Settings CC (x32 Version: 12.0)
PDF Settings CS6 (x32 Version: 11.0)
QuickTime (x32 Version: 7.74.80.86)
Rapport (Version: 3.5.1205.20)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5919)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Service Pack 3 for SQL Server 2008 (KB2546951) (x32 Version: 10.3.5500.0)
SHIELD Streaming (Version: 1.6.34)
SmartFTP Client (Version: 4.1.1289.0)
SmartFTP Client Setup Files 4.1 (x64) (remove only) (x32 Version: 4.1)
SpeechRedist (x32 Version: 1.0.0)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
VD64Inst (Version: 1.00.0000)
Wacom Tablet (Version: 6.3.7-5)
WD SmartWare (Version: 1.6.4.7)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WModem Driver Installer (x32 Version: 2.0.6.9)
Yahoo! Detect (x32)

==================== Restore Points =========================

17-12-2013 12:10:07 Scheduled Checkpoint
18-12-2013 11:44:15 Removed Rapport
18-12-2013 11:46:04 Removed Rapport

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0181AD7F-3066-4F96-85D0-8C82431667E2} - System32\Tasks\AdobeAAMUpdater-1.0-Father-PC-Father => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {074010D3-6CEC-4681-A384-9C3774455F35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {0AE68B1B-278A-4438-AA3C-91C4FF47C7CA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000UA => C:\Users\Father\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-06] (Google Inc.)
Task: {7F81B7E8-B86A-4A34-9A23-3E9E9B52036D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-06] (PC-Doctor, Inc.)
Task: {86CCCE8B-FCAC-422C-BE28-D1D127C750A9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9B444D75-E11A-4295-8262-36CA72A27421} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {B01F3C04-F2BA-42DD-B40B-9A9521BAD47B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {BD781460-EC98-4B8B-A3D7-C58566DC8787} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {BE2536B2-14E0-459B-9F98-B490B815924C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {BF1070F0-57A3-4703-B4EC-A61B6EB306B1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {C490500A-A15A-4041-ACD5-2ABDF6CFB95C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {E4D97799-C357-429C-A22F-1A497C14BAFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000Core => C:\Users\Father\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-06] (Google Inc.)
Task: {ED7D3608-1F42-40A4-B651-2D9760833BB9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000Core.job => C:\Users\Father\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-246240781-1227866155-2015313242-1000UA.job => C:\Users\Father\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-25 22:13 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-08-14 02:34 - 2013-08-14 02:34 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\80cdc25cb6dab4be1663d0dcf1ff6a2d\VistaBridgeLibrary.ni.dll
2013-10-09 20:49 - 2013-10-03 19:00 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-04-08 18:35 - 2013-04-08 18:35 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-16 07:38 - 2013-11-16 07:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-12-11 05:41 - 2013-12-11 05:41 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\Father\Desktop\dds.scr:BDU
AlternateDataStreams: C:\Users\Father\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Father\Desktop\OTL.exe:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============

Name: DW1525 (802.11n) WLAN PCIe Card
Description: DW1525 (802.11n) WLAN PCIe Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2013 02:37:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


System errors:
=============
Error: (12/18/2013 06:55:05 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/18/2013 06:49:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.

Error: (12/16/2013 10:38:15 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/16/2013 07:03:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/16/2013 06:37:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gzserv service.

Error: (12/14/2013 06:54:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (12/14/2013 06:53:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (12/14/2013 06:53:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (12/14/2013 06:53:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (12/14/2013 06:53:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.


Microsoft Office Sessions:
=========================
Error: (12/18/2013 02:37:38 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:38 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:38 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:38 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:37:32 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001E2E60)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (12/18/2013 02:32:25 PM) (Source: VSS)(User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000001BC790)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


==================== Memory info ===========================

Percentage of memory in use: 68%
Total physical RAM: 8119.12 MB
Available physical RAM: 2582.04 MB
Total Pagefile: 16236.41 MB
Available Pagefile: 12304.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.82 GB) (Free:486.18 GB) NTFS
Drive i: (New Volume) (Fixed) (Total:2794.39 GB) (Free:1372.04 GB) NTFS
Drive n: (My Book) (Fixed) (Total:3725.99 GB) (Free:2040.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D31092E5)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2795 GB) (Disk ID: 00000000)

Partition: GPT Partition TypeAttempted reading MBR returned 0 bytes.
Could not read MBR for disk 10.

==================== End Of Log ============================
DougSr
Regular Member
 
Posts: 70
Joined: July 5th, 2006, 12:21 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 499 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware