panthermom29
-
Content Count
46 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by panthermom29
-
-
ComboFix 14-08-26.02 - Janet 08/27/2014 13:43:54.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7644.5575 [GMT -6:00]
Running from: c:\users\Janet\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\connector.swf
c:\users\Janet\AppData\Local\Microsoft\Windows\Temporary Internet Files\casper.Product Support.db
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2014-07-27 to 2014-08-27 )))))))))))))))))))))))))))))))
.
.
2014-08-25 22:09 . 2014-08-25 22:09 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-08-25 21:44 . 2014-08-25 21:44 -------- d-----w- c:\users\Janet\AppData\Roaming\RealNetworks
2014-08-25 21:43 . 2014-08-25 21:43 -------- d-----w- c:\program files (x86)\RealNetworks
2014-08-25 21:43 . 2014-08-25 21:43 -------- d-----w- c:\programdata\RealNetworks
2014-08-25 21:43 . 2014-08-25 21:43 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2014-08-25 21:42 . 2014-08-25 21:42 505416 ----a-w- c:\windows\SysWow64\msvcp71.dll
2014-08-25 21:42 . 2014-08-25 21:42 353864 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-08-25 19:23 . 2014-08-25 19:24 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-25 19:23 . 2014-08-25 19:24 -------- d-----w- c:\program files\iTunes
2014-08-25 19:23 . 2014-08-25 19:24 -------- d-----w- c:\program files (x86)\iTunes
2014-08-25 19:23 . 2014-08-25 19:23 -------- d-----w- c:\program files\iPod
2014-08-25 19:22 . 2014-08-25 19:22 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2014-08-25 19:22 . 2014-08-25 19:22 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2014-08-25 18:47 . 2014-08-25 18:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-08-25 18:47 . 2014-08-25 18:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-08-25 18:47 . 2014-08-25 18:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-08-25 18:47 . 2014-08-25 18:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-08-25 18:47 . 2014-08-25 18:47 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-08-25 18:47 . 2014-08-25 18:47 -------- d-----w- c:\program files (x86)\QuickTime
2014-08-25 18:40 . 2014-08-25 18:40 -------- d-----w- c:\users\Janet\AppData\Local\Secunia PSI
2014-08-25 18:39 . 2014-08-25 18:39 -------- d-----w- c:\program files (x86)\Secunia
2014-08-25 18:30 . 2014-08-25 18:30 -------- d-----w- c:\users\Janet\AppData\Roaming\Oracle
2014-08-25 18:29 . 2014-08-25 18:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-25 18:29 . 2014-08-25 18:29 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-25 18:18 . 2014-08-25 18:29 -------- d-----w- c:\programdata\Oracle
2014-08-23 14:55 . 2014-08-23 14:55 -------- d-----w- C:\_OTL
2014-08-22 17:20 . 2014-08-22 17:20 -------- d-----w- c:\windows\ERUNT
2014-08-22 16:43 . 2010-08-30 14:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-22 16:42 . 2014-08-26 15:58 -------- d-----w- C:\AdwCleaner
2014-08-22 15:48 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2014-08-20 16:27 . 2014-06-19 23:35 1312768 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-20 16:27 . 2014-06-19 22:24 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-20 16:26 . 2014-06-13 01:57 1453400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-20 16:26 . 2014-06-13 01:55 199680 ----a-w- c:\windows\system32\cdd.dll
2014-08-20 16:21 . 2014-07-15 23:03 1300992 ----a-w- c:\windows\system32\gdi32.dll
2014-08-20 16:21 . 2014-07-15 22:55 4035072 ----a-w- c:\windows\system32\win32k.sys
2014-08-20 16:21 . 2014-07-12 02:36 1023488 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-20 16:21 . 2014-08-07 06:33 712192 ----a-w- c:\windows\system32\aepdu.dll
2014-08-20 16:21 . 2014-08-07 03:09 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-08-20 16:17 . 2014-06-05 17:30 10116608 ----a-w- c:\windows\system32\twinui.dll
2014-08-20 16:17 . 2014-06-05 13:12 8857600 ----a-w- c:\windows\SysWow64\twinui.dll
2014-08-20 16:17 . 2014-06-05 17:29 2885632 ----a-w- c:\windows\system32\msi.dll
2014-08-20 16:17 . 2014-06-05 17:28 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-08-20 16:17 . 2014-06-05 13:11 2416128 ----a-w- c:\windows\SysWow64\msi.dll
2014-08-20 16:17 . 2014-06-05 17:28 2306560 ----a-w- c:\windows\system32\authui.dll
2014-08-20 16:17 . 2014-06-05 13:10 2037760 ----a-w- c:\windows\SysWow64\authui.dll
2014-08-20 16:17 . 2014-06-05 17:56 112984 ----a-w- c:\windows\system32\consent.exe
2014-08-20 16:17 . 2014-06-05 17:29 393216 ----a-w- c:\windows\system32\msihnd.dll
2014-08-20 16:17 . 2014-06-05 13:10 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-08-20 16:16 . 2014-06-05 13:11 295424 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-08-20 16:16 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-08-20 16:16 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-08-20 16:02 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-20 16:02 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-20 15:51 . 2014-08-20 15:51 262312 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10245.bin
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-08-04 13:48 . 2014-08-04 13:48 122584 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-07-30 22:20 . 2014-07-30 22:20 -------- d-----w- c:\users\Janet\AppData\Local\Adobe
2014-07-30 22:17 . 2014-07-30 22:18 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-07-29 15:43 . 2014-08-27 17:29 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-29 15:43 . 2014-08-26 16:40 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-29 15:43 . 2014-07-29 15:43 -------- d-----w- c:\programdata\Malwarebytes
2014-07-29 15:43 . 2014-05-12 13:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-29 15:43 . 2014-05-12 13:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-29 15:43 . 2014-05-12 13:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-27 16:09 . 2013-01-06 16:41 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-12 14:15 . 2013-09-01 15:52 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-08-04 13:47 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-02 00:15 . 2014-07-11 00:34 704480 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-02 00:15 . 2014-07-11 00:34 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-21 15:33 . 2013-03-08 01:34 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-30 22:42 . 2014-07-09 23:37 394240 ----a-w- c:\windows\system32\devinv.dll
2014-06-30 22:42 . 2014-07-09 23:37 87552 ----a-w- c:\windows\system32\aepic.dll
2014-06-17 23:27 . 2014-07-09 23:38 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 23:24 . 2014-07-09 23:38 1557504 ----a-w- c:\windows\system32\osk.exe
2014-06-17 22:07 . 2014-06-17 22:07 328984 ----a-w- c:\windows\system32\drivers\avgloga.sys
2014-06-17 22:06 . 2014-06-17 22:06 153368 ----a-w- c:\windows\system32\drivers\avgdiska.sys
2014-06-06 14:06 . 2014-07-09 23:01 596480 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 10:17 . 2014-07-09 23:01 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-02 22:33 . 2014-07-09 23:11 265216 ----a-w- c:\windows\system32\InkEd.dll
2014-05-29 23:31 . 2014-07-10 00:14 452608 ----a-w- c:\windows\SysWow64\SHCore.dll
2014-05-29 23:03 . 2014-07-10 00:14 588288 ----a-w- c:\windows\system32\SHCore.dll
2014-05-29 23:02 . 2014-07-10 00:14 439808 ----a-w- c:\windows\system32\lsm.dll
2014-05-29 23:02 . 2014-07-10 00:14 1281536 ----a-w- c:\windows\system32\lsasrv.dll
2014-05-29 22:24 . 2014-07-09 23:01 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-04-28 02:58 . 2014-07-28 16:30 197000 ----a-w- c:\program files (x86)\12res.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2AE7471D-5150-48CF-8498-4CB9E8FAEA90}]
2014-01-09 11:56 77864 ----a-w- c:\program files (x86)\Product Support\1.0.0.0\Product Support.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3520 series (NET)"="c:\program files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Power2GoExpress8"="c:\program files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe" [2013-08-05 1713416]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2014-01-10 3362336]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-12-30 1095000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-08 642216]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2014-01-10 3362336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2014-08-25 296520]
.
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Office Suite X 3.3.lnk - c:\program files (x86)\Office Suite X 3\program\quickstart.exe [2014-2-9 50688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2014-8-25 1022048]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableVirtualization"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
R0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\System32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WSDScan;WSD Scan Support;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys;c:\windows\SYSNATIVE\DRIVERS\appexDrv.sys [x]
S2 Fitbit Connect;Fitbit Connect Service;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_AMDASF.sys [x]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-27 c:\windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
- c:\program files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-26 01:28]
.
2014-08-27 c:\windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
- c:\program files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2014-04-26 01:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-07-24 1425408]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
TCP: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-AVG_UI - c:\program files (x86)\AVG\AVG2014\avgui.exe
Wow6432Node-HKLM-Run-ChromeHelper - c:\program files (x86)\Common Files\ChromeHelper\ChromeHelper.exe
AddRemove-RealPlayer 17.0 - c:\program files (x86)\real\realplayer\Update\r1puninst.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\HP SimplePass\IEWebSiteLogon.exe
c:\program files (x86)\Office Suite X 3\program\soffice.exe
c:\program files (x86)\Office Suite X 3\program\soffice.bin
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Completion time: 2014-08-27 14:20:32 - machine was rebooted
ComboFix-quarantined-files.txt 2014-08-27 20:20
.
Pre-Run: 652,145,668,096 bytes free
Post-Run: 652,592,807,936 bytes free
.
- - End Of File - - 60FE71F0808EB356C037D2B9849F398B
A78C646DB8D284B9C54ED366B2CA860E
-
OTL logfile created on: 8/26/2014 2:23:57 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janet\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17054)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.47 Gb Total Physical Memory | 5.52 Gb Available Physical Memory | 73.89% Memory free
8.59 Gb Paging File | 6.63 Gb Available in Paging File | 77.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 670.72 Gb Total Space | 604.95 Gb Free Space | 90.19% Space Free | Partition Type: NTFS
Drive D: | 27.15 Gb Total Space | 3.20 Gb Free Space | 11.78% Space Free | Partition Type: NTFS
Computer Name: JANET | User Name: Janet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/26 11:40:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janet\Downloads\OTL (1).scr
PRC - [2014/08/25 15:42:52 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/08/25 15:42:48 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/25 19:28:41 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
PRC - [2014/01/10 16:06:50 | 003,362,336 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/12/06 08:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2013/12/06 08:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013/12/06 08:47:18 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013/08/05 02:51:14 | 001,713,416 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
PRC - [2013/08/05 01:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/11/05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
PRC - [2012/08/10 03:36:40 | 003,698,024 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
PRC - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
PRC - [2012/07/27 20:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/03/28 20:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/12/18 01:51:24 | 009,007,616 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.exe
PRC - [2011/12/18 01:51:24 | 008,999,424 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.bin
========== Modules (No Company Name) ==========
MOD - [2014/03/16 11:08:47 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\032b537c9d4bbefec6997f44ceb08485\System.ServiceModel.Internals.ni.dll
MOD - [2014/03/16 11:08:44 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e89df05173df61ef526394eeed4428e\SMDiagnostics.ni.dll
MOD - [2014/02/19 19:22:05 | 007,660,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/02/19 19:21:42 | 012,877,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/02/19 19:20:40 | 002,822,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
MOD - [2014/02/19 19:20:31 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/02/19 19:20:15 | 000,975,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/02/19 19:19:20 | 007,041,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\bca236f576ea12db3a9191f4586a445a\System.Core.ni.dll
MOD - [2014/02/19 19:19:09 | 010,051,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/02/19 19:18:56 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\0000f5ef7d4e9fef6ab4084784cf238c\CustomMarshalers.ni.dll
MOD - [2014/02/19 19:18:55 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/05 16:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/05 02:51:27 | 000,806,664 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
MOD - [2013/08/05 02:51:25 | 000,175,880 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
MOD - [2013/08/05 01:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/03/05 21:04:53 | 001,321,944 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\Language\Enu\P2GRC.dll
MOD - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
MOD - [2011/12/17 09:16:50 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\Office Suite X 3\program\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/05/29 17:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/29 02:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/15 23:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/24 16:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 03:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 00:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 00:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 22:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/12/07 22:08:33 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/08/09 00:46:00 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/08/08 12:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/24 04:59:56 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/07/16 08:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2014/08/25 15:42:52 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/12/06 08:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 08:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe -- (FPLService)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 21:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 21:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/26 14:13:09 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/04/28 03:33:58 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (npf)
DRV:64bit: - [2014/03/28 13:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/23 16:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/12/06 08:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013/10/10 05:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 00:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 20:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/15 23:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 00:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 02:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 19:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 19:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 00:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/25 11:21:50 | 000,495,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/06/25 11:18:49 | 000,029,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2013/05/31 21:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/03/05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/07 22:08:08 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/12/07 22:08:08 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/10 23:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/10 21:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/24 19:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/09 02:03:34 | 010,283,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/08 23:48:22 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/03 16:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/24 10:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/24 04:59:56 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/07/24 03:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/07/24 03:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/07/17 22:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/06/23 08:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/19 08:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/13 20:24:00 | 000,266,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012/06/12 23:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 08:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20140418,20029,0,25,4752
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.13.2: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.13: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.13.2: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9D2AA73B-6049-4799-B8AC-925723370070}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/08/25 15:43:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/08/25 15:43:48 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Office Suite X Support) - {2AE7471D-5150-48CF-8498-4CB9E8FAEA90} - C:\Program Files (x86)\Product Support\1.0.0.0\Product Support.dll (Download Manager)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY File not found
O4 - HKLM..\Run: [ChromeHelper] C:\Program Files (x86)\Common Files\ChromeHelper\ChromeHelper.exe File not found
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [HP Deskjet 3520 series (NET)] C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [Power2GoExpress8] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Suite X 3.3.lnk = C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 10.67.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A66FC120-4B59-4ABA-A50D-275EF46A6B6B}: DhcpNameServer = 172.168.0.3
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/25 16:09:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2014/08/25 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2014/08/25 15:44:19 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\RealNetworks
[2014/08/25 15:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/08/25 15:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/08/25 15:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/08/25 15:43:18 | 000,201,800 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/08/25 15:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2014/08/25 15:42:58 | 000,278,600 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/08/25 13:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/25 12:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/08/25 12:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/08/25 12:45:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/08/25 12:40:01 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Local\Secunia PSI
[2014/08/25 12:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014/08/25 12:30:40 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\Oracle
[2014/08/25 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/25 12:29:29 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/25 12:29:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/25 12:29:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/25 12:29:17 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/25 12:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/25 12:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/08/23 08:55:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/08/22 11:20:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/22 10:43:57 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/08/22 10:42:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/21 11:47:33 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/21 11:47:23 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/21 11:47:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/08/21 11:47:19 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/21 11:47:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/21 11:47:15 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/21 11:47:13 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/21 11:47:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/08/21 11:47:12 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/21 11:47:11 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/08/21 11:47:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/21 11:47:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/08/21 11:47:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/08/21 11:47:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/21 11:47:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/21 11:47:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/21 11:47:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/08/21 11:47:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/08/21 11:47:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/21 11:47:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/21 11:47:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/21 11:47:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/20 10:27:39 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/20 10:26:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/08/20 10:21:58 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/20 10:21:54 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/20 10:21:53 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/20 10:17:05 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/08/20 10:17:03 | 008,857,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/08/20 10:17:02 | 002,885,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/20 10:17:02 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/08/20 10:17:01 | 002,306,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/20 10:17:01 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/20 10:17:00 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/20 10:17:00 | 000,112,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/20 10:16:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/20 10:16:00 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/08/20 10:02:53 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/20 10:02:51 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/04 16:02:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/04 16:02:50 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/04 16:02:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/04 16:02:49 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/04 16:02:49 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/04 16:02:46 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/04 16:02:46 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/04 16:02:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/04 16:02:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/04 16:02:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/04 16:02:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/04 16:02:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/04 07:48:38 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/07/30 16:20:33 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Local\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/07/30 16:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/07/29 09:43:42 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/29 09:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/29 09:43:15 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/29 09:43:15 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
========== Files - Modified Within 30 Days ==========
[2014/08/26 14:19:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/26 14:13:09 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/26 11:30:52 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/08/26 11:30:51 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rmv.job
[2014/08/26 11:30:51 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rel.job
[2014/08/26 11:30:51 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/08/26 11:18:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/26 11:18:56 | 2117,496,831 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/26 10:40:53 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/26 10:00:36 | 000,318,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/25 16:09:57 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/08/25 15:44:00 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/08/25 15:43:18 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/08/25 15:43:09 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/08/25 15:42:58 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/08/25 13:24:30 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/25 12:47:36 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/08/25 12:39:54 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/08/25 12:29:12 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/25 12:29:12 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/25 12:29:12 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/25 12:29:12 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/22 12:03:31 | 000,941,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/22 12:03:31 | 000,783,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/22 12:03:31 | 000,158,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/22 10:46:32 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/22 10:46:32 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/22 10:46:31 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/22 10:46:31 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/22 10:45:58 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/22 10:45:58 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/22 10:45:57 | 001,623,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/22 10:45:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/22 10:45:56 | 000,059,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/22 10:45:52 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/22 10:45:52 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/22 10:45:51 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/21 11:51:11 | 000,009,768 | ---- | M] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:25 | 000,004,715 | ---- | M] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:07 | 000,013,917 | ---- | M] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:15 | 000,006,420 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/13 08:48:15 | 000,001,817 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/08/07 00:33:36 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/06 21:09:52 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/06 14:36:11 | 000,034,824 | ---- | M] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:10:30 | 000,006,195 | ---- | M] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/08/04 07:48:38 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/08/01 18:15:04 | 000,704,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/08/01 18:15:04 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/31 07:17:42 | 000,017,409 | ---- | M] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:01:04 | 000,008,254 | ---- | M] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
========== Files Created - No Company Name ==========
[2014/08/25 16:09:57 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/08/25 15:44:00 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/08/25 15:43:09 | 000,001,252 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/08/25 13:24:30 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/25 12:47:36 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/08/25 12:39:54 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/08/25 12:39:54 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2014/08/21 11:51:06 | 000,009,768 | ---- | C] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:24 | 000,004,715 | ---- | C] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:06 | 000,013,917 | ---- | C] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:14 | 000,006,420 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/06 14:32:13 | 000,001,817 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/04 16:26:36 | 000,034,824 | ---- | C] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:05:44 | 000,006,195 | ---- | C] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/07/31 07:17:40 | 000,017,409 | ---- | C] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:18:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/07/30 15:57:34 | 000,008,254 | ---- | C] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
[2014/07/29 10:26:25 | 000,318,416 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/29 09:43:24 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/28 10:30:22 | 000,197,000 | ---- | C] () -- C:\Program Files (x86)\12res.dll
[2014/04/28 03:33:58 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2014/02/25 08:01:26 | 000,000,089 | ---- | C] () -- C:\Users\Janet\AppData\Roaming\WB.CFG
[2014/02/09 17:04:51 | 000,002,763 | ---- | C] () -- C:\ProgramData\connector.swf
[2014/02/01 11:02:27 | 002,905,689 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20140126-2033.dat
[2013/11/25 21:36:36 | 002,971,556 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131126-0225.dat
[2013/11/07 07:46:53 | 002,825,858 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131107-0348.dat
[2013/10/15 20:13:00 | 002,798,421 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131016-0212.dat
[2013/09/18 17:41:45 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/29 21:30:11 | 002,833,940 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130830-0326.dat
[2013/07/07 13:50:05 | 002,742,387 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130707-1950.dat
[2013/05/14 19:03:35 | 002,669,928 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130515-0103.dat
[2013/05/05 18:58:28 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/04/29 19:23:51 | 002,777,018 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130430-0123.dat
[2013/04/14 14:29:31 | 002,689,660 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130414-2028.dat
[2013/04/06 19:33:57 | 002,627,472 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130407-0133.dat
[2013/02/22 15:26:04 | 002,631,747 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130222-2125.dat
[2013/02/14 20:22:53 | 002,699,733 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130215-0222.dat
[2013/02/09 19:27:15 | 002,737,189 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130210-0126.dat
[2012/12/07 21:24:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2012/08/16 23:55:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 02:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 00:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720< End of report >
-
when I run fix it says no fix found...do I need to copy & paste what I just posted back in the box from the custom/scan??
I still get pop ups or taken to a different screen when I try to go to an external link---
-
OTL logfile created on: 8/26/2014 11:40:36 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janet\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17054)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.47 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 73.42% Memory free
8.59 Gb Paging File | 6.54 Gb Available in Paging File | 76.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 670.72 Gb Total Space | 605.02 Gb Free Space | 90.20% Space Free | Partition Type: NTFS
Drive D: | 27.15 Gb Total Space | 3.20 Gb Free Space | 11.78% Space Free | Partition Type: NTFS
Computer Name: JANET | User Name: Janet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/26 11:40:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janet\Downloads\OTL (1).scr
PRC - [2014/08/25 15:42:52 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/08/25 15:42:48 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/25 19:28:41 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
PRC - [2014/01/10 16:06:50 | 003,362,336 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/12/06 08:47:20 | 001,229,528 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2013/12/06 08:47:20 | 000,662,232 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013/12/06 08:47:18 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013/08/05 02:51:14 | 001,713,416 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
PRC - [2013/08/05 01:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/11/05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
PRC - [2012/08/10 03:36:40 | 003,698,024 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
PRC - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
PRC - [2012/07/27 20:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/03/28 20:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/12/18 01:51:24 | 009,007,616 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.exe
PRC - [2011/12/18 01:51:24 | 008,999,424 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.bin
========== Modules (No Company Name) ==========
MOD - [2014/03/16 11:08:47 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\032b537c9d4bbefec6997f44ceb08485\System.ServiceModel.Internals.ni.dll
MOD - [2014/03/16 11:08:44 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e89df05173df61ef526394eeed4428e\SMDiagnostics.ni.dll
MOD - [2014/02/19 19:22:05 | 007,660,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/02/19 19:21:42 | 012,877,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/02/19 19:20:40 | 002,822,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
MOD - [2014/02/19 19:20:31 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/02/19 19:20:15 | 000,975,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/02/19 19:19:20 | 007,041,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\bca236f576ea12db3a9191f4586a445a\System.Core.ni.dll
MOD - [2014/02/19 19:19:09 | 010,051,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/02/19 19:18:56 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\0000f5ef7d4e9fef6ab4084784cf238c\CustomMarshalers.ni.dll
MOD - [2014/02/19 19:18:55 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/05 16:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/05 02:51:27 | 000,806,664 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
MOD - [2013/08/05 02:51:25 | 000,175,880 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
MOD - [2013/08/05 01:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/03/05 21:04:53 | 001,321,944 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\Language\Enu\P2GRC.dll
MOD - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
MOD - [2011/12/17 09:16:50 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\Office Suite X 3\program\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/05/29 17:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/29 02:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/15 23:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/24 16:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 03:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 00:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 00:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 22:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/12/07 22:08:33 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/08/09 00:46:00 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/08/08 12:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/24 04:59:56 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/07/16 08:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2014/08/25 15:42:52 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/12/06 08:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 08:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe -- (FPLService)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 21:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 21:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/26 11:32:32 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/04/28 03:33:58 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (npf)
DRV:64bit: - [2014/03/28 13:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/23 16:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/12/06 08:47:12 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013/10/10 05:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 00:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 20:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/15 23:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 00:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 02:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 19:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 19:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 00:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/25 11:21:50 | 000,495,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/06/25 11:18:49 | 000,029,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2013/05/31 21:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/03/05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/07 22:08:08 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/12/07 22:08:08 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/10 23:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/10 21:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/24 19:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/09 02:03:34 | 010,283,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/08 23:48:22 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/03 16:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/24 10:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/24 04:59:56 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/07/24 03:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/07/24 03:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/07/17 22:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/06/23 08:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/19 08:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/13 20:24:00 | 000,266,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012/06/12 23:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 08:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20140418,20029,0,25,4752
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.13.2: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.13: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.13.2: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9D2AA73B-6049-4799-B8AC-925723370070}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/08/25 15:43:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/08/25 15:43:48 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Office Suite X Support) - {2AE7471D-5150-48CF-8498-4CB9E8FAEA90} - C:\Program Files (x86)\Product Support\1.0.0.0\Product Support.dll (Download Manager)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY File not found
O4 - HKLM..\Run: [ChromeHelper] C:\Program Files (x86)\Common Files\ChromeHelper\ChromeHelper.exe File not found
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [HP Deskjet 3520 series (NET)] C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [Power2GoExpress8] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Suite X 3.3.lnk = C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab (Java Plug-in 10.67.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A66FC120-4B59-4ABA-A50D-275EF46A6B6B}: DhcpNameServer = 172.168.0.3
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/25 16:09:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2014/08/25 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2014/08/25 15:44:19 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\RealNetworks
[2014/08/25 15:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/08/25 15:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014/08/25 15:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014/08/25 15:43:18 | 000,201,800 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/08/25 15:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2014/08/25 15:42:58 | 000,278,600 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/08/25 13:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/25 13:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/25 12:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/08/25 12:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/08/25 12:45:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/08/25 12:40:01 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Local\Secunia PSI
[2014/08/25 12:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2014/08/25 12:30:40 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Roaming\Oracle
[2014/08/25 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/08/25 12:29:29 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/25 12:29:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/25 12:29:17 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/25 12:29:17 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/25 12:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/25 12:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/08/23 08:55:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/08/22 11:20:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/22 10:43:57 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/08/22 10:42:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/21 11:47:33 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/21 11:47:23 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/21 11:47:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/08/21 11:47:19 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/21 11:47:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/21 11:47:15 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/21 11:47:13 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/21 11:47:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/08/21 11:47:12 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/21 11:47:11 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/08/21 11:47:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/21 11:47:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/08/21 11:47:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/08/21 11:47:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/21 11:47:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/21 11:47:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/21 11:47:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/08/21 11:47:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/08/21 11:47:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/21 11:47:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/21 11:47:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/21 11:47:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/20 10:27:39 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/20 10:26:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/08/20 10:21:58 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/20 10:21:54 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/20 10:21:53 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/20 10:17:05 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/08/20 10:17:03 | 008,857,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/08/20 10:17:02 | 002,885,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/20 10:17:02 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/08/20 10:17:01 | 002,306,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/20 10:17:01 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/20 10:17:00 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/20 10:17:00 | 000,112,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/20 10:16:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/20 10:16:00 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/08/20 10:02:53 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/20 10:02:51 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/04 16:02:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/04 16:02:50 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/04 16:02:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/04 16:02:49 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/04 16:02:49 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/04 16:02:46 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/04 16:02:46 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/04 16:02:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/04 16:02:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/04 16:02:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/04 16:02:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/04 16:02:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/04 07:48:38 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/07/30 16:20:33 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Local\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/07/30 16:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/07/29 09:43:42 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/29 09:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/29 09:43:15 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/29 09:43:15 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
========== Files - Modified Within 30 Days ==========
[2014/08/26 11:32:32 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/26 11:30:52 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/08/26 11:30:51 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rmv.job
[2014/08/26 11:30:51 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rel.job
[2014/08/26 11:30:51 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/08/26 11:21:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/26 11:18:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/26 11:18:56 | 2117,496,831 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/26 10:40:53 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/26 10:00:36 | 000,318,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/25 16:09:57 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/08/25 15:44:00 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/08/25 15:43:18 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2014/08/25 15:43:09 | 000,001,252 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/08/25 15:42:58 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2014/08/25 13:24:30 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/25 12:47:36 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/08/25 12:39:54 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/08/25 12:29:12 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/08/25 12:29:12 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/08/25 12:29:12 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/08/25 12:29:12 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/08/22 12:03:31 | 000,941,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/22 12:03:31 | 000,783,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/22 12:03:31 | 000,158,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/22 10:46:32 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/22 10:46:32 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/22 10:46:31 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/22 10:46:31 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/22 10:45:58 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/22 10:45:58 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/22 10:45:57 | 001,623,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/22 10:45:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/22 10:45:56 | 000,059,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/22 10:45:52 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/22 10:45:52 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/22 10:45:51 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/21 11:51:11 | 000,009,768 | ---- | M] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:25 | 000,004,715 | ---- | M] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:07 | 000,013,917 | ---- | M] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:15 | 000,006,420 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/13 08:48:15 | 000,001,817 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/08/07 00:33:36 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/06 21:09:52 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/06 14:36:11 | 000,034,824 | ---- | M] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:10:30 | 000,006,195 | ---- | M] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/08/04 07:48:38 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/08/01 18:15:04 | 000,704,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/08/01 18:15:04 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/31 07:17:42 | 000,017,409 | ---- | M] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:01:04 | 000,008,254 | ---- | M] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
========== Files Created - No Company Name ==========
[2014/08/25 16:09:57 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/08/25 15:44:00 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/08/25 15:43:09 | 000,001,252 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/08/25 13:24:30 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/25 12:47:36 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/08/25 12:39:54 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2014/08/25 12:39:54 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2014/08/21 11:51:06 | 000,009,768 | ---- | C] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:24 | 000,004,715 | ---- | C] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:06 | 000,013,917 | ---- | C] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:14 | 000,006,420 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/06 14:32:13 | 000,001,817 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/04 16:26:36 | 000,034,824 | ---- | C] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:05:44 | 000,006,195 | ---- | C] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/07/31 07:17:40 | 000,017,409 | ---- | C] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:18:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/07/30 15:57:34 | 000,008,254 | ---- | C] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
[2014/07/29 10:26:25 | 000,318,416 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/29 09:43:24 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/28 10:30:22 | 000,197,000 | ---- | C] () -- C:\Program Files (x86)\12res.dll
[2014/04/28 03:33:58 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2014/02/25 08:01:26 | 000,000,089 | ---- | C] () -- C:\Users\Janet\AppData\Roaming\WB.CFG
[2014/02/09 17:04:51 | 000,002,763 | ---- | C] () -- C:\ProgramData\connector.swf
[2014/02/01 11:02:27 | 002,905,689 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20140126-2033.dat
[2013/11/25 21:36:36 | 002,971,556 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131126-0225.dat
[2013/11/07 07:46:53 | 002,825,858 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131107-0348.dat
[2013/10/15 20:13:00 | 002,798,421 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131016-0212.dat
[2013/09/18 17:41:45 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/29 21:30:11 | 002,833,940 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130830-0326.dat
[2013/07/07 13:50:05 | 002,742,387 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130707-1950.dat
[2013/05/14 19:03:35 | 002,669,928 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130515-0103.dat
[2013/05/05 18:58:28 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/04/29 19:23:51 | 002,777,018 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130430-0123.dat
[2013/04/14 14:29:31 | 002,689,660 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130414-2028.dat
[2013/04/06 19:33:57 | 002,627,472 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130407-0133.dat
[2013/02/22 15:26:04 | 002,631,747 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130222-2125.dat
[2013/02/14 20:22:53 | 002,699,733 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130215-0222.dat
[2013/02/09 19:27:15 | 002,737,189 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130210-0126.dat
[2012/12/07 21:24:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2012/08/16 23:55:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 02:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 00:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720< End of report >
-
Malwarebytes Anti-Malware
www.malwarebytes.orgScan Date: 8/26/2014
Scan Time: 10:54:52 AM
Logfile: malware log.txt
Administrator: YesVersion: 2.00.2.1012
Malware Database: v2014.08.26.04
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: DisabledOS: Windows 8
CPU: x64
File System: NTFS
User: JanetScan Type: Threat Scan
Result: Completed
Objects Scanned: 315739
Time Elapsed: 14 min, 41 secMemory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: EnabledProcesses: 0
(No malicious items detected)Modules: 0
(No malicious items detected)Registry Keys: 1
PUP.Optional.SuperFish.A, HKU\S-1-5-21-2551327239-2481401676-1268998139-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [cb61f6d5b2c972c4daf3916337cb728e],Registry Values: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Folders: 0
(No malicious items detected)Files: 2
PUP.Optional.NewPlayer, C:\Users\Janet\AppData\Local\Temp\7c368270-1542-45b1-a19f-140f66410d74\software\Setup.exe, Quarantined, [e745c704dd9e7db9cd10575a20e145bb],
PUP.Optional.DomaIQ, C:\Users\Janet\Downloads\Setup.exe, Quarantined, [d656b01b80fb6cca0c0efab8f01149b7],Physical Sectors: 0
(No malicious items detected)(end)
-
# AdwCleaner v3.308 - Report created 26/08/2014 at 09:58:51
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Janet - JANET
# Running from : C:\Users\Janet\Downloads\adwcleaner_3.308 (1).exe
# Option : Clean***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Janet\AppData\Local\AVG SafeGuard toolbar
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\APN PIP***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.17054
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [12556 octets] - [22/08/2014 10:43:02]
AdwCleaner[R1].txt - [1144 octets] - [26/08/2014 09:54:26]
AdwCleaner[R2].txt - [1205 octets] - [26/08/2014 09:57:46]
AdwCleaner[s0].txt - [11749 octets] - [22/08/2014 10:44:14]
AdwCleaner[s1].txt - [1065 octets] - [26/08/2014 09:58:51]########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1125 octets] ##########
-
I used the program you recommended and everything is up to date :-)
Still getting a ton of pop ups so it makes me nervous on what is legit and what is a scam sometimes. Will this also fix the problem of words being highlighted and then an ad being brought up??? That drives me crazy!!!
I should be here all day tomorrow---not real sure, but I know I'll be here at 3-5. hopefully we can finish up then!!!
-
I don't know if I sent you the right log from the OTL??? After losing access I sort of forgot where I was. Let me know what else I need to do. I update Java---and that is the last thing I have done.
-
removed the items, not sure how to update internet explorer
-
I can't open that avg file . It says open with: like internet explorer, iTunes, adobe, etc...but they don't work. now I think I downloaded that link three times---ugh!! Sorry.
-
Results of screen317's Security Check version 0.99.87
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Windows Defender
Norton Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 6 Update 22
Java 7 Update 17
Java version out of Date!
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
-
OTL Extras logfile created on: 8/22/2014 3:10:37 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janet\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17054)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.47 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 67.26% Memory free
8.59 Gb Paging File | 6.09 Gb Available in Paging File | 70.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 670.72 Gb Total Space | 606.68 Gb Free Space | 90.45% Space Free | Partition Type: NTFS
Drive D: | 27.15 Gb Total Space | 3.20 Gb Free Space | 11.78% Space Free | Partition Type: NTFS
Computer Name: JANET | User Name: Janet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035B7B7C-F973-45F2-8C25-2870D8F11D42}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0CAD6E31-D7E3-4860-A940-CC6D3BBE50D6}" = lport=138 | protocol=17 | dir=in | app=system |
"{0F74CD23-6E7F-425F-8942-5BF3B451CC9C}" = rport=139 | protocol=6 | dir=out | app=system |
"{10C36749-6B53-4BA7-9C73-3A9FB88E8F63}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DE9932C-686B-4106-98FE-FBB74455A237}" = lport=10243 | protocol=6 | dir=in | app=system |
"{20FA9308-6C1C-401F-ACC8-BBFC5329844E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{356BA0BC-1A7D-4A36-B2E7-4814C0947FAD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4D220AC5-C256-4D90-9441-B94EA6F750F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{52C41C90-ECAC-4C39-A223-E2BA89BB3E3E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{52CDF5A5-B5CC-4F17-9F58-CA460CC76601}" = lport=137 | protocol=17 | dir=in | app=system |
"{5AE4AFD5-E0EA-43E3-B266-E8BB5076C7B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{6C223ECA-53B5-449F-9F08-790EDCDBB806}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C7D3BBB-77B2-48A6-AB1C-422231C48527}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{778D0528-F459-4BAE-9EFD-2B5EF168F22E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853BA213-BCB9-44E0-91C6-320CBD44ADA2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{987A6001-4B7B-4AFC-9A67-BB6D9A9C42AF}" = lport=445 | protocol=6 | dir=in | app=system |
"{9F5BB8EE-2EC6-407A-851A-FC17B5DCA8C8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD504BC0-A9DA-43C8-9CD3-CA2A8690A2B2}" = rport=137 | protocol=17 | dir=out | app=system |
"{D69DD7D1-ED19-4C0B-BF52-910F48D15CAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D95AC5B7-78F5-4F5C-8F49-3DA4B6B5B386}" = rport=445 | protocol=6 | dir=out | app=system |
"{EBC294B8-13EC-47E1-AB6C-6CD00E31FF74}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EC7E651A-DCB0-47CD-A5C1-3A424A49F5ED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE4759F6-7284-48F7-9398-DFD7BF84AD64}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF2E2121-732A-4B2A-A104-B81811E9E4B9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F15DE162-7FC0-400C-900A-A55034F8700F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037EEEC1-73C3-4AC0-9AC7-5B8491C5718B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{08A4D382-4F58-41C0-B6DC-C5ABDEA399F4}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{091ACE9D-A4D5-44D2-ADD1-21BA28EA4479}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{0EB7B57E-B7A5-4E93-8262-52CAD3754359}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{0FC19500-20B5-4225-BCF5-8D633608FB39}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{114CC8C0-F132-4A83-9FCD-716ECEF868C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12CEA06C-0067-4ABF-BAF6-5279D5019192}" = dir=out | name=skype |
"{166BB1BB-3EAA-44A8-94BA-786C5D87EBDE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{1808F7A2-4CF8-47EA-B639-BE56D853AEBF}" = dir=out | name=musictube |
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 |
"{1AE9C8C4-7DE7-403A-A73D-D30E7FFC22C7}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1D5E0444-1FED-444F-8843-C06CFA1C9776}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{23F91A7C-B158-459F-84F1-892D2E91C191}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2A5C3F36-CFB0-45BD-9C74-B4C98C486D48}" = protocol=58 | dir=in | [email protected],-28545 |
"{2C58D3A0-00D7-4C40-B871-A63EEC3B6B3A}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2DFC08E5-21EC-4799-9A59-22C79E51CAE0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{2F7DD621-F52D-4455-8111-CF64F2259575}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{3A7EA857-1CF5-450A-8F10-7015B791086E}" = dir=out | name=kindle |
"{3B2EB109-40DD-4BC1-99F5-5D449CF4DF9C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3EDD0912-6551-4729-BED5-51FD51D61721}" = dir=in | name=hp connected photo powered by snapfish |
"{415B9252-DA81-4CA5-A4E5-391D2F9B6C81}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{424E4184-595B-4F8E-A639-8C9F72CB9F27}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{428BD205-6CE8-488C-B89E-0A7593708748}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{44980EFB-F771-4A2F-8921-FAF5D4A26628}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{489F656F-5830-4BDE-ADEB-34FD6EFE6819}" = dir=out | name=google search |
"{4EC0E54C-5EF0-4E2B-A99E-E1684C1D4792}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{535F094B-5B77-408F-82B8-11FF773E6435}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{5913A80D-A87F-4D7D-9981-AD635584B6FD}" = protocol=1 | dir=out | [email protected],-28544 |
"{59580CA7-8B16-4ECB-AEC6-372B3865ACA6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5AB0D381-B7C4-4796-9AB9-4569D48D9969}" = dir=in | name=youtube player/downloader - megatube |
"{5CFE9FE5-9EC8-4D73-8E2C-3D2E7EBF7878}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{61F2576E-88E3-4C6A-8085-ACB6C5AEAC27}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{629DA469-3201-4D28-A790-2DCF5040563C}" = dir=out | name=youtube player/downloader - megatube |
"{65249F29-8231-4ABA-BC09-E373FD647759}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6D0BC5F6-FAA3-48C0-AE71-C4D3B74E228A}" = dir=out | name=ebay |
"{711BD9F8-9D49-482E-A9E8-836D6130ADF2}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{740A9664-2C41-4FEB-AD7A-2C1CE995C77F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{74732705-0273-4A03-A9AF-EA481E9E8D33}" = dir=out | name=youtube player |
"{76C4C916-7914-4834-B1F1-AAC27CFB65AC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{79A18B10-1BEA-4AC9-A18B-ED6DB18395BE}" = dir=out | name=allrecipes |
"{7F362F26-FA75-427F-9F1A-282466C3104B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8195C1F2-E924-4CD1-8F3C-47F00B6251DF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81BCB0A4-4B56-413A-8460-5DCDF65D0A71}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{821165C8-2CCC-4395-AE0F-548B856986C8}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{83B7547D-36D6-4CCA-A737-66C242FA04DA}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicator.exe |
"{86DFCBD9-041A-424C-863A-707E8BE94195}" = dir=in | name=ebay |
"{8A431B60-757E-4A2A-AE02-182A4AF8CC39}" = dir=out | name=getting started with windows 8 |
"{8D3A822F-A82C-4641-A216-06CF53479A47}" = dir=out | name=microsoft solitaire collection |
"{9301C2C5-D3D7-421D-B71D-C90F6EBA949A}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\devicesetup.exe |
"{948ECC77-06E7-4414-8AF1-F08998CCF1DF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94CF55A5-4C02-417B-874C-5B082F471334}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{95C83B9E-9103-4450-A2B4-0EFC316D1D4F}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9620BFDE-3EE9-41E6-A978-E76D94374A37}" = protocol=6 | dir=out | app=system |
"{992F312E-0B91-4950-85D8-2493A17AF95B}" = protocol=58 | dir=out | [email protected],-28546 |
"{9F0AD42A-2B4C-4FC0-8051-984F7AF5377F}" = dir=out | name=hp connected photo powered by snapfish |
"{9F340CF8-F5A2-4FC6-9EA8-4636AE2F6C05}" = dir=in | app=c:\program files\hp\hp deskjet 3520 series\bin\hpnetworkcommunicatorcom.exe |
"{A0771BF2-4B27-45B0-96F3-848447D8D74D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A464435C-A0DC-4E97-AD9B-1020F276906B}" = dir=in | name=skype |
"{AAD66B52-85C1-49DE-9C8E-D98BAB74DB36}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{B24E932C-E227-4B27-8124-6584E5D351FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B735AAD8-CAEC-48A9-B761-84E45E2CAE42}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{B7B799B4-CFE4-4668-BC18-868D751D8506}" = dir=in | name=hp+ |
"{B8C62AD4-9776-4E1F-B9E2-6788BAEC543F}" = dir=out | name=hp+ |
"{BA628D48-FE4C-4AA2-9EA0-33BB0A203CA1}" = dir=out | name=netflix |
"{BB44DC22-652C-42B6-877B-3FA2C9F2DC96}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{BD83017A-8F63-4EE8-84AC-4C1CD5E585BE}" = dir=out | name=facebook+ lite |
"{C044171E-C766-4F1C-8CE7-D0F8E925C4AF}" = dir=in | name=hp printer control |
"{C27A0C74-D289-4695-A00B-6444DE9146F8}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C2E3CB1D-B01E-486C-A839-70C842691A90}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C5D040E5-707F-4F0D-88CF-94340C0CFBCB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C82843CF-7C40-46A9-A7AA-0118AA2403AF}" = dir=out | name=iheartradio |
"{C85AFFB6-12B7-4E5A-A0EC-5E04B45D9B5E}" = dir=out | name=norton studio |
"{C8C97C7F-C75F-40D1-BE92-9D4E437EFC96}" = dir=out | name=sudoku free |
"{CA237181-0BDA-46E2-A413-DA0AB132ACB5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD512173-5894-4501-BA15-40E3513C441F}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{CD70FAA9-2901-41CE-9CFC-0FCE40E4EE64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D327F591-A205-40A4-85A1-6AD4EEB1B506}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DB552336-6070-49CD-A63A-9E8E0908A944}" = dir=out | name=microsoft mahjong |
"{DF295EBC-F784-4AA3-8185-6EB1788142BC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{E16AB235-2FF3-47D8-9286-8D2F1D4E0EC6}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E5D2EA5B-A2A8-489E-8CC7-5E42C37CFA64}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E920E4D2-24C3-4999-9746-0410788B0315}" = dir=out | name=hp printer control |
"{E9CF8353-54DC-4800-9AAD-593F756260D6}" = dir=out | name=hp registration |
"{E9D14260-F501-4864-8ED1-93A19746599D}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F39E0492-294C-4430-9A7B-88D134C35EFD}" = dir=in | name=allrecipes |
"{F9C0B797-B4F0-4CF1-B9E3-71197BCF4961}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{FD660B34-897E-4BC0-9E40-758648827157}" = protocol=1 | dir=in | [email protected],-28543 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{08F2724F-3B6A-91BD-E63F-1B9F8463D097}" = AMD Accelerated Video Transcoding
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}" = HP Deskjet 3520 series Product Improvement Study
"{14D155F8-40FC-F843-30C6-8776BF5CEBAA}" = AMD Fuel
"{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}" = Validity WBF DDK
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C9778CB-2167-402E-B37E-10431C01F4C4}" = AVG 2014
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0A03B53-927D-4454-A456-CB0A72A4912F}" = HP Deskjet 3520 series Basic Device Software
"{A257DDD7-AFD4-ABEA-0F67-9C3930091B19}" = ccc-utility64
"{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}" = AMD Catalyst Install Manager
"{D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}" = AVG 2014
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}" = AuthenTec TrueAPI 64-bit
"AVG" = AVG 2014
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0904cc72-1b29-426a-b0f0-228d2744a4f6}" = Garmin Express
"{097CB5A1-D19E-F62A-6400-91DBF8D97B17}" = CCC Help Turkish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4}" = Catalyst Control Center - Branding
"{0EF2A1AF-6F24-FD4B-3140-3656CC9A6BEC}" = CCC Help Italian
"{11230C68-9248-D3B8-A0C5-0461D8C0691E}" = CCC Help Dutch
"{18FEC022-D8CE-48DF-A57A-1085D4F58F6E}" = Elevated Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{29A6A747-07ED-DB5E-AD38-5F66B06E8888}" = CCC Help Russian
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2BE3A1BC-D155-1D32-9080-685C54689C34}" = CCC Help Korean
"{2F413B34-8C18-328C-E68C-0332AB527CFF}" = CCC Help Czech
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C821CA-6B55-44A0-8A9B-2EF471D6019E}" = HP SimplePass
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D062C86-0CCA-8F10-A575-3564BD50372C}" = Catalyst Control Center Graphics Previews Common
"{3E2D81D1-5FEE-6E90-2E0C-B8C15F05237A}" = CCC Help Norwegian
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47B3FDA1-E7F2-D3C3-0970-B9916C5530F3}" = AMD VISION Engine Control Center
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F8C5AA-91BD-423D-BF05-09A80F39898F}" = HP CoolSense
"{5CBA9A98-4CAE-92DC-4662-A77268EE1D04}" = CCC Help English
"{5F1C0CF4-49C6-B096-0F72-AA2C319BBEE0}" = CCC Help German
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{650AA9FB-CA49-A284-8E13-F3732CC20D9A}" = Catalyst Control Center Localization All
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}" = Fitbit Connect
"{6DF0DAF1-BED0-F5BB-B96E-10AA15DF65E7}" = CCC Help Swedish
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73AD6CBA-D50D-F30C-E579-14389FF41D1D}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AF962CF-7018-C589-8439-EA7C9F2FA200}" = CCC Help Danish
"{7BB80D45-4024-2E0C-FC0D-45A319CD3F99}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92524C67-A99D-44C6-8995-04F5E76486AF}" = HP Documentation
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{95A762D1-99E7-F428-99B3-E3CC636C48D9}" = CCC Help Hungarian
"{9608B011-02E9-4A66-A0FC-3264A79F808A}" = Garmin Express
"{96DAE3D0-5008-F1FC-186D-0B364071C98C}" = CCC Help French
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B42457E-3781-7293-5643-C722BA43397E}" = CCC Help Greek
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C35EDE5-4B0F-45E7-A438-314BA889948E}" = HP MyRoom
"{9E2BCF78-EDAD-A8BC-123D-10E0D9234753}" = CCC Help Chinese Traditional
"{9FEDC691-A307-D525-7D71-EDB97240CFF3}" = CCC Help Chinese Standard
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB1F1677-926B-894A-A890-56A3FCD9794B}" = CCC Help Finnish
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{ACC5984D-6859-874C-B939-058DED2692FA}" = CCC Help Portuguese
"{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}" = HP Deskjet 3520 series Setup Guide
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}" = HP Deskjet 3520 series Help
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program
"{C458E818-0B4F-C961-AFDF-29F172EE5A1B}" = CCC Help Spanish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB47925A-50F0-493A-B3B0-3F6C632FCE8D}" = Garmin Express Tray
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E175B925-538F-6D69-A9C9-4D0699648752}" = CCC Help Japanese
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E46BF405-4ADF-36F4-A0EA-EF4CDF1A21E6}" = CCC Help Polish
"{E5823036-6F09-4D0A-B05C-E2BAA129288A}" = HP Quick Launch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Cisco Connect" = Cisco Connect
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NIS" = Norton Internet Security
"Office Suite X 3.3" = Office Suite X 3.3
"RealPlayer 16.0" = RealPlayer
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"test" = Product Support
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-029362cc-622e-409b-bfea-deb90ef48c20" = Jewel Match 3
"WTA-05c24aa9-18e4-43dd-bc53-2c4ec65e2d04" = Mahjongg Dimensions Deluxe: Tiles in Time
"WTA-07ebc83a-afed-46d8-acf2-113864ffc298" = Hoyle Card Games
"WTA-0c62b714-73eb-4f0d-8a08-5d5a7d5a02b9" = FATE: The Cursed King
"WTA-0ccd6058-6ce8-450a-9180-1d28d4d2abc9" = Mortimer Beckett and the Crimson Thief Premium Edition
"WTA-2fbce475-dc1e-4e50-803f-cbdebef9eecc" = Cradle Of Egypt Collector's Edition
"WTA-35d03937-dfe0-4e5b-8143-2e80cdff4679" = Peggle Nights
"WTA-36fafc6a-e744-4b43-8f34-703d80a63ee8" = Tales of Lagoona
"WTA-48bc7d1c-c245-43f9-974c-8b2383f17d62" = Final Drive Fury
"WTA-4942909c-4b6b-4e1d-a066-d8944a1146e5" = John Deere Drive Green
"WTA-53205b96-557d-48fa-892f-a5504ab2ef5f" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-613117cb-557a-47f0-af4f-f0543ff3a3d9" = Penguins!
"WTA-7aaf7ad1-ee98-4ab1-b9ba-86bd61369a3a" = Chuzzle Deluxe
"WTA-7f97731f-a4eb-4c2a-875b-ad412fa248a6" = Polar Golfer
"WTA-80c9e712-a5b2-459a-ae49-fa71abab1310" = 4 Elements II
"WTA-810b7a6a-49a7-4584-90f6-d995e1549dfb" = Polar Bowler
"WTA-9b1865dd-1740-4506-acfb-388c78543f2e" = Vacation Questâ„¢ - Australia
"WTA-a24f0703-300e-4990-84e0-a262b7103456" = Build-a-lot 4 - Power Source
"WTA-abe3e5d1-4f10-4f17-9883-d993bf2d9f23" = FlatOut 2
"WTA-afaaaf61-3b2c-41df-a644-08d364102930" = Governor of Poker 2 Premium Edition
"WTA-bbe12318-7619-469a-b335-2dfa5acb316f" = Roads of Rome 3
"WTA-ca0d6fbb-1272-426c-95c1-ef040b6f9776" = Bejeweled 3
"WTA-d2ef2a69-032e-410e-b7e0-c7ca1b986125" = Zuma's Revenge
"WTA-dd1a4899-108c-404e-a712-16bb0e41eee8" = Luxor Evolved
"WTA-ebc992a3-af6d-412c-9b79-981c69e7dd0d" = Cradle of Rome 2
"WTA-f578aee6-61da-4f27-a3b5-d942e3921a79" = Farm Frenzy
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2551327239-2481401676-1268998139-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/22/2014 1:35:39 PM | Computer Name = Janet | Source = Application Error | ID = 1000
Description = Faulting application name: mbam.exe, version: 1.0.0.532, time stamp:
0x53518532 Faulting module name: apphelp.dll, version: 6.2.9200.16420, time stamp:
0x505aa904 Exception code: 0xc0000409 Fault offset: 0x00021d2e Faulting process id:
0x1738 Faulting application start time: 0x01cfbe2f480c1acd Faulting application path:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Faulting module path:
C:\Windows\system32\apphelp.dll Report Id: baf762c5-2a22-11e4-bea8-082e5f7b853b Faulting
package full name: Faulting package-relative application ID:
Error - 8/22/2014 2:27:27 PM | Computer Name = Janet | Source = Application Error | ID = 1000
Description = Faulting application name: msfeedssync.exe, version: 10.0.9200.16384,
time stamp: 0x50109c69 Faulting module name: ntdll.dll, version: 6.2.9200.16912,
time stamp: 0x536464ba Exception code: 0xc0000005 Fault offset: 0x0000000000005491
Faulting
process id: 0x1cbc Faulting application start time: 0x01cfbe368ff96544 Faulting application
path: C:\Windows\system32\msfeedssync.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: f760ffa9-2a29-11e4-bea9-082e5f7b853b Faulting package full name: Faulting package-relative
application ID:
Error - 8/22/2014 4:01:40 PM | Computer Name = Janet | Source = Application Error | ID = 1000
Description = Faulting application name: msfeedssync.exe, version: 10.0.9200.16384,
time stamp: 0x50109c69 Faulting module name: ntdll.dll, version: 6.2.9200.16912,
time stamp: 0x536464ba Exception code: 0xc0000005 Fault offset: 0x0000000000005491
Faulting
process id: 0xda4 Faulting application start time: 0x01cfbe43d99d7b27 Faulting application
path: C:\Windows\system32\msfeedssync.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 20d2154e-2a37-11e4-bea9-082e5f7b853b Faulting package full name: Faulting package-relative
application ID:
Error - 8/22/2014 4:11:52 PM | Computer Name = Janet | Source = Application Hang | ID = 1002
Description = The program NOTEPAD.EXE version 6.2.9200.16384 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2b80 Start
Time: 01cfbe445abc1a7b Termination Time: 16 Application Path: C:\Windows\SysWOW64\NOTEPAD.EXEReport
Id: afd4d0b4-2a37-11e4-bea9-082e5f7b853b Faulting package full name: Faulting package-relative
application ID:
[ Hewlett-Packard Events ]
Error - 4/29/2013 9:23:01 PM | Computer Name = Janet | Source = hpsa_service.exe | ID = 2000
Description =
Error - 4/29/2013 9:37:42 PM | Computer Name = Janet | Source = HPSF.exe | ID = 2000
Description =
[ System Events ]
Error - 8/22/2014 1:54:27 PM | Computer Name = Janet | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 8/22/2014 1:56:13 PM | Computer Name = Janet | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater18.1.9 service failed to start due to the following
error: %%2
< End of report > -
OTL logfile created on: 8/22/2014 3:10:37 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Janet\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17054)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.47 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 67.26% Memory free
8.59 Gb Paging File | 6.09 Gb Available in Paging File | 70.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 670.72 Gb Total Space | 606.68 Gb Free Space | 90.45% Space Free | Partition Type: NTFS
Drive D: | 27.15 Gb Total Space | 3.20 Gb Free Space | 11.78% Space Free | Partition Type: NTFS
Computer Name: JANET | User Name: Janet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/22 15:08:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Janet\Downloads\OTL.scr
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/25 19:28:41 | 002,725,912 | ---- | M] () -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
PRC - [2014/02/09 15:49:36 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2014/01/10 16:06:50 | 003,362,336 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013/08/05 02:51:14 | 001,713,416 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
PRC - [2013/08/05 01:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013/05/20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
PRC - [2012/11/05 16:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
PRC - [2012/08/10 03:36:40 | 003,698,024 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
PRC - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
PRC - [2012/07/27 20:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/03/28 20:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/12/18 01:51:24 | 009,007,616 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.exe
PRC - [2011/12/18 01:51:24 | 008,999,424 | ---- | M] (Office Suite X) -- C:\Program Files (x86)\Office Suite X 3\program\soffice.bin
========== Modules (No Company Name) ==========
MOD - [2014/03/16 11:08:47 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\032b537c9d4bbefec6997f44ceb08485\System.ServiceModel.Internals.ni.dll
MOD - [2014/03/16 11:08:44 | 000,121,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4e89df05173df61ef526394eeed4428e\SMDiagnostics.ni.dll
MOD - [2014/02/19 19:22:05 | 007,660,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d7aaae3b1c95a1a658446d302b9a7f88\System.Xml.ni.dll
MOD - [2014/02/19 19:21:42 | 012,877,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\11b4af16e791a6b0ada4a97d3e64e27a\System.Windows.Forms.ni.dll
MOD - [2014/02/19 19:20:40 | 002,822,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
MOD - [2014/02/19 19:20:31 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\61be23d6a688188e3419a1eb46fc9d9d\System.Drawing.ni.dll
MOD - [2014/02/19 19:20:15 | 000,975,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ffb7bbc6548ff34bc125a8fec79315dc\System.Configuration.ni.dll
MOD - [2014/02/19 19:19:20 | 007,041,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\bca236f576ea12db3a9191f4586a445a\System.Core.ni.dll
MOD - [2014/02/19 19:19:09 | 010,051,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f0602360211041a6be208f0b4138dddd\System.ni.dll
MOD - [2014/02/19 19:18:56 | 000,198,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\0000f5ef7d4e9fef6ab4084784cf238c\CustomMarshalers.ni.dll
MOD - [2014/02/19 19:18:55 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\391541c89ed7585fc7e8936c43cee387\mscorlib.ni.dll
MOD - [2013/08/05 16:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013/08/05 02:51:27 | 000,806,664 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
MOD - [2013/08/05 02:51:25 | 000,175,880 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
MOD - [2013/08/05 01:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013/03/05 21:04:53 | 001,321,944 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\Language\Enu\P2GRC.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/10 03:36:26 | 004,073,320 | ---- | M] () -- C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
MOD - [2012/05/30 00:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\wincfi39.dll
MOD - [2011/12/17 09:16:50 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\Office Suite X 3\program\libxml2.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/05/29 17:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/29 02:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/15 23:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/24 16:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 03:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 00:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 00:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/08 22:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/12/07 22:08:33 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/08/09 00:46:00 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/08/08 12:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/24 04:59:56 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/07/16 08:59:12 | 000,401,256 | ---- | M] (AuthenTec, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/08 07:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/01/10 16:06:48 | 001,435,680 | R--- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2013/12/30 10:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/05/20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe -- (NIS)
SRV - [2012/11/05 22:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/09/07 17:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/08/10 03:36:54 | 001,641,320 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe -- (FPLService)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 21:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/25 21:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/05/14 21:09:08 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014/04/28 03:33:58 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (npf)
DRV:64bit: - [2014/03/28 13:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/23 16:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/10 05:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 00:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/01 20:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/15 23:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 00:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 02:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/01 19:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/01 19:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 00:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/25 11:21:50 | 000,495,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/06/25 11:18:49 | 000,029,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2013/06/18 19:31:02 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/05/31 21:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/22 23:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/20 23:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/15 23:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/24 18:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/15 20:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/03/05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013/03/04 19:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/04 19:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/07 22:08:08 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/12/07 22:08:08 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/10 23:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/10 21:51:49 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2012/09/24 13:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 13:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/08/24 19:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/09 02:03:34 | 010,283,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/08 23:48:22 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/03 16:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/24 10:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/24 04:59:56 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/07/24 03:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012/07/24 03:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/07/17 22:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/06/23 08:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/06/20 15:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1405000.01C\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/19 08:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/06/13 20:24:00 | 000,266,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012/06/12 23:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 08:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV - [2013/02/27 17:32:12 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130228.003\ex64.sys -- (NAVEX15)
DRV - [2013/02/27 17:32:12 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130228.003\eng64.sys -- (NAVENG)
DRV - [2013/01/15 20:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130208.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/03 19:04:10 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130227.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/03 18:01:18 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/03 18:01:18 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20140418,20029,0,25,4752
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@authentec.com/ffwloplugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2014/08/22 11:59:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ [2013/01/03 15:07:35 | 000,000,000 | ---D | M]
CHR - Extension: No name found = C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpbcafcjfgbnjobffeemfcdbcblkkgeg\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpopmgjalaafpollifejcaajbloffnc\4.61\
O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Office Suite X Support) - {2AE7471D-5150-48CF-8498-4CB9E8FAEA90} - C:\Program Files (x86)\Product Support\1.0.0.0\Product Support.dll (Download Manager)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ChromeHelper] C:\Program Files (x86)\Common Files\ChromeHelper\ChromeHelper.exe File not found
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002..\Run: [HP Deskjet 3520 series (NET)] C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002..\Run: [Power2GoExpress8] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Suite X 3.3.lnk = C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKU\S-1-5-21-2551327239-2481401676-1268998139-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.7.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A66FC120-4B59-4ABA-A50D-275EF46A6B6B}: DhcpNameServer = 172.168.0.3
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/22 11:20:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/08/22 10:43:57 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/08/22 10:42:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/21 11:47:33 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/21 11:47:23 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/21 11:47:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/08/21 11:47:19 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/21 11:47:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/21 11:47:15 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/21 11:47:13 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/21 11:47:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/08/21 11:47:12 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/21 11:47:11 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/08/21 11:47:11 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/21 11:47:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/08/21 11:47:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/08/21 11:47:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/21 11:47:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/21 11:47:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/21 11:47:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/08/21 11:47:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/08/21 11:47:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/21 11:47:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/21 11:47:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/21 11:47:04 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/20 10:27:39 | 001,312,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/20 10:26:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/08/20 10:21:58 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/20 10:21:54 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/20 10:21:53 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/20 10:17:05 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/08/20 10:17:03 | 008,857,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/08/20 10:17:02 | 002,885,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/20 10:17:02 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2014/08/20 10:17:01 | 002,306,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/20 10:17:01 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/20 10:17:00 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/20 10:17:00 | 000,112,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/20 10:16:59 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/20 10:16:00 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/08/20 10:02:53 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/20 10:02:51 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/04 16:02:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/04 16:02:50 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/04 16:02:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/04 16:02:49 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/04 16:02:49 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/04 16:02:46 | 001,623,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/04 16:02:46 | 000,773,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/04 16:02:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/04 16:02:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/04 16:02:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/04 16:02:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/04 16:02:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/04 07:48:38 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/07/30 16:20:33 | 000,000,000 | ---D | C] -- C:\Users\Janet\AppData\Local\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/07/30 16:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/07/30 16:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/07/29 09:43:42 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/29 09:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/29 09:43:15 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/29 09:43:15 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/07/29 09:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
========== Files - Modified Within 30 Days ==========
[2014/08/22 14:29:13 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rmv.job
[2014/08/22 14:29:05 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rmv.job
[2014/08/22 14:29:05 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0214b_rel.job
[2014/08/22 14:28:57 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rel.job
[2014/08/22 12:05:20 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/22 12:03:39 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/22 12:03:31 | 000,941,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/08/22 12:03:31 | 000,783,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/22 12:03:31 | 000,158,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/22 11:57:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/22 11:55:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/22 11:55:13 | 2117,496,831 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/22 10:54:34 | 000,291,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/22 10:46:32 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/22 10:46:32 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/22 10:46:31 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/22 10:46:31 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/22 10:45:58 | 000,773,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/22 10:45:58 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/22 10:45:57 | 001,623,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/22 10:45:57 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/08/22 10:45:56 | 000,059,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/22 10:45:52 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/22 10:45:52 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/22 10:45:51 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\storewuauth.dll
[2014/08/21 11:51:11 | 000,009,768 | ---- | M] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:25 | 000,004,715 | ---- | M] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:07 | 000,013,917 | ---- | M] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:15 | 000,006,420 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/13 08:48:15 | 000,001,817 | ---- | M] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/12 08:15:23 | 000,050,976 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/08/07 00:33:36 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/08/06 21:09:52 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/08/06 14:36:11 | 000,034,824 | ---- | M] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:10:30 | 000,006,195 | ---- | M] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/08/04 07:48:38 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\48230029.sys
[2014/08/01 18:15:04 | 000,704,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/08/01 18:15:04 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/31 07:17:42 | 000,017,409 | ---- | M] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:01:04 | 000,008,254 | ---- | M] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
[2014/07/24 06:11:15 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/07/24 06:10:46 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/07/24 06:10:46 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/07/24 06:09:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/07/24 06:09:53 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/07/24 06:09:53 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/07/24 06:09:37 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/07/24 06:09:37 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/07/24 06:09:33 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/07/24 06:09:33 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/07/24 06:09:33 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/07/24 06:09:20 | 000,451,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/07/24 06:09:20 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/07/24 06:09:00 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/07/24 04:52:20 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/07/24 04:51:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/07/24 04:51:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/07/24 04:51:26 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/07/24 04:51:22 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/07/24 04:51:22 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/07/24 04:51:21 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/07/24 04:51:02 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
========== Files Created - No Company Name ==========
[2014/08/21 11:51:06 | 000,009,768 | ---- | C] () -- C:\Users\Janet\Desktop\budget 8-2014.ods
[2014/08/20 09:51:24 | 000,004,715 | ---- | C] () -- C:\Users\Janet\Desktop\cochlear scholarship pg 2.rtf
[2014/08/20 09:37:06 | 000,013,917 | ---- | C] () -- C:\Users\Janet\Desktop\Cochlear scholarship pg1.rtf
[2014/08/13 08:59:14 | 000,006,420 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter--dfs.rtf
[2014/08/06 14:32:13 | 000,001,817 | ---- | C] () -- C:\Users\Janet\Desktop\cover letter-ups.rtf
[2014/08/04 16:26:36 | 000,034,824 | ---- | C] () -- C:\Users\Janet\Desktop\resume.rtf
[2014/08/04 11:05:44 | 000,006,195 | ---- | C] () -- C:\Users\Janet\Desktop\headstart letter.rtf
[2014/07/31 07:17:40 | 000,017,409 | ---- | C] () -- C:\Users\Janet\Desktop\what would you do PHS app.odt
[2014/07/30 16:18:17 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/07/30 16:18:16 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/07/30 15:57:34 | 000,008,254 | ---- | C] () -- C:\Users\Janet\Desktop\letter of interest phs.rtf
[2014/07/29 10:26:25 | 000,291,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/29 09:43:24 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/28 10:30:22 | 000,197,000 | ---- | C] () -- C:\Program Files (x86)\12res.dll
[2014/04/28 03:33:58 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2014/02/25 08:01:26 | 000,000,089 | ---- | C] () -- C:\Users\Janet\AppData\Roaming\WB.CFG
[2014/02/09 17:04:51 | 000,002,763 | ---- | C] () -- C:\ProgramData\connector.swf
[2014/02/01 11:02:27 | 002,905,689 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20140126-2033.dat
[2013/11/25 21:36:36 | 002,971,556 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131126-0225.dat
[2013/11/07 07:46:53 | 002,825,858 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131107-0348.dat
[2013/10/15 20:13:00 | 002,798,421 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20131016-0212.dat
[2013/09/18 17:41:45 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/29 21:30:11 | 002,833,940 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130830-0326.dat
[2013/07/07 13:50:05 | 002,742,387 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130707-1950.dat
[2013/05/14 19:03:35 | 002,669,928 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130515-0103.dat
[2013/05/05 18:58:28 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/04/29 19:23:51 | 002,777,018 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130430-0123.dat
[2013/04/14 14:29:31 | 002,689,660 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130414-2028.dat
[2013/04/06 19:33:57 | 002,627,472 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130407-0133.dat
[2013/02/22 15:26:04 | 002,631,747 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130222-2125.dat
[2013/02/14 20:22:53 | 002,699,733 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130215-0222.dat
[2013/02/09 19:27:15 | 002,737,189 | ---- | C] () -- C:\Users\Janet\PPPlus-Janet-Partridge-20130210-0126.dat
[2012/12/07 21:24:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
[2012/08/16 23:55:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 02:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 00:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/09/16 14:33:28 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/09/16 14:33:28 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/11/17 15:48:50 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\AVG2014
[2014/02/01 11:20:48 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Garmin
[2014/02/09 15:55:13 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\OfficeSuiteX
[2013/01/03 15:09:27 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\Synaptics
[2013/09/01 09:52:37 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\TuneUp Software
[2013/06/13 18:05:22 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\WebApp
[2013/01/27 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Janet\AppData\Roaming\WildTangent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720< End of report >
-
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 1/3/2013 2:06:47 PM
System Uptime: 8/22/2014 11:54:19 AM (3 hours ago)
.
Motherboard: Hewlett-Packard | | 182D
Processor: AMD A10-4600M APU with Radeon HD Graphics | Socket FT1 | 2300/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 671 GiB total, 606.857 GiB free.
D: is FIXED (NTFS) - 27 GiB total, 3.199 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Teredo Tunneling Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP109: 8/4/2014 4:01:28 PM - Windows Update
RP110: 8/12/2014 9:06:56 AM - Scheduled Checkpoint
RP111: 8/20/2014 9:58:34 AM - Windows Update
.
==== Installed Programs ======================
.
4 Elements II
Adobe Reader XI (11.0.08)
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Quick Stream
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AuthenTec TrueAPI 64-bit
AVG 2014
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco Connect
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD
CyberLink YouCam
D3DX10
Elevated Installer
Energy Star
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
Fitbit Connect
FlatOut 2
Garmin Express
Garmin Express Tray
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.2.3
Hoyle Card Games
HP 3D DriveGuard
HP Connected Music (Meridian - installer)
HP CoolSense
HP Customer Experience Enhancements
HP Deskjet 3520 series Basic Device Software
HP Deskjet 3520 series Help
HP Deskjet 3520 series Product Improvement Study
HP Deskjet 3520 series Setup Guide
HP Documentation
HP Games
HP MyRoom
HP Photo Creations
HP Postscript Converter
HP Quick Launch
HP Recovery Manager
HP Registration Service
HP SimplePass
HP Software Framework
HP Support Assistant
HP Update
HP Utility Center
iCloud
IDT Audio
iTunes
Java 7 Update 17
Java Auto Updater
Java 6 Update 22
Jewel Match 3
John Deere Drive Green
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft Application Error Reporting
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mortimer Beckett and the Crimson Thief Premium Edition
MSVCRT
Mystery P.I. - Curious Case of Counterfeit Cove
Norton Internet Security
Office Suite X 3.3
Peggle Nights
Penguins!
Polar Bowler
Polar Golfer
Product Support
Qualcomm Atheros Driver Installation Program
QuickTime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Roads of Rome 3
swMSM
Synaptics Pointing Device Driver
Tales of Lagoona
Update Installer for WildTangent Games App
Vacation Questâ„¢ - Australia
Validity WBF DDK
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
8/22/2014 11:56:13 AM, Error: Service Control Manager [7000] - The vToolbarUpdater18.1.9 service failed to start due to the following error: The system cannot find the file specified.
8/22/2014 11:54:27 AM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
.
==== End Of File ===========================DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17054 BrowserJavaVersion: 10.17.2
Run by Janet at 14:03:19 on 2014-08-22
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7644.5336 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Disabled/Outdated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Office Suite X 3\program\soffice.exe
C:\Program Files (x86)\Office Suite X 3\program\soffice.bin
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <-loopback>
mWinlogon: Userinit = userinit.exe,
BHO: Office Suite X Support: {2AE7471D-5150-48CF-8498-4CB9E8FAEA90} - C:\Program Files (x86)\Product Support\1.0.0.0\Product Support.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ips\ipsbho.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll
uRun: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2971C5ZL05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
uRun: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
uRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [ChromeHelper] C:\Program Files (x86)\Common Files\ChromeHelper\ChromeHelper.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Janet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OFFICE~1.LNK - C:\Program Files (x86)\Office Suite X 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableVirtualization = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 72.21.70.3 67.215.21.202 192.168.1.1
TCP: Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15} : DHCPNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
TCP: Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15}\34963736F63353531393 : DHCPNameServer = 67.215.21.202 72.21.70.3 192.168.1.1
TCP: Interfaces\{7D5DB9C9-43FE-42C5-B250-BBDF57E9BD15}\E4544574541425 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{A66FC120-4B59-4ABA-A50D-275EF46A6B6B} : DHCPNameServer = 172.168.0.3
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
SSODL: WebCheck - <orphaned>
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-mPolicies-System: EnableVirtualization = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: ConsentPromptBehaviorUser = dword:0
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2012-7-24 79528]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2012-7-24 26280]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2014-6-17 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2014-6-17 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2014-6-17 235800]
R1 avgtp;avgtp;C:\Windows\System32\Drivers\avgtpx64.sys [2013-9-1 50976]
R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2014-5-14 274712]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-12-8 91712]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-9 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-8-8 361984]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2012-12-7 199008]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
R2 Fitbit Connect;Fitbit Connect Service;C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [2014-1-10 1435680]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-8-10 1641320]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-12-30 250712]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-29 1809720]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe [2014-5-1 144368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-7-17 98472]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-12 1388120]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1405000.01C\ccsetx64.sys [2014-5-1 169048]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-1-6 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130227.001\IDSviA64.sys [2013-2-27 513184]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-7-29 122584]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-12-7 266896]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-12-7 683664]
R3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-6-25 29424]
R3 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1405000.01C\symds64.sys [2014-5-1 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1405000.01C\symefa64.sys [2014-5-1 1139800]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1405000.01C\ironx64.sys [2014-5-1 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1405000.01C\symnets.sys [2014-5-1 433752]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2012-12-7 57000]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-3 20288]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2013-9-4 20496]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [?]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-12-7 43832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2013-1-7 23552]
S4 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1405000.01C\symelam.sys [2014-5-1 23448]
.
=============== Created Last 30 ================
.
2014-08-22 17:20:07 -------- d-----w- C:\Windows\ERUNT
2014-08-22 16:43:57 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-08-22 16:42:57 -------- d-----w- C:\AdwCleaner
2014-08-22 15:48:31 71168 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys
2014-08-20 16:27:39 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-08-20 16:27:39 1312768 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-08-20 16:26:57 199680 ----a-w- C:\Windows\System32\cdd.dll
2014-08-20 16:26:57 1453400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-20 16:21:58 4035072 ----a-w- C:\Windows\System32\win32k.sys
2014-08-20 16:21:58 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-20 16:21:58 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-20 16:21:54 712192 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-20 16:21:53 556544 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-20 16:17:05 10116608 ----a-w- C:\Windows\System32\twinui.dll
2014-08-20 16:17:03 8857600 ----a-w- C:\Windows\SysWow64\twinui.dll
2014-08-20 16:17:02 2885632 ----a-w- C:\Windows\System32\msi.dll
2014-08-20 16:17:02 2416128 ----a-w- C:\Windows\SysWow64\msi.dll
2014-08-20 16:17:02 2146304 ----a-w- C:\Windows\System32\actxprxy.dll
2014-08-20 16:17:01 2306560 ----a-w- C:\Windows\System32\authui.dll
2014-08-20 16:17:01 2037760 ----a-w- C:\Windows\SysWow64\authui.dll
2014-08-20 16:17:00 754176 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2014-08-20 16:17:00 393216 ----a-w- C:\Windows\System32\msihnd.dll
2014-08-20 16:17:00 112984 ----a-w- C:\Windows\System32\consent.exe
2014-08-20 16:16:59 295424 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-08-20 16:16:00 94552 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
2014-08-20 16:16:00 328024 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2014-08-20 16:02:53 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-20 16:02:51 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-20 15:51:22 262312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10245.bin
2014-08-05 17:20:22 227728 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-08-04 13:48:38 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-07-30 22:20:33 -------- d-----w- C:\Users\Janet\AppData\Local\Adobe
2014-07-29 15:43:42 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-29 15:43:15 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-29 15:43:15 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-07-29 15:43:15 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-29 15:43:15 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-29 15:43:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-28 16:30:22 197000 ----a-w- C:\Program Files (x86)\12res.dll
.
==================== Find3M ====================
.
2014-08-22 16:46:32 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2014-08-22 16:46:32 128000 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2014-08-22 16:46:31 40448 ----a-w- C:\Windows\System32\wuapp.exe
2014-08-22 16:46:31 144384 ----a-w- C:\Windows\System32\wuwebv.dll
2014-08-22 16:45:58 100352 ----a-w- C:\Windows\System32\wudriver.dll
2014-08-22 16:45:57 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2014-08-22 16:45:57 1623040 ----a-w- C:\Windows\System32\wucltux.dll
2014-08-22 16:45:52 86528 ----a-w- C:\Windows\SysWow64\wudriver.dll
2014-08-22 16:45:51 176640 ----a-w- C:\Windows\System32\storewuauth.dll
2014-08-12 14:15:23 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-08-02 00:15:04 704480 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-02 00:15:04 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-24 12:10:54 2240000 ----a-w- C:\Windows\System32\wininet.dll
2014-07-24 12:10:46 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-07-24 12:10:46 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-07-24 12:09:37 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-24 12:09:33 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-24 12:09:33 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-07-24 12:09:00 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-24 10:52:27 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-24 10:52:20 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-07-24 10:51:27 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-24 10:51:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-24 10:51:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-24 10:29:20 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-24 08:03:01 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-06-30 22:42:56 394240 ----a-w- C:\Windows\System32\devinv.dll
2014-06-30 22:42:48 87552 ----a-w- C:\Windows\System32\aepic.dll
2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
2014-06-17 22:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 22:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2014-06-17 22:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 22:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 22:06:22 153368 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 22:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 22:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2014-06-06 14:06:38 596480 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 10:17:56 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 14:04:04.39 ===============
-
Malwarebytes Anti-Malware
www.malwarebytes.orgScan Date: 8/22/2014
Scan Time: 12:08:15 PM
Logfile:
Administrator: YesVersion: 2.00.2.1012
Malware Database: v2014.08.22.07
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: DisabledOS: Windows 8
CPU: x64
File System: NTFS
User: JanetScan Type: Threat Scan
Result: Completed
Objects Scanned: 315750
Time Elapsed: 32 min, 36 secMemory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: EnabledProcesses: 0
(No malicious items detected)Modules: 0
(No malicious items detected)Registry Keys: 1
PUP.Optional.SuperFish.A, HKU\S-1-5-21-2551327239-2481401676-1268998139-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [a2fd15b4ed8e36006e20638e9b6747b9],Registry Values: 0
(No malicious items detected)Registry Data: 0
(No malicious items detected)Folders: 0
(No malicious items detected)Files: 0
(No malicious items detected)Physical Sectors: 0
(No malicious items detected)(end)
-
did that work right? I am not sure If I accidently copied it twice or not.
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Janet on Fri 08/22/2014 at 11:20:12.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/22/2014 at 11:32:36.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Janet on Fri 08/22/2014 at 11:20:12.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/22/2014 at 11:32:36.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
# AdwCleaner v3.308 - Report created 22/08/2014 at 10:44:14
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Janet - JANET
# Running from : C:\Users\Janet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICDIN1DK\adwcleaner_3.308.exe
# Option : Clean***** [ Services ] *****
[#] Service Deleted : 70e6ca8c
Service Deleted : qknfd
Service Deleted : valWBFPolicyService***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\NewPlayer
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\PC Cleaner
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Systweak Support Dock
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\002
[!] Folder Deleted : C:\Users\Janet\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Janet\AppData\Local\Browsersafeguard
Folder Deleted : C:\Users\Janet\AppData\Local\genienext
Folder Deleted : C:\Users\Janet\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Janet\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Janet\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Janet\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Janet\Documents\Mobogenie
Folder Deleted : C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmoppohdbnekbglnimlhccbdnaeekln
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Public\Desktop\NewPlayer.lnk
File Deleted : C:\Windows\System32\valWBFPolicyService.exe
File Deleted : C:\Users\Janet\daemonprocess.txt***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilFindRight_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Video-Saver
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\NewPlayer
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.17028
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [12556 octets] - [22/08/2014 10:43:02]
AdwCleaner[s0].txt - [11575 octets] - [22/08/2014 10:44:14]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11636 octets] ##########
-
pop ups, viruses
can't stop pop ups
in Malware Removal
Posted
I ran it. I am interested in resetting the local host----