Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google redirected [Closed]


  • This topic is locked This topic is locked

#1
kipswg

kipswg

    Member

  • Member
  • PipPip
  • 11 posts
Hello everyone, I have read all the tips on this problem and followed the steps that have been listed to try to resolve this issue and I am still having my google redirected to this site hxxp://789.huo99.com/ada2192_1.html. Friday I did a full restore of the computer but everything back to the factory setting and had to reinstall everything on my PC. However I do not have a windows disc just had to use the built in restore, and to much to my surprise I am still being google is still being redirected to this page. Any ideas on a fix?
  • 0

Advertisements


#2
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Here is the OTL report

OTL logfile created on: 5/7/2012 5:48:58 PM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Steven\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.49 Gb Available Physical Memory | 81.19% Memory free
15.97 Gb Paging File | 14.23 Gb Available in Paging File | 89.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.61 Gb Total Space | 845.72 Gb Free Space | 92.47% Space Free | Partition Type: NTFS
Drive D: | 16.81 Gb Total Space | 2.10 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: STEVEN-HP | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 17:42:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Downloads\OTL.exe
PRC - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccsvchst.exe
PRC - [2011/12/27 21:47:40 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011/08/16 17:03:24 | 000,020,480 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/07/20 14:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/08 00:14:00 | 002,218,600 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/25 20:19:08 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/05 18:18:54 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
MOD - [2012/05/05 18:18:52 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
MOD - [2012/05/05 18:17:04 | 002,906,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
MOD - [2012/05/05 18:16:32 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/05 18:16:31 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
MOD - [2012/05/05 18:16:30 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
MOD - [2012/05/05 07:10:26 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9dee5fd0cf53fc233a7fc20edf8e66ed\PresentationCore.ni.dll
MOD - [2012/05/05 07:10:25 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll
MOD - [2012/05/05 07:10:18 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
MOD - [2012/05/05 07:10:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
MOD - [2012/05/05 07:10:15 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef8c44c3c8766f219f576faab54c8dc7\WindowsBase.ni.dll
MOD - [2012/05/05 07:10:14 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll
MOD - [2012/05/05 07:10:12 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bab886a18699bab842769c5ce486c332\System.Configuration.ni.dll
MOD - [2012/05/05 07:10:11 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012/05/05 07:10:04 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/03/25 20:19:08 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/02/17 01:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 05:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe -- (NIS)
SRV - [2011/09/09 20:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/08/01 17:43:36 | 000,195,320 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/07/20 14:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/08 00:14:00 | 002,218,600 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/05 07:20:31 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/29 01:28:38 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/03/29 01:28:30 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/29 01:06:25 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/29 01:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/03/29 01:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/27 21:23:58 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/12/27 21:23:58 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/11/29 17:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/09/26 04:47:17 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/26 04:47:14 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/14 05:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 22:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/08/03 09:37:50 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/08/03 09:37:48 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/07/25 13:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/25 21:21:10 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/03/25 21:21:06 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/03/25 21:21:06 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/03/25 21:21:06 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/03/25 21:21:06 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/03/03 10:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/03/22 22:39:20 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/05/07 17:45:50 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120507.002\ex64.sys -- (NAVEX15)
DRV - [2012/05/07 17:45:50 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120507.002\eng64.sys -- (NAVENG)
DRV - [2012/05/04 23:23:04 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/05/04 23:23:04 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/04 09:16:22 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120507.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/04/13 01:34:56 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120413.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/05/05 06:59:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/05/07 17:23:49 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FDA7121-08D2-4FC3-A071-E6D54380A168}: DhcpNameServer = 8.8.8.8 8.8.8.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012/05/07 17:48:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\TeamSpeak 3 Client
[2012/05/06 08:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\CrashDumps
[2012/05/06 08:27:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\SWTOR
[2012/05/06 08:27:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\Documents\HeroBlade Logs
[2012/05/06 00:47:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\WinBatch
[2012/05/05 18:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/05/05 18:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/05/05 18:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/05/05 18:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/05/05 18:28:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/05/05 18:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012/05/05 17:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012/05/05 17:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012/05/05 17:56:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\HP Support Assistant
[2012/05/05 17:56:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\HpUpdate
[2012/05/05 03:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/05/05 03:02:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/05/05 03:02:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/05/05 00:37:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/05/05 00:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012/05/04 23:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/05/04 23:24:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/05/04 23:24:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/05/04 23:24:53 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/05/04 23:24:53 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/05/04 23:24:53 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/05/04 23:24:53 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/05/04 23:24:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/05/04 23:24:52 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/05/04 23:24:52 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/05/04 23:24:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/05/04 23:24:52 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/05/04 23:22:00 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/04 23:21:59 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/04 23:21:59 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/04 23:13:01 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/05/04 23:13:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/05/04 23:13:01 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/05/04 22:15:20 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/05/04 22:15:20 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/05/04 22:14:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/05/04 22:14:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/05/04 22:14:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/05/04 22:13:42 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/05/04 22:13:42 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/05/04 22:13:42 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/05/04 22:13:42 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/05/04 22:11:33 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/04 22:11:29 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/05/04 22:11:29 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/05/04 22:11:14 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/05/04 22:11:05 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/05/04 22:11:04 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/05/04 22:11:04 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/05/04 22:11:04 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/05/04 22:11:04 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/05/04 22:11:04 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/05/04 22:11:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/05/04 22:11:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/05/04 22:10:30 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/05/04 22:10:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/05/04 22:09:44 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/05/04 22:09:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/05/04 22:02:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Adobe
[2012/05/04 22:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/05/04 21:59:11 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2012/05/04 21:59:11 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/05/04 21:59:11 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/05/04 21:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/05/04 21:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/05/04 21:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/05/04 21:57:16 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll
[2012/05/04 21:57:16 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642060.dll
[2012/05/04 21:56:58 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/04 21:56:58 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/04 21:56:57 | 008,411,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/05/04 21:56:56 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/04 21:56:55 | 020,700,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/04 21:56:54 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/04 21:56:51 | 012,934,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/05/04 21:56:50 | 010,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/05/04 21:56:50 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/04 21:56:49 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/04 21:56:49 | 002,204,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/04 21:56:49 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/04 21:56:48 | 005,183,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/04 21:56:47 | 006,974,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/04 21:56:42 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/04 21:56:41 | 018,578,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/04 21:56:41 | 002,273,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/05/04 21:56:41 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012/05/04 21:56:40 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/04 21:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/05/04 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\ATI
[2012/05/04 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\ATI
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\hpremote
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Broadcom
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\Documents\Bluetooth Exchange Folder
[2012/05/04 21:49:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\PDFC
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\Searches
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/04 21:48:52 | 000,000,000 | -H-D | C] -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/04 21:48:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Identities
[2012/05/04 21:48:44 | 000,000,000 | R--D | C] -- C:\Users\Steven\Contacts
[2012/05/04 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\VirtualStore
[2012/05/04 21:48:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Hewlett-Packard
[2012/05/04 21:45:11 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/05/04 21:45:11 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/05/04 21:45:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/05/04 21:45:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/05/04 21:45:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/05/04 21:44:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2012/05/04 21:44:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\RemEngine
[2012/05/04 21:44:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Hewlett-Packard_Company
[2012/05/04 21:44:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\TouchSmartData
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\Temporary Internet Files
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Templates
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Start Menu
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\SendTo
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Recent
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\PrintHood
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\NetHood
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Videos
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Pictures
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Music
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\My Documents
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Local Settings
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\History
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Cookies
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Application Data
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\Application Data
[2012/05/04 21:43:53 | 000,000,000 | --SD | C] -- C:\Users\Steven\AppData\Roaming\Microsoft
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Videos
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Saved Games
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Pictures
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Music
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Links
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Favorites
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Downloads
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Documents
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Desktop
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/04 21:43:53 | 000,000,000 | -H-D | C] -- C:\Users\Steven\AppData
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Temp
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Microsoft
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Media Center Programs
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Macromedia
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Hewlett-Packard
[2012/05/04 21:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
[2012/05/04 21:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics
[2012/05/04 21:43:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2012/05/07 17:48:07 | 000,001,219 | ---- | M] () -- C:\Users\Steven\Desktop\TeamSpeak 3 Client.lnk
[2012/05/07 17:29:20 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 17:29:20 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 17:26:19 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/07 17:26:19 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/07 17:26:19 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/07 17:21:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/07 17:21:37 | 2137,141,247 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/06 08:25:33 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteven.job
[2012/05/05 18:29:34 | 000,001,485 | ---- | M] () -- C:\Users\Steven\Desktop\Star Wars - The Old Republic.lnk
[2012/05/05 18:28:33 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/05 17:47:55 | 000,002,494 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 17:45:31 | 001,552,500 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307000.009\Cat.DB
[2012/05/05 07:20:31 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 07:20:31 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 07:20:31 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 07:06:36 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/05 00:42:17 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/05/05 00:42:17 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/05/04 23:37:59 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/04 22:02:16 | 000,001,443 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/04 21:44:18 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/04 21:44:18 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/04/18 22:43:27 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307000.009\isolate.ini

========== Files Created - No Company Name ==========

[2012/05/07 17:48:07 | 000,001,219 | ---- | C] () -- C:\Users\Steven\Desktop\TeamSpeak 3 Client.lnk
[2012/05/06 00:49:29 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSteven.job
[2012/05/05 18:29:34 | 000,001,485 | ---- | C] () -- C:\Users\Steven\Desktop\Star Wars - The Old Republic.lnk
[2012/05/05 18:28:33 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/05 00:40:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/05 00:40:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/04 22:02:16 | 000,001,443 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/04 21:57:16 | 000,007,771 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/04 21:49:11 | 000,001,415 | ---- | C] () -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/04 21:49:00 | 000,001,449 | ---- | C] () -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/04 21:48:35 | 000,002,494 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/04 21:44:48 | 000,002,321 | ---- | C] () -- C:\Users\Public\Desktop\HP Download Store.lnk
[2012/05/04 21:44:48 | 000,002,317 | ---- | C] () -- C:\Users\Public\Desktop\Zya Music...FREE!.lnk
[2012/05/04 21:44:48 | 000,002,223 | ---- | C] () -- C:\Users\Public\Desktop\RaRa Music.lnk
[2012/05/04 21:44:48 | 000,002,213 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish.lnk
[2012/05/04 21:44:46 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/05/04 21:44:18 | 2137,141,247 | -HS- | C] () -- C:\hiberfil.sys
[2012/05/04 21:43:53 | 000,000,290 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/04 21:43:53 | 000,000,272 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/27 21:27:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/27 21:24:19 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/10/12 18:33:22 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/09/14 14:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/02/11 12:15:43 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

< End of report >
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there do the redirects occur in Firefox, IE or both ?

Download aswMBR.exe ( 4.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#4
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Just IE I do not use firefox sorry toke so long to reply



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-08 17:17:24
-----------------------------
17:17:24.245 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:24.245 Number of processors: 4 586 0x100
17:17:24.246 ComputerName: STEVEN-HP UserName: Steven
17:17:26.770 Initialize success
17:32:44.403 AVAST engine defs: 12050801
19:06:10.264 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
19:06:10.266 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 11
19:06:10.276 Disk 0 MBR read successfully
19:06:10.278 Disk 0 MBR scan
19:06:10.283 Disk 0 Windows 7 default MBR code
19:06:10.286 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:06:10.299 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 936557 MB offset 206848
19:06:10.334 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17210 MB offset 1918275584
19:06:10.383 Disk 0 scanning C:\Windows\system32\drivers
19:06:15.910 Service scanning
19:06:32.527 Modules scanning
19:06:32.534 Disk 0 trace - called modules:
19:06:32.551 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:06:32.557 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007a9d060]
19:06:32.562 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80077f6950]
19:06:32.566 5 amd_xata.sys[fffff880011308f7] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80077f3060]
19:06:35.139 AVAST engine scan C:\Windows
19:06:37.739 AVAST engine scan C:\Windows\system32
19:09:36.664 AVAST engine scan C:\Windows\system32\drivers
19:09:50.588 AVAST engine scan C:\Users\Steven
19:10:32.396 AVAST engine scan C:\ProgramData
19:10:47.523 Scan finished successfully
19:11:59.161 Disk 0 MBR has been saved successfully to "C:\Users\Steven\Desktop\MBR.dat"
19:11:59.167 The log file has been saved successfully to "C:\Users\Steven\Desktop\aswMBR.txt"
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I would now like to run a different scan with OTL, there will only be one report this time


  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window.
  • Post this log

  • 0

#6
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
ok here it is and thx for helping

OTL logfile created on: 5/9/2012 5:15:37 PM - Run 2
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Steven\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.45 Gb Available Physical Memory | 80.81% Memory free
15.97 Gb Paging File | 14.16 Gb Available in Paging File | 88.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.61 Gb Total Space | 845.39 Gb Free Space | 92.43% Space Free | Partition Type: NTFS
Drive D: | 16.81 Gb Total Space | 2.10 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: STEVEN-HP | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 17:42:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Downloads\OTL.exe
PRC - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccsvchst.exe
PRC - [2011/12/27 21:47:40 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011/08/16 17:03:24 | 000,020,480 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/08/01 17:43:36 | 000,195,320 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/07/20 14:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/08 00:14:00 | 002,218,600 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/25 20:19:08 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/05 18:18:54 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2a4589aeec877df58cbbcd633bc18fb6\System.IdentityModel.ni.dll
MOD - [2012/05/05 18:18:52 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\c43869b44f633a3ad003a0ad9e79b273\System.ServiceModel.ni.dll
MOD - [2012/05/05 18:17:04 | 002,906,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\073c60e5566fdaab702636f1474233b0\ReachFramework.ni.dll
MOD - [2012/05/05 18:16:32 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\d6b9e13a40ed53cfc10e04c023c62a49\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/05 18:16:31 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3b905cdec5960d51e5bdc7030b005c09\SMDiagnostics.ni.dll
MOD - [2012/05/05 18:16:30 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\a14816d568ee8c7cc9f9923d979d682d\System.Runtime.Serialization.ni.dll
MOD - [2012/05/05 07:10:26 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9dee5fd0cf53fc233a7fc20edf8e66ed\PresentationCore.ni.dll
MOD - [2012/05/05 07:10:25 | 013,138,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll
MOD - [2012/05/05 07:10:18 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
MOD - [2012/05/05 07:10:15 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
MOD - [2012/05/05 07:10:15 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef8c44c3c8766f219f576faab54c8dc7\WindowsBase.ni.dll
MOD - [2012/05/05 07:10:14 | 001,653,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll
MOD - [2012/05/05 07:10:12 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bab886a18699bab842769c5ce486c332\System.Configuration.ni.dll
MOD - [2012/05/05 07:10:11 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012/05/05 07:10:04 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/03/25 20:19:08 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/02/17 01:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 05:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/27 18:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe -- (NIS)
SRV - [2011/09/09 20:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/16 17:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 12:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/08/01 17:43:36 | 000,195,320 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/07/20 14:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/08 00:14:00 | 002,218,600 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/05 07:20:31 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/29 01:28:38 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/03/29 01:28:30 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/03/29 01:06:25 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/29 01:03:27 | 000,737,912 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/03/29 01:03:27 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/27 21:23:58 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/12/27 21:23:58 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/11/29 17:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/09/26 04:47:17 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/26 04:47:14 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/14 05:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 22:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/08/03 09:37:50 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/08/03 09:37:48 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/07/25 13:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1307000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/25 21:21:10 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/03/25 21:21:06 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/03/25 21:21:06 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/03/25 21:21:06 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/03/25 21:21:06 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/03/03 10:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/03/22 22:39:20 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/05/08 17:24:31 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120507.038\ex64.sys -- (NAVEX15)
DRV - [2012/05/08 17:24:31 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120507.038\eng64.sys -- (NAVENG)
DRV - [2012/05/04 23:23:04 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/05/04 23:23:04 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/04 09:16:22 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120507.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/04/13 01:34:56 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{0C1C81D1-8189-4912-A3D9-D4BFDBDF98B2}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/05/05 06:59:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/05/09 17:12:09 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKU\S-1-5-21-3177604375-2045288909-3827787252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FDA7121-08D2-4FC3-A071-E6D54380A168}: DhcpNameServer = 8.8.8.8 8.8.8.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 19:47:13 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\ts3overlay
[2012/05/07 19:36:56 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\TS3Client
[2012/05/07 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012/05/07 17:48:05 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\TeamSpeak 3 Client
[2012/05/06 08:34:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\CrashDumps
[2012/05/06 08:27:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\SWTOR
[2012/05/06 08:27:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\Documents\HeroBlade Logs
[2012/05/06 00:47:35 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\WinBatch
[2012/05/05 18:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012/05/05 18:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/05/05 18:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/05/05 18:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/05/05 18:28:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/05/05 18:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012/05/05 17:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012/05/05 17:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2012/05/05 17:56:12 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\HP Support Assistant
[2012/05/05 17:56:11 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\HpUpdate
[2012/05/05 03:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/05/05 03:02:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/05/05 03:02:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/05/05 00:37:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/05/05 00:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012/05/04 23:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/05/04 22:02:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Adobe
[2012/05/04 22:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/05/04 21:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/05/04 21:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/05/04 21:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/05/04 21:56:58 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/04 21:56:58 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/04 21:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/05/04 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\ATI
[2012/05/04 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\ATI
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\hpremote
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Broadcom
[2012/05/04 21:49:58 | 000,000,000 | ---D | C] -- C:\Users\Steven\Documents\Bluetooth Exchange Folder
[2012/05/04 21:49:16 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\PDFC
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\Searches
[2012/05/04 21:48:52 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/05/04 21:48:52 | 000,000,000 | -H-D | C] -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/05/04 21:48:45 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Identities
[2012/05/04 21:48:44 | 000,000,000 | R--D | C] -- C:\Users\Steven\Contacts
[2012/05/04 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\VirtualStore
[2012/05/04 21:48:27 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Hewlett-Packard
[2012/05/04 21:44:48 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
[2012/05/04 21:44:44 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\RemEngine
[2012/05/04 21:44:39 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Hewlett-Packard_Company
[2012/05/04 21:44:00 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\TouchSmartData
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\Temporary Internet Files
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Templates
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Start Menu
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\SendTo
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Recent
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\PrintHood
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\NetHood
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Videos
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Pictures
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Documents\My Music
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\My Documents
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Local Settings
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\History
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Cookies
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\Application Data
[2012/05/04 21:43:54 | 000,000,000 | -HSD | C] -- C:\Users\Steven\AppData\Local\Application Data
[2012/05/04 21:43:53 | 000,000,000 | --SD | C] -- C:\Users\Steven\AppData\Roaming\Microsoft
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Videos
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Saved Games
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Pictures
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Music
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Links
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Favorites
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Downloads
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Documents
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\Desktop
[2012/05/04 21:43:53 | 000,000,000 | R--D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/05/04 21:43:53 | 000,000,000 | -H-D | C] -- C:\Users\Steven\AppData
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Temp
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Microsoft
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Media Center Programs
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Macromedia
[2012/05/04 21:43:53 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\Hewlett-Packard
[2012/05/04 21:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
[2012/05/04 21:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Mathematics
[2012/05/04 21:43:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

========== Files - Modified Within 30 Days ==========

[2012/05/09 17:17:59 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 17:17:59 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 17:15:15 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/09 17:15:15 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/09 17:15:15 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/09 17:10:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/09 17:10:31 | 2137,141,247 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/08 19:11:59 | 000,000,512 | ---- | M] () -- C:\Users\Steven\Desktop\MBR.dat
[2012/05/07 17:48:07 | 000,001,219 | ---- | M] () -- C:\Users\Steven\Desktop\TeamSpeak 3 Client.lnk
[2012/05/06 08:25:33 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteven.job
[2012/05/05 18:29:34 | 000,001,485 | ---- | M] () -- C:\Users\Steven\Desktop\Star Wars - The Old Republic.lnk
[2012/05/05 18:28:33 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/05 17:47:55 | 000,002,494 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/05 17:45:31 | 001,552,500 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307000.009\Cat.DB
[2012/05/05 07:20:31 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/05/05 07:20:31 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/05/05 07:20:31 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/05/05 07:06:36 | 000,772,558 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/05 00:42:17 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/05/05 00:42:17 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/05/04 23:37:59 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/04 22:02:16 | 000,001,443 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/04 21:44:18 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/04 21:44:18 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/04/18 22:43:27 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1307000.009\isolate.ini

========== Files Created - No Company Name ==========

[2012/05/08 19:11:59 | 000,000,512 | ---- | C] () -- C:\Users\Steven\Desktop\MBR.dat
[2012/05/07 17:48:07 | 000,001,219 | ---- | C] () -- C:\Users\Steven\Desktop\TeamSpeak 3 Client.lnk
[2012/05/06 00:49:29 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForSteven.job
[2012/05/05 18:29:34 | 000,001,485 | ---- | C] () -- C:\Users\Steven\Desktop\Star Wars - The Old Republic.lnk
[2012/05/05 18:28:33 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/05/05 00:40:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/05 00:40:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_cPC_p7-1254_Y53316J_0U_QMXX203_E12NA1MRW603_4A_I2ACF_SPEGATRON CORPORATION_V1.03_B7.15_T111216_W73-1_L409_M8179_J1000_7AMD_8F10_92.20_#120204_N10EC8168;14E44357_Z_G10DE1244.MRK
[2012/05/04 22:02:16 | 000,001,443 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/04 21:57:16 | 000,007,771 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/04 21:49:11 | 000,001,415 | ---- | C] () -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/05/04 21:49:00 | 000,001,449 | ---- | C] () -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/04 21:48:35 | 000,002,494 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/05/04 21:44:48 | 000,002,321 | ---- | C] () -- C:\Users\Public\Desktop\HP Download Store.lnk
[2012/05/04 21:44:48 | 000,002,317 | ---- | C] () -- C:\Users\Public\Desktop\Zya Music...FREE!.lnk
[2012/05/04 21:44:48 | 000,002,223 | ---- | C] () -- C:\Users\Public\Desktop\RaRa Music.lnk
[2012/05/04 21:44:48 | 000,002,213 | ---- | C] () -- C:\Users\Public\Desktop\Snapfish.lnk
[2012/05/04 21:44:46 | 000,002,263 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/05/04 21:44:18 | 2137,141,247 | -HS- | C] () -- C:\hiberfil.sys
[2012/05/04 21:43:53 | 000,000,290 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/04 21:43:53 | 000,000,272 | ---- | C] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/12/27 21:27:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/27 21:24:19 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/10/12 18:33:22 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/09/14 14:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/02/11 12:15:43 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/05/07 19:47:59 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\TS3Client
[2012/05/07 22:04:17 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\ts3overlay
[2012/05/06 00:47:35 | 000,000,000 | ---D | M] -- C:\Users\Steven\AppData\Roaming\WinBatch
[2009/07/14 00:08:49 | 000,005,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/12/27 21:18:27 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/12/27 21:18:27 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/12/27 21:18:27 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/12/27 21:18:27 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/12/27 21:18:27 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/12/27 21:18:27 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/12/27 21:14:25 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/12/27 21:14:25 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/12/27 21:14:25 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/12/27 21:14:25 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/12/27 21:14:25 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/12/27 21:14:25 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/12/27 21:14:25 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/12/27 21:14:25 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/12/27 21:14:25 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/12/27 21:14:25 | 000,748,336 | ---- | M] (Microsoft Corporation)

< End of report >
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Is it only firefox, or IE as well ?

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1
Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear.

    Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

  • 0

#8
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Do not use Firefox. So it would only be IE
  • 0

#9
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:15 on 10/05/2012 (Steven)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\" [02:44 05/05/2012]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\" [22:11 10/05/2012]

-=E.O.F=-
  • 0

#10
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Ok down load firefox and it does it to. here is the report from it.

GooredFix by jpshortstuff (03.07.10.1)
Log created at 17:31 on 10/05/2012 (Steven)
Firefox version 12.0 (en-US)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:29 10/05/2012]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\" [02:44 05/05/2012]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\" [22:11 10/05/2012]

---------- Old Logs ----------
GooredFix[22.30.26_10-05-2012].txt

-=E.O.F=-
  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
And this transfered over after a reinstall ?

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#12
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Yes it transfered over with the fresh install. Never even got to google was redirected right away.


16:56:26.0154 1788 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
16:56:26.0731 1788 ============================================================
16:56:26.0746 1788 Current date / time: 2012/05/11 16:56:26.0731
16:56:26.0746 1788 SystemInfo:
16:56:26.0746 1788
16:56:26.0746 1788 OS Version: 6.1.7601 ServicePack: 1.0
16:56:26.0746 1788 Product type: Workstation
16:56:26.0746 1788 ComputerName: STEVEN-HP
16:56:26.0746 1788 UserName: Steven
16:56:26.0746 1788 Windows directory: C:\Windows
16:56:26.0746 1788 System windows directory: C:\Windows
16:56:26.0746 1788 Running under WOW64
16:56:26.0746 1788 Processor architecture: Intel x64
16:56:26.0746 1788 Number of processors: 4
16:56:26.0746 1788 Page size: 0x1000
16:56:26.0746 1788 Boot type: Normal boot
16:56:26.0746 1788 ============================================================
16:56:27.0667 1788 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:27.0682 1788 ============================================================
16:56:27.0682 1788 \Device\Harddisk0\DR0:
16:56:27.0682 1788 MBR partitions:
16:56:27.0682 1788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:56:27.0682 1788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72536800
16:56:27.0682 1788 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72569000, BlocksNum 0x219D000
16:56:27.0682 1788 ============================================================
16:56:27.0698 1788 C: <-> \Device\Harddisk0\DR0\Partition1
16:56:27.0760 1788 D: <-> \Device\Harddisk0\DR0\Partition2
16:56:27.0760 1788 ============================================================
16:56:27.0760 1788 Initialize success
16:56:27.0760 1788 ============================================================
16:56:36.0840 6116 ============================================================
16:56:36.0840 6116 Scan started
16:56:36.0840 6116 Mode: Manual; SigCheck; TDLFS;
16:56:36.0840 6116 ============================================================
16:56:40.0147 6116 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:40.0240 6116 1394ohci - ok
16:56:40.0287 6116 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:40.0303 6116 ACPI - ok
16:56:40.0318 6116 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:40.0396 6116 AcpiPmi - ok
16:56:40.0506 6116 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:40.0552 6116 adp94xx - ok
16:56:40.0615 6116 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:40.0630 6116 adpahci - ok
16:56:40.0646 6116 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:40.0662 6116 adpu320 - ok
16:56:40.0677 6116 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:40.0786 6116 AeLookupSvc - ok
16:56:40.0818 6116 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:40.0864 6116 AFD - ok
16:56:40.0880 6116 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:40.0896 6116 agp440 - ok
16:56:41.0005 6116 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:41.0052 6116 ALG - ok
16:56:41.0083 6116 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:41.0098 6116 aliide - ok
16:56:41.0114 6116 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:41.0114 6116 amdide - ok
16:56:41.0130 6116 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:41.0145 6116 AmdK8 - ok
16:56:42.0253 6116 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:56:42.0518 6116 amdkmdag - ok
16:56:42.0721 6116 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
16:56:42.0752 6116 amdkmdap - ok
16:56:42.0783 6116 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:42.0814 6116 AmdPPM - ok
16:56:42.0846 6116 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:42.0861 6116 amdsata - ok
16:56:42.0877 6116 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:42.0892 6116 amdsbs - ok
16:56:42.0908 6116 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:42.0924 6116 amdxata - ok
16:56:42.0939 6116 amd_sata (2fbb00a7616106b95104574c6cd640c2) C:\Windows\system32\drivers\amd_sata.sys
16:56:42.0970 6116 amd_sata - ok
16:56:42.0970 6116 amd_xata (87d0d7645cb0d53220649bd5fe15d93e) C:\Windows\system32\drivers\amd_xata.sys
16:56:42.0986 6116 amd_xata - ok
16:56:43.0017 6116 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:43.0189 6116 AppID - ok
16:56:43.0236 6116 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:43.0314 6116 AppIDSvc - ok
16:56:43.0329 6116 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:43.0376 6116 Appinfo - ok
16:56:43.0407 6116 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:43.0423 6116 arc - ok
16:56:43.0438 6116 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:43.0454 6116 arcsas - ok
16:56:43.0532 6116 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:43.0579 6116 aspnet_state - ok
16:56:43.0610 6116 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:43.0657 6116 AsyncMac - ok
16:56:43.0688 6116 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:43.0704 6116 atapi - ok
16:56:43.0782 6116 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:43.0828 6116 AudioEndpointBuilder - ok
16:56:43.0844 6116 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:43.0875 6116 AudioSrv - ok
16:56:43.0906 6116 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:43.0969 6116 AxInstSV - ok
16:56:44.0016 6116 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:44.0047 6116 b06bdrv - ok
16:56:44.0078 6116 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:44.0109 6116 b57nd60a - ok
16:56:44.0296 6116 BBSvc (28a4012e68bc9597bcb9b26b51aac4b6) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:44.0312 6116 BBSvc - ok
16:56:44.0328 6116 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:44.0343 6116 BBUpdate - ok
16:56:45.0170 6116 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:56:45.0217 6116 BCM43XX - ok
16:56:45.0388 6116 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:45.0404 6116 BDESVC - ok
16:56:45.0451 6116 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:45.0498 6116 Beep - ok
16:56:45.0544 6116 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:45.0607 6116 BFE - ok
16:56:46.0044 6116 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys
16:56:46.0075 6116 BHDrvx64 - ok
16:56:46.0746 6116 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:46.0855 6116 BITS - ok
16:56:46.0902 6116 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:46.0933 6116 blbdrive - ok
16:56:46.0964 6116 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:46.0995 6116 bowser - ok
16:56:47.0011 6116 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:47.0026 6116 BrFiltLo - ok
16:56:47.0026 6116 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:47.0042 6116 BrFiltUp - ok
16:56:47.0073 6116 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:47.0136 6116 Browser - ok
16:56:47.0167 6116 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:47.0182 6116 Brserid - ok
16:56:47.0198 6116 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:47.0214 6116 BrSerWdm - ok
16:56:47.0229 6116 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:47.0245 6116 BrUsbMdm - ok
16:56:47.0245 6116 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:47.0276 6116 BrUsbSer - ok
16:56:47.0307 6116 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
16:56:47.0338 6116 BthEnum - ok
16:56:47.0354 6116 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:47.0385 6116 BTHMODEM - ok
16:56:47.0385 6116 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:47.0416 6116 BthPan - ok
16:56:47.0463 6116 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
16:56:47.0494 6116 BTHPORT - ok
16:56:47.0510 6116 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:47.0557 6116 bthserv - ok
16:56:47.0572 6116 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
16:56:47.0604 6116 BTHUSB - ok
16:56:47.0650 6116 BTWAMPFL (a0dfb69ade3444c78b17636fcf28e898) C:\Windows\system32\DRIVERS\btwampfl.sys
16:56:47.0666 6116 BTWAMPFL - ok
16:56:47.0682 6116 btwaudio (7cf028ce78696882b327ff13d2dfa534) C:\Windows\system32\drivers\btwaudio.sys
16:56:47.0697 6116 btwaudio - ok
16:56:47.0713 6116 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\drivers\btwavdt.sys
16:56:47.0728 6116 btwavdt - ok
16:56:47.0806 6116 btwdins (1ad3a2baf31c4327dcbb2b0eca4a23bb) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:56:47.0838 6116 btwdins - ok
16:56:47.0869 6116 btwl2cap (346b4051b3d7ff70e8f027869b8eca6e) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:56:47.0884 6116 btwl2cap - ok
16:56:47.0884 6116 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
16:56:47.0900 6116 btwrchid - ok
16:56:47.0947 6116 CalendarSynchService (a3ad13ca2747953ddd4c9ae4fb925bec) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
16:56:47.0962 6116 CalendarSynchService ( UnsignedFile.Multi.Generic ) - warning
16:56:47.0962 6116 CalendarSynchService - detected UnsignedFile.Multi.Generic (1)
16:56:48.0025 6116 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys
16:56:48.0040 6116 ccSet_NIS - ok
16:56:48.0072 6116 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:48.0118 6116 cdfs - ok
16:56:48.0150 6116 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:48.0181 6116 cdrom - ok
16:56:48.0228 6116 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:48.0290 6116 CertPropSvc - ok
16:56:48.0306 6116 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:48.0321 6116 circlass - ok
16:56:48.0352 6116 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:48.0368 6116 CLFS - ok
16:56:48.0446 6116 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:48.0462 6116 clr_optimization_v2.0.50727_32 - ok
16:56:48.0524 6116 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:48.0540 6116 clr_optimization_v2.0.50727_64 - ok
16:56:48.0586 6116 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:48.0664 6116 clr_optimization_v4.0.30319_32 - ok
16:56:48.0696 6116 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:48.0742 6116 clr_optimization_v4.0.30319_64 - ok
16:56:48.0758 6116 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:48.0789 6116 CmBatt - ok
16:56:48.0789 6116 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:48.0805 6116 cmdide - ok
16:56:48.0852 6116 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:56:48.0898 6116 CNG - ok
16:56:48.0914 6116 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:48.0930 6116 Compbatt - ok
16:56:48.0945 6116 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:48.0976 6116 CompositeBus - ok
16:56:48.0976 6116 COMSysApp - ok
16:56:48.0992 6116 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:49.0008 6116 crcdisk - ok
16:56:49.0023 6116 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:56:49.0086 6116 CryptSvc - ok
16:56:49.0148 6116 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:49.0210 6116 DcomLaunch - ok
16:56:49.0242 6116 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:49.0304 6116 defragsvc - ok
16:56:49.0320 6116 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:49.0366 6116 DfsC - ok
16:56:49.0398 6116 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:49.0460 6116 Dhcp - ok
16:56:49.0491 6116 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:49.0522 6116 discache - ok
16:56:49.0554 6116 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:49.0569 6116 Disk - ok
16:56:49.0600 6116 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:49.0632 6116 Dnscache - ok
16:56:49.0663 6116 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:49.0710 6116 dot3svc - ok
16:56:49.0725 6116 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:49.0772 6116 DPS - ok
16:56:49.0803 6116 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:49.0819 6116 drmkaud - ok
16:56:49.0881 6116 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:49.0912 6116 DXGKrnl - ok
16:56:50.0037 6116 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:50.0100 6116 EapHost - ok
16:56:50.0630 6116 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:50.0724 6116 ebdrv - ok
16:56:50.0802 6116 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:56:50.0817 6116 eeCtrl - ok
16:56:50.0958 6116 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:50.0989 6116 EFS - ok
16:56:51.0067 6116 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:51.0098 6116 ehRecvr - ok
16:56:51.0129 6116 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:51.0145 6116 ehSched - ok
16:56:51.0223 6116 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:51.0238 6116 elxstor - ok
16:56:51.0316 6116 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:56:51.0332 6116 EraserUtilRebootDrv - ok
16:56:51.0348 6116 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:51.0363 6116 ErrDev - ok
16:56:51.0410 6116 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:51.0457 6116 EventSystem - ok
16:56:51.0472 6116 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:51.0519 6116 exfat - ok
16:56:51.0550 6116 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:51.0597 6116 fastfat - ok
16:56:51.0660 6116 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:51.0691 6116 Fax - ok
16:56:51.0722 6116 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:51.0753 6116 fdc - ok
16:56:51.0769 6116 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:51.0800 6116 fdPHost - ok
16:56:51.0816 6116 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:51.0862 6116 FDResPub - ok
16:56:51.0878 6116 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:51.0894 6116 FileInfo - ok
16:56:51.0894 6116 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:51.0940 6116 Filetrace - ok
16:56:51.0972 6116 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:51.0987 6116 flpydisk - ok
16:56:52.0003 6116 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:52.0018 6116 FltMgr - ok
16:56:52.0174 6116 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:52.0252 6116 FontCache - ok
16:56:52.0284 6116 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:52.0299 6116 FontCache3.0.0.0 - ok
16:56:52.0533 6116 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:52.0549 6116 FsDepends - ok
16:56:52.0564 6116 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:52.0580 6116 Fs_Rec - ok
16:56:52.0596 6116 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:52.0627 6116 fvevol - ok
16:56:52.0642 6116 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:52.0658 6116 gagp30kx - ok
16:56:52.0720 6116 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:56:52.0736 6116 GamesAppService - ok
16:56:52.0814 6116 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:52.0861 6116 gpsvc - ok
16:56:52.0892 6116 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:52.0908 6116 hcw85cir - ok
16:56:52.0939 6116 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:52.0970 6116 HdAudAddService - ok
16:56:52.0986 6116 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:56:53.0017 6116 HDAudBus - ok
16:56:53.0032 6116 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:53.0048 6116 HidBatt - ok
16:56:53.0064 6116 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:53.0079 6116 HidBth - ok
16:56:53.0079 6116 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:53.0110 6116 HidIr - ok
16:56:53.0126 6116 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:53.0173 6116 hidserv - ok
16:56:53.0204 6116 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:56:53.0220 6116 HidUsb - ok
16:56:53.0251 6116 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:53.0298 6116 hkmsvc - ok
16:56:53.0313 6116 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:53.0344 6116 HomeGroupListener - ok
16:56:53.0360 6116 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:53.0391 6116 HomeGroupProvider - ok
16:56:53.0438 6116 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:56:53.0454 6116 HP Support Assistant Service - ok
16:56:53.0875 6116 HPAuto (7b8c1b09c11e8db7c4480abd7d17e821) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
16:56:53.0922 6116 HPAuto - ok
16:56:53.0953 6116 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:56:53.0968 6116 HPClientSvc - ok
16:56:54.0000 6116 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:56:54.0000 6116 HPDrvMntSvc.exe - ok
16:56:54.0046 6116 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:56:54.0078 6116 hpqwmiex - ok
16:56:54.0312 6116 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:54.0358 6116 HpSAMD - ok
16:56:54.0405 6116 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:54.0452 6116 HTTP - ok
16:56:54.0452 6116 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:54.0468 6116 hwpolicy - ok
16:56:54.0514 6116 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:56:54.0530 6116 i8042prt - ok
16:56:54.0561 6116 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:54.0592 6116 iaStorV - ok
16:56:55.0279 6116 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:55.0326 6116 idsvc - ok
16:56:55.0887 6116 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120510.001\IDSvia64.sys
16:56:55.0903 6116 IDSVia64 - ok
16:57:00.0661 6116 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:57:00.0832 6116 igfx - ok
16:57:00.0942 6116 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:57:00.0957 6116 iirsp - ok
16:57:01.0004 6116 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:57:01.0066 6116 IKEEXT - ok
16:57:01.0285 6116 IntcAzAudAddService (392d5c87f282e8e36df5154418a7bb20) C:\Windows\system32\drivers\RTKVHD64.sys
16:57:01.0347 6116 IntcAzAudAddService - ok
16:57:02.0486 6116 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:57:02.0486 6116 intelide - ok
16:57:02.0502 6116 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:57:02.0533 6116 intelppm - ok
16:57:02.0580 6116 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:57:02.0658 6116 IPBusEnum - ok
16:57:02.0658 6116 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:57:02.0689 6116 IpFilterDriver - ok
16:57:02.0736 6116 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:57:02.0782 6116 iphlpsvc - ok
16:57:02.0814 6116 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:57:02.0829 6116 IPMIDRV - ok
16:57:02.0845 6116 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:57:02.0876 6116 IPNAT - ok
16:57:02.0892 6116 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:57:02.0907 6116 IRENUM - ok
16:57:02.0907 6116 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:57:02.0923 6116 isapnp - ok
16:57:02.0938 6116 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:57:02.0954 6116 iScsiPrt - ok
16:57:02.0970 6116 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:57:02.0985 6116 kbdclass - ok
16:57:02.0985 6116 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:57:03.0016 6116 kbdhid - ok
16:57:03.0032 6116 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:03.0048 6116 KeyIso - ok
16:57:03.0048 6116 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:57:03.0063 6116 KSecDD - ok
16:57:03.0094 6116 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:57:03.0110 6116 KSecPkg - ok
16:57:03.0110 6116 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:57:03.0157 6116 ksthunk - ok
16:57:03.0235 6116 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:57:03.0297 6116 KtmRm - ok
16:57:03.0344 6116 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:57:03.0375 6116 LanmanServer - ok
16:57:03.0391 6116 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:57:03.0438 6116 LanmanWorkstation - ok
16:57:03.0469 6116 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:57:03.0500 6116 lltdio - ok
16:57:03.0594 6116 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:57:03.0656 6116 lltdsvc - ok
16:57:03.0672 6116 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:57:03.0703 6116 lmhosts - ok
16:57:03.0734 6116 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:57:03.0750 6116 LSI_FC - ok
16:57:03.0750 6116 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:57:03.0765 6116 LSI_SAS - ok
16:57:03.0765 6116 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:57:03.0781 6116 LSI_SAS2 - ok
16:57:03.0796 6116 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:57:03.0812 6116 LSI_SCSI - ok
16:57:03.0828 6116 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:57:03.0874 6116 luafv - ok
16:57:03.0906 6116 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:57:03.0921 6116 Mcx2Svc - ok
16:57:03.0921 6116 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:57:03.0937 6116 megasas - ok
16:57:03.0968 6116 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:57:03.0984 6116 MegaSR - ok
16:57:03.0999 6116 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:04.0046 6116 MMCSS - ok
16:57:04.0062 6116 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:57:04.0108 6116 Modem - ok
16:57:04.0124 6116 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:57:04.0155 6116 monitor - ok
16:57:04.0171 6116 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:57:04.0186 6116 mouclass - ok
16:57:04.0186 6116 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:57:04.0218 6116 mouhid - ok
16:57:04.0249 6116 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:57:04.0264 6116 mountmgr - ok
16:57:04.0358 6116 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:57:04.0374 6116 MozillaMaintenance - ok
16:57:04.0405 6116 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:57:04.0420 6116 mpio - ok
16:57:04.0420 6116 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:57:04.0452 6116 mpsdrv - ok
16:57:04.0514 6116 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:57:04.0576 6116 MpsSvc - ok
16:57:04.0592 6116 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:57:04.0623 6116 MRxDAV - ok
16:57:04.0701 6116 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:57:04.0748 6116 mrxsmb - ok
16:57:04.0935 6116 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:57:04.0966 6116 mrxsmb10 - ok
16:57:05.0076 6116 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:57:05.0091 6116 mrxsmb20 - ok
16:57:05.0122 6116 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:57:05.0138 6116 msahci - ok
16:57:05.0216 6116 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:57:05.0263 6116 msdsm - ok
16:57:05.0450 6116 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:57:05.0481 6116 MSDTC - ok
16:57:05.0544 6116 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:57:05.0590 6116 Msfs - ok
16:57:05.0653 6116 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:57:05.0715 6116 mshidkmdf - ok
16:57:05.0731 6116 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:57:05.0746 6116 msisadrv - ok
16:57:05.0778 6116 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:57:05.0824 6116 MSiSCSI - ok
16:57:05.0840 6116 msiserver - ok
16:57:05.0856 6116 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:57:05.0887 6116 MSKSSRV - ok
16:57:05.0902 6116 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:57:05.0965 6116 MSPCLOCK - ok
16:57:05.0965 6116 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:57:05.0996 6116 MSPQM - ok
16:57:06.0043 6116 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:57:06.0058 6116 MsRPC - ok
16:57:06.0074 6116 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:57:06.0074 6116 mssmbios - ok
16:57:06.0090 6116 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:57:06.0121 6116 MSTEE - ok
16:57:06.0136 6116 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:57:06.0136 6116 MTConfig - ok
16:57:06.0152 6116 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:57:06.0168 6116 Mup - ok
16:57:06.0261 6116 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:57:06.0324 6116 napagent - ok
16:57:06.0370 6116 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:57:06.0402 6116 NativeWifiP - ok
16:57:06.0480 6116 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120510.019\ENG64.SYS
16:57:06.0495 6116 NAVENG - ok
16:57:07.0681 6116 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120510.019\EX64.SYS
16:57:07.0728 6116 NAVEX15 - ok
16:57:07.0977 6116 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:57:08.0008 6116 NDIS - ok
16:57:08.0024 6116 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:57:08.0071 6116 NdisCap - ok
16:57:08.0086 6116 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:57:08.0118 6116 NdisTapi - ok
16:57:08.0149 6116 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:57:08.0180 6116 Ndisuio - ok
16:57:08.0258 6116 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:57:08.0305 6116 NdisWan - ok
16:57:08.0336 6116 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:57:08.0383 6116 NDProxy - ok
16:57:08.0398 6116 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:57:08.0445 6116 NetBIOS - ok
16:57:08.0476 6116 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:57:08.0508 6116 NetBT - ok
16:57:08.0539 6116 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:08.0554 6116 Netlogon - ok
16:57:08.0617 6116 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:57:08.0664 6116 Netman - ok
16:57:08.0742 6116 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:08.0757 6116 NetMsmqActivator - ok
16:57:08.0757 6116 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:08.0773 6116 NetPipeActivator - ok
16:57:08.0804 6116 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:57:08.0835 6116 netprofm - ok
16:57:08.0851 6116 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:08.0851 6116 NetTcpActivator - ok
16:57:08.0866 6116 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:08.0866 6116 NetTcpPortSharing - ok
16:57:08.0929 6116 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:57:08.0944 6116 nfrd960 - ok
16:57:09.0007 6116 NIS (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe
16:57:09.0022 6116 NIS - ok
16:57:09.0069 6116 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:57:09.0116 6116 NlaSvc - ok
16:57:09.0334 6116 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
16:57:09.0428 6116 NOBU - ok
16:57:09.0756 6116 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:57:09.0787 6116 Npfs - ok
16:57:09.0818 6116 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:57:09.0865 6116 nsi - ok
16:57:09.0865 6116 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:57:09.0896 6116 nsiproxy - ok
16:57:10.0473 6116 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:57:10.0536 6116 Ntfs - ok
16:57:10.0676 6116 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:57:10.0723 6116 Null - ok
16:57:10.0770 6116 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
16:57:10.0785 6116 NVHDA - ok
16:57:12.0345 6116 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:57:12.0548 6116 nvlddmkm - ok
16:57:12.0735 6116 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:57:12.0766 6116 nvraid - ok
16:57:12.0766 6116 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:57:12.0782 6116 nvstor - ok
16:57:12.0860 6116 NVSvc (dd9d86051b8f7669aabf693530f380fe) C:\Windows\system32\nvvsvc.exe
16:57:12.0891 6116 NVSvc - ok
16:57:13.0562 6116 nvUpdatusService (4472183de09f80cb1b56f217d8e0ab9b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:57:13.0609 6116 nvUpdatusService - ok
16:57:14.0014 6116 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:57:14.0030 6116 nv_agp - ok
16:57:14.0046 6116 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:57:14.0061 6116 ohci1394 - ok
16:57:14.0108 6116 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:14.0124 6116 p2pimsvc - ok
16:57:14.0170 6116 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:57:14.0186 6116 p2psvc - ok
16:57:14.0202 6116 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:57:14.0217 6116 Parport - ok
16:57:14.0248 6116 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:57:14.0264 6116 partmgr - ok
16:57:14.0295 6116 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:57:14.0326 6116 PcaSvc - ok
16:57:14.0342 6116 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:57:14.0358 6116 pci - ok
16:57:14.0373 6116 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:57:14.0389 6116 pciide - ok
16:57:14.0404 6116 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:57:14.0420 6116 pcmcia - ok
16:57:14.0436 6116 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:57:14.0436 6116 pcw - ok
16:57:14.0482 6116 pdfcDispatcher - ok
16:57:14.0794 6116 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:57:14.0888 6116 PEAUTH - ok
16:57:14.0966 6116 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:57:14.0997 6116 PerfHost - ok
16:57:16.0011 6116 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:57:16.0105 6116 pla - ok
16:57:16.0167 6116 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:57:16.0198 6116 PlugPlay - ok
16:57:16.0214 6116 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:57:16.0245 6116 PNRPAutoReg - ok
16:57:16.0276 6116 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:16.0292 6116 PNRPsvc - ok
16:57:16.0354 6116 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:57:16.0401 6116 PolicyAgent - ok
16:57:16.0432 6116 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:57:16.0479 6116 Power - ok
16:57:16.0526 6116 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:57:16.0573 6116 PptpMiniport - ok
16:57:16.0573 6116 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:57:16.0604 6116 Processor - ok
16:57:16.0635 6116 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:57:16.0682 6116 ProfSvc - ok
16:57:16.0698 6116 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:16.0698 6116 ProtectedStorage - ok
16:57:16.0729 6116 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:57:16.0760 6116 Psched - ok
16:57:16.0869 6116 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:57:16.0900 6116 ql2300 - ok
16:57:16.0994 6116 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:57:17.0010 6116 ql40xx - ok
16:57:17.0041 6116 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:57:17.0056 6116 QWAVE - ok
16:57:17.0056 6116 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:57:17.0088 6116 QWAVEdrv - ok
16:57:17.0088 6116 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:57:17.0119 6116 RasAcd - ok
16:57:17.0166 6116 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:57:17.0197 6116 RasAgileVpn - ok
16:57:17.0197 6116 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:57:17.0259 6116 RasAuto - ok
16:57:17.0275 6116 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:57:17.0306 6116 Rasl2tp - ok
16:57:17.0337 6116 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:57:17.0384 6116 RasMan - ok
16:57:17.0384 6116 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:57:17.0431 6116 RasPppoe - ok
16:57:17.0446 6116 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:57:17.0478 6116 RasSstp - ok
16:57:17.0509 6116 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:57:17.0540 6116 rdbss - ok
16:57:17.0556 6116 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:57:17.0587 6116 rdpbus - ok
16:57:17.0587 6116 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:57:17.0634 6116 RDPCDD - ok
16:57:17.0649 6116 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:57:17.0696 6116 RDPENCDD - ok
16:57:17.0727 6116 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:57:17.0758 6116 RDPREFMP - ok
16:57:17.0899 6116 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:57:17.0930 6116 RDPWD - ok
16:57:17.0977 6116 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:57:17.0992 6116 rdyboost - ok
16:57:18.0024 6116 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:57:18.0070 6116 RemoteAccess - ok
16:57:18.0164 6116 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:57:18.0211 6116 RemoteRegistry - ok
16:57:18.0460 6116 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:57:18.0492 6116 RFCOMM - ok
16:57:18.0523 6116 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:57:18.0570 6116 RpcEptMapper - ok
16:57:18.0585 6116 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:57:18.0616 6116 RpcLocator - ok
16:57:18.0648 6116 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:57:18.0694 6116 RpcSs - ok
16:57:18.0741 6116 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:57:18.0772 6116 rspndr - ok
16:57:18.0835 6116 RTL8167 (e50cfb92986dcab49de93788fd695813) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:57:18.0850 6116 RTL8167 - ok
16:57:18.0928 6116 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:18.0944 6116 SamSs - ok
16:57:19.0006 6116 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:57:19.0022 6116 sbp2port - ok
16:57:19.0053 6116 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:57:19.0100 6116 SCardSvr - ok
16:57:19.0116 6116 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:57:19.0162 6116 scfilter - ok
16:57:19.0240 6116 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:57:19.0303 6116 Schedule - ok
16:57:19.0334 6116 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:57:19.0365 6116 SCPolicySvc - ok
16:57:19.0396 6116 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:57:19.0428 6116 sdbus - ok
16:57:19.0443 6116 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:57:19.0474 6116 SDRSVC - ok
16:57:19.0506 6116 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:57:19.0537 6116 secdrv - ok
16:57:19.0552 6116 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:57:19.0584 6116 seclogon - ok
16:57:19.0599 6116 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:57:19.0646 6116 SENS - ok
16:57:19.0677 6116 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:57:19.0693 6116 SensrSvc - ok
16:57:19.0708 6116 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:57:19.0724 6116 Serenum - ok
16:57:19.0755 6116 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:57:19.0771 6116 Serial - ok
16:57:19.0771 6116 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:57:19.0786 6116 sermouse - ok
16:57:19.0802 6116 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:57:19.0849 6116 SessionEnv - ok
16:57:19.0849 6116 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:57:19.0864 6116 sffdisk - ok
16:57:19.0864 6116 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:57:19.0880 6116 sffp_mmc - ok
16:57:19.0880 6116 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:57:19.0896 6116 sffp_sd - ok
16:57:19.0896 6116 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:57:19.0911 6116 sfloppy - ok
16:57:20.0052 6116 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:57:20.0099 6116 SharedAccess - ok
16:57:20.0317 6116 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:57:20.0379 6116 ShellHWDetection - ok
16:57:20.0411 6116 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:57:20.0426 6116 SiSRaid2 - ok
16:57:20.0426 6116 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:57:20.0442 6116 SiSRaid4 - ok
16:57:20.0457 6116 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:57:20.0504 6116 Smb - ok
16:57:20.0520 6116 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:57:20.0551 6116 SNMPTRAP - ok
16:57:20.0551 6116 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:57:20.0567 6116 spldr - ok
16:57:20.0613 6116 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:57:20.0645 6116 Spooler - ok
16:57:20.0832 6116 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:57:20.0925 6116 sppsvc - ok
16:57:21.0019 6116 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:57:21.0050 6116 sppuinotify - ok
16:57:21.0144 6116 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NISx64\1307000.009\SRTSP64.SYS
16:57:21.0159 6116 SRTSP - ok
16:57:21.0175 6116 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NISx64\1307000.009\SRTSPX64.SYS
16:57:21.0191 6116 SRTSPX - ok
16:57:21.0237 6116 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:57:21.0269 6116 srv - ok
16:57:21.0300 6116 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:57:21.0331 6116 srv2 - ok
16:57:21.0378 6116 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:57:21.0393 6116 srvnet - ok
16:57:21.0440 6116 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:57:21.0503 6116 SSDPSRV - ok
16:57:21.0534 6116 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:57:21.0565 6116 SstpSvc - ok
16:57:21.0643 6116 Stereo Service (a2abc52cd8a5b60262b220a17a92eb31) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:57:21.0659 6116 Stereo Service - ok
16:57:21.0674 6116 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:57:21.0674 6116 stexstor - ok
16:57:21.0752 6116 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:57:21.0783 6116 stisvc - ok
16:57:21.0799 6116 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:57:21.0799 6116 swenum - ok
16:57:21.0861 6116 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:57:21.0908 6116 swprv - ok
16:57:21.0986 6116 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1307000.009\SYMDS64.SYS
16:57:22.0002 6116 SymDS - ok
16:57:22.0064 6116 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1307000.009\SYMEFA64.SYS
16:57:22.0095 6116 SymEFA - ok
16:57:22.0127 6116 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:57:22.0127 6116 SymEvent - ok
16:57:22.0158 6116 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1307000.009\Ironx64.SYS
16:57:22.0173 6116 SymIRON - ok
16:57:22.0220 6116 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1307000.009\SYMNETS.SYS
16:57:22.0236 6116 SymNetS - ok
16:57:22.0345 6116 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:57:22.0392 6116 SysMain - ok
16:57:22.0470 6116 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:57:22.0485 6116 TabletInputService - ok
16:57:22.0501 6116 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:57:22.0548 6116 TapiSrv - ok
16:57:22.0563 6116 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:57:22.0610 6116 TBS - ok
16:57:22.0751 6116 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:57:22.0797 6116 Tcpip - ok
16:57:22.0985 6116 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:57:23.0016 6116 TCPIP6 - ok
16:57:23.0078 6116 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:57:23.0125 6116 tcpipreg - ok
16:57:23.0125 6116 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:57:23.0141 6116 TDPIPE - ok
16:57:23.0156 6116 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:57:23.0172 6116 TDTCP - ok
16:57:23.0203 6116 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:57:23.0234 6116 tdx - ok
16:57:23.0234 6116 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:57:23.0250 6116 TermDD - ok
16:57:23.0671 6116 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:57:23.0733 6116 TermService - ok
16:57:23.0765 6116 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:57:23.0780 6116 Themes - ok
16:57:23.0811 6116 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:23.0843 6116 THREADORDER - ok
16:57:23.0858 6116 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:57:23.0905 6116 TrkWks - ok
16:57:23.0936 6116 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:57:23.0983 6116 TrustedInstaller - ok
16:57:24.0030 6116 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:24.0077 6116 tssecsrv - ok
16:57:24.0077 6116 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:57:24.0092 6116 TsUsbFlt - ok
16:57:24.0092 6116 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:57:24.0108 6116 TsUsbGD - ok
16:57:24.0139 6116 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:57:24.0186 6116 tunnel - ok
16:57:24.0217 6116 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:57:24.0217 6116 uagp35 - ok
16:57:24.0248 6116 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:57:24.0295 6116 udfs - ok
16:57:24.0342 6116 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:57:24.0342 6116 UI0Detect - ok
16:57:24.0357 6116 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:57:24.0373 6116 uliagpkx - ok
16:57:24.0404 6116 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:57:24.0435 6116 umbus - ok
16:57:24.0435 6116 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:57:24.0451 6116 UmPass - ok
16:57:24.0482 6116 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:57:24.0545 6116 upnphost - ok
16:57:24.0576 6116 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:24.0591 6116 usbccgp - ok
16:57:24.0623 6116 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:57:24.0638 6116 usbcir - ok
16:57:24.0654 6116 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:57:24.0669 6116 usbehci - ok
16:57:24.0669 6116 usbfilter (573d192e268f0c5b486b7e96f661e538) C:\Windows\system32\drivers\usbfilter.sys
16:57:24.0685 6116 usbfilter - ok
16:57:24.0716 6116 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:57:24.0732 6116 usbhub - ok
16:57:24.0747 6116 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:57:24.0763 6116 usbohci - ok
16:57:24.0779 6116 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:57:24.0794 6116 usbprint - ok
16:57:24.0841 6116 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:57:24.0857 6116 USBSTOR - ok
16:57:24.0872 6116 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:57:24.0888 6116 usbuhci - ok
16:57:24.0903 6116 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:57:24.0950 6116 UxSms - ok
16:57:24.0981 6116 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:24.0981 6116 VaultSvc - ok
16:57:25.0013 6116 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:57:25.0028 6116 vdrvroot - ok
16:57:25.0075 6116 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:57:25.0122 6116 vds - ok
16:57:25.0122 6116 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:25.0137 6116 vga - ok
16:57:25.0137 6116 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:57:25.0184 6116 VgaSave - ok
16:57:25.0200 6116 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:57:25.0215 6116 vhdmp - ok
16:57:25.0231 6116 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:57:25.0247 6116 viaide - ok
16:57:25.0247 6116 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:57:25.0262 6116 volmgr - ok
16:57:25.0278 6116 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:57:25.0293 6116 volmgrx - ok
16:57:25.0340 6116 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
16:57:25.0356 6116 volsnap - ok
16:57:25.0387 6116 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:57:25.0403 6116 vsmraid - ok
16:57:25.0481 6116 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:57:25.0543 6116 VSS - ok
16:57:26.0339 6116 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:26.0370 6116 vwifibus - ok
16:57:26.0385 6116 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:26.0401 6116 vwififlt - ok
16:57:26.0463 6116 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:57:26.0495 6116 W32Time - ok
16:57:26.0526 6116 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:57:26.0541 6116 WacomPen - ok
16:57:26.0573 6116 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:26.0619 6116 WANARP - ok
16:57:26.0619 6116 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:26.0651 6116 Wanarpv6 - ok
16:57:26.0822 6116 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:26.0869 6116 WatAdminSvc - ok
16:57:27.0275 6116 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:57:27.0337 6116 wbengine - ok
16:57:27.0509 6116 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:57:27.0540 6116 WbioSrvc - ok
16:57:27.0555 6116 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:57:27.0587 6116 wcncsvc - ok
16:57:27.0602 6116 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:57:27.0618 6116 WcsPlugInService - ok
16:57:27.0633 6116 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:57:27.0649 6116 Wd - ok
16:57:27.0711 6116 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:57:27.0743 6116 Wdf01000 - ok
16:57:27.0774 6116 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:27.0805 6116 WdiServiceHost - ok
16:57:27.0805 6116 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:27.0821 6116 WdiSystemHost - ok
16:57:28.0023 6116 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:57:28.0070 6116 WebClient - ok
16:57:28.0242 6116 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:57:28.0320 6116 Wecsvc - ok
16:57:28.0367 6116 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:57:28.0413 6116 wercplsupport - ok
16:57:28.0429 6116 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:57:28.0476 6116 WerSvc - ok
16:57:28.0507 6116 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:28.0538 6116 WfpLwf - ok
16:57:28.0569 6116 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:57:28.0569 6116 WIMMount - ok
16:57:28.0601 6116 WinDefend - ok
16:57:28.0616 6116 WinHttpAutoProxySvc - ok
16:57:28.0663 6116 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:57:28.0694 6116 Winmgmt - ok
16:57:29.0412 6116 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:57:29.0537 6116 WinRM - ok
16:57:30.0629 6116 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:57:30.0660 6116 Wlansvc - ok
16:57:30.0707 6116 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:30.0722 6116 wlcrasvc - ok
16:57:31.0299 6116 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:31.0393 6116 wlidsvc - ok
16:57:31.0502 6116 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:57:31.0518 6116 WmiAcpi - ok
16:57:31.0580 6116 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:31.0611 6116 wmiApSrv - ok
16:57:31.0658 6116 WMPNetworkSvc - ok
16:57:31.0674 6116 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:57:31.0689 6116 WPCSvc - ok
16:57:31.0721 6116 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:57:31.0767 6116 WPDBusEnum - ok
16:57:31.0783 6116 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:31.0830 6116 ws2ifsl - ok
16:57:31.0845 6116 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:57:31.0877 6116 wscsvc - ok
16:57:31.0877 6116 WSearch - ok
16:57:33.0109 6116 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:57:33.0203 6116 wuauserv - ok
16:57:33.0359 6116 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:57:33.0405 6116 WudfPf - ok
16:57:33.0421 6116 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:33.0452 6116 WUDFRd - ok
16:57:33.0546 6116 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:57:33.0593 6116 wudfsvc - ok
16:57:33.0671 6116 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:57:33.0702 6116 WwanSvc - ok
16:57:33.0733 6116 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:33.0842 6116 \Device\Harddisk0\DR0 - ok
16:57:33.0889 6116 Boot (0x1200) (a5df24a2f5d770d07c36be36ea0fc5ad) \Device\Harddisk0\DR0\Partition0
16:57:33.0905 6116 \Device\Harddisk0\DR0\Partition0 - ok
16:57:33.0936 6116 Boot (0x1200) (063c2173a4e7401515d30b22af0bb00d) \Device\Harddisk0\DR0\Partition1
16:57:33.0967 6116 \Device\Harddisk0\DR0\Partition1 - ok
16:57:34.0014 6116 Boot (0x1200) (2f32b2e62e4a1ea08a2f6c6cc34634a5) \Device\Harddisk0\DR0\Partition2
16:57:34.0045 6116 \Device\Harddisk0\DR0\Partition2 - ok
16:57:34.0045 6116 ============================================================
16:57:34.0045 6116 Scan finished
16:57:34.0045 6116 ============================================================
16:57:34.0061 6100 Detected object count: 1
16:57:34.0061 6100 Actual detected object count: 1
16:58:03.0513 6100 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe - copied to quarantine
16:58:03.0513 6100 CalendarSynchService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

Edited by kipswg, 11 May 2012 - 04:02 PM.

  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK the normal area where a redirect is transfered on a fresh install is clean... This leads me to suspect the router.

This was a restore to factory settings correct ?

Do any other computers using the router experience the same problem ?
  • 0

#14
kipswg

kipswg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Yes it was a restore to factory to settings.

I do not have a router just the one computer.
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How do you connect to the internet ? Is it via a Modem that is wired or via a wireless connection ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP