Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

search deals by injekt on google search, not like similar cases

Started by tortoracer , Nov 02 2013 06:20 PM

  • Please log in to reply

#1
tortoracer
Posted 02 November 2013 - 06:20 PM

tortoracer

    New Member

  • Member
  • Pip
  • 5 posts
hello, and thank you for this wonderful resource.

lets start by saying my girlfriend is not very tech-smart and downloads using the express -click- click method for anything she finds, and whatever seems to work first. this leads me to my first real virus (thats actually difficult)

i am also not a beginner when it comes to computers, i know my way around, not great, but it is how i grew up.

so somehow i ended up with this little box above my google search results...it is labeled searchdeals by injekt. it is not formally spyware, or a virus, but it is impossible to remove. i have found traces of something called webcake in my control panel and files, and dingo-deals, which is similar. it also gives an overlay of deals, and prevents me from submitting forms on forums and similar.

i also get a popup from time to time with no explanation on why, nothing i can reproduce that just leads me to a url: http://udmserve.net/...93;dt=4;tid=3;?

not sure what is in the window, flashblock always gets it before it even begins...i just have to close the window.

these seem related, but i cannot be sure.

also: the usual suspect of the search deals is a facebook unfriend app that installs it; i have never downloaded this, and i have searched through my computer, and facebook for it, and no trace of it has ever come close to my laptop. i have tried scanning with avira virus scanner, found nothing...malware bites found a few things (webcake related), and a few others have found a few other things...it is no longer an extension in my firefox.

it is a pretty new laptop (2 months old), and if this cannot help me, i will have to reinstall windows.

windows 8 home premium

EDIT: probably related, but cant be too sure...i have to press the back button twice recently to actually go back a page. so to go back from this page to the last, 2 clicks does it, the first click acts like it does something (forward button appears).

also; i think the program may have been coupon printer, or something similar, the search deals mimics this vibe, with scissors and a dotted line as their logo.

Edited by tortoracer, 02 November 2013 - 06:54 PM.

  • 0

Advertisements

#2
Essexboy
Posted 03 November 2013 - 06:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets have a quick shufti at your system

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Select LOP and Purity
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    c:\program files (x86)\Google\Desktop
    c:\program files\Google\Desktop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Attach both logs

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
tortoracer
Posted 03 November 2013 - 12:33 PM

tortoracer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
ok, i did the directions as you posted exactly, but worth mentioning: the program that i believe brought the malware was downloaded somewhere between 2-3 months ago...just deleted recently. the deletion brought the malware out. i only say this because the first program i believe filtered the files older than 30 days out. i did not change the setting, but i just took note.

the logs: (i hope this is what you meant by attach)

OTL logfile created on: 11/3/2013 1:15:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 30.17% Memory free
6.81 Gb Paging File | 1.79 Gb Available in Paging File | 26.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.10 Gb Total Space | 609.48 Gb Free Space | 89.22% Space Free | Partition Type: NTFS
 
Computer Name: ERWIN | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/11/03 13:14:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2013/11/02 17:22:27 | 000,942,968 | ---- | M] (UpdaterResponse) -- C:\Users\Chris\AppData\Local\Temp\Uresponse.exe
PRC - [2013/10/23 17:24:53 | 000,819,200 | ---- | M] () -- C:\android\sdk\platform-tools\adb.exe
PRC - [2013/10/18 09:27:46 | 000,711,168 | ---- | M] (JRT Studio LLC) -- C:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exe
PRC - [2013/09/25 13:47:44 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
PRC - [2013/09/25 13:47:44 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
PRC - [2013/09/25 13:47:44 | 000,251,768 | ---- | M] (WatchDog) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
PRC - [2013/09/25 13:47:28 | 000,297,336 | ---- | M] (Updater) -- C:\ProgramData\Updater\updater.exe
PRC - [2013/09/05 16:59:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/09/05 16:58:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/09/05 16:58:50 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/08/07 13:27:28 | 000,199,176 | ---- | M] (Dell Products, LP.) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/06/07 14:41:48 | 000,131,064 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpService.exe
PRC - [2013/06/07 14:33:56 | 000,207,864 | ---- | M] (Dell Products, LP) -- C:\Program Files (x86)\Dell Update\DellUpTray.exe
PRC - [2012/12/03 01:18:30 | 000,111,136 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/11/29 14:56:26 | 001,436,160 | ---- | M] (Wyse Technology.) -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/11/19 14:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/11/19 14:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/09/30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/09/30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/08/06 20:55:12 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
PRC - [2012/07/17 20:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 20:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 20:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/10/23 17:24:53 | 000,819,200 | ---- | M] () -- C:\android\sdk\platform-tools\adb.exe
MOD - [2013/10/20 00:18:15 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8089e3484b45e44781f0c7a1a78881d5\System.IdentityModel.ni.dll
MOD - [2013/10/20 00:18:12 | 000,030,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\b1b4d87475101f4da87758ac710dfd06\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013/10/20 00:16:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d4edcacb877df7e257f1459985e0b886\System.Configuration.ni.dll
MOD - [2013/10/20 00:16:28 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\7d5279640d0dab6e88039a33c5f06a41\System.Core.ni.dll
MOD - [2013/10/17 09:18:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\53c49b1cfdb85cf6784c7dcc8cdbd56d\System.Windows.Forms.ni.dll
MOD - [2013/10/17 09:18:23 | 014,344,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9322cf03c4855e43d9c8d50b97c1e5fd\PresentationFramework.ni.dll
MOD - [2013/10/17 09:18:14 | 012,240,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\6c732c3d6b44d63765d84580b5057f74\PresentationCore.ni.dll
MOD - [2013/10/17 09:18:07 | 003,350,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\590d3286cdb6234ea0b2135e1cef135a\WindowsBase.ni.dll
MOD - [2013/10/17 09:18:05 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6029d35b6cfaf94b1d39ec54c724a8c7\System.Xml.Linq.ni.dll
MOD - [2013/10/17 09:18:03 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e6606a84f8a4cdc18c74e63ec807c689\System.Windows.Forms.ni.dll
MOD - [2013/10/17 09:17:55 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\6b40a60180e23feff705e28e351e10e1\System.ServiceModel.ni.dll
MOD - [2013/10/17 09:17:45 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e1c6945213ca43ec9769fe95576962ce\System.Runtime.Serialization.ni.dll
MOD - [2013/10/17 09:17:41 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c508451271803f1677317735db499f5c\System.Configuration.ni.dll
MOD - [2013/10/17 09:17:40 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3e52c3479469fe72eed0716b48859e91\WindowsBase.ni.dll
MOD - [2013/10/17 09:17:37 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\79e8b7b183668471ab364d4132fb8018\System.Core.ni.dll
MOD - [2013/09/29 15:02:15 | 011,920,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\538224ffef6d0b8691f397688ec6a48d\System.Web.ni.dll
MOD - [2013/08/16 20:36:34 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\3dd54cc0a567860244b2cf25f3bcef6e\IAStorUtil.ni.dll
MOD - [2013/08/16 20:36:32 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/16 20:36:32 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013/08/16 20:36:13 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\cf49a998b717bce1bce9a417376fd6ab\System.Transactions.ni.dll
MOD - [2013/08/16 20:36:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7aed1bbbe803ad02342add324c61b80c\System.ServiceProcess.ni.dll
MOD - [2013/08/16 20:36:04 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3866f7a0829a76e958174f2d89bae9a8\System.Management.ni.dll
MOD - [2013/08/15 17:19:57 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\fc5d4ada42ed8e9a30b64912f5dc9767\System.Xml.ni.dll
MOD - [2013/08/15 17:19:49 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e4447d26cd9083018bd28ddd60a0248\System.Drawing.ni.dll
MOD - [2013/08/15 17:19:22 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1b46657236c1f942f9dbaf6aac73bb49\System.ni.dll
MOD - [2013/08/15 17:19:16 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/08/15 17:19:12 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/08/15 17:18:44 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/08/15 17:18:36 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/08/15 17:18:35 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013/08/15 17:18:24 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013/08/15 17:18:04 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/08/01 03:28:03 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\2dda44469946eccd972b05eeeefc1e7d\IAStorCommon.ni.dll
MOD - [2013/08/01 03:27:01 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\92229fdcf8b5abcc414baf6141f94495\Accessibility.ni.dll
MOD - [2013/07/31 00:20:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\abb10610a31396b63a3cd6c4715b3780\PresentationFramework.Aero.ni.dll
MOD - [2013/07/31 00:20:31 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d1ce70bf6cbab6ab838cbd8b50e902c1\mscorlib.ni.dll
MOD - [2013/07/31 00:19:59 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\cd6b8416903164862eba3d170df40c90\System.Management.ni.dll
MOD - [2013/07/31 00:19:19 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/10/09 20:35:25 | 005,992,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
MOD - [2012/10/09 20:35:25 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
MOD - [2012/10/09 20:35:25 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
MOD - [2012/10/09 20:35:25 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll
MOD - [2012/07/26 06:08:38 | 000,261,632 | R--- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/07/26 06:08:38 | 000,040,960 | R--- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2012/06/08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 22:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcbootdelaystartsvc)
SRV:[b]64bit:[/b] - [2013/08/16 00:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013/07/01 19:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/06/24 17:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:03 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:02 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2013/06/01 04:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/05/04 01:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2012/09/24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2012/09/13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:[b]64bit:[/b] - [2012/08/15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:[b]64bit:[/b] - [2012/08/06 20:55:12 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc)
SRV:[b]64bit:[/b] - [2012/08/02 04:06:02 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2012/05/30 15:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2012/04/20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/10/09 23:18:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/05 10:42:43 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/05 16:59:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/09/05 16:58:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/08/07 13:27:28 | 000,199,176 | ---- | M] (Dell Products, LP.) [Auto | Running] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/06/21 20:46:38 | 000,016,176 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe -- (WysePocketCloud)
SRV - [2013/06/07 14:41:48 | 000,131,064 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate)
SRV - [2012/11/29 14:56:26 | 001,436,160 | ---- | M] (Wyse Technology.) [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe -- (WyseRemoteAccess)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/11/19 14:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/09/30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/09/30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/08/23 19:08:06 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 20:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 20:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 20:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/09/05 16:59:55 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2013/09/05 16:59:55 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2013/08/16 00:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/07/26 00:44:58 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2013/07/09 03:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013/07/01 19:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013/07/01 17:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013/06/29 01:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013/06/13 16:10:27 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:43 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:11 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:01 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/06/13 16:08:48 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/06/13 16:08:48 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/06/10 16:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013/05/31 22:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/05/04 02:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/03/02 05:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/01/09 19:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/12/04 04:50:54 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/10/11 06:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:[b]64bit:[/b] - [2012/10/01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:[b]64bit:[/b] - [2012/10/01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:[b]64bit:[/b] - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:[b]64bit:[/b] - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:[b]64bit:[/b] - [2012/08/23 19:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdpmd64.sys -- (intelkmd)
DRV:[b]64bit:[/b] - [2012/08/23 19:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/06 20:55:08 | 001,607,328 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2012/08/06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:[b]64bit:[/b] - [2012/08/02 05:54:18 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012/08/02 03:09:30 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2012/07/09 23:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:[b]64bit:[/b] - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/06/19 10:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012/06/15 16:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:[b]64bit:[/b] - [2012/06/12 11:41:22 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2012/05/30 15:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\TurboB.sys -- (TurboB)
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6AE0E5BF-D299-4657-B3EB-A8B1924576C1}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6AE0E5BF-D299-4657-B3EB-A8B1924576C1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6AE0E5BF-D299-4657-B3EB-A8B1924576C1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.43
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}: C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/07/26 00:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013/11/01 13:18:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions
[2013/07/26 01:25:12 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/10/27 22:57:54 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions\[email protected]
[2013/07/31 23:18:40 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\0ztxxkot.default\extensions\[email protected]
[2013/10/13 12:26:55 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\0ztxxkot.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/05 10:42:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/05 10:42:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater)
O4 - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk = C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{5321C831-3717-43FA-A098-33B254C1E60E}\_C3AA6B698193CE8D0FECAF.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6577C754-DEBA-462D-9DEF-55BB57AC8C2C}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6f6f7cb9-f98a-11e2-be71-681729279227}\Shell - "" = AutoRun
O33 - MountPoints2\{6f6f7cb9-f98a-11e2-be71-681729279227}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{88eb5050-20a8-11e3-be78-74867a16a02b}\Shell - "" = AutoRun
O33 - MountPoints2\{88eb5050-20a8-11e3-be78-74867a16a02b}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{88eb508d-20a8-11e3-be78-74867a16a02b}\Shell - "" = AutoRun
O33 - MountPoints2\{88eb508d-20a8-11e3-be78-74867a16a02b}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{cd0e5ed6-fc02-11e2-be72-681729279227}\Shell - "" = AutoRun
O33 - MountPoints2\{cd0e5ed6-fc02-11e2-be72-681729279227}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/11/03 13:14:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/11/02 14:21:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\.android
[2013/11/02 13:59:23 | 000,000,000 | ---D | C] -- C:\android
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Mobility
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
[2013/11/02 13:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2013/11/01 15:47:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\SD card contents
[2013/11/01 14:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/01 13:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer
[2013/11/01 13:21:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/31 15:15:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2013/10/31 15:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/31 15:14:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/10/31 15:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/31 15:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/10/29 00:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/10/29 00:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/10/25 20:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/10/25 20:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/10/25 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/10/25 20:01:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Real
[2013/10/25 20:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/10/25 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
[2013/10/25 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
[2013/10/24 13:56:25 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\JRT Studio
[2013/10/24 13:56:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\JRT Studio
[2013/10/24 13:56:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JRT Studio
[2013/10/24 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRT Studio
[2013/10/24 12:22:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2013/10/24 12:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/10/24 12:21:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\.jmc
[2013/10/24 12:21:25 | 000,000,000 | ---D | C] -- C:\Users\Chris\.eclipse
[2013/10/24 12:20:55 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/10/24 12:20:54 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/10/24 12:20:54 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/10/24 12:20:54 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/10/24 12:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/24 12:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/24 12:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/10/13 12:24:25 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2013/10/13 12:24:24 | 008,858,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2013/10/13 12:24:23 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2013/10/13 12:24:22 | 002,304,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/10/13 12:24:22 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2013/10/13 12:24:21 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/10/13 12:24:21 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2013/10/13 12:24:21 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2013/10/13 12:24:21 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/10/13 12:24:21 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2013/10/13 12:24:21 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSyncInfo.dll
[2013/10/13 12:24:18 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2013/10/13 12:24:18 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2013/10/13 12:24:18 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2013/10/13 12:24:18 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2013/10/13 12:24:18 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2013/10/13 12:24:18 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2013/10/13 12:24:16 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/13 12:24:16 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/13 12:24:16 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/13 12:24:16 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/13 12:24:02 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2013/10/13 12:24:02 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013/10/13 12:24:02 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013/10/13 12:24:02 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/10/13 12:24:00 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/13 12:22:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/13 12:22:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/13 12:22:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/13 12:22:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013/10/13 12:22:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/13 12:22:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/13 12:22:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/13 12:22:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/13 12:22:14 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/10/13 12:22:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/13 12:22:13 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/13 12:22:03 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/13 12:22:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/13 12:21:55 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013/10/13 12:21:06 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/13 12:21:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/12 14:11:20 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/12 14:11:20 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/12 14:11:09 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/12 14:11:09 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/05 10:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/11/03 13:18:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/03 13:14:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/11/03 13:14:04 | 000,850,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/03 13:14:04 | 000,720,456 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/03 13:14:04 | 000,133,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/03 13:12:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/01 13:44:34 | 000,291,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/01 13:44:24 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/01 13:44:13 | 749,326,335 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/24 13:56:13 | 000,003,009 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk
[2013/10/24 12:20:47 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/10/24 12:20:47 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/10/24 12:20:47 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/10/24 12:20:47 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/10/22 18:27:30 | 000,001,494 | ---- | M] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/11/01 13:44:26 | 000,291,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/24 13:56:13 | 000,003,009 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk
[2013/10/22 18:27:30 | 000,001,494 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
[2013/10/13 12:24:21 | 000,386,923 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/09/14 10:29:15 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/10 11:16:08 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/08/10 11:16:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013/06/13 15:58:27 | 000,866,452 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/13 15:45:13 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/06/13 15:45:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/06/13 15:45:08 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013/06/13 15:45:04 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/06/13 15:45:04 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/06/13 15:45:03 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/06/13 15:44:20 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013/06/13 15:44:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/05/10 18:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/04/20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013/07/26 00:17:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 01:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 00:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/10/24 14:26:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\JRT Studio
[2013/07/30 21:47:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2013/08/03 01:04:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Motorola
[2013/08/03 01:11:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Motorola Mobility
[2013/10/24 12:38:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2013/07/31 23:08:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PCDr
[2013/10/22 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#E56717]========== Base Services ==========[/color]
SRV:[b]64bit:[/b] - [2012/09/20 01:30:35 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2013/03/06 01:29:15 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2012/07/25 22:08:16 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:01 | 000,826,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2013/06/10 14:15:25 | 000,723,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV - [2012/07/25 22:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:36 | 000,507,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2012/07/25 22:18:26 | 000,394,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:12 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2013/07/13 01:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:12 | 000,331,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2013/06/13 16:09:20 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2012/09/20 01:31:07 | 000,210,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:46 | 000,036,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2012/07/25 22:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:51 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:51 | 000,474,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:[b]64bit:[/b] - [2012/07/25 22:07:25 | 000,502,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2012/09/20 01:31:57 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:34 | 000,255,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/06/13 16:08:52 | 000,356,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2012/07/26 00:26:47 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2012/09/20 01:33:04 | 000,107,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2012/07/25 22:08:47 | 000,769,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
No service found with a name of EMDMgmt
SRV:[b]64bit:[/b] - [2012/07/25 22:07:03 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:03 | 000,358,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:06 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:09 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2012/09/20 01:33:39 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2013/04/08 23:51:41 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:23 | 000,309,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:16 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2012/07/25 22:19:59 | 000,506,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:[b]64bit:[/b] - [2013/04/08 23:50:39 | 001,285,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:28 | 000,305,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2012/07/25 22:20:06 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:30 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:00 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2013/05/04 01:59:51 | 001,483,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:[b]64bit:[/b] - [2013/06/01 04:19:42 | 000,785,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:[b]64bit:[/b] - [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:08 | 000,148,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2013/07/01 19:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:47 | 001,731,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:26 | 000,904,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:47 | 000,570,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:08:34 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2012/07/25 22:20:50 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2012/07/25 22:08:06 | 000,219,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2013/08/16 00:21:55 | 003,275,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:31 | 000,252,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2013/06/13 16:10:31 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:08:02 | 000,191,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< c:\program files (x86)\Google\Desktop >[/color]
[2012/07/26 02:22:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/07/26 02:14:23 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
[color=#A23BEC]< c:\program files\Google\Desktop >[/color]
 
[color=#A23BEC]< dir "%systemdrive%\*" /S /A:L /C >[/color]
 Volume in drive C is OS
 Volume Serial Number is 46B2-CFFB
 Directory of C:\
07/26/2012  02:22 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/26/2012  02:22 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/26/2012  02:22 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/26/2012  02:22 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/26/2012  02:22 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/26/2012  02:22 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/26/2012  02:22 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/26/2012  02:22 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/26/2012  02:22 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/26/2012  02:22 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/26/2012  02:22 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/26/2012  02:22 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/26/2012  02:22 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Chris
07/26/2013  10:43 AM    <JUNCTION>     Application Data [C:\Users\Chris\AppData\Roaming]
07/26/2013  10:43 AM    <JUNCTION>     Cookies [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies]
07/26/2013  10:43 AM    <JUNCTION>     Local Settings [C:\Users\Chris\AppData\Local]
07/26/2013  10:43 AM    <JUNCTION>     My Documents [C:\Users\Chris\Documents]
07/26/2013  10:43 AM    <JUNCTION>     NetHood [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/26/2013  10:43 AM    <JUNCTION>     PrintHood [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/26/2013  10:43 AM    <JUNCTION>     Recent [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Recent]
07/26/2013  10:43 AM    <JUNCTION>     SendTo [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\SendTo]
07/26/2013  10:43 AM    <JUNCTION>     Start Menu [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu]
07/26/2013  10:43 AM    <JUNCTION>     Templates [C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Chris\AppData\Local
07/26/2013  10:43 AM    <JUNCTION>     Application Data [C:\Users\Chris\AppData\Local]
07/26/2013  10:43 AM    <JUNCTION>     History [C:\Users\Chris\AppData\Local\Microsoft\Windows\History]
07/26/2013  10:43 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Chris\Documents
07/26/2013  10:43 AM    <JUNCTION>     My Music [C:\Users\Chris\Music]
07/26/2013  10:43 AM    <JUNCTION>     My Pictures [C:\Users\Chris\Pictures]
07/26/2013  10:43 AM    <JUNCTION>     My Videos [C:\Users\Chris\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/26/2012  02:22 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/26/2012  02:22 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/26/2012  02:22 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/26/2012  02:22 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/26/2012  02:22 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/26/2012  02:22 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/26/2012  02:22 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/26/2012  02:22 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/26/2012  02:22 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/26/2012  02:22 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/26/2012  02:22 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/26/2012  02:22 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/26/2012  02:22 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/26/2012  02:22 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/26/2012  02:22 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/26/2012  02:22 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/26/2012  02:22 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/26/2012  02:22 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/26/2012  02:22 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              48 Dir(s)  654,418,415,616 bytes free
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013/11/02 11:46:41 | 104,684,788 | ---- | M] ()(C:\Windows\SysWow64\??Ln) -- C:\Windows\SysWow64\ၹ⧠Lň
[2013/11/02 11:46:41 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\??Ln) -- C:\Windows\SysWow64\ၹ⧠Lň

< End of report >



the second one:

OTL Extras logfile created on: 11/3/2013 1:15:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 30.17% Memory free
6.81 Gb Paging File | 1.79 Gb Available in Paging File | 26.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.10 Gb Total Space | 609.48 Gb Free Space | 89.22% Space Free | Partition Type: NTFS
 
Computer Name: ERWIN | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3638884402-1316858898-3093708819-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4CF8A7DA-D91B-41A6-BF35-A1399B9E26D4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{88A782E0-4483-49C6-8DF1-36DBCD812E83}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A145FE-814F-4486-B3FB-E52910146683}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{03333F53-82CF-4F3E-80B2-497A77268409}" = dir=out | name=crackle | 
"{0557A5B5-44B9-45BA-A327-6EB49626DBC3}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{0946B6DD-4012-40B7-9F53-D41A03664772}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{0B7491DF-D81C-41DF-BA36-3FAAC40EADC0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0EEBF581-CD61-408B-86EF-91111A0B852F}" = dir=out | name=gym guide | 
"{0F270DAF-2D32-4003-9872-F45B08234042}" = dir=out | name=the weather channel | 
"{17BF6F4D-24F8-4938-BA16-0157EA1CD8AC}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud\aetherwindowsservice.exe | 
"{2288B370-FB99-4181-96F8-E828DEF68D84}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud\pocketclouddesktopapp.exe | 
"{2617AEF3-1944-4462-8892-BF774B2C81FB}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{3A673ABD-80BC-4C03-8BDA-A0D4B8840A1D}" = dir=out | name=windows 8 cheat keys | 
"{3BDBA061-4FF0-427B-8285-13A779528B67}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{4274115D-BE20-4F77-B90B-85063CAE7BEE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{43622352-87FB-47C9-97DB-31F0ECDECC11}" = dir=out | name=@{microsoft.zunevideo_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{499210AB-4735-41A0-A295-AC5281C2A66C}" = dir=out | name=windows_ie_ac_001 | 
"{4ED1A561-95B7-4581-BA98-E79751DF298B}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{545EA47E-5626-4D7D-A96E-2F6B65586008}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | 
"{557DA4D8-2141-4CB6-A495-4FAF13E50AF8}" = dir=in | name=skype | 
"{5E07598D-62FA-474A-8763-1AE9AF51268A}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{5E1C83BA-E41D-4D96-ADB7-A95C6269E260}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{5F483545-CCCB-4210-B1D5-A10076CF7A37}" = dir=in | name=dell shop | 
"{5F8E6255-C715-4552-AE9A-93D4186F5466}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5FB2AD35-69A9-473D-A79E-1BC4FD19A9DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{62AD1CD4-561B-4AA9-8BCF-77AABBA2C2F7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6452E54E-95F2-42E2-B33A-EB422414F7B0}" = dir=out | name=kindle | 
"{676028D2-1000-42A1-92E6-B8A25AA02CC1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{6C7E4598-8F85-4314-97A1-FD8305516C20}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{6D175472-3213-4C3D-8265-5B3402FBEA95}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{6E3E3B96-EB3B-448E-94A6-73C0930FDBA4}" = protocol=6 | dir=in | app=c:\users\chris\appdata\roaming\utorrent\utorrent.exe | 
"{71B68AA5-F6A8-4597-A8E8-68F5F73AAA3D}" = dir=out | name=dell shop | 
"{74BD1980-DF5C-4534-85B8-98D5E4D24300}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{7E72885A-4609-4099-B215-C6CAEF513F62}" = dir=out | name=ebay | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{847C5302-AEE8-4646-92BA-DDE507D536E1}" = dir=out | name=@{microsoft.zunemusic_1.5.177.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{890F5B93-E477-4EBA-AC44-336FAF198424}" = dir=out | name=mcafee® central for dell | 
"{901981A8-7A78-45DD-9D5D-2EAC6AA1D0B4}" = dir=out | name=amazon | 
"{96AD42EA-624B-48E7-9076-514629C2F3E8}" = dir=out | name=solitaire hd | 
"{9B27FB9F-11C0-4CEA-99E3-1C0569145E15}" = dir=in | name=hp printer control | 
"{9DF4B6AD-9ED4-4B7E-A621-28DD04B562DC}" = dir=in | name=mcafee® central for dell | 
"{9E8954B2-5256-49FC-AB1E-94E77282971A}" = dir=out | name=hp printer control | 
"{9FE0EF11-E23A-4099-9A92-512C1FB2A69F}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{A2612803-EDF1-4DBC-8E59-080D418AFE49}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A635EB8B-55BC-420F-9986-2050C92AA576}" = dir=out | name=vevo | 
"{A87C9FAB-A6B0-46FE-A1FF-07789321F92A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{B43AFAEC-D0F8-40E0-B71A-917C3308A130}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{B9863BA7-53C3-46A4-8332-647813FA86C6}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{C1145667-15F0-4569-A870-792E9A28297C}" = dir=out | name=google search | 
"{C76CF35C-FFD8-4C5D-BE69-027EBBC566E7}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{CA1EE598-B9DF-478F-9FB3-D6EA5FED03BA}" = protocol=17 | dir=in | app=c:\users\chris\appdata\roaming\utorrent\utorrent.exe | 
"{CF45329D-2AF5-4C4F-A1AA-6FC47E0EB3A7}" = dir=out | name=skype | 
"{D12B675F-81B7-4053-89A1-CEB41C847E3C}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{D2086FC8-4B76-46A6-A53C-F2A948382B91}" = dir=out | name=@{61908richardwalters.calculator_2.14.0.0_neutral__486nvj664v5b0?ms-resource://61908richardwalters.calculator/resources/apptitle} | 
"{D3D76228-65B4-4787-ACB1-3C6CD595705D}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{D885EBCC-C0BA-490A-B3E6-CE768CAA6D0D}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud\wyseremoteaccess.exe | 
"{D9F263EB-3821-4987-B66B-7C662786C7C5}" = dir=out | name=instagram now | 
"{DF60186D-ECC2-4F14-A613-8B868FB933C1}" = dir=in | name=the weather channel | 
"{E048789D-33F7-46EA-952E-0BE3B3FAC1AA}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{F8FEA503-FAD1-44B1-8918-E447544B5732}" = dir=in | name=vevo | 
"TCP Query User{A1FBEE9A-8D85-47AF-B8C1-1483BC749405}C:\program files\java\jdk1.7.0_45\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.7.0_45\bin\javaw.exe | 
"TCP Query User{DDF2BAC6-15A7-4941-82A7-F3FB4ECA6214}C:\program files (x86)\jrt studio\isyncr\isyncr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jrt studio\isyncr\isyncr.exe | 
"UDP Query User{D7B6D601-CAAE-4703-943A-D4A77475D8EA}C:\program files\java\jdk1.7.0_45\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.7.0_45\bin\javaw.exe | 
"UDP Query User{F6C8F1E4-F925-48E7-B9B8-1700AE80C912}C:\program files (x86)\jrt studio\isyncr\isyncr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jrt studio\isyncr\isyncr.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1593C708-5535-47A4-8C0F-F8D4BE2B4560}" = Intel® PROSet/Wireless WiFi Software
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{306823F5-9E3B-6FEA-77B0-C9F9B725D7C4}" = AMD Catalyst Install Manager
"{431BD7F7-685F-3363-DD7B-569AB9157268}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6097158B-0184-4140-BEC3-7885794D2571}" = Intel(R) WiDi
"{64A3A4F4-B792-11D6-A78A-00B0D0170450}" = Java SE Development Kit 7 Update 45 (64-bit)
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Intel(R) Turbo Boost Technology Monitor 2.6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E5B2B2D-83C0-AC50-152D-709ED18707E1}" = AMD Accelerated Video Transcoding
"{8EC78F02-5C36-4C97-AAC4-95A3D742A285}" = Motorola Mobile Drivers Installation 6.2.0
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A04DCB25-7040-4935-A30D-8E0A893ABF2D}" = iTunes
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CNXT_AUDIO_HDA" = Conexant SmartAudio HD
"Elantech" = Dell Touchpad
"GIMP-2_is1" = GIMP 2.8.6
"PC-Doctor for Windows" = My Dell
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon Browser App
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell Backup and Recovery
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{1FCEDA81-20B0-714B-CF77-BB47E9D113CD}" = CCC Help Swedish
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2DEEF1C2-9F1D-DA4D-0A22-E725546520A8}" = CCC Help German
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{518FD763-5771-0791-0EEA-1156E3D97D19}" = CCC Help Chinese Traditional
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{5321C831-3717-43FA-A098-33B254C1E60E}" = iSyncr
"{5391BE46-28DD-D059-B2A6-B5DBA088A3AB}" = CCC Help Portuguese
"{57BBFA6D-476B-4B3B-BEE6-63984AEFE400}" = Dell Update
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6675ACDF-3502-93E2-4B46-55D62E28AAC1}" = Catalyst Control Center Profiles Mobile
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781BEDDF-E389-8B2F-4CF2-8B17E6BDBC7C}" = CCC Help Japanese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{82BFFF3F-83A8-6BF5-7B3F-2EB627B915F6}" = Catalyst Control Center InstallProxy
"{846E0C91-B8A3-48A4-8227-7B7CAB6B1C68}" = CCC Help Norwegian
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{94229B0E-635B-8B24-8EF6-5A0F43380052}" = CCC Help Spanish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{955688E4-AE07-DF87-227B-B48A387811D2}" = CCC Help Korean
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98907001-5945-EB69-7A1B-A9BEB3283B83}" = Catalyst Control Center Localization All
"{98CB551E-EDB1-4535-82A6-E3258597F64E}" = Dell Digital Delivery
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell Backup and Recovery - Support Software
"{A9CB1642-9076-9DAC-3226-79B25720251A}" = CCC Help English
"{AAF1E996-6AE6-4684-88A8-41F4E98E2899}" = PocketCloud
"{AD3CCBED-0EA6-D5F3-8A24-D1BAB74A5B18}" = CCC Help Russian
"{AD98DAAF-3816-0477-321F-498EB3128B35}" = CCC Help French
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B13663FE-3723-D628-63CC-0E0D8AC3EDD4}" = Catalyst Control Center
"{B186114E-B477-3263-BFD0-B9219103DAE7}" = CCC Help Chinese Standard
"{BC7DEF92-3732-52E7-12C3-7480F57DAA0B}" = CCC Help Dutch
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{C89FA20F-0236-424C-B7D8-8E5EEDC20E15}" = Motorola Device Software Update
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D3BEE255-1C12-99FD-AC7C-0315D362EC1F}" = CCC Help Finnish
"{D459963A-7ADF-87DF-140D-A94A04B57C6A}" = PX Profile Update
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EA7FA62E-DA70-AAD9-52E0-1841A988F6FB}" = CCC Help Italian
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F351B64A-0B7B-41B3-9621-C81AB8FD42EB}" = Catalyst Control Center - Branding
"{F3952F92-1EAD-7CA0-C88D-01F63BDEB9F1}" = CCC Help Danish
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite Essentials
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3638884402-1316858898-3093708819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 10/25/2013 9:02:25 PM | Computer Name = Erwin | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" 
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 10/25/2013 9:02:46 PM | Computer Name = Erwin | Source = Application Hang | ID = 1002
Description = The program Au_.exe version 0.0.0.0 stopped interacting with Windows
 and was closed. To see if more information about the problem is available, check
 the problem history in the Action Center control panel.    Process ID: 1258    Start Time:
 01ced1e6f4b98884    Termination Time: 4294967295    Application Path: C:\Users\Chris\AppData\Local\Temp\~nsu.tmp\Au_.exe

Report
 Id: 52bb1f75-3dda-11e3-be7a-74867a16a02b    Faulting package full name:     Faulting package-relative
 application ID:   
 
Error - 10/25/2013 9:08:36 PM | Computer Name = Erwin | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic did not 
launch within its allotted time.
 
Error - 10/25/2013 9:35:57 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 10/25/2013 9:35:57 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1032
 
Error - 10/25/2013 9:35:57 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1032
 
Error - 10/25/2013 9:35:58 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 10/25/2013 9:35:58 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2079
 
Error - 10/25/2013 9:35:58 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2079
 
Error - 10/25/2013 9:35:59 PM | Computer Name = Erwin | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ System Events ]
Error - 10/10/2013 6:09:53 PM | Computer Name = Erwin | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
 a preshutdown control.
 
Error - 10/10/2013 6:11:09 PM | Computer Name = Erwin | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
 the following error:   %%2
 
Error - 10/10/2013 6:16:54 PM | Computer Name = Erwin | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 1 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 10/13/2013 1:03:38 PM | Computer Name = Erwin | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Storage Controller - Intel(R) 7 Series
 Chipset Family SATA AHCI Controller.
 
Error - 10/14/2013 11:47:42 PM | Computer Name = Erwin | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Storage Controller - Intel(R) 7 Series
 Chipset Family SATA AHCI Controller.
 
Error - 10/17/2013 8:51:17 AM | Computer Name = Erwin | Source = DCOM | ID = 10010
Description = 
 
Error - 10/17/2013 8:56:46 AM | Computer Name = Erwin | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Storage Controller - Intel(R) 7 Series
 Chipset Family SATA AHCI Controller.
 
Error - 10/17/2013 9:01:19 AM | Computer Name = Erwin | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Storage Controller - Intel(R) 7 Series
 Chipset Family SATA AHCI Controller.
 
Error - 10/17/2013 9:17:51 AM | Computer Name = Erwin | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
 with error 0x80070103: Intel Corporation - Storage Controller - Intel(R) 7 Series
 Chipset Family SATA AHCI Controller.
 
Error - 10/17/2013 9:21:49 AM | Computer Name = Erwin | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
 the following error:   %%2
 
 
< End of report >


and the file from the second scanner:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-03 13:26:05
-----------------------------
13:26:05.074    OS Version: Windows x64 6.2.9200 
13:26:05.074    Number of processors: 4 586 0x3A09
13:26:05.074    ComputerName: ERWIN  UserName: Chris
13:26:05.121    Initialze error 1 
13:26:14.069    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002a
13:26:14.069    Disk 0 Vendor: WDC_WD7500BPVT-75A1YT0 01.01A01 Size: 715404MB BusType: 11
13:26:14.085    Disk 0 MBR read successfully
13:26:14.085    Disk 0 MBR scan
13:26:14.085    Disk 0 unknown MBR code
13:26:14.085    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
13:26:14.101    Disk 0 scanning C:\Windows\system32\drivers
13:26:14.101    Service scanning
13:26:14.854    Modules scanning
13:26:14.854    Disk 0 trace - called modules:
13:26:14.869    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys 
13:26:14.885    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006dfb5b0]
13:26:14.885    3 CLASSPNP.SYS[fffff88000b09e0a] -> nt!IofCallDriver -> \Device\0000002a[0xfffffa8006d44060]
13:26:14.885    Scan finished successfully
13:26:40.424    Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\MBR.dat"
13:26:40.424    The log file has been saved successfully to "C:\Users\Chris\Desktop\aswMBR.txt"


attached is a mbr.dat file that it also created, not sure if you want that, but i attached it

Attached Files

  • Attached File  MBR.dat   512bytes   169 downloads

  • 0

#4
Essexboy
Posted 03 November 2013 - 03:22 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Age is not a major problem as if it is still active it will appear :)

On completion of this run can you let me know what problems remain

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:OTL
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcbootdelaystartsvc) 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ 
IE - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ 
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O4 - HKLM..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) 
O4 - HKU\S-1-5-21-3638884402-1316858898-3093708819-1001..\Run: [Updater] C:\ProgramData\Updater\updater.exe (Updater) 
[2013/10/25 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater 
[2013/10/25 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers 

:Files
C:\Users\Chris\AppData\Local\Temp\Uresponse.exe 
C:\ProgramData\RHelpers
C:\ProgramData\Updater
C:\Program Files (x86)\Coupons.com CouponBar

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

  • 0

#5
tortoracer
Posted 03 November 2013 - 04:20 PM

tortoracer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
ok, so the first scan got interrupted by my virus scanner popping up telling me it stopped something, not sure what it stopped, not sure what the message was; the scan continued and rebooted.

then i accidently skipped over the quick scan step, and went right to the JRT one, but then went back after the JRT one and did the quick scan...hopefully it doesnt matter too much.

OTL:

OTL logfile created on: 11/3/2013 5:08:26 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.87 Gb Total Physical Memory | 3.94 Gb Available Physical Memory | 67.09% Memory free
6.81 Gb Paging File | 4.45 Gb Available in Paging File | 65.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.10 Gb Total Space | 625.93 Gb Free Space | 91.63% Space Free | Partition Type: NTFS
 
Computer Name: ERWIN | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/11/03 13:14:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2013/10/18 09:27:46 | 000,711,168 | ---- | M] (JRT Studio LLC) -- C:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exe
PRC - [2013/10/09 23:18:10 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/05 10:42:43 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/05 16:59:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/09/05 16:58:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/09/05 16:58:50 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/08/07 13:27:28 | 000,199,176 | ---- | M] (Dell Products, LP.) -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/06/07 14:41:48 | 000,131,064 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Update\DellUpService.exe
PRC - [2012/12/03 01:18:30 | 000,111,136 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/11/29 14:56:26 | 001,436,160 | ---- | M] (Wyse Technology.) -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/11/19 14:15:20 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/11/19 14:15:20 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/09/30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/09/30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/08/06 20:55:12 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
PRC - [2012/07/17 20:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 20:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 20:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/10/20 00:18:15 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8089e3484b45e44781f0c7a1a78881d5\System.IdentityModel.ni.dll
MOD - [2013/10/20 00:18:12 | 000,030,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\b1b4d87475101f4da87758ac710dfd06\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2013/10/20 00:16:35 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d4edcacb877df7e257f1459985e0b886\System.Configuration.ni.dll
MOD - [2013/10/17 09:18:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\53c49b1cfdb85cf6784c7dcc8cdbd56d\System.Windows.Forms.ni.dll
MOD - [2013/10/17 09:18:05 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\6029d35b6cfaf94b1d39ec54c724a8c7\System.Xml.Linq.ni.dll
MOD - [2013/10/17 09:18:03 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e6606a84f8a4cdc18c74e63ec807c689\System.Windows.Forms.ni.dll
MOD - [2013/10/17 09:17:55 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\6b40a60180e23feff705e28e351e10e1\System.ServiceModel.ni.dll
MOD - [2013/10/17 09:17:45 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\e1c6945213ca43ec9769fe95576962ce\System.Runtime.Serialization.ni.dll
MOD - [2013/10/17 09:17:41 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c508451271803f1677317735db499f5c\System.Configuration.ni.dll
MOD - [2013/10/17 09:17:40 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3e52c3479469fe72eed0716b48859e91\WindowsBase.ni.dll
MOD - [2013/10/17 09:17:37 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\79e8b7b183668471ab364d4132fb8018\System.Core.ni.dll
MOD - [2013/10/09 23:18:10 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/05 10:42:43 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/16 20:36:34 | 000,366,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\3dd54cc0a567860244b2cf25f3bcef6e\IAStorUtil.ni.dll
MOD - [2013/08/16 20:36:32 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d438e7ec4899763070e7b5db3f166373\System.ServiceModel.Internals.ni.dll
MOD - [2013/08/16 20:36:32 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3df2fdd27a3e685ce5dda8bce4956e5b\SMDiagnostics.ni.dll
MOD - [2013/08/16 20:36:04 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3866f7a0829a76e958174f2d89bae9a8\System.Management.ni.dll
MOD - [2013/08/15 17:19:57 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\fc5d4ada42ed8e9a30b64912f5dc9767\System.Xml.ni.dll
MOD - [2013/08/15 17:19:49 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e4447d26cd9083018bd28ddd60a0248\System.Drawing.ni.dll
MOD - [2013/08/15 17:19:22 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1b46657236c1f942f9dbaf6aac73bb49\System.ni.dll
MOD - [2013/08/15 17:19:16 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/08/15 17:19:12 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/08/15 17:18:44 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/08/15 17:18:36 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/08/15 17:18:35 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013/08/15 17:18:24 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013/08/15 17:18:04 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/08/01 03:28:03 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\2dda44469946eccd972b05eeeefc1e7d\IAStorCommon.ni.dll
MOD - [2013/07/31 00:20:31 | 011,500,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d1ce70bf6cbab6ab838cbd8b50e902c1\mscorlib.ni.dll
MOD - [2013/07/31 00:19:59 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\cd6b8416903164862eba3d170df40c90\System.Management.ni.dll
MOD - [2013/07/31 00:19:19 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 22:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013/08/16 00:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:[b]64bit:[/b] - [2013/07/01 19:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:[b]64bit:[/b] - [2013/06/24 17:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:03 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2013/06/13 16:09:02 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2013/06/01 04:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2013/05/04 01:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2013/05/04 01:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2013/04/08 23:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013/03/01 21:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:[b]64bit:[/b] - [2013/03/01 21:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2012/09/24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2012/09/24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2012/09/20 01:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2012/09/13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:[b]64bit:[/b] - [2012/08/15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:[b]64bit:[/b] - [2012/08/06 20:55:12 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc)
SRV:[b]64bit:[/b] - [2012/08/02 04:06:02 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2012/07/25 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2012/07/25 22:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2012/07/25 19:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2012/05/30 15:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2012/04/20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/10/09 23:18:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/05 10:42:43 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/05 16:59:40 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/09/05 16:58:51 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/08/07 13:27:28 | 000,199,176 | ---- | M] (Dell Products, LP.) [Auto | Running] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/06/21 20:46:38 | 000,016,176 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe -- (WysePocketCloud)
SRV - [2013/06/07 14:41:48 | 000,131,064 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Update\DellUpService.exe -- (DellUpdate)
SRV - [2012/11/29 14:56:26 | 001,436,160 | ---- | M] (Wyse Technology.) [Auto | Running] -- C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe -- (WyseRemoteAccess)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/11/19 14:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/09/30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/09/30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/08/23 19:08:06 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/25 22:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 22:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 20:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 20:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 20:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/09/02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/09/05 16:59:55 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2013/09/05 16:59:55 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2013/08/16 00:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2013/07/26 00:44:58 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2013/07/09 03:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013/07/01 20:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013/07/01 19:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013/07/01 17:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013/06/29 01:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013/06/13 16:10:27 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:43 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:11 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2013/06/13 16:09:01 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2013/06/13 16:08:48 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2013/06/13 16:08:48 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2013/06/10 16:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2013/05/31 22:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013/05/04 02:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2013/03/02 05:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2013/03/02 05:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2013/03/02 05:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2013/01/09 19:49:20 | 000,211,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/12/04 04:50:54 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2012/10/11 06:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:[b]64bit:[/b] - [2012/10/09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:[b]64bit:[/b] - [2012/10/01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:[b]64bit:[/b] - [2012/10/01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:[b]64bit:[/b] - [2012/09/20 02:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2012/09/20 02:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:[b]64bit:[/b] - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:[b]64bit:[/b] - [2012/08/23 19:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdpmd64.sys -- (intelkmd)
DRV:[b]64bit:[/b] - [2012/08/23 19:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/06 20:55:08 | 001,607,328 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2012/08/06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:[b]64bit:[/b] - [2012/08/02 05:54:18 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012/08/02 03:09:30 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012/07/26 00:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/07/26 00:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2012/07/26 00:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2012/07/25 23:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2012/07/25 23:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2012/07/25 22:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2012/07/25 21:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2012/07/25 21:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2012/07/25 21:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/07/25 21:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2012/07/25 21:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2012/07/25 21:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2012/07/25 21:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2012/07/09 23:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:[b]64bit:[/b] - [2012/07/02 18:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012/06/25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:[b]64bit:[/b] - [2012/06/19 10:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012/06/15 16:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:[b]64bit:[/b] - [2012/06/12 11:41:22 | 000,683,664 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:[b]64bit:[/b] - [2012/05/30 15:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\TurboB.sys -- (TurboB)
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6AE0E5BF-D299-4657-B3EB-A8B1924576C1}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6AE0E5BF-D299-4657-B3EB-A8B1924576C1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6AE0E5BF-D299-4657-B3EB-A8B1924576C1}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.43
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/07/26 00:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2013/11/01 13:18:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions
[2013/07/26 01:25:12 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013/10/27 22:57:54 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\0ztxxkot.default\extensions\[email protected]
[2013/07/31 23:18:40 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\0ztxxkot.default\extensions\[email protected]
[2013/10/13 12:26:55 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\0ztxxkot.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/05 10:42:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/05 10:42:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2012/07/26 00:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk = C:\Users\Chris\AppData\Roaming\Microsoft\Installer\{5321C831-3717-43FA-A098-33B254C1E60E}\_C3AA6B698193CE8D0FECAF.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6577C754-DEBA-462D-9DEF-55BB57AC8C2C}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6f6f7cb9-f98a-11e2-be71-681729279227}\Shell - "" = AutoRun
O33 - MountPoints2\{6f6f7cb9-f98a-11e2-be71-681729279227}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{88eb5050-20a8-11e3-be78-74867a16a02b}\Shell - "" = AutoRun
O33 - MountPoints2\{88eb5050-20a8-11e3-be78-74867a16a02b}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{88eb508d-20a8-11e3-be78-74867a16a02b}\Shell - "" = AutoRun
O33 - MountPoints2\{88eb508d-20a8-11e3-be78-74867a16a02b}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O33 - MountPoints2\{cd0e5ed6-fc02-11e2-be72-681729279227}\Shell - "" = AutoRun
O33 - MountPoints2\{cd0e5ed6-fc02-11e2-be72-681729279227}\Shell\AutoRun\command - "" = "E:\MotoCastSetup.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/11/03 16:51:44 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/03 16:51:20 | 001,033,335 | ---- | C] (Thisisu) -- C:\Users\Chris\Desktop\JRT.exe
[2013/11/03 16:41:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/03 16:38:53 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Diagnostics
[2013/11/03 13:25:42 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Chris\Desktop\aswmbr.exe
[2013/11/03 13:14:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/11/02 14:21:50 | 000,000,000 | ---D | C] -- C:\Users\Chris\.android
[2013/11/02 13:59:23 | 000,000,000 | ---D | C] -- C:\android
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Mobility
[2013/11/02 13:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
[2013/11/02 13:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2013/11/01 15:47:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\SD card contents
[2013/11/01 14:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/11/01 13:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TubeDimmer
[2013/11/01 13:21:09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/31 15:15:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes
[2013/10/31 15:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/31 15:14:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/10/31 15:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/31 15:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/10/29 00:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/10/29 00:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/10/29 00:38:17 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/10/25 20:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/10/25 20:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013/10/25 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/10/25 20:01:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Real
[2013/10/25 20:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/10/24 13:56:25 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\JRT Studio
[2013/10/24 13:56:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\JRT Studio
[2013/10/24 13:56:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JRT Studio
[2013/10/24 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JRT Studio
[2013/10/24 12:22:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2013/10/24 12:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/10/24 12:21:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\.jmc
[2013/10/24 12:21:25 | 000,000,000 | ---D | C] -- C:\Users\Chris\.eclipse
[2013/10/24 12:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/24 12:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/24 12:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/10/05 10:42:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/11/03 16:53:39 | 000,850,046 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/03 16:53:39 | 000,720,456 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/03 16:53:39 | 000,133,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/03 16:51:10 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\Chris\Desktop\JRT.exe
[2013/11/03 16:49:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/03 16:46:50 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/03 16:46:48 | 749,326,335 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/03 16:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/03 13:26:40 | 000,000,512 | ---- | M] () -- C:\Users\Chris\Desktop\MBR.dat
[2013/11/03 13:25:43 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Chris\Desktop\aswmbr.exe
[2013/11/03 13:14:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2013/11/01 13:44:34 | 000,291,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/24 13:56:13 | 000,003,009 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk
[2013/10/22 18:27:30 | 000,001,494 | ---- | M] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/11/03 13:26:40 | 000,000,512 | ---- | C] () -- C:\Users\Chris\Desktop\MBR.dat
[2013/11/01 13:44:26 | 000,291,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/24 13:56:13 | 000,003,009 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iSyncr.lnk
[2013/10/22 18:27:30 | 000,001,494 | ---- | C] () -- C:\Users\Chris\AppData\Local\recently-used.xbel
[2013/10/13 12:24:21 | 000,386,923 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/09/14 10:29:15 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/10 11:16:08 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/08/10 11:16:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013/06/13 15:58:27 | 000,866,452 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/13 15:45:13 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/06/13 15:45:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/06/13 15:45:08 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2013/06/13 15:45:04 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/06/13 15:45:04 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/06/13 15:45:03 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/06/13 15:44:20 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013/06/13 15:44:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/26 03:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 03:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 02:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 20:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 15:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 15:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 09:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/05/10 18:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/04/20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2013/07/26 00:17:23 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/08/02 01:28:20 | 019,758,080 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/08/02 00:08:10 | 017,561,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 22:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 22:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 22:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013/10/24 14:26:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\JRT Studio
[2013/07/30 21:47:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2013/08/03 01:04:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Motorola
[2013/08/03 01:11:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Motorola Mobility
[2013/10/24 12:38:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Notepad++
[2013/07/31 23:08:19 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PCDr
[2013/10/22 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by Chris on Sun 11/03/2013 at 16:51:46.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdater



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1c43baf1-00c2-40a8-a09e-f84cfd79546d}
Successfully deleted the following from C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\0ztxxkot.default\prefs.js

user_pref("extensions.dynconff.cache.forums.bimmerforums.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><cont
user_pref("extensions.dynconff.cache.goo.im.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><content id=\"MB_P1\">
user_pref("extensions.dynconff.cache.rootzwiki.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><content id=\"M
user_pref("extensions.dynconff.cache.www.droidforums.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><content 
user_pref("extensions.dynconff.cache.www.geekstogo.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><content id
user_pref("extensions.dynconff.cache.www.lfsforum.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1536_1164_1524_1146_1169_1348_1482_1493_1521\"><content id=



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/03/2013 at 16:55:33.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

as of right now, the injekt thing at the top of my google searches still remains. the popup hasnt shown since, but it is a pretty seldom popup.

EDIT: my VERY brief test (one click) proves my back button is working properly again, but that was just one attempt.

Edited by tortoracer, 03 November 2013 - 04:21 PM.

  • 0

#6
Essexboy
Posted 04 November 2013 - 07:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Does the inkjet appear in both browsers or just one ?

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Attach the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
  • 0

#7
tortoracer
Posted 04 November 2013 - 10:06 AM

tortoracer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
it actually appears that internet explorer and chrome do not have the injekt thing anymore (never tested before, but they are clean now), even post-mbam scan firefox still has it. would uninstalling ff, and reinstalling only saving my bookmarks and other stuff that it wouldnt be work?

anyways, i already had malware bites installed on my computer, but i did redownload it using the first link...it appears to have just overwritten my installation.

the quick scan found nothing, but mid-scan it did start blocking access to several sites saying they were potentially harmful. this continued until AFTER the scan...the i.p. addresses seemed to be in order, or close to it. one of the ones i grabbed was "74.120.16.34"

the log:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.04.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Chris :: ERWIN [administrator]

Protection: Enabled

11/4/2013 10:53:46 AM
mbam-log-2013-11-04 (10-53-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 201847
Time elapsed: 2 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

there was a second, not sure if you need it...its saved in the /programdata/ folder. it is actually a list of the i.p.'s that it blocked i assume.

2013/11/04 10:52:18 -0500	ERWIN	Chris	MESSAGE	Starting protection
2013/11/04 10:52:18 -0500	ERWIN	Chris	MESSAGE	Protection started successfully
2013/11/04 10:52:18 -0500	ERWIN	Chris	MESSAGE	Starting IP protection
2013/11/04 10:52:28 -0500	ERWIN	Chris	MESSAGE	IP Protection started successfully
2013/11/04 10:52:32 -0500	ERWIN	Chris	MESSAGE	Starting database refresh
2013/11/04 10:52:32 -0500	ERWIN	Chris	MESSAGE	Stopping IP protection
2013/11/04 10:52:32 -0500	ERWIN	Chris	MESSAGE	IP Protection stopped successfully
2013/11/04 10:52:34 -0500	ERWIN	Chris	MESSAGE	Database refreshed successfully
2013/11/04 10:52:34 -0500	ERWIN	Chris	MESSAGE	Starting IP protection
2013/11/04 10:52:36 -0500	ERWIN	Chris	MESSAGE	IP Protection started successfully
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55698, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55699, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55700, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55702, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55703, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55704, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55705, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55707, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55708, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55709, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55711, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55712, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55713, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55714, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55715, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55716, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55717, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55718, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55719, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55720, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55721, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55723, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55724, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55725, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55726, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55727, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55728, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55729, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55730, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55731, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55732, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55733, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55734, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55736, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55737, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55738, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55739, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55740, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55741, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55742, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55743, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55744, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55745, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55746, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55747, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55748, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55749, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55750, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55751, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55752, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55753, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55754, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55755, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55756, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55757, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55758, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55759, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55760, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55761, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55762, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55763, Process: firefox.exe)
2013/11/04 10:54:11 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55764, Process: firefox.exe)
2013/11/04 10:54:35 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55778, Process: firefox.exe)
2013/11/04 10:54:35 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55780, Process: firefox.exe)
2013/11/04 10:54:35 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55781, Process: firefox.exe)
2013/11/04 10:54:35 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55782, Process: firefox.exe)
2013/11/04 10:54:35 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55783, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55784, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55785, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55786, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55787, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55788, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55789, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55790, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55791, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55792, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55793, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55794, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55795, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55796, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55797, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55798, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55799, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55800, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55801, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55802, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55803, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55804, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55806, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55807, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55808, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55809, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55810, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55811, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55812, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55813, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55814, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55815, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55816, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55817, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55818, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55819, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55820, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55821, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55822, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55823, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55824, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55825, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55826, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55827, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55828, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55829, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55830, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55831, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55832, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55833, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55834, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55835, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55836, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55837, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55838, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55839, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55840, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55841, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55842, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55843, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55844, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55845, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55846, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55847, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55848, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55849, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55850, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55851, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55852, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55853, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55854, Process: firefox.exe)
2013/11/04 10:54:36 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55855, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55891, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55892, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55893, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55895, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55896, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55897, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55898, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55899, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55900, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55901, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55902, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55903, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55904, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55905, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55906, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55907, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55908, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55909, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55910, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55911, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55912, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55913, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55914, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55915, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55916, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55917, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55918, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55919, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55920, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55921, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55922, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55923, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55924, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55925, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55926, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55927, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55928, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55929, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55930, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55931, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55932, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55933, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55934, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55935, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55936, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55937, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55938, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55939, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55940, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55942, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55944, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55945, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55946, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55947, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55948, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55949, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55950, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 55951, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 55953, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 55954, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 55955, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 55956, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 55957, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 55958, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 55959, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 55960, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 55961, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 55962, Process: firefox.exe)
2013/11/04 10:55:40 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 55963, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 55964, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 55965, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 55966, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 55967, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 55968, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 55969, Process: firefox.exe)
2013/11/04 10:55:41 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 55970, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56022, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56023, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56025, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56026, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56027, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56028, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56029, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56030, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56031, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56032, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56033, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56034, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56035, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56036, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56037, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56038, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56039, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56040, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56041, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56042, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56043, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56044, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56045, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56046, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56047, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56048, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56049, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56050, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56051, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56052, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56053, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56054, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56055, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56056, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56057, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56058, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56059, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56060, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56061, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56062, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56063, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56064, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56065, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56066, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56067, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56069, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56070, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56071, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56072, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56073, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56074, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56075, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56076, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56077, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56078, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56079, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56080, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56081, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56082, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56083, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56084, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56085, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56086, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56087, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56088, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56089, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56090, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56091, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56092, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56093, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56094, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56095, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56096, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56097, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56098, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56099, Process: firefox.exe)
2013/11/04 10:56:37 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56100, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56140, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56142, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56143, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56144, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56145, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56146, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56147, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56148, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56149, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56150, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56151, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56152, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56153, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56154, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56155, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56156, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56157, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56158, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56159, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56160, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56162, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56163, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56164, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56165, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56166, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56168, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56169, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56170, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56171, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56172, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56173, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56174, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56175, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56176, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56177, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56178, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56179, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56180, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56203, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56208, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56209, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56210, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56211, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56212, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56213, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56214, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56215, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56216, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56217, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56218, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56219, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56220, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56221, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56222, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56223, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56224, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56225, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56226, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56228, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56229, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56230, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56231, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56232, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56233, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56234, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56235, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56236, Process: firefox.exe)
2013/11/04 10:57:09 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56237, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56238, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56240, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56241, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56242, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56243, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56244, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56245, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56246, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56247, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56248, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56250, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56251, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56252, Process: firefox.exe)
2013/11/04 10:57:10 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56254, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56303, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56304, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56305, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56306, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56307, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56308, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56309, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56310, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56311, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56312, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56313, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56314, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56315, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56316, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56317, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56318, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56319, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56320, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56321, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56323, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56324, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56325, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56326, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56327, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56328, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56329, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56330, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56331, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56332, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56333, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56334, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56335, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56336, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56337, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56338, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56339, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56340, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56341, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56349, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56350, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56351, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56352, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56353, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56354, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56355, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56356, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56357, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56358, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56359, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56360, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56361, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56362, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56363, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56364, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56365, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56366, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56367, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56369, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56370, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56371, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56372, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56373, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56374, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56375, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56376, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56377, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56378, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56379, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56380, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56381, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56383, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56384, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56385, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56386, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56387, Process: firefox.exe)
2013/11/04 10:57:18 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56388, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56418, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56419, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56420, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56421, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56422, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56423, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56424, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56425, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56426, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56427, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56428, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56429, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56430, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56431, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56432, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56433, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56434, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56435, Process: firefox.exe)
2013/11/04 10:57:26 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56436, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56471, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56472, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56473, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56475, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56476, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56477, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56478, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56479, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56480, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56481, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56482, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56483, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56484, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56485, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56486, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56487, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56488, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56489, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56490, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.30 (Type: outgoing, Port: 56492, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.31 (Type: outgoing, Port: 56493, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.32 (Type: outgoing, Port: 56494, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.33 (Type: outgoing, Port: 56496, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.34 (Type: outgoing, Port: 56497, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.81 (Type: outgoing, Port: 56498, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.82 (Type: outgoing, Port: 56499, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.83 (Type: outgoing, Port: 56500, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.84 (Type: outgoing, Port: 56501, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.85 (Type: outgoing, Port: 56502, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.86 (Type: outgoing, Port: 56503, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.87 (Type: outgoing, Port: 56504, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.88 (Type: outgoing, Port: 56505, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.89 (Type: outgoing, Port: 56507, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.90 (Type: outgoing, Port: 56508, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.91 (Type: outgoing, Port: 56510, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.145 (Type: outgoing, Port: 56511, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.146 (Type: outgoing, Port: 56512, Process: firefox.exe)
2013/11/04 10:57:58 -0500	ERWIN	Chris	IP-BLOCK	74.120.16.29 (Type: outgoing, Port: 56513, Process: firefox.exe)


also, regards to a virus scanner....is m-bam taking over at this point? i plan on keeping it as a second method, but should i keep avira? avira tends to do a good job (usually) blocking virus' from entering my computer, then finding them when it fails. but should i completely get rid of it, or keep both?

thank you, Chris

m-bam is also continuing to block sites, right after i pressed post it blocked another 5.

Edited by tortoracer, 04 November 2013 - 10:07 AM.

  • 0

#8
tortoracer
Posted 07 November 2013 - 12:35 PM

tortoracer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
should i revert to backing up everything i deem safe, and reinstalling windows? i'm fine with that answer, its not written in a malware-looking way, so i had a feeling scans wouldnt pick it up.

if you do a quick Google search "safe search by injekt," a few sites explain how its not malware technically.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP