Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop sloooooow no matter what I try to do

Started by CZ2761 , Nov 27 2013 06:26 PM

  • This topic is locked This topic is locked

#31
DonnaB
Posted 16 December 2013 - 07:37 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
The TDSSKiller scan??
  • 0

Advertisements

#32
CZ2761
Posted 16 December 2013 - 09:52 PM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Yes, I'm going to reinstall it and try again.
  • 0

#33
CZ2761
Posted 16 December 2013 - 09:55 PM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
OK, reinstalled and downloaded the update, but still no threats to be found.
  • 0

#34
DonnaB
Posted 17 December 2013 - 06:28 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
That's good news. I'm going to have you try a clean boot. See the following links for instructions to do so pertaining to Vista:

How to perform a clean boot in Windows
  • 0

#35
CZ2761
Posted 17 December 2013 - 08:42 AM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I have more good news! I booted up the laptop today and it loaded the desktop in no time at all :woot:
  • 0

#36
DonnaB
Posted 17 December 2013 - 06:24 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Oh that is good news! Maybe we were just being a little impatient. I've notice that my system can be a bit sluggish after a good cleaning then WHAM!, out of nowhere you have speed and have to buckle your seat belt and hang on tight as you fly through cyber space.

Before you uninstall TDSSKiller I'd like to see the log that was generated and placed on your C:\drive that will look like this:

TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt

Then give it a few days to see how your system responds. If all is good, we'll go from there.

Donna :)
  • 0

#37
CZ2761
Posted 17 December 2013 - 11:25 PM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I was definitely surprised lol. Okay, here is the log:

22:53:28.0918 0x1390 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
22:53:32.0220 0x1390 ============================================================
22:53:32.0220 0x1390 Current date / time: 2013/12/16 22:53:32.0220
22:53:32.0220 0x1390 SystemInfo:
22:53:32.0220 0x1390
22:53:32.0220 0x1390 OS Version: 6.0.6002 ServicePack: 2.0
22:53:32.0220 0x1390 Product type: Workstation
22:53:32.0220 0x1390 ComputerName: CHRIS-PC
22:53:32.0220 0x1390 UserName: Chris
22:53:32.0220 0x1390 Windows directory: C:\Windows
22:53:32.0220 0x1390 System windows directory: C:\Windows
22:53:32.0220 0x1390 Processor architecture: Intel x86
22:53:32.0220 0x1390 Number of processors: 2
22:53:32.0220 0x1390 Page size: 0x1000
22:53:32.0220 0x1390 Boot type: Normal boot
22:53:32.0220 0x1390 ============================================================
22:53:34.0692 0x1390 KLMD registered as C:\Windows\system32\drivers\04597968.sys
22:53:34.0725 0x1390 System UUID: {C44687EB-20FD-796D-0A06-9F12553FAB42}
22:53:35.0189 0x1390 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:53:35.0191 0x1390 ============================================================
22:53:35.0191 0x1390 \Device\Harddisk0\DR0:
22:53:35.0192 0x1390 MBR partitions:
22:53:35.0192 0x1390 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BCEAFC1
22:53:35.0192 0x1390 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BCEB000, BlocksNum 0x14D9000
22:53:35.0192 0x1390 ============================================================
22:53:35.0220 0x1390 C: <-> \Device\Harddisk0\DR0\Partition1
22:53:35.0256 0x1390 D: <-> \Device\Harddisk0\DR0\Partition2
22:53:35.0256 0x1390 ============================================================
22:53:35.0257 0x1390 Initialize success
22:53:35.0257 0x1390 ============================================================
22:53:40.0974 0x0d78 ============================================================
22:53:40.0974 0x0d78 Scan started
22:53:40.0974 0x0d78 Mode: Manual;
22:53:40.0974 0x0d78 ============================================================
22:53:40.0974 0x0d78 KSN ping started
22:53:56.0714 0x0d78 KSN ping finished: true
22:53:57.0510 0x0d78 ================ Scan system memory ========================
22:53:57.0510 0x0d78 System memory - ok
22:53:57.0510 0x0d78 ================ Scan services =============================
22:53:57.0697 0x0d78 [ 3B10711AD8656C097E0D16A41B29C54C, 38628F6646FBCB665E6932316BB9371CAFC4F50F5C1185F4A398605019755ACD ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
22:53:57.0697 0x0d78 Accelerometer - ok
22:53:57.0759 0x0d78 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:53:57.0759 0x0d78 ACPI - ok
22:53:57.0806 0x0d78 [ D2523D28674B03976AFC1AB6EF712F27, 2E7619535A54B4CC296BD67A678A31A6E2AADEE6848957F1467AA3EE2D129F00 ] acsint C:\Windows\system32\DRIVERS\acsint.sys
22:53:57.0806 0x0d78 acsint - ok
22:53:57.0853 0x0d78 [ 9A7D29DAE24A01DCD33D8F563559B3AB, 0EB90904B708F89D9641044B62D2A6635282EB1463C60143FA3E27AC180B2CB6 ] acsmux C:\Windows\system32\DRIVERS\acsmux.sys
22:53:57.0853 0x0d78 acsmux - ok
22:53:57.0946 0x0d78 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:57.0962 0x0d78 AdobeFlashPlayerUpdateSvc - ok
22:53:58.0040 0x0d78 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:53:58.0040 0x0d78 adp94xx - ok
22:53:58.0056 0x0d78 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:53:58.0071 0x0d78 adpahci - ok
22:53:58.0071 0x0d78 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:53:58.0071 0x0d78 adpu160m - ok
22:53:58.0087 0x0d78 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:53:58.0087 0x0d78 adpu320 - ok
22:53:58.0149 0x0d78 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:53:58.0149 0x0d78 AeLookupSvc - ok
22:53:58.0258 0x0d78 [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
22:53:58.0258 0x0d78 AESTFilters - ok
22:53:58.0321 0x0d78 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
22:53:58.0336 0x0d78 AFD - ok
22:53:58.0399 0x0d78 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:53:58.0414 0x0d78 agp440 - ok
22:53:58.0446 0x0d78 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:53:58.0446 0x0d78 aic78xx - ok
22:53:58.0461 0x0d78 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
22:53:58.0477 0x0d78 ALG - ok
22:53:58.0477 0x0d78 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
22:53:58.0477 0x0d78 aliide - ok
22:53:58.0492 0x0d78 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:53:58.0492 0x0d78 amdagp - ok
22:53:58.0508 0x0d78 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
22:53:58.0508 0x0d78 amdide - ok
22:53:58.0539 0x0d78 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:53:58.0539 0x0d78 AmdK7 - ok
22:53:58.0555 0x0d78 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:53:58.0555 0x0d78 AmdK8 - ok
22:53:58.0602 0x0d78 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
22:53:58.0602 0x0d78 Appinfo - ok
22:53:58.0711 0x0d78 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:53:58.0711 0x0d78 Apple Mobile Device - ok
22:53:58.0758 0x0d78 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
22:53:58.0773 0x0d78 arc - ok
22:53:58.0789 0x0d78 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:53:58.0789 0x0d78 arcsas - ok
22:53:58.0820 0x0d78 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:58.0820 0x0d78 AsyncMac - ok
22:53:58.0836 0x0d78 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
22:53:58.0836 0x0d78 atapi - ok
22:53:58.0929 0x0d78 [ 99FDF0E65F82C0E47BC04363C09DE146, CB1FF106DF9AD3655220781799B3360F78E0C8CEE45AFC3BFC94BF2D13901865 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
22:53:58.0945 0x0d78 Ati External Event Utility - ok
22:53:59.0148 0x0d78 [ E8044E9976D43B1D00EADE351E447349, C0E84304D04379B680F4D51751DFBA979829ED0F3FE202BD9B9452021BEFDA60 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:53:59.0241 0x0d78 atikmdag - ok
22:53:59.0304 0x0d78 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:59.0319 0x0d78 AudioEndpointBuilder - ok
22:53:59.0335 0x0d78 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:53:59.0350 0x0d78 Audiosrv - ok
22:53:59.0397 0x0d78 [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
22:53:59.0397 0x0d78 avgtp - ok
22:53:59.0569 0x0d78 [ A2CD1468BB0E796726DA95E95F87A715, F5E657F6C38B2D0F3550F66787AFD458B4AF53D1E8A5B4243C75539146069511 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
22:53:59.0616 0x0d78 BCM43XV - ok
22:53:59.0725 0x0d78 [ A2CD1468BB0E796726DA95E95F87A715, F5E657F6C38B2D0F3550F66787AFD458B4AF53D1E8A5B4243C75539146069511 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:53:59.0772 0x0d78 BCM43XX - ok
22:53:59.0834 0x0d78 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
22:53:59.0834 0x0d78 Beep - ok
22:53:59.0896 0x0d78 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
22:53:59.0912 0x0d78 BFE - ok
22:53:59.0990 0x0d78 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
22:54:00.0006 0x0d78 BITS - ok
22:54:00.0021 0x0d78 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:54:00.0021 0x0d78 blbdrive - ok
22:54:00.0115 0x0d78 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:54:00.0115 0x0d78 Bonjour Service - ok
22:54:00.0162 0x0d78 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:54:00.0162 0x0d78 bowser - ok
22:54:00.0208 0x0d78 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:54:00.0208 0x0d78 BrFiltLo - ok
22:54:00.0240 0x0d78 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:54:00.0240 0x0d78 BrFiltUp - ok
22:54:00.0271 0x0d78 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
22:54:00.0271 0x0d78 Browser - ok
22:54:00.0333 0x0d78 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:54:00.0333 0x0d78 Brserid - ok
22:54:00.0349 0x0d78 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:54:00.0349 0x0d78 BrSerWdm - ok
22:54:00.0364 0x0d78 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:54:00.0364 0x0d78 BrUsbMdm - ok
22:54:00.0380 0x0d78 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:54:00.0380 0x0d78 BrUsbSer - ok
22:54:00.0427 0x0d78 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:54:00.0427 0x0d78 BthEnum - ok
22:54:00.0442 0x0d78 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:54:00.0442 0x0d78 BTHMODEM - ok
22:54:00.0474 0x0d78 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:54:00.0474 0x0d78 BthPan - ok
22:54:00.0505 0x0d78 [ 671134053D59E23704F08DB19F11E10B, 7AFE5B6646B9A38EFAF127B7C820463CC06C4B8B82BC76259DA346B51377EA0B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:54:00.0505 0x0d78 BTHPORT - ok
22:54:00.0536 0x0d78 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
22:54:00.0536 0x0d78 BthServ - ok
22:54:00.0552 0x0d78 [ 93D7007E2C660DFCCA6AE72622740B14, 3483FD5060CE7FB9208A8016D5D79EC88DA63BF6C656EFC476AAA3D912DB451F ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:54:00.0552 0x0d78 BTHUSB - ok
22:54:00.0598 0x0d78 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:54:00.0598 0x0d78 cdfs - ok
22:54:00.0661 0x0d78 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:54:00.0661 0x0d78 cdrom - ok
22:54:00.0708 0x0d78 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
22:54:00.0708 0x0d78 CertPropSvc - ok
22:54:00.0723 0x0d78 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:54:00.0723 0x0d78 circlass - ok
22:54:00.0770 0x0d78 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
22:54:00.0770 0x0d78 CLFS - ok
22:54:00.0832 0x0d78 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:00.0832 0x0d78 clr_optimization_v2.0.50727_32 - ok
22:54:00.0926 0x0d78 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:00.0942 0x0d78 clr_optimization_v4.0.30319_32 - ok
22:54:00.0988 0x0d78 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:54:00.0988 0x0d78 CmBatt - ok
22:54:01.0004 0x0d78 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:54:01.0020 0x0d78 cmdide - ok
22:54:01.0160 0x0d78 [ DF855C726818A71A14A0D6FAD8EDDC37, 29CCDC4D3854D266CB7D17635D37C9C1F9063D1695A8D455E1BEEEB37048CF90 ] CodeMeter.exe C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
22:54:01.0207 0x0d78 CodeMeter.exe - ok
22:54:01.0316 0x0d78 [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
22:54:01.0332 0x0d78 Com4QLBEx - ok
22:54:01.0332 0x0d78 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:54:01.0332 0x0d78 Compbatt - ok
22:54:01.0347 0x0d78 COMSysApp - ok
22:54:01.0363 0x0d78 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:54:01.0363 0x0d78 crcdisk - ok
22:54:01.0378 0x0d78 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:54:01.0378 0x0d78 Crusoe - ok
22:54:01.0410 0x0d78 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:54:01.0425 0x0d78 CryptSvc - ok
22:54:01.0503 0x0d78 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:54:01.0519 0x0d78 DcomLaunch - ok
22:54:01.0550 0x0d78 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:54:01.0550 0x0d78 DfsC - ok
22:54:01.0706 0x0d78 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
22:54:01.0737 0x0d78 DFSR - ok
22:54:01.0815 0x0d78 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:54:01.0831 0x0d78 Dhcp - ok
22:54:01.0862 0x0d78 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
22:54:01.0862 0x0d78 disk - ok
22:54:01.0909 0x0d78 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:54:01.0924 0x0d78 Dnscache - ok
22:54:01.0940 0x0d78 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
22:54:01.0940 0x0d78 dot3svc - ok
22:54:02.0002 0x0d78 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
22:54:02.0018 0x0d78 DPS - ok
22:54:02.0065 0x0d78 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:54:02.0080 0x0d78 drmkaud - ok
22:54:02.0127 0x0d78 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:54:02.0143 0x0d78 DXGKrnl - ok
22:54:02.0190 0x0d78 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:54:02.0205 0x0d78 E1G60 - ok
22:54:02.0236 0x0d78 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
22:54:02.0236 0x0d78 EapHost - ok
22:54:02.0299 0x0d78 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
22:54:02.0299 0x0d78 Ecache - ok
22:54:02.0377 0x0d78 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:54:02.0377 0x0d78 ehRecvr - ok
22:54:02.0392 0x0d78 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
22:54:02.0392 0x0d78 ehSched - ok
22:54:02.0408 0x0d78 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
22:54:02.0408 0x0d78 ehstart - ok
22:54:02.0470 0x0d78 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:54:02.0486 0x0d78 elxstor - ok
22:54:02.0533 0x0d78 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:54:02.0548 0x0d78 EMDMgmt - ok
22:54:02.0595 0x0d78 [ 004B2EA6CC2598EC5F0552E43CE29CEF, 5120903105749DC7A0356DF060B020D78F10FC1B651AC036B1D852EF65DD1D85 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
22:54:02.0595 0x0d78 enecir - ok
22:54:02.0642 0x0d78 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:54:02.0642 0x0d78 ErrDev - ok
22:54:02.0673 0x0d78 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
22:54:02.0689 0x0d78 EventSystem - ok
22:54:02.0736 0x0d78 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
22:54:02.0751 0x0d78 exfat - ok
22:54:02.0767 0x0d78 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:54:02.0767 0x0d78 fastfat - ok
22:54:02.0814 0x0d78 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:54:02.0814 0x0d78 fdc - ok
22:54:02.0845 0x0d78 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
22:54:02.0845 0x0d78 fdPHost - ok
22:54:02.0860 0x0d78 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
22:54:02.0860 0x0d78 FDResPub - ok
22:54:02.0876 0x0d78 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:54:02.0876 0x0d78 FileInfo - ok
22:54:02.0876 0x0d78 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:54:02.0876 0x0d78 Filetrace - ok
22:54:02.0907 0x0d78 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:54:02.0907 0x0d78 flpydisk - ok
22:54:02.0938 0x0d78 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:54:02.0938 0x0d78 FltMgr - ok
22:54:03.0032 0x0d78 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
22:54:03.0048 0x0d78 FontCache - ok
22:54:03.0110 0x0d78 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:54:03.0110 0x0d78 FontCache3.0.0.0 - ok
22:54:03.0157 0x0d78 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:54:03.0157 0x0d78 Fs_Rec - ok
22:54:03.0172 0x0d78 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:54:03.0188 0x0d78 gagp30kx - ok
22:54:03.0235 0x0d78 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:54:03.0235 0x0d78 GEARAspiWDM - ok
22:54:03.0282 0x0d78 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
22:54:03.0282 0x0d78 gpsvc - ok
22:54:03.0328 0x0d78 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:54:03.0328 0x0d78 HdAudAddService - ok
22:54:03.0375 0x0d78 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:03.0391 0x0d78 HDAudBus - ok
22:54:03.0406 0x0d78 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:54:03.0406 0x0d78 HidBth - ok
22:54:03.0438 0x0d78 [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:54:03.0438 0x0d78 HidIr - ok
22:54:03.0469 0x0d78 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
22:54:03.0469 0x0d78 hidserv - ok
22:54:03.0500 0x0d78 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:54:03.0500 0x0d78 HidUsb - ok
22:54:03.0531 0x0d78 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
22:54:03.0531 0x0d78 hkmsvc - ok
22:54:03.0594 0x0d78 [ D13E6BFD7E9189D26A42E94CB2447044, 9115DE57D376846F63EA5805C89DFE23A7D5AB59529883BEAE097F04DCDFC5DB ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
22:54:03.0594 0x0d78 HP Health Check Service - ok
22:54:03.0625 0x0d78 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:54:03.0625 0x0d78 HpCISSs - ok
22:54:03.0672 0x0d78 [ 24F3F496C18EFC234777723A67A85F81, D0A1E51CA7CDAEA729926EF246E9212327776BF62F55B3C5BBA57164F31EAFBD ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
22:54:03.0672 0x0d78 hpdskflt - ok
22:54:03.0687 0x0d78 [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
22:54:03.0703 0x0d78 HpqKbFiltr - ok
22:54:03.0718 0x0d78 [ 115C0933B3ED51DFBEC4449348C8065B, 5C937F9DA4DC43CA11B6667D7DF41FC8D0E88994D0A854FDD0F3024D76DE0353 ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
22:54:03.0718 0x0d78 HpqRemHid - ok
22:54:03.0750 0x0d78 [ D50FDAD1E57AA60F1973CFC77D905F0E, 50700337E984F71020BC0F714E0747A99E48711EAC590B22F3F104B3CFFDAF5B ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
22:54:03.0765 0x0d78 hpqwmiex - ok
22:54:03.0765 0x0d78 [ 6D0AC28C5BD8D8495F83F5929A45E559, D53CA110DE2605A3F026E52D310DD300A0C38488C4149F3023FF2F64C28290C6 ] hpsrv C:\Windows\system32\Hpservice.exe
22:54:03.0781 0x0d78 hpsrv - ok
22:54:03.0828 0x0d78 [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:54:03.0828 0x0d78 HSFHWAZL - ok
22:54:03.0874 0x0d78 [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:54:03.0890 0x0d78 HSF_DPV - ok
22:54:03.0937 0x0d78 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:54:03.0952 0x0d78 HTTP - ok
22:54:03.0984 0x0d78 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:54:03.0984 0x0d78 i2omp - ok
22:54:04.0046 0x0d78 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:04.0046 0x0d78 i8042prt - ok
22:54:04.0077 0x0d78 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:54:04.0093 0x0d78 iaStorV - ok
22:54:04.0155 0x0d78 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:54:04.0171 0x0d78 IDriverT - ok
22:54:04.0249 0x0d78 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:54:04.0264 0x0d78 idsvc - ok
22:54:04.0280 0x0d78 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:54:04.0280 0x0d78 iirsp - ok
22:54:04.0342 0x0d78 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
22:54:04.0342 0x0d78 IKEEXT - ok
22:54:04.0389 0x0d78 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
22:54:04.0389 0x0d78 intelide - ok
22:54:04.0452 0x0d78 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:54:04.0452 0x0d78 intelppm - ok
22:54:04.0483 0x0d78 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:54:04.0483 0x0d78 IPBusEnum - ok
22:54:04.0498 0x0d78 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:04.0498 0x0d78 IpFilterDriver - ok
22:54:04.0530 0x0d78 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:54:04.0530 0x0d78 iphlpsvc - ok
22:54:04.0545 0x0d78 IpInIp - ok
22:54:04.0561 0x0d78 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:54:04.0561 0x0d78 IPMIDRV - ok
22:54:04.0592 0x0d78 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:54:04.0608 0x0d78 IPNAT - ok
22:54:04.0701 0x0d78 [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:54:04.0717 0x0d78 iPod Service - ok
22:54:04.0732 0x0d78 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:54:04.0732 0x0d78 IRENUM - ok
22:54:04.0748 0x0d78 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:54:04.0748 0x0d78 isapnp - ok
22:54:04.0810 0x0d78 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:54:04.0810 0x0d78 iScsiPrt - ok
22:54:04.0826 0x0d78 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:54:04.0826 0x0d78 iteatapi - ok
22:54:04.0842 0x0d78 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:54:04.0842 0x0d78 iteraid - ok
22:54:04.0904 0x0d78 [ DEDB6CC1B166928A8F3F68DEF1766DB0, 35F1AD8984B1E2747DC925B8A95A6A128E5105C5D4D990382715ED13B0F47E23 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
22:54:04.0904 0x0d78 JMCR - ok
22:54:04.0920 0x0d78 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:04.0920 0x0d78 kbdclass - ok
22:54:04.0935 0x0d78 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:04.0935 0x0d78 kbdhid - ok
22:54:04.0966 0x0d78 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
22:54:04.0966 0x0d78 KeyIso - ok
22:54:05.0013 0x0d78 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:54:05.0029 0x0d78 KSecDD - ok
22:54:05.0091 0x0d78 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:54:05.0107 0x0d78 KtmRm - ok
22:54:05.0138 0x0d78 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
22:54:05.0138 0x0d78 LanmanServer - ok
22:54:05.0200 0x0d78 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:54:05.0200 0x0d78 LanmanWorkstation - ok
22:54:05.0232 0x0d78 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:54:05.0232 0x0d78 lltdio - ok
22:54:05.0278 0x0d78 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:54:05.0278 0x0d78 lltdsvc - ok
22:54:05.0294 0x0d78 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:54:05.0294 0x0d78 lmhosts - ok
22:54:05.0310 0x0d78 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:54:05.0310 0x0d78 LSI_FC - ok
22:54:05.0325 0x0d78 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:54:05.0325 0x0d78 LSI_SAS - ok
22:54:05.0341 0x0d78 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:54:05.0341 0x0d78 LSI_SCSI - ok
22:54:05.0356 0x0d78 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
22:54:05.0356 0x0d78 luafv - ok
22:54:05.0372 0x0d78 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:54:05.0372 0x0d78 Mcx2Svc - ok
22:54:05.0388 0x0d78 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
22:54:05.0388 0x0d78 megasas - ok
22:54:05.0419 0x0d78 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:54:05.0434 0x0d78 MegaSR - ok
22:54:05.0528 0x0d78 Microsoft SharePoint Workspace Audit Service - ok
22:54:05.0544 0x0d78 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
22:54:05.0559 0x0d78 MMCSS - ok
22:54:05.0559 0x0d78 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
22:54:05.0559 0x0d78 Modem - ok
22:54:05.0606 0x0d78 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:54:05.0606 0x0d78 monitor - ok
22:54:05.0622 0x0d78 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:54:05.0622 0x0d78 mouclass - ok
22:54:05.0637 0x0d78 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:54:05.0637 0x0d78 mouhid - ok
22:54:05.0653 0x0d78 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:54:05.0668 0x0d78 MountMgr - ok
22:54:05.0715 0x0d78 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:54:05.0715 0x0d78 MozillaMaintenance - ok
22:54:05.0746 0x0d78 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:54:05.0746 0x0d78 mpio - ok
22:54:05.0762 0x0d78 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:54:05.0762 0x0d78 mpsdrv - ok
22:54:05.0809 0x0d78 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:54:05.0824 0x0d78 MpsSvc - ok
22:54:05.0856 0x0d78 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:54:05.0856 0x0d78 Mraid35x - ok
22:54:05.0902 0x0d78 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:54:05.0902 0x0d78 MRxDAV - ok
22:54:05.0934 0x0d78 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:54:05.0949 0x0d78 mrxsmb - ok
22:54:05.0965 0x0d78 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:54:05.0965 0x0d78 mrxsmb10 - ok
22:54:05.0980 0x0d78 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:54:05.0980 0x0d78 mrxsmb20 - ok
22:54:06.0043 0x0d78 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
22:54:06.0043 0x0d78 msahci - ok
22:54:06.0074 0x0d78 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:54:06.0074 0x0d78 msdsm - ok
22:54:06.0090 0x0d78 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
22:54:06.0105 0x0d78 MSDTC - ok
22:54:06.0105 0x0d78 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:54:06.0121 0x0d78 Msfs - ok
22:54:06.0168 0x0d78 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:54:06.0168 0x0d78 msisadrv - ok
22:54:06.0199 0x0d78 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:54:06.0199 0x0d78 MSiSCSI - ok
22:54:06.0214 0x0d78 msiserver - ok
22:54:06.0246 0x0d78 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:54:06.0246 0x0d78 MSKSSRV - ok
22:54:06.0261 0x0d78 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:54:06.0277 0x0d78 MSPCLOCK - ok
22:54:06.0277 0x0d78 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:54:06.0277 0x0d78 MSPQM - ok
22:54:06.0308 0x0d78 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:54:06.0324 0x0d78 MsRPC - ok
22:54:06.0339 0x0d78 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:54:06.0339 0x0d78 mssmbios - ok
22:54:06.0355 0x0d78 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:54:06.0355 0x0d78 MSTEE - ok
22:54:06.0386 0x0d78 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
22:54:06.0386 0x0d78 Mup - ok
22:54:06.0417 0x0d78 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
22:54:06.0433 0x0d78 napagent - ok
22:54:06.0480 0x0d78 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:54:06.0480 0x0d78 NativeWifiP - ok
22:54:06.0558 0x0d78 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:54:06.0573 0x0d78 NDIS - ok
22:54:06.0589 0x0d78 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:54:06.0604 0x0d78 NdisTapi - ok
22:54:06.0604 0x0d78 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:54:06.0604 0x0d78 Ndisuio - ok
22:54:06.0651 0x0d78 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:54:06.0667 0x0d78 NdisWan - ok
22:54:06.0667 0x0d78 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:54:06.0667 0x0d78 NDProxy - ok
22:54:06.0682 0x0d78 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:54:06.0682 0x0d78 NetBIOS - ok
22:54:06.0698 0x0d78 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:54:06.0698 0x0d78 netbt - ok
22:54:06.0714 0x0d78 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
22:54:06.0714 0x0d78 Netlogon - ok
22:54:06.0760 0x0d78 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
22:54:06.0760 0x0d78 Netman - ok
22:54:06.0792 0x0d78 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
22:54:06.0792 0x0d78 netprofm - ok
22:54:06.0823 0x0d78 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:06.0823 0x0d78 NetTcpPortSharing - ok
22:54:07.0010 0x0d78 [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
22:54:07.0166 0x0d78 NETw5v32 - ok
22:54:07.0213 0x0d78 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:54:07.0213 0x0d78 nfrd960 - ok
22:54:07.0260 0x0d78 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
22:54:07.0260 0x0d78 NlaSvc - ok
22:54:07.0291 0x0d78 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:54:07.0291 0x0d78 Npfs - ok
22:54:07.0306 0x0d78 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
22:54:07.0306 0x0d78 nsi - ok
22:54:07.0322 0x0d78 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:54:07.0322 0x0d78 nsiproxy - ok
22:54:07.0384 0x0d78 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:54:07.0416 0x0d78 Ntfs - ok
22:54:07.0416 0x0d78 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:54:07.0431 0x0d78 ntrigdigi - ok
22:54:07.0447 0x0d78 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
22:54:07.0447 0x0d78 Null - ok
22:54:07.0494 0x0d78 [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
22:54:07.0494 0x0d78 NVENETFD - ok
22:54:07.0540 0x0d78 [ F972DC046C374A9E02F2DFBE74EBB203, BE41A52C84FE32C1E497FA5CAA2F0F2E5A99FAC22A68E12770FB7DFB8DCB0FFF ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:54:07.0540 0x0d78 NVHDA - ok
22:54:07.0852 0x0d78 [ 6C1C07916A4FED3E26BF399F07370986, 25D163334AE5E2843F06EFA020DFD0A7FB9B89C2D67B5E253825892344089305 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:54:08.0008 0x0d78 nvlddmkm - ok
22:54:08.0086 0x0d78 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:54:08.0086 0x0d78 nvraid - ok
22:54:08.0102 0x0d78 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:54:08.0102 0x0d78 nvstor - ok
22:54:08.0149 0x0d78 [ 029DF21EB9FC3FF0D628278774C99DC0, 13402073176D317CA8CB6A7A2599985BF97093A369DB632E1B8AAEAB9EE02A45 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:54:08.0149 0x0d78 nvsvc - ok
22:54:08.0180 0x0d78 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:54:08.0180 0x0d78 nv_agp - ok
22:54:08.0180 0x0d78 NwlnkFlt - ok
22:54:08.0180 0x0d78 NwlnkFwd - ok
22:54:08.0242 0x0d78 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:54:08.0242 0x0d78 ohci1394 - ok
22:54:08.0305 0x0d78 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:08.0305 0x0d78 ose - ok
22:54:08.0523 0x0d78 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:54:08.0695 0x0d78 osppsvc - ok
22:54:08.0882 0x0d78 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:54:08.0898 0x0d78 p2pimsvc - ok
22:54:08.0976 0x0d78 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
22:54:09.0054 0x0d78 p2psvc - ok
22:54:09.0100 0x0d78 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
22:54:09.0100 0x0d78 Parport - ok
22:54:09.0116 0x0d78 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:54:09.0116 0x0d78 partmgr - ok
22:54:09.0132 0x0d78 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:54:09.0132 0x0d78 Parvdm - ok
22:54:09.0163 0x0d78 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
22:54:09.0163 0x0d78 PcaSvc - ok
22:54:09.0194 0x0d78 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
22:54:09.0194 0x0d78 pci - ok
22:54:09.0210 0x0d78 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
22:54:09.0210 0x0d78 pciide - ok
22:54:09.0241 0x0d78 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:54:09.0241 0x0d78 pcmcia - ok
22:54:09.0303 0x0d78 [ 1AC0F275C583C3323FC36865914774B3, 9F530D6DB9827B32AB41CBFCF06371635995BD0F4D051AFB2C210DC0725AE98A ] Peachtree SmartPosting 2011 C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe
22:54:09.0303 0x0d78 Peachtree SmartPosting 2011 - ok
22:54:09.0381 0x0d78 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:54:09.0397 0x0d78 PEAUTH - ok
22:54:09.0490 0x0d78 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
22:54:09.0522 0x0d78 pla - ok
22:54:09.0553 0x0d78 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:54:09.0568 0x0d78 PlugPlay - ok
22:54:09.0615 0x0d78 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:54:09.0631 0x0d78 PNRPAutoReg - ok
22:54:09.0646 0x0d78 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:54:09.0662 0x0d78 PNRPsvc - ok
22:54:09.0693 0x0d78 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:54:09.0709 0x0d78 PolicyAgent - ok
22:54:09.0740 0x0d78 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:54:09.0740 0x0d78 PptpMiniport - ok
22:54:09.0771 0x0d78 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
22:54:09.0771 0x0d78 Processor - ok
22:54:09.0802 0x0d78 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
22:54:09.0818 0x0d78 ProfSvc - ok
22:54:09.0818 0x0d78 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
22:54:09.0818 0x0d78 ProtectedStorage - ok
22:54:09.0849 0x0d78 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:54:09.0865 0x0d78 PSched - ok
22:54:09.0974 0x0d78 [ 1BA47BDD47A62F6E6B56BE4ECF221BE3, D494E596EB1C92074241E83EF8F4781EA7C2FFE02DE4FDB882A8F87A3B4DECED ] psqlWGE C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
22:54:09.0974 0x0d78 psqlWGE - ok
22:54:10.0052 0x0d78 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:54:10.0083 0x0d78 ql2300 - ok
22:54:10.0099 0x0d78 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:54:10.0114 0x0d78 ql40xx - ok
22:54:10.0270 0x0d78 [ 6803B69C14696CC4907C5F77FBB04A14, BDC520092C30ECA84C60FE8EE17B12ABACBCB7A602B7251F77D01D2659276508 ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
22:54:10.0270 0x0d78 QPCapSvc - ok
22:54:10.0317 0x0d78 [ 95A0B86B9F1D27B613830864341A8252, E0BFB93710ABF87C5B51FFAE90D39AE21C7C9B1DDF675F025ED1704BC43E4DB8 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
22:54:10.0317 0x0d78 QPSched - ok
22:54:10.0348 0x0d78 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
22:54:10.0364 0x0d78 QWAVE - ok
22:54:10.0426 0x0d78 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:54:10.0426 0x0d78 QWAVEdrv - ok
22:54:10.0442 0x0d78 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:54:10.0442 0x0d78 RasAcd - ok
22:54:10.0458 0x0d78 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
22:54:10.0458 0x0d78 RasAuto - ok
22:54:10.0473 0x0d78 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:10.0473 0x0d78 Rasl2tp - ok
22:54:10.0520 0x0d78 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
22:54:10.0520 0x0d78 RasMan - ok
22:54:10.0551 0x0d78 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:10.0551 0x0d78 RasPppoe - ok
22:54:10.0582 0x0d78 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:54:10.0582 0x0d78 RasSstp - ok
22:54:10.0614 0x0d78 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:54:10.0629 0x0d78 rdbss - ok
22:54:10.0660 0x0d78 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:10.0660 0x0d78 RDPCDD - ok
22:54:10.0692 0x0d78 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:54:10.0692 0x0d78 rdpdr - ok
22:54:10.0707 0x0d78 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:54:10.0707 0x0d78 RDPENCDD - ok
22:54:10.0738 0x0d78 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:54:10.0738 0x0d78 RDPWD - ok
22:54:10.0801 0x0d78 [ B9570481A1BABCC4A9E941C553596077, B9A89B8C683F634504F7563EDAFB09F0AC8165F34F03177C96D4109CE1BE5D74 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
22:54:10.0816 0x0d78 Recovery Service for Windows - ok
22:54:10.0848 0x0d78 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
22:54:10.0863 0x0d78 RemoteAccess - ok
22:54:10.0894 0x0d78 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:54:10.0894 0x0d78 RemoteRegistry - ok
22:54:10.0926 0x0d78 [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:54:10.0926 0x0d78 RFCOMM - ok
22:54:11.0004 0x0d78 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
22:54:11.0004 0x0d78 RichVideo - ok
22:54:11.0035 0x0d78 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
22:54:11.0035 0x0d78 RpcLocator - ok
22:54:11.0066 0x0d78 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
22:54:11.0082 0x0d78 RpcSs - ok
22:54:11.0097 0x0d78 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:54:11.0097 0x0d78 rspndr - ok
22:54:11.0144 0x0d78 [ 7157E70A90CCE49DEB8885D23A073A39, B0EB23C0EDBA8BE4851F14483EC6E5C0CC66DAC2A14A815AACB6A7D9158C3168 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:54:11.0160 0x0d78 RTL8169 - ok
22:54:11.0191 0x0d78 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
22:54:11.0191 0x0d78 SamSs - ok
22:54:11.0206 0x0d78 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:54:11.0206 0x0d78 sbp2port - ok
22:54:11.0222 0x0d78 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:54:11.0238 0x0d78 SCardSvr - ok
22:54:11.0284 0x0d78 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
22:54:11.0300 0x0d78 Schedule - ok
22:54:11.0316 0x0d78 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
22:54:11.0316 0x0d78 SCPolicySvc - ok
22:54:11.0362 0x0d78 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:54:11.0362 0x0d78 sdbus - ok
22:54:11.0409 0x0d78 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:54:11.0409 0x0d78 SDRSVC - ok
22:54:11.0425 0x0d78 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:54:11.0425 0x0d78 secdrv - ok
22:54:11.0440 0x0d78 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
22:54:11.0440 0x0d78 seclogon - ok
22:54:11.0456 0x0d78 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
22:54:11.0456 0x0d78 SENS - ok
22:54:11.0472 0x0d78 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:54:11.0472 0x0d78 Serenum - ok
22:54:11.0503 0x0d78 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
22:54:11.0503 0x0d78 Serial - ok
22:54:11.0518 0x0d78 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:54:11.0518 0x0d78 sermouse - ok
22:54:11.0550 0x0d78 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
22:54:11.0550 0x0d78 SessionEnv - ok
22:54:11.0581 0x0d78 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:54:11.0581 0x0d78 sffdisk - ok
22:54:11.0612 0x0d78 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:54:11.0612 0x0d78 sffp_mmc - ok
22:54:11.0628 0x0d78 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:54:11.0628 0x0d78 sffp_sd - ok
22:54:11.0643 0x0d78 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:54:11.0643 0x0d78 sfloppy - ok
22:54:11.0674 0x0d78 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:54:11.0690 0x0d78 SharedAccess - ok
22:54:11.0752 0x0d78 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:54:11.0768 0x0d78 ShellHWDetection - ok
22:54:11.0799 0x0d78 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:54:11.0799 0x0d78 sisagp - ok
22:54:11.0830 0x0d78 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:54:11.0830 0x0d78 SiSRaid2 - ok
22:54:11.0846 0x0d78 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:54:11.0846 0x0d78 SiSRaid4 - ok
22:54:11.0893 0x0d78 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:54:11.0893 0x0d78 SkypeUpdate - ok
22:54:12.0049 0x0d78 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
22:54:12.0127 0x0d78 slsvc - ok
22:54:12.0174 0x0d78 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:54:12.0189 0x0d78 SLUINotify - ok
22:54:12.0205 0x0d78 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:54:12.0220 0x0d78 Smb - ok
22:54:12.0236 0x0d78 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:54:12.0252 0x0d78 SNMPTRAP - ok
22:54:12.0283 0x0d78 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
22:54:12.0283 0x0d78 spldr - ok
22:54:12.0314 0x0d78 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
22:54:12.0314 0x0d78 Spooler - ok
22:54:12.0408 0x0d78 [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd C:\Windows\System32\Drivers\sptd.sys
22:54:12.0408 0x0d78 sptd - ok
22:54:12.0454 0x0d78 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
22:54:12.0470 0x0d78 srv - ok
22:54:12.0501 0x0d78 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:54:12.0501 0x0d78 srv2 - ok
22:54:12.0517 0x0d78 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:54:12.0517 0x0d78 srvnet - ok
22:54:12.0548 0x0d78 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:54:12.0564 0x0d78 SSDPSRV - ok
22:54:12.0564 0x0d78 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:54:12.0579 0x0d78 SstpSvc - ok
22:54:12.0688 0x0d78 [ E6F7D35741A6239CE7B54D7665EAB523, 5D0CDB5978E40DABBE11E9A9D116C5B32B5032B5DEA65B585B9F3B9884D8FD92 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
22:54:12.0688 0x0d78 STacSV - ok
22:54:12.0766 0x0d78 [ A87A39F9B42D82F5D60D36BB1D3CC9D3, F609CC721B898B5053FE34B24C94970453BD57441F9A2C93D4F77CB297D56169 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
22:54:12.0782 0x0d78 Steam Client Service - ok
22:54:12.0829 0x0d78 [ 5E71B3635D5F96D23EEE1DA92B85C850, E8BB343B4391CFD532E9401A4B4AD0DE81CBC1B7F9A6D012CAC98E8C172F11A5 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
22:54:12.0844 0x0d78 STHDA - ok
22:54:12.0907 0x0d78 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
22:54:12.0907 0x0d78 stisvc - ok
22:54:12.0938 0x0d78 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:54:12.0938 0x0d78 swenum - ok
22:54:12.0985 0x0d78 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
22:54:13.0000 0x0d78 swprv - ok
22:54:13.0016 0x0d78 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:54:13.0016 0x0d78 Symc8xx - ok
22:54:13.0032 0x0d78 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:54:13.0032 0x0d78 Sym_hi - ok
22:54:13.0032 0x0d78 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:54:13.0032 0x0d78 Sym_u3 - ok
22:54:13.0078 0x0d78 [ BF7AA84D5AF0FAA0978C840E63B17DBF, ED07F47BCD96B524F3E4EE01DB46D26FDB790167B7BA7C7097D75E10FE1144A4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
22:54:13.0078 0x0d78 SynTP - ok
22:54:13.0125 0x0d78 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
22:54:13.0141 0x0d78 SysMain - ok
22:54:13.0172 0x0d78 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:54:13.0172 0x0d78 TabletInputService - ok
22:54:13.0219 0x0d78 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:54:13.0219 0x0d78 TapiSrv - ok
22:54:13.0234 0x0d78 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
22:54:13.0234 0x0d78 TBS - ok
22:54:13.0312 0x0d78 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:54:13.0328 0x0d78 Tcpip - ok
22:54:13.0375 0x0d78 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:54:13.0390 0x0d78 Tcpip6 - ok
22:54:13.0406 0x0d78 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:54:13.0422 0x0d78 tcpipreg - ok
22:54:13.0453 0x0d78 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:54:13.0453 0x0d78 TDPIPE - ok
22:54:13.0468 0x0d78 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:54:13.0468 0x0d78 TDTCP - ok
22:54:13.0515 0x0d78 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:54:13.0515 0x0d78 tdx - ok
22:54:13.0531 0x0d78 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:54:13.0531 0x0d78 TermDD - ok
22:54:13.0562 0x0d78 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
22:54:13.0578 0x0d78 TermService - ok
22:54:13.0593 0x0d78 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
22:54:13.0609 0x0d78 Themes - ok
22:54:13.0624 0x0d78 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
22:54:13.0624 0x0d78 THREADORDER - ok
22:54:13.0656 0x0d78 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
22:54:13.0656 0x0d78 TrkWks - ok
22:54:13.0702 0x0d78 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:54:13.0702 0x0d78 TrustedInstaller - ok
22:54:13.0734 0x0d78 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:13.0734 0x0d78 tssecsrv - ok
22:54:13.0780 0x0d78 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:54:13.0780 0x0d78 tunmp - ok
22:54:13.0812 0x0d78 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:54:13.0812 0x0d78 tunnel - ok
22:54:13.0827 0x0d78 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:54:13.0827 0x0d78 uagp35 - ok
22:54:13.0874 0x0d78 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:54:13.0874 0x0d78 udfs - ok
22:54:13.0905 0x0d78 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:54:13.0905 0x0d78 UI0Detect - ok
22:54:13.0936 0x0d78 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:54:13.0936 0x0d78 uliagpkx - ok
22:54:13.0952 0x0d78 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:54:13.0968 0x0d78 uliahci - ok
22:54:13.0968 0x0d78 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:54:13.0968 0x0d78 UlSata - ok
22:54:13.0983 0x0d78 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:54:13.0983 0x0d78 ulsata2 - ok
22:54:13.0999 0x0d78 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:54:13.0999 0x0d78 umbus - ok
22:54:14.0030 0x0d78 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
22:54:14.0030 0x0d78 upnphost - ok
22:54:14.0077 0x0d78 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
22:54:14.0077 0x0d78 USBAAPL - ok
22:54:14.0108 0x0d78 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:14.0108 0x0d78 usbccgp - ok
22:54:14.0139 0x0d78 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:54:14.0155 0x0d78 usbcir - ok
22:54:14.0202 0x0d78 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:54:14.0202 0x0d78 usbehci - ok
22:54:14.0217 0x0d78 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:54:14.0233 0x0d78 usbhub - ok
22:54:14.0248 0x0d78 [ 7BDB7B0E7D45AC0402D78B90789EF47C, 321C70DFB8F21AFF236C815F2BCC5F778177A83C7238177DA73B82A906CC116E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:54:14.0248 0x0d78 usbohci - ok
22:54:14.0280 0x0d78 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:54:14.0280 0x0d78 usbprint - ok
22:54:14.0326 0x0d78 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
22:54:14.0326 0x0d78 usbscan - ok
22:54:14.0358 0x0d78 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:14.0358 0x0d78 USBSTOR - ok
22:54:14.0389 0x0d78 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:54:14.0389 0x0d78 usbuhci - ok
22:54:14.0420 0x0d78 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:54:14.0420 0x0d78 usbvideo - ok
22:54:14.0451 0x0d78 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
22:54:14.0451 0x0d78 UxSms - ok
22:54:14.0498 0x0d78 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
22:54:14.0514 0x0d78 vds - ok
22:54:14.0560 0x0d78 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:14.0560 0x0d78 vga - ok
22:54:14.0576 0x0d78 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:54:14.0576 0x0d78 VgaSave - ok
22:54:14.0592 0x0d78 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:54:14.0592 0x0d78 viaagp - ok
22:54:14.0623 0x0d78 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:54:14.0623 0x0d78 ViaC7 - ok
22:54:14.0638 0x0d78 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
22:54:14.0638 0x0d78 viaide - ok
22:54:14.0654 0x0d78 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:54:14.0654 0x0d78 volmgr - ok
22:54:14.0685 0x0d78 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:54:14.0701 0x0d78 volmgrx - ok
22:54:14.0732 0x0d78 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:54:14.0732 0x0d78 volsnap - ok
22:54:14.0826 0x0d78 [ 19AFBA7191A78EDCA6D235456D65E002, CBB56944B293CEC430560E00BF7D8D18E69555602C5FD1E6B1A7913D8EDC9F14 ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
22:54:14.0841 0x0d78 vpnagent - ok
22:54:14.0888 0x0d78 [ EA39F36302DACBCDCDB113313718E768, BE26A4DA68D5A15047941215CFC6D687FEE3F56573DDABE21AD7176C1C79CC5F ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
22:54:14.0888 0x0d78 vpnva - ok
22:54:14.0919 0x0d78 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:54:14.0919 0x0d78 vsmraid - ok
22:54:14.0966 0x0d78 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
22:54:14.0997 0x0d78 VSS - ok
22:54:15.0169 0x0d78 [ FC449AC1571F39B961CF401FA6C55F47, 6395B47B128C6888DF6D252843ADA13652AF3F0C3C0F3DA34A8FDD64CA6F705E ] vToolbarUpdater17.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
22:54:15.0216 0x0d78 vToolbarUpdater17.2.0 - ok
22:54:15.0247 0x0d78 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
22:54:15.0262 0x0d78 W32Time - ok
22:54:15.0294 0x0d78 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:54:15.0294 0x0d78 WacomPen - ok
22:54:15.0309 0x0d78 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:54:15.0309 0x0d78 Wanarp - ok
22:54:15.0309 0x0d78 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:54:15.0309 0x0d78 Wanarpv6 - ok
22:54:15.0340 0x0d78 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:54:15.0356 0x0d78 wcncsvc - ok
22:54:15.0387 0x0d78 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:54:15.0387 0x0d78 WcsPlugInService - ok
22:54:15.0403 0x0d78 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
22:54:15.0403 0x0d78 Wd - ok
22:54:15.0465 0x0d78 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
22:54:15.0465 0x0d78 WDC_SAM - ok
22:54:15.0512 0x0d78 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:54:15.0528 0x0d78 Wdf01000 - ok
22:54:15.0543 0x0d78 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:54:15.0559 0x0d78 WdiServiceHost - ok
22:54:15.0559 0x0d78 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:54:15.0559 0x0d78 WdiSystemHost - ok
22:54:15.0606 0x0d78 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
22:54:15.0606 0x0d78 WebClient - ok
22:54:15.0637 0x0d78 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:54:15.0637 0x0d78 Wecsvc - ok
22:54:15.0668 0x0d78 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:54:15.0668 0x0d78 wercplsupport - ok
22:54:15.0699 0x0d78 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
22:54:15.0699 0x0d78 WerSvc - ok
22:54:15.0762 0x0d78 [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:54:15.0777 0x0d78 winachsf - ok
22:54:15.0840 0x0d78 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:54:15.0840 0x0d78 WinDefend - ok
22:54:15.0840 0x0d78 WinHttpAutoProxySvc - ok
22:54:15.0886 0x0d78 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:54:15.0886 0x0d78 Winmgmt - ok
22:54:15.0964 0x0d78 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
22:54:15.0996 0x0d78 WinRM - ok
22:54:16.0042 0x0d78 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:54:16.0058 0x0d78 Wlansvc - ok
22:54:16.0089 0x0d78 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:54:16.0089 0x0d78 WmiAcpi - ok
22:54:16.0136 0x0d78 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:54:16.0136 0x0d78 wmiApSrv - ok
22:54:16.0214 0x0d78 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:54:16.0230 0x0d78 WMPNetworkSvc - ok
22:54:16.0261 0x0d78 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:54:16.0276 0x0d78 WPCSvc - ok
22:54:16.0292 0x0d78 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:54:16.0292 0x0d78 WPDBusEnum - ok
22:54:16.0354 0x0d78 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
22:54:16.0354 0x0d78 WpdUsb - ok
22:54:16.0526 0x0d78 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:54:16.0542 0x0d78 WPFFontCache_v0400 - ok
22:54:16.0573 0x0d78 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:54:16.0573 0x0d78 ws2ifsl - ok
22:54:16.0620 0x0d78 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
22:54:16.0620 0x0d78 wscsvc - ok
22:54:16.0620 0x0d78 WSearch - ok
22:54:16.0744 0x0d78 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
22:54:16.0791 0x0d78 wuauserv - ok
22:54:16.0854 0x0d78 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:54:16.0854 0x0d78 WudfPf - ok
22:54:16.0900 0x0d78 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:16.0900 0x0d78 WUDFRd - ok
22:54:16.0932 0x0d78 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:54:16.0932 0x0d78 wudfsvc - ok
22:54:16.0963 0x0d78 ================ Scan global ===============================
22:54:16.0994 0x0d78 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
22:54:17.0041 0x0d78 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:54:17.0072 0x0d78 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:54:17.0119 0x0d78 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
22:54:17.0134 0x0d78 [ Global ] - ok
22:54:17.0134 0x0d78 ================ Scan MBR ==================================
22:54:17.0150 0x0d78 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
22:54:17.0446 0x0d78 \Device\Harddisk0\DR0 - ok
22:54:17.0446 0x0d78 ================ Scan VBR ==================================
22:54:17.0446 0x0d78 [ E817187661C417D15DDA41F429C642EC ] \Device\Harddisk0\DR0\Partition1
22:54:17.0446 0x0d78 \Device\Harddisk0\DR0\Partition1 - ok
22:54:17.0446 0x0d78 [ 79A1664FF2D5CEAF015F32FB142A4814 ] \Device\Harddisk0\DR0\Partition2
22:54:17.0446 0x0d78 \Device\Harddisk0\DR0\Partition2 - ok
22:54:17.0446 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:18.0460 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:19.0474 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:20.0488 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:21.0502 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:22.0516 0x0d78 Waiting for KSN requests completion. In queue: 287
22:54:23.0530 0x0d78 AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( ), 0x41000 ( enabled : updated )
22:54:23.0546 0x0d78 Win FW state via NFP2: enabled
22:54:28.0351 0x0d78 ============================================================
22:54:28.0351 0x0d78 Scan finished
22:54:28.0351 0x0d78 ============================================================
22:54:28.0351 0x19c0 Detected object count: 0
22:54:28.0351 0x19c0 Actual detected object count: 0
22:54:32.0313 0x1a4c Deinitialize success


And now we wait and hope all is well!!!
  • 0

#38
DonnaB
Posted 19 December 2013 - 06:02 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts

And now we wait and hope all is well!!!


Yep! The log is clean as a whistle! :whistling:

Go ahead and uninstall the tools we used, such as Autoruns, TDSSKiller, ListDiskResult, etc. You may also find some files on your C:\ drive as well that can be deleted. If your not sure what to look for, let me know.

If you have any icons, files/folders, pictures, etc. on your desktop, get rid of them. They can slow down the desktop from loading as well.

Keep me informed.

Donna :)
  • 0

#39
CZ2761
Posted 20 December 2013 - 12:10 AM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Awesome! Thank you so much for all of your help!
  • 0

#40
DonnaB
Posted 21 December 2013 - 10:10 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
You're most welcome! :happy:
  • 0

Advertisements

#41
CZ2761
Posted 01 January 2014 - 10:23 AM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Hello again,

My laptop was running great until yesterday. It randomly restarted itself and failed to load windows. I finally got it working after restarting it with the power button several times (Not good, I know). I went to download SpyBot SD but it was an infected download and I got a different program with third-party programs as well. I removed all of these successfully ( I think..). The laptop has been running incredibly slow since then, but I think I found the source of the problem. I started Windows Task Manager and found 4 instances of explore.exe, at three of which were taking up a large amount of memory (up to 500k plus, and climbing). There were also 2 or 3 instances of explore.exe running, even when I wasn't using Internet Explorer. I was able to end these processes and the laptop would speed up, but the processes would restart. They also would load on startup.I have run SpyBot SD twice and Malware Bytes twice but the problem persists. I'm currently running on safe mode and everything is fine.

I've tried to do some research on this but don't really know how to fix it, can you help? :(
  • 0

#42
DonnaB
Posted 01 January 2014 - 12:44 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi CZ2761,

Glad I didn't close your thread. :thumbsup:

I'm sorry to hear that your laptop took a turn for the worse! Not a good way to start off the New Year. :(

Let's see if you can get some logs for me to review:

Please download OTL to your Desktop
  • Double click on the Posted Image to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Donna :)
  • 0

#43
CZ2761
Posted 01 January 2014 - 02:09 PM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Thanks again for such a quick reply! You're such a big help! :D

Here are the logs:
OTL.txt
OTL logfile created on: 1/1/2014 2:34:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 35.12% Memory free
6.22 Gb Paging File | 3.93 Gb Available in Paging File | 63.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 105.10 Gb Free Space | 47.24% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.58% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/01 14:33:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Downloads\OTL.exe
PRC - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2013/12/12 01:07:04 | 002,471,448 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/12/12 01:07:03 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
PRC - [2013/12/12 01:07:03 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
PRC - [2013/11/20 01:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/11/20 01:54:00 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/10/23 01:06:16 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/10/23 01:05:52 | 000,799,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/07/10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/04/15 13:17:24 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2006/11/02 04:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/21 16:13:33 | 000,020,480 | ---- | M] () -- C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll
MOD - [2013/12/12 01:07:04 | 002,471,448 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/12/12 01:07:04 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\log4cplusU.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/08 19:47:56 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2013/12/12 10:36:12 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/12 01:07:03 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe -- (vToolbarUpdater17.2.0)
SRV - [2013/12/11 14:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/11 11:14:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/20 01:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/03/09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/12/13 04:44:32 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/18 13:47:00 | 002,370,448 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe -- (psqlWGE)
SRV - [2011/10/25 11:51:56 | 000,043,848 | R--- | M] (Sage Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe -- (Peachtree SmartPosting 2011)
SRV - [2008/04/15 13:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV)
SRV - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avm5ahpm)
DRV - File not found [Kernel | Unavailable | Unknown] -- C:\Windows\TEMP\3738.tmp -- (4875c600)
DRV - [2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/11/25 01:48:36 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/11/23 01:30:40 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/10/23 01:05:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/10/23 01:05:10 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/07/20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/07/01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/05/19 21:52:37 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/12/13 04:28:44 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/12/13 04:26:38 | 000,058,320 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsmux.sys -- (acsmux)
DRV - [2012/12/13 04:26:38 | 000,039,888 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsint.sys -- (acsint)
DRV - [2009/02/08 21:06:20 | 004,172,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 14:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/09/04 01:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/05/13 21:09:00 | 007,443,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/13 21:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 13:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/04/15 05:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/11 12:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/03/27 15:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/03/27 15:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2007/07/11 12:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {6BC8CAFD-2BDC-43D2-831D-1B1A29E291FC}
IE - HKLM\..\SearchScopes\{053CB6B2-90F2-4A3F-A7DA-69E49DDE3597}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8D6A46D9-5333-4F75-BDDB-D177867B0C4E}: "URL" = http://search.yahoo....ing}&fr=hp-pvnb


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes,DefaultScope = {6BC8CAFD-2BDC-43D2-831D-1B1A29E291FC}
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{053CB6B2-90F2-4A3F-A7DA-69E49DDE3597}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{6BC8CAFD-2BDC-43D2-831D-1B1A29E291FC}: "URL" = http://search.condui...6831750124&UM=2
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{8D6A46D9-5333-4F75-BDDB-D177867B0C4E}: "URL" = http://search.yahoo....ing}&fr=hp-pvnb
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2013-12-12 01:08:01&v=17.2.0.38&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B6138D990-05A3-228B-79A7-867F1E107476%7D:2.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/06/10 08:37:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/11/08 18:54:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2014/01/01 06:41:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\extensions
[2013/12/21 16:13:09 | 000,000,000 | ---D | M] (CyberLink DVD Video Property) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\extensions\{6138D990-05A3-228B-79A7-867F1E107476}
[2014/01/01 06:41:26 | 000,000,000 | ---D | M] (Connect DLC 5) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
[2013/12/31 21:53:55 | 000,000,855 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\searchplugins\conduit-search.xml
[2013/09/06 21:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/27 17:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/12 10:36:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/23 01:44:18 | 000,003,741 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - homepage: {shortcuts_have_been_created:true},autofill:{negative_upload_rate:1.0,positive_upload_rate:1.0},bookmark_bar:{show_on_all_tabs:true},browser:{clear_data:{cache:true,cookies:false,download_history:true,form_data:true,time_period:4},clear_lso_data_enabled:true,last_clear_browsing_data_time:13024803529366000,last_known_google_url:https://www.google.com/,last_prompted_google_url:https://www.google.com/,pepper_flash_settings_enabled:true,show_home_button:true,window_placement:{bottom:834,left:102,maximized:true,right:1152,top:0,work_area_bottom:870,work_area_left:0,work_area_right:1600,work_area_top:0},window_placement_DevToolsApp:{always_on_top:false,bottom:740,left:100,maximized:false,right:740,top:100,work_area_bottom:870,work_area_left:0,work_area_right:1600,work_area_top:0}},cloud_print:{email:},countryid_at_install:21843,default_apps_install_state:2,default_search_provider:{enabled:true,encodings:UTF-8,icon_url:http://search.conduit.com/fav.ico,id:999,image_url:,image_url_post_params:,instant_url:,instant_url_post_params:,keyword:search.conduit.com,name:Conduit,new_tab_url:,prepopulate_id:0,search_terms_replacement_key:,search_url:http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN62869638725218122&ctid=CT3315828&UM=2,search_url_post_params:,suggest_url:http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN62869638725218122&UM=2,suggest_url_post_params:,synced_guid:5F1D004B-42E1-4603-8B71-F660918EC303},devtools:{dock_side:undocked,split_location:263},distribution:{make_chrome_default_for_user:true},dns_prefetching:{host_referral_list:[2,[http://a.rfihub.com/,[http://a.rfihub.com/...4686339270529]],[http://aax-us-east.a...n-adsystem.com/,[http://d2o307dm5mqft...7189435841379]],[http://ad-ace.doubleclick.net/,[http://core.insighte...8929839185492]],[http://ad.directrev.com/,[http://cdn.aunggo.co...4686339270529]],[http://ad.doubleclick.net/,[http://ad.doubleclic...om/,2.2733802]],[http://ad.turn.com/,[http://cdn.turn.com/...8796127231361]],[http://ads.pointroll.com/,[http://ad.doubleclic...7410434447549]],[http://ads.pubmatic.com/,[http://image2.pubmat...7206134106725]],[http://app.mam.conduit.com/,[http://api.conduit.c...3407999999994]],[http://b3.mookie1.com/,[http://b3.mookie1.co...7969212088274]],[http://bid.g.doubleclick.net/,[http://pagead2.googl...9933898379492]],[http://cdn.advanseads.com/,[http://ajax.googleap...7589482583341]],[http://cdn.turn.com/,[http://image2.pubmat...4686339270529]],[http://cm.g.doubleclick.net/,[http://ad.turn.com/,...2255147027791]],[http://cmap.uac.ace.advertising.com/,[http://ad.yieldmanag...4686339270529]],[http://creative.directrev.com/,[http://ad.doubleclic...4686339270529]],[http://cti.w55c.net/,[http://ad.crwdcntrl....7911485773024]],[http://d.startpagea.com/,[http://cdn.startpage...om/,2.2733802]],[http://d37x6ru616myg2.cloudfront.net/,[http://d37x6ru616myg...4686339270529]],[http://dm.de.mookie1.com/,[http://b3.mookie1.co...4795706276115]],[http://en.wikipedia.org/,[http://bits.wikimedi...1295677314836]],[http://eu-u.openx.net/,[http://cm.g.doublecl...0339786133035]],[http://game.gamenutt.com/,[http://ad.amgdgt.com...4686339270529]],[http://go.n3xtlvl.net/,[http://go2.endlvl.co...4686339270529]],[http://go2.endlvl.com/,[http://ajax.googleap...7589482583341]],[http://googleads.g.doubleclick.net/,[http://ad.doubleclic...7229899201689]],[http://gslbeacon.lijit.com/,[http://ce.lijit.com/...4978010020507]],[http://h63jt.secmailin.com/,[http://qfdzz.toolbar.../,1.500430932]],[http://hub.video.msn.com/,[http://hub.video.msn.com/,2.2733802]],[http://i.media-imdb.com/,[http://platform.twit...7189435841379]],[http://ib.adnxs.com/,[http://ads.pubmatic....4686339270529]],[http://imagec18.247realmedia.com/,[http://ad.ptox.net/,...4686339270529]],[http://ip.casalemedia.com/,[http://acuityplatfor...4686339270529]],[http://leadback.advertising.com/,[http://b.scorecardre...4686339270529]],[http://lxudv.com/,[http://byvue.com/,2....7589482583341]],[http://m.xp1.ru4.com/,[http://adadvisor.net...8929839185492]],[http://nym1.ib.adnxs.com/,[http://game.gamenutt...7589482583341]],[http://ox-d.advanseads.com/,[http://cdn.advansead...4686339270529]],[http://platform.twitter.com/,[http://cdn.api.twitt...8181084832284]],[http://qfdzz.toolbar...nersurvery.com/,[http://ajax.googleap...om/,2.2733802]],[http://quickmensguide.com/,[http://ad.doubleclic...4686339270529]],[http://radsrv.tlvmedia.com/,[http://ib.adnxs.com/...7511995251528]],[http://rs.gwallet.com/,[http://ad-ace.double...8929839185492]],[http://s.amazon-adsystem.com/,[http://ads.yahoo.com...7189435841379]],[http://search.conduit.com/,[http://ad.doubleclic...6609999999994]],[http://seenive.com/,[http://ajax.googleap...3957692089646]],[http://social.technet.microsoft.com/,[http://c.microsoft.c...6609999999994]],[http://subeta.net/,[http://50.56.107.186...7765990453503]],[http://support.microsoft.com/,[http://ajax.aspnetcd...om/,2.2733802]],[http://tags.bluekai.com/,[http://i.i.cbsi.com/...7189435841379]],[http://tap2-cdn.rubiconproject.com/,[http://ads.undertone...4686339270529]],[http://tortekolaci.com/,[http://ca122382.luck...3222852435276]],[http://view.atdmt.com/,[http://c.betrad.com/...4686339270529]],[http://vox-static.liverail.com/,[http://ad4.liverail....3957692089646]],[http://www.aliexpress.com/,[http://i01.i.aliimg....7589482583341]],[http://www.bing.com/,[http://c.atdmt.com/,...7511319999998]],[http://www.facebook.com/,[http://profile.ak.fb...7714920605443]],[http://www.imdb.com/,[http://aax-us-east.a...0264187329873]],[http://www.metacritic.com/,[http://beacon-6.newr...7189435841379]],[http://www.onlinevideopctools.com/,[http://www.onlinevid...7911485773024]],[http://www.quickmensguide.com/,[http://a.collective-...2989125217765]],[http://www.rottentomatoes.com/,[http://images.rotten...7189435841379]],[http://www.systweak.com/,[http://cloudfront.sy...7589482583341]],[http://www.youtube.com/,[http://ad.doubleclic...8929839185492]],[https://accounts.google.com/,[https://oauth.google...9085872855103]],[https://apis.google.com/,[https://apis.google....1312796856889]],[https://facebook.conduitapps.com/,[https://api.conduit....1279919999994]],[https://plus.googleapis.com/,[https://lh3.googleus...0492625896153]],[https://www.facebook.com/,[https://fbstatic-a.a...4275025044777]],[https://www.google.com/,[https://apis.google....],startup_list:[1,http://ad.doubleclick.net/,http://adtag.ampxchange.com/,http://d.startpagea.com/,http://resources.search.conduit.com/,http://search-page.net/,http://search.conduit.com/,http://static.ampxchange.com/,http://storage.conduit.com/,https://ssl.google-analytics.com/,https://www.google.com/]},download:{directory_upgrade:true,extensions_to_open:},extensions:{alerts:{initialized:true},autoupdate:{last_check:13032136122876900,next_check:13033048562660516},blacklistupdate:{lastpingday:13024998001167000,version:0.0.0.149},chrome_url_overrides:{bookmarks:[chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html],newtab:[chrome-extension://jhbbmmgbnjalccamlaefhepnajfmgopb/Search/NewTabPages/html/new_tab.html]},last_chrome_version:31.0.1650.63,settings:{aelbknmfcacjffmgnoaaonhgoghlmlkp:{active_permissions:{api:[plugin,tabs],explicit_host:[http://*.hp.com/*,ht...rmissions:{api:[plugin,tabs],explicit_host:[http://*.hp.com/*,ht...{description:HP Product Detection Plugin,icons:{128:images/hplogo-128.png,16:images/hplogo-16.png,48:images/hplogo-48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCupLQ57V5MBamp8CzPeXIQfbtUCCylNH5641XhVIn87NIplzAxbLeanSMorFKhAGNKxjDPYJfeMCtY1Hc9sz+PINLfT2QKizswr5LDflRkMhqcHXe2zoOfb9fYXcMo/QkAvhl3KENgq2UCi0buRTIDo61lrj8ejx8+P192Zsb2SwIDAQAB,manifest_version:2,name:HP Product Detection Plugin,permissions:[tabs,http://*.hp.com/,https://*.hp.com/],plugins:[{path:plugins/npProductDetectPlugin.dll,public:true},{path:plugins/npAclmPlugin.dll,public:true},{path:plugins/npPitPlugin.dll,public:true},{path:plugins/npIdfPlugin.dll,public:true}],update_url:https://clients2.google.com/service/update2/crx,version:2.0.5.6},path:aelbknmfcacjffmgnoaaonhgoghlmlkp\\2.0.5.6_0,state:1,was_installed_by_default:false},ahfgeienlihckogmohjhadlkjgocpleb:{active_bit:true,active_permissions:{api:[management,webstorePrivate]},app_launcher_ordinal:n,creation_flags:1,from_bookmark:false,from_webstore:false,install_time:13013734784125000,location:5,manifest:{app:{launch:{web_url:https://chrome.google.com/webstore},urls:[https://chrome.googl...cription:Chrome Web Store,icons:{128:webstore_icon_128.png,16:webstore_icon_16.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB,name:Store,permissions:[webstorePrivate,management],version:0.2},page_ordinal:n,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\27.0.1453.93\\resources\\web_store,was_installed_by_default:false},apdfllckaahabafndbhieahigkjlhalf:{active_bit:false,active_permissions:{api:[background,clipboardRead,clipboardWrite,notifications,unlimitedStorage]},app_launcher_ordinal:x,creation_flags:9,from_bookmark:false,from_webstore:true,granted_permissions:{api:[background,clipboardRead,clipboardWrite,notifications,unlimitedStorage]},install_time:13008840791508000,last_active_pingday:13022924408508525,lastpingday:13032086400393900,location:1,manifest:{app:{launch:{web_url:https://drive.google.com/?usp=chrome_app},urls:[http://docs.google.c...cription:Google Drive: create, share and keep all your stuff in one place.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB,manifest_version:2,name:Google Drive,offline_enabled:true,options_page:https://drive.google.com/settings,permissions:[background,clipboardRead,clipboardWrite,notifications,unlimitedStorage],update_url:http://clients2.google.com/service/update2/crx,version:6.3},page_ordinal:n,path:apdfllckaahabafndbhieahigkjlhalf\\6.3_0,state:1,was_installed_by_default:false},eemcgdkfndhakfknompkggombfjjjeno:{active_permissions:{api:[bookmarks,bookmarkManagerPrivate,metricsPrivate,systemPrivate,tabs],explicit_host:[chrome://favicon/*,chrome://resources/*]},creation_flags:1,from_bookmark:false,from_webstore:false,install_time:13006224882543400,location:5,manifest:{chrome_url_overrides:{bookmarks:main.html},content_security_policy:object-src 'none'; script-src chrome://resources 'self',description:Bookmark Manager,incognito:split,key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB,manifest_version:2,name:Bookmark Manager,permissions:[bookmarks,bookmarkManagerPrivate,systemPrivate,tabs,chrome://favicon/,chrome://resources/],version:0.1},path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\25.0.1364.97\\resources\\bookmark_manager,was_installed_by_default:false},ennkphjdgehloodpbhlhldgbnhmacadg:{active_permissions:{api:[app.currentWindowInternal,app.runtime,app.window],explicit_host:[chrome://settings-frame/*]},app_launcher_ordinal:x,creation_flags:1,events:[app.runtime.onLaunched],from_bookmark:false,from_webstore:false,install_time:13013734784141000,location:5,manifest:{app:{background:{scripts:[settings_app.js]}},description:Settings,display_in_launcher:false,icons:{128:settings_app_icon_128.png,16:settings_app_icon_16.png,32:settings_app_icon_32.png,48:settings_app_icon_48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB,manifest_version:2,name:Settings,permissions:[chrome://settings-frame/],version:0.2},page_ordinal:n,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\27.0.1453.93\\resources\\settings_app,running:false,was_installed_by_default:false},gfdkimpbcpahaombhbimeihdjnejgicl:{active_permissions:{api:[app.currentWindowInternal,app.runtime,app.window,feedbackPrivate],explicit_host:[chrome://resources/*]},creation_flags:1,events:[feedbackPrivate.onFeedbackRequested],from_bookmark:false,from_webstore:false,initial_keybindings_set:true,install_time:13030253435331898,location:5,manifest:{app:{background:{scripts:[js/event_handler.js]},content_security_policy:default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'},description:User feedback extension,display_in_launcher:false,display_in_new_tab_page:false,icons:{32:images/icon32.png,64:images/icon64.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB,manifest_version:2,name:Feedback,permissions:[feedbackPrivate,chrome://resources/],version:1.0},path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.57\\resources\\feedback,running:false,was_installed_by_default:false},hipbfijinpcgfogaopmgehiegacbhmob:{active_bit:false,active_permissions:{api:[background],explicit_host:[http://*/*,https://*...criptable_host:[http://cloud.feedly....rmissions:{api:[background],explicit_host:[http://*/*,https://*...criptable_host:[http://*/*,http://fe...round:{scripts:[gc-background.js]},content_scripts:[{js:[js/10101_gc-enricher_126.js],matches:[http://feedly.com/*,...description:The best place to read the content of your favorite sites. RSS re-invented.,icons:{128:feedly-128.png,16:feedly-16.png,32:feedly-32.png,48:feedly-48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDK7BqyK7Igsh1cINQCCEmqyMFrxedvOqW6H9rOu4a7iQVaOg0d7AttyOxEnrbb0ywlE2u0kcXNZjnjMZewr7ddkWWNcwrDTYdz/TTETe4BicrA4HKFJeAt4JC1q7fV8VAN+1+kpvyexTOstujSImJUerJZCylesrxIuyDlx5f2mwIDAQAB,manifest_version:2,name:Feedly - News, Blogs and Youtube,options_page:gc-options.htm,permissions:[background,https://*.google.com/,https://*.twitter.com/,https://graph.facebook.com/,https://www.google.com/reader/*,https://www.google.com/accounts/ClientLogin,https://www.googleapis.com/oauth2/*,https://www.facebook.com/plugins/like.php*,http://*/*],update_url:https://clients2.google.com/service/update2/crx,version:18.2},omnibox_default_suggestion:{content:,description:Search my feedly,descriptionStylesRaw:[{offset:0,type:0}]},page_ordinal:n,path:hipbfijinpcgfogaopmgehiegacbhmob\\18.2_0,state:1,was_installed_by_default:false},janjdigbkdafilcchjkhighpbobahehg:{install_time:13032135455385900,location:4,newAllowFileAccess:true,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\janjdigbkdafilcchjkhighpbobahehg\\2.0.0,state:1},jhbbmmgbnjalccamlaefhepnajfmgopb:{ack_external:true,ack_prompt_count:0,active_permissions:{api:[bookmarks,contextMenus,cookies,history,idle,management,nativeMessaging,notifications,storage,tabs,unlimitedStorage,webNavigation,webRequest,webRequestBlocking,webRequestInternal],explicit_host:[chrome://favicon/*,http://*/*,https://*/*],scriptable_host:[http://*/*,https://*...ontent_scripts:[{all_frames:true,js:[js/bcview.js],matches:[http://*/*,https://*...rames:false,js:[js/conduitEnv.js,js/compatibility.start.js,js/match.js,js/verlyEarly.js],matches:[http://*/*,https://*...rames:false,js:[js/contentScript.js,js/compatibility.end.js],matches:[http://*/*,https://*...frames:true,js:[js/navigationHandler.js],matches:[http://*/*,https://*...rames:false,js:[mam/scripts/contentScripts/contentScript.js],matches:[http://*/*,https://*...licy:script-src 'self' 'unsafe-eval'; object-src 'self',current_locale:en_US,default_locale:en,description:InternetHelper3.7,icons:{128:634780790335935610.png,16:blank.png,48:634780790335935610.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0CnA8YEtadwA1ctDto71gU3I6pRnadQHV6QbxB3xglmoPjfRRj9UoJqHhXhpBeZ2Acgjk+vKidRwtBg2EEql01Sk+lLPpQ3pXKSvjU36KXghdK5q2sx5Mr55Jou5YOH6L233Fv823BXm9V8jjcwg9sx+fOQo6XOK2y1cluJj30QIDAQAB,manifest_version:2,name:InternetHelper3.7,permissions:[storage,tabs,http://*/*,https://*/*,notifications,management,unlimitedStorage,bookmarks,contextMenus,cookies,history,idle,webNavigation,chrome://favicon/*,webRequest,webRequestBlocking,nativeMessaging],update_url:http://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3315828&extensionData=\u003Cextension_data\u003E,version:10.24.3.3,web_accessible_resources:[js/iframeHost.html*,js/toolbarAPI/toolbarAPI.js*,shouldShowTB.txt,tb/al/wa/RADIO_PLAYER/embedded.html,tb/al/wa/RADIO_PLAYER/bgpage.html,tb/al/wa/RADIO_PLAYER/popup2.html,tb/al/wa/NOTIFICICATION/bgpage.html,tb/al/wa/NOTIFICATION/NotificationPopup.html*,tb/al/wa/NOTIFICATION/Settings.htm*,tb/al/wa/NOTIFICATION/Settings.html*,tb/al/wa/PRICE_GONG/bgpage.html*,tb/al/wa/PRICE_GONG/pg_offers.html*,tb/al/wa/PRICE_GONG/agreement/agree.html*,tb/al/wa/PRICE_GONG/debug/debug.html*,tb/al/wa/PRICE_GONG/menu_dlg/pg_dlg.html*,tb/al/wa/EMAIL_NOTIFIER/popup.html,tb/al/wa/EMAIL_NOTFIIER/bgPage.html,tb/al/wa/HIGHLIGHTER/embedded.html,tb/al/wa/WEATHER/popup.html,tb/al/wa/TWITTER/popup.html,tb/al/aboutBox/aboutBox.html,tb/al/al.view.html*,tb/al/state.html*,tb/al/wa/SEARCH/embedded.html,tb/al/wa/SEARCH/view/popup/popup.html,tb/al/wa/SEARCH/information.popup.html*,tb/al/wa/MULTI_RSS/bgpage.html*,tb/al/wa/MULTI_RSS/popup.html*,tb/al/ui/dlg/ftd/main.html*,tb/al/ui/gf/gf.html,tb/al/ui/gf/lgf.html*,tb/al/ui/menu/popup.html,tb/al/options/options.html,tb/lib/script2injectEmbedded.js,tb/lib/script2injectPopup.js,tb/al/wa/TESTER_EMBEDDED/embedded.html,tb/al/wa/TESTER_EMBEDDED/popup.html,tb/al/wa/TESTER_BCAPI/initEmbedded.html,tb/al/wa/TESTER_BCAPI/popup.html,tb/al/wa/TESTER_POPUP/embedded.html,tb/al/wa/TESTER_POPUP/popup.html,tb/al/msd/trusted.html*,tb/al/msd/untrusted.html*,webapps/*,mam/scripts/iframeHost.html*]},path:jhbbmmgbnjalccamlaefhepnajfmgopb\\10.24.3.3_0,state:1,was_installed_by_default:false},lneaknkopdijkpnocmklfnjbeapigfbh:{active_bit:false,app_launcher_ordinal:yn,creation_flags:9,from_bookmark:false,from_webstore:true,install_time:13015722496821800,last_active_pingday:13022060403411000,lastpingday:13032086400393900,location:1,manifest:{app:{launch:{container:tab,web_url:http://maps.google.com/},web_content:{enabled:true,origin:http://maps.google.com/}},current_locale:en_US,default_locale:en,description:Find local business information, directions, and street-level imagery around the world with Google Maps.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDImj66obcYjjgtmZ/nIbA608jzwGRrqDjiH7gNNpPduLahRnHzHHLcyz9uaYjP4FL9yB8qXD8W93aQiFPCKetiSB/1Im+SF50AxT+JgZ99QtMbjt+s89WQ4C82J0cUtnXXwFq1zZwpqyrHrNYwHFgRUEQ+Y7XlyaJ4B/+rhlyVCQIDAQAB,manifest_version:2,name:Google Maps,update_url:http://clients2.google.com/service/update2/crx,version:5.2.7},page_ordinal:n,path:lneaknkopdijkpnocmklfnjbeapigfbh\\5.2.7_0,state:1,was_installed_by_default:false},mfehgcgbbipciphmccgaenjidiccnmng:{active_permissions:{api:[cloudPrintPrivate]},creation_flags:1,from_bookmark:false,from_webstore:false,install_time:13006224882545400,location:5,manifest:{app:{launch:{web_url:https://www.google.com/cloudprint},urls:[https://www.google.c...scription:Cloud Print,display_in_launcher:false,key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB,name:Cloud Print,permissions:[cloudPrintPrivate],version:0.1},path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\25.0.1364.97\\resources\\cloud_print,was_installed_by_default:false},mgndgikekgjfcpckkfioiadnlibdjbkf:{app_launcher_ordinal:yg,creation_flags:1,from_bookmark:false,from_webstore:false,install_time:13009347438936600,location:5,manifest:{app:{launch:{web_url:http://THIS-WILL-BE-REPLACED}},description:Chrome as an app,display_in_launcher:true,display_in_new_tab_page:false,icons:{128:product_logo_128.png,16:product_logo_16.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB,name:Chrome,version:0.1},page_ordinal:n,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\26.0.1410.43\\resources\\chrome_app,was_installed_by_default:false},mogcbkkjhojimpkmhbpndncicbcfigid:{from_bookmark:false,from_webstore:false,install_time:13000806102366200,lastpingday:13032086400393900,location:1,manifest:{description:,key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnU8n5hCkbAh5KUPxc1po6OJXsglKQ6Pf1ClZzcQso5EcRybeEyL2jTy33MH2sCpi0b+l9kvbdLJ8K3RzHM+5ovhCI2gCCnTUhYYrfcszgFaiSW2ZEL8t7jkWGr7bkgbp9YSMrOGPqgqfCChP3iLE1kNElOp0F5fMQRjcZP7E3oQIDAQAB,name:RHCP,theme:{colors:{bookmark_text:[255,255,255],frame:[9,55,96],ntp_background:[255,255,255],ntp_link:[255,255,255],ntp_link_underline:[255,255,255],ntp_text:[255,255,255],tab_background_text:[0,0,0],tab_text:[255,255,255],toolbar:[0,0,0,0.6]},images:{theme_frame:images/theme_frame.png,theme_ntp_background:images/theme_ntp_background.jpeg,theme_tab_background:images/theme_tab_background.png,theme_toolbar:images/theme_toolbar.png},properties:{ntp_background_alignment:left top,ntp_background_repeat:no-repeat}},version:1.0},path:mogcbkkjhojimpkmhbpndncicbcfigid\\1.0_0,state:1,was_installed_by_default:false},nmmhkkegccagdldgiimedpiccmgmieda:{ack_external:true,active_permissions:{api:[app.currentWindowInternal,app.runtime,app.window,identity,webRequestInternal,webview],explicit_host:[https://checkout.goo...flags:9,events:[app.runtime.onLaunched],from_bookmark:false,from_webstore:true,has_declarative_rules:false,initial_keybindings_set:true,install_time:13032136129468900,lastpingday:13032086400393900,location:7,manifest:{app:{background:{scripts:[craw_background.js]}},current_locale:en_US,default_locale:en,description:Google Wallet for digital goods,display_in_launcher:false,display_in_new_tab_page:false,icons:{128:images/icon_128.png,16:images/icon_16.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB,manifest_version:2,minimum_chrome_version:29,name:Google Wallet,oauth2:{auto_approve:true,client_id:203784468217.apps.googleusercontent.com,scopes:[https://www.googleap...]},permissions:[identity,webview,https://checkout.google.com/,https://sandbox.google.com/checkout/,https://www.google.com/,https://www.googleapis.com/*],update_url:https://clients2.google.com/service/update2/crx,version:0.0.6.0},path:nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_0,running:false,state:1,was_installed_by_default:false},oehpjpccmlcalbenfhnacjeocbjdonic:{active_bit:false,active_permissions:{api:[tabs,unlimitedStorage],explicit_host:[https://www.mychrome...criptable_host:[https://www.mychrome...rmissions:{api:[tabs,unlimitedStorage],explicit_host:[https://www.mychrome...criptable_host:[https://www.mychrome...round:{scripts:[javascript/bg.js]},content_scripts:[{js:[javascript/cs.js],matches:[https://www.mychrome...licy:script-src 'self' https://apis.google.com https://ssl.google-analytics.com https://www.mychrometheme.com; object-src 'self';,current_locale:en_US,default_locale:en,description:Create and share Google Chrome themes of your own design.,icons:{128:images/icons/128.png,16:images/icons/16.png,32:images/icons/32.png,48:images/icons/48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcuZK6/A0EQ+U/1Ri1Rk+RwmQs+rN0Z71PJT5PU01HD4olf2znbqREesN0+0SCttW8xxJTQnNQlQ/cAAe3xNJIW1qIfxjl1ttMJln1k3xsz2UDyEYBRtxFycfDh90X4L861TFbysaiEHYxhz/RgyexcJ54HTCJvHKz2/n+Y+GHgQIDAQAB,manifest_version:2,name:My Chrome Theme,offline_enabled:true,permissions:[tabs,https://www.mychrometheme.com/*,unlimitedStorage],update_url:http://clients2.google.com/service/update2/crx,version:2.0,web_accessible_resources:[views/main.html,views/preview.html]},page_ordinal:n,path:oehpjpccmlcalbenfhnacjeocbjdonic\\2.0_0,state:1,was_installed_by_default:false},pjkljhegncpnkpknbcohdijeoejaedia:{active_bit:false,active_permissions:{api:[notifications]},app_launcher_ordinal:t,from_bookmark:false,from_webstore:true,granted_permissions:{api:[notifications]},install_time:12993894027180000,last_active_pingday:13024738804934800,lastpingday:13032086400393900,location:1,manifest:{app:{launch:{container:tab,web_url:https://mail.google.com/mail/ca},urls:[*://mail.google.com/mail/ca]},current_locale:en_US,default_locale:en,description:Fast, searchable email with less spam.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB,name:Gmail,options_page:https://mail.google.com/mail/ca/#settings,permissions:[notifications],update_url:http://clients2.google.com/service/update2/crx,version:7},page_ordinal:n,path:pjkljhegncpnkpknbcohdijeoejaedia\\7_0,state:1},lipgolpfajiadodbcbljdpmbmbdmfcil:{ack_external:true,ack_prompt_count:0,disable_reasons:128,state:1}},sideload_wipeout_done:true,theme:{id:mogcbkkjhojimpkmhbpndncicbcfigid,pack:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\mogcbkkjhojimpkmhbpndncicbcfigid\\1.0_0\\Cached Theme.pak},toolbarsize:-1},google:{services:{last_username:[email protected],signin:{LSID:,SID:,tokens:{chromiumsync:{status:Successful,value:d7caf5},lso:{status:Successful,value:DQAAAMAAAADlpi6Hq7rw1HzX6J96vOXnG2bL0TJw6OSFIkHIvHtooyQyDNOtS1kgXsH0d3Ss4UHt6JNjftajyLb0HhFjTitHJeAtIup5cbrv1Rfujbo8sArxVkJwIIYrXCqq36o8kONpT181cAcPLewwYfdFil9H0eU45azsnN17rY8HJh22iOdJ5Z1hrhbwCrd0SR0Rt7oZuEZ_P4pb8KTmjZIwtfX7zc5Y_UO7BkbGC8X-um3z8TcrHbBQL2xHxSxMpMArSMk\n},mobilesync:{status:Successful,value:DQAAAMIAAADlpi6Hq7rw1HzX6J96vOXnG2bL0TJw6OSFIkHIvHtooyQyDNOtS1kgXsH0d3Ss4UH5rdQir0LpbqRQOWuGR7maoRtCa3ao9lzytTdVQE4kVP-nQOFn3PCKHWjLXMkU6JtbthBnj3ZXawkdl_Vg5d1hKiq-o8-UNs2yo5_a3a3ti7zKuu0GAu1J-1yaWG5to7lN-5jzjJJOwTBmvXn4vydW9_xOGPDy92WzgeozDTimDWcd4Y1NPA7Bed0WBwP6_FHMGhYj9-K-AxIiCwSAbD_N\n},oauth2LoginAccessToken:{status:Successful,value:ya29.AHES6ZR04FUveR_SJUMBe0k_2qI2959XpI7gJw6IsfE5mR0EKG_r},oauth2LoginRefreshToken:{status:Successful,value:594970}}},username:[email protected]}},homepage:http://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN74825081287220072&UM=2&sspv=S41B,homepage_changed:true,homepage_is_newtabpage:false,intl:{accept_languages:en-US,en},invalidator:{client_id://dPiUzO6Mkr003vgCZRRA==,invalidation_state:CicKJQoGCgQIAxABEhIJNaq6Mtz1gpYR2E12GLN4InYaBwiDEhADGAwSFL5ihOACyoVSuJLB1gK4t6BcYALE,max_invalidation_versions:[{current-ack:{state:6A4C34159C4EBE4921162B0EBC17931A,timestamp:13020393526395800},expected-ack:{state:6A4C34159C4EBE4921162B0EBC17931A,timestamp:13020393526395800},max-version:1375878477196000,name:APP,payload:W:Chfi0d9neNbG/xBg5SD7vOyM30+JgrGAAhDApK+khvfEnVo=,source:1004},{current-ack:{state:731C27DA9072A21A9083E320BB8F3FD1,timestamp:13021677906893200},expected-ack:{state:731C27DA9072A21A9083E320BB8F3FD1,timestamp:13021677906893200},max-version:-9223372036854775808,name:APP_SETTING,payload:,source:1004},{current-ack:{state:FE9FAC8B137895A49E0BA8D0DB12E001,timestamp:13024715811518400},expected-ack:{state:FE9FAC8B137895A49E0BA8D0DB12E001,timestamp:13024715811518400},max-version:1380219584639000,name:AUTOFILL,payload:W:Chfi0d9neNbG/xBg5SD7vOyM3x+PAreCAhDApK+khvfEnVo=,source:1004},{current-ack:{state:2EA22B4D52E3B17E445DEB2289932E9E,timestamp:13021677906825200},expected-ack:{state:2EA22B4D52E3B17E445DEB2289932E9E,timestamp:13021677906825200},max-version:-9223372036854775808,name:AUTOFILL_PROFILE,payload:,source:1004},{current-ack:{state:0B3BC2A308C12FE4A67A677CDE4C854C,timestamp:13024715811526400},expected-ack:{state:0B3BC2A308C12FE4A67A677CDE4C854C,timestamp:13024715811526400},max-version:1380236609050000,name:BOOKMARK,payload:W:Chfi0d9neNbG/xAejPtnnK9ldZ80CrmCAhDApK+khvfEnVo=,source:1004},{current-ack:{state:B1C7AA1F1C2D0A735863F0F413B3FB0B,timestamp:13021677906820200},expected-ack:{state:B1C7AA1F1C2D0A735863F0F413B3FB0B,timestamp:13021677906820200},max-version:1364873834980000,name:DEVICE_INFO,payload:W:Chfi0d9neNbG/xBmezw+XCrm8V2Gp5F7AhCUzeaTrYjTng4=,source:1004},{current-ack:{state:414D17816E92963BA40A80C8817A0627,timestamp:13021677906867200},expected-ack:{state:414D17816E92963BA40A80C8817A0627,timestamp:13021677906867200},max-version:-9223372036854775808,name:DICTIONARY,payload:,source:1004},{current-ack:{state:2215A1B24F2769780D519D66B4A5B45A,timestamp:13021677906887200},expected-ack:{state:2215A1B24F2769780D519D66B4A5B45A,timestamp:13021677906887200},max-version:-9223372036854775808,name:EXPERIMENTS,payload:,source:1004},{current-ack:{state:A59EF9AF02F24165C9D0D842B5178773,timestamp:13021677906892200},expected-ack:{state:A59EF9AF02F24165C9D0D842B5178773,timestamp:13021677906892200},max-version:-9223372036854775808,name:EXTENSION,payload:,source:1004},{current-ack:{state:70E3F4D9B2ADC30C1A8F5AA65DA289EE,timestamp:13021677906907200},expected-ack:{state:70E3F4D9B2ADC30C1A8F5AA65DA289EE,timestamp:13021677906907200},max-version:-9223372036854775808,name:EXTENSION_SETTING,payload:,source:1004},{current-ack:{state:F6701CF80BF8A3947528BCD7A8F12FAD,timestamp:13024196205067400},expected-ack:{state:F6701CF80BF8A3947528BCD7A8F12FAD,timestamp:13024196205067400},max-version:1379722595854000,name:FAVICON_IMAGE,payload:W:Chfi0d9neNbG/xBg5SD7vOyM36Gxw3uCAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:138C5011124959194AD940D28661E296,timestamp:13025065425400600},expected-ack:{state:138C5011124959194AD940D28661E296,timestamp:13025065425400600},max-version:1380591033807000,name:FAVICON_TRACKING,payload:W:Chfi0d9neNbG/xAejPtnnK9ldfVBSuOCAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:A812981515BCD13F5569FEDD25F2DB7A,timestamp:13021675913025600},expected-ack:{state:A812981515BCD13F5569FEDD25F2DB7A,timestamp:13021675913025600},max-version:1377016385047000,name:HISTORY_DELETE_DIRECTIVE,payload:W:Chfi0d9neNbG/xBg5SD7vOyM3323KDmBAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:BA67ACF13A5BC034B984B5085F750A1C,timestamp:13021677906895200},expected-ack:{state:BA67ACF13A5BC034B984B5085F750A1C,timestamp:13021677906895200},max-version:-9223372036854775808,name:MANAGED_USER,payload:,source:1004},{current-ack:{state:A20806ED82BD3F6F0E845EAC39EBBB14,timestamp:13021677906829200},expected-ack:{state:A20806ED82BD3F6F0E845EAC39EBBB14,timestamp:13021677906829200},max-version:1364852963010000,name:NIGORI,payload:W:Chfi0d9neNbG/xBmezw+XCrm8eeUKo97AhDApK+khvfEnVo=,source:1004},{current-ack:{state:BDEB2FEA9D1D993F65210916B11BAF69,timestamp:13017985518664706},expected-ack:{state:BDEB2FEA9D1D993F65210916B11BAF69,timestamp:13017985518664706},max-version:1372947909368000,name:PASSWORD,payload:W:Chfi0d9neNbG/xBmezw+XCrm8XW6KFR/AhCUzeaTrYjTng4=,source:1004},{current-ack:{state:05B9DF5DFCB8E2818B00EDE958F9153B,timestamp:13021675912730600},expected-ack:{state:05B9DF5DFCB8E2818B00EDE958F9153B,timestamp:13021675912730600},max-version:1377016383160000,name:PREFERENCE,payload:W:Chfi0d9neNbG/xBg5SD7vOyM3w+qKDmBAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:77CEBFC8FF0F2C4D32B05609376143CF,timestamp:13021677906900200},expected-ack:{state:77CEBFC8FF0F2C4D32B05609376143CF,timestamp:13021677906900200},max-version:-9223372036854775808,name:PRIORITY_PREFERENCE,payload:,source:1004},{current-ack:{state:E3BD5F1715E4A792E1BD1D9EEDB5A29F,timestamp:13024251098412000},expected-ack:{state:E3BD5F1715E4A792E1BD1D9EEDB5A29F,timestamp:13024251098412000},max-version:1379776498845000,name:SEARCH_ENGINE,payload:W:Chfi0d9neNbG/xBg5SD7vOyM3xOtMIKCAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:70A2E0AECCDB39DAB284452AF687ED83,timestamp:13025065425397600},expected-ack:{state:70A2E0AECCDB39DAB284452AF687ED83,timestamp:13025065425397600},max-version:1380591142731000,name:SESSION,payload:W:Chfi0d9neNbG/xAejPtnnK9ldbu3TeOCAhCUzeaTrYjTng4=,source:1004},{current-ack:{state:AB920361EF93C1797BB927E7514A7B7E,timestamp:13021677906885200},expected-ack:{state:AB920361EF93C1797BB927E7514A7B7E,timestamp:13021677906885200},max-version:1356332503861000,name:THEME,payload:,source:1004},{current-ack:{state:8807A97B74D0483EB91711D18974F842,timestamp:13024196205080400},expected-ack:{state:8807A97B74D0483EB91711D18974F842,timestamp:13024196205080400},max-version:1379722595855000,name:TYPED_URL,payload:W:Chfi0d9neNbG/xBg5SD7vOyM36Gxw3uCAhCUzeaTrYjTng4=,source:1004}]},is_google_plus_user:true,net:{http_server_properties:{servers:{1-ps.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},1.bp.blogspot.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},1435575.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},1599532.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},2-ps.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},3.bp.blogspot.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},3266374.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},3638290.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},3677321.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},4037109.fls.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},4177752.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},4191748.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},4235225.fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},4236808.fls.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},4260840.fls.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},690191.fls.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},accounts.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},accounts.youtube.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},ad-ace.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},ad-ace.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},ad-g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},ad.au.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},ad.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},ad.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},ad.us.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},adclick.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},afs.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},ajax.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},ajax.googleapis.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},analytics.twitter.com:443:{supports_spdy:true},api.recaptcha.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},api.twitter.com:443:{supports_spdy:true},apis.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:58,6:0},supports_spdy:true},bid.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},cbks0.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},cdn.syndication.twimg.com:443:{supports_spdy:true},cdnjs.cloudflare.com:443:{supports_spdy:true},chart.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},chatenabled.mail.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},chrome.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},clients1.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:22,6:0},supports_spdy:true},clients1.google.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},clients2.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},clients2.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:17,6:6},supports_spdy:true},clients4.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},cm.g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},cm.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},csi.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},csi.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},disco.chatid.com:443:{supports_spdy:true},docs.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},dp.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},encrypted-tbn0.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},encrypted-tbn1.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},encrypted-tbn2.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},encrypted-tbn3.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},fls.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},fonts.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},fonts.googleapis.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},gcdn.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},gdata.youtube.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},gdata.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},geo0.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},geo1.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},geo2.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},geo3.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},gg.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},googleads.g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},googleads.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},googleads4.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},gp3.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},gp4.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},gp5.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},gp6.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},graph.facebook.com:443:{supports_spdy:true},hfcrokj5neo8jqtide9hbgsq3opjndlh-a-gm-opensocial.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},hiroservers.appspot.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},history.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},i1.ytimg.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},i1.ytimg.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},i2.ytimg.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},i3.ytimg.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},i4.ytimg.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},id.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},images.subeta.net:443:{supports_spdy:true},images2-p9e-opensocial.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},img.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},khms0.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},khms1.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},lh3.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},lh3.ggpht.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},lh3.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},lh4.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},lh4.ggpht.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},lh4.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},lh4.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},lh5.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},lh5.ggpht.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},lh5.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},lh6.ggpht.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},lh6.ggpht.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},lh6.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},linkhelp.clients.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},mail-attachment.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},mail.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},maps-api-ssl.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},maps.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},maps.google.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},maps.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:22,6:24},supports_spdy:true},maps.googleapis.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},maps.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:19,6:3},supports_spdy:true},maps.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},mt0.googleapis.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},mt1.googleapis.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},mts.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:22,6:0},supports_spdy:true},mts0.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},mts0.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:29,6:9},supports_spdy:true},mts1.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},mts1.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:28,6:7},supports_spdy:true},mts2.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},mts3.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},mw2.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},oauth.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:11,6:21},supports_spdy:true},p2-cdy2wcpbhd5lq-6fnmpc5y4aktdqv5-457271-i1-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-cdy2wcpbhd5lq-6fnmpc5y4aktdqv5-457271-i2-v6exp3-ds.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-cdy2wcpbhd5lq-6fnmpc5y4aktdqv5-457271-s1-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-cdy2wcpbhd5lq-6fnmpc5y4aktdqv5-if-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-nj4tyscexhi5e-7wf2dbg5kox6p67n-761253-i1-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-nj4tyscexhi5e-7wf2dbg5kox6p67n-761253-i2-v6exp3-ds.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-nj4tyscexhi5e-7wf2dbg5kox6p67n-761253-s1-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},p2-nj4tyscexhi5e-7wf2dbg5kox6p67n-if-v6exp3-v4.metric.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},pagead2.googlesyndication.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},pagead2.googlesyndication.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},partner.googleadservices.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},partner.googleadservices.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},pixel.facebook.com:443:{supports_spdy:true},plus.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},plus.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:67,6:0},supports_spdy:true},pubads.g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},pubads.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---ord12s09.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-hp576nez.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-hp57zn7y.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-nwj7knel.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-p5q7ynee.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-p5q7ynez.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-p5qlsm7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-vgqeln7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-vgqeln7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r1---sn-vgqsenee.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r10---sn-p5qlsm7l.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r10---sn-p5qlsm7r.c.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r10---sn-p5qlsm7s.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r11---sn-p5qlsm7z.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r11---sn-vgqsen7y.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r12---sn-p5q7yne6.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r12---sn-p5qlsm7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-nwj7knes.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-p5qlsm76.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-p5qlsm7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-p5qlsm7s.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-vgqsen7y.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-vgqsen7z.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r13---sn-vgqsenee.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r14---sn-nx57ynez.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r14---sn-p5qlsm7l.c.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r14---sn-p5qlsm7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r14---sn-vgqsen7z.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r14---sn-vgqsene7.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r15---sn-nwj7knes.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r15---sn-vgqeln7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r16---sn-p5qlsm7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r16---sn-vgqelnes.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r17---sn-p5qlsm7l.c.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r17---sn-vgqeln7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r19---sn-hp57zn7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r19---sn-vgqelney.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r2---sn-p5qlsm7s.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r20---sn-p5qlsm7l.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-hp576nel.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-mv-p5qe.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-mv-vgqz.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-p5q7ynl7.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-p5qlsm7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-p5qlsm7z.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r3---sn-p5qlsnee.googlevideo.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r4---sn-mv-vgql.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r4---sn-p5qlsm7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r4---sn-vgqelnee.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r4---sn-vgqelnek.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---mia05s14.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---ord12s17.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-hp576n7y.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-hp57zn7k.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-mv-vgqe.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-mv-vgql.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-mv-vgqs.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-mv-vgqz.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-p5qlsm7d.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r5---sn-p5qlsm7z.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r6---sn-mv-vgqe.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r6---sn-mv-vgql.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r7---sn-mv-vgqz.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r7---sn-vgqsen7r.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r8---sn-a5m7zu7d.c.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r8---sn-nwj7knez.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r9---iad23x01.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r9---ord12s19.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r9---sn-p5qlsm76.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r9---sn-p5qlsm7d.c.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},r9---sn-vgqsen76.c.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},rum-static.pingdom.net:443:{settings:{4:100},supports_spdy:true},s.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},s.ytimg.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},s.ytimg.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},s0.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},s0.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},s1.2mdn.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},s1.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},s2.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},s2.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},scontent-a-iad.xx.fbcdn.net:443:{supports_spdy:true},scontent-a-lga.xx.fbcdn.net:443:{supports_spdy:true},scontent-a-ord.xx.fbcdn.net:443:{supports_spdy:true},scontent-b-iad.xx.fbcdn.net:443:{supports_spdy:true},scontent-b-lga.xx.fbcdn.net:443:{supports_spdy:true},scontent-b-ord.xx.fbcdn.net:443:{supports_spdy:true},securepubads.g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},ssl.google-analytics.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},ssl.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:18,6:4},supports_spdy:true},ssl.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},static.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},static.panoramio.com.storage.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},stats.g.doubleclick.net:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},stats.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},storage.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},support.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},survey.g.doubleclick.net:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},syndication.twitter.com:443:{supports_spdy:true},t0.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},t1.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},t2.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},t3.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},themes.googleusercontent.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:22,6:14},supports_spdy:true},themes.googleusercontent.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},tools.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},tpc.googlesyndication.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},tpcnc.googlesyndication.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},translate.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:false},translate.google.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},translate.googleapis.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:35,6:0},supports_spdy:true},twitter.com:443:{supports_spdy:true},www-gm-opensocial.googleusercontent.com:443:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:true},www.dropbox.com:443:{supports_spdy:true},www.facebook.com:443:{supports_spdy:true},www.geekstogo.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.gmodules.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.google-analytics.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},www.google-analytics.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.google.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:36,6:0},supports_spdy:true},www.google.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.googleadservices.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},www.googleadservices.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.googleapis.com:443:{supports_spdy:true},www.googlecommerce.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.googletagmanager.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},www.googletagmanager.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.googletagservices.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.gstatic.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100,5:32,6:0},supports_spdy:true},www.gstatic.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.youtube-nocookie.com:443:{alternate_protocol:{port:443,protocol_str:quic},supports_spdy:true},www.youtube-nocookie.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},www.youtube.com:443:{alternate_protocol:{port:443,protocol_str:quic},settings:{4:100},supports_spdy:true},www.youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false},youtube.com:80:{alternate_protocol:{port:80,protocol_str:quic},supports_spdy:false}},version:2}},ntp:{app_page_names:[Apps],shown_page:2048},plugins:{enabled_internal_pdf3:true,enabled_nacl:true,last_internal_directory:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63,migrated_to_pepper_flash:true,plugins_list:[{enabled:true,name:Shockwave Flash,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\21.0.1180.89\\PepperFlash\\pepflashplayer.dll,version:11.3.31.232},{enabled:true,name:Shockwave Flash,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\gcswf32.dll,version:11,4,402,265},{enabled:true,name:Shockwave Flash,path:C:\\Windows\\system32\\Macromed\\Flash\\NPSWF32.dll,version:11,1,102,55},{enabled:true,name:Flash},{enabled:true,name:Remoting Viewer,path:internal-remoting-viewer,version:},{enabled:true,name:Remoting Viewer},{enabled:true,name:Native Client,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\ppGoogleNaClPluginChrome.dll,version:},{enabled:true,name:Native Client},{enabled:true,name:Chrome PDF Viewer,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\Application\\31.0.1650.63\\pdf.dll,version:},{enabled:true,name:Chrome PDF Viewer},{enabled:true,name:AVG Internet Security,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\jmfkcklnlgedgbglfkkgedjfmejoahla\\12.0.0.2191_0\\plugins/avgnpss.dll,version:12.0.0.2191},{enabled:true,name:AVG Internet Security},{enabled:true,name:Adobe Acrobat,path:C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Browser\\nppdf32.dll,version:8.1.0.2007051000},{enabled:false,name:Adobe Acrobat},{enabled:true,name:Microsoft Office 2010,path:C:\\PROGRA~1\\MICROS~3\\Office14\\NPAUTHZ.DLL,version:14.0.4730.1010},{enabled:true,name:Microsoft Office 2010,path:C:\\PROGRA~1\\MICROS~3\\Office14\\NPSPWRAP.DLL,version:14.0.4761.1000},{enabled:true,name:Microsoft Office},{enabled:true,name:MetaStream 3 Plugin,path:C:\\Program Files\\Viewpoint\\Viewpoint Media Player\\npViewpoint.dll,version:3, 5, 0, 36},{enabled:true,name:MetaStream 3 Plugin},{enabled:true,name:iTunes Application Detector,path:C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll,version:1.0.1.1},{enabled:true,name:iTunes Application Detector},{enabled:true,name:Google Update,path:C:\\Users\\Chris\\AppData\\Local\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll,version:1.3.21.111},{enabled:true,name:Google Update},{enabled:true,name:Windows Presentation Foundation,path:c:\\Windows\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll,version:3.5.30729.1 built by: SP},{enabled:true,name:Windows Presentation Foundation}],removed_old_component_pepper_flash_settings:true},printing:{print_preview_sticky_settings:{appState:{\version\:2,\selectedDestinationId\:\HP LaserJet 5 (Copy 2)\,\isGcpPromoDismissed\:false,\marginsType\:null,\isColorEnabled\:null,\isDuplexEnabled\:null,\isHeaderFooterEnabled\:null,\isLandscapeEnabled\:null,\isCollateEnabled\:null,\isCssBackgroundEnabled\:null,\selectedDestinationOrigin\:\local\}}},profile:{avatar_index:0,content_settings:{clear_on_exit_migrated:true,pattern_pairs:{*,*:{per_plugin:{npsitesafety.dll:1}},[*.]comediansincarsgettingcoffee.com,*:{fullscreen:1},[*.]library.skillport.com,*:{popups:1},[*.]m.cdn.hardsextube.com,*:{fullscreen:1},[*.]www.cnn.com,*:{popups:1},[*.]www.youtube.com,*:{fullscreen:1},http://www.cnn.com:80,*:{ppapi-broker:1},http://www.fieldgulls.com:80,*:{ppapi-broker:1},http://www.ncaa.com:80,*:{ppapi-broker:1},https://[*.]docs.google.com:443,*:{fullscreen:1},https://[*.]sis.case.edu:443,*:{popups:1},https://[*.]talentcloud1.sumtotalsystems.com:443,*:{plugins:1,popups:1},https://[*.]www.onlinebanking.pnc.com:443,*:{popups:1},https://www.crimereports.com:443,https://www.crimereports.com:443:{geolocation:2}},plugin_whitelist:{npsitesafety:{dll:true}},pref_version:1},exit_type:Normal,exited_cleanly:true,icon_version:2,managed_user_id:,name:First user},savefile:{default_directory:C:\\Users\\Chris\\Desktop},selectfile:{last_directory:C:\\Users\\Chris\\Desktop},session:{restore_on_startup:4,restore_on_startup_migrated:true,urls_to_restore_on_startup:[http://search.condui...],startup_urls:[http://search.condui...owledged_types:[Bookmarks,Preferences,Passwords,Autofill Profiles,Autofill,Themes,Typed URLs,Extensions,Encryption keys,Search Engines,Sessions,Apps,App settings,Extension settings,App Notifications],app_notifications:true,app_settings:true,apps:true,autofill:true,autofill_profile:true,bookmarks:true,dictionary:true,encryption_bootstrap_token:AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAAlQg2SAoo0S6ZmpWke4KpQAAAAACAAAAAAADZgAAqAAAABAAAACI96e0VrgaBbgTY4IQ/2dzAAAAAASAAACgAAAAEAAAAF/3T58GCOJeZtcbi5+J3hw4AAAAHRojp252NSqWU2fFO/VMz0SMSJn8KFKZa5oDmBMsGGz0oicrtWVDdH/CBomdhFC4EgixRF1WTEwUAAAAUOzPL0jAcG5zeYk+r0s16qc/Dtk=,extension_settings:true,extensions:true,favicon_images:true,favicon_tracking:true,favicons_syncing_enabled:true,has_setup_completed:true,history_delete_directives:true,keep_everything_synced:true,keystore_encryption_bootstrap_token:AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJiDdJ1jzr0aX985Gq9azbQAAAAACAAAAAAADZgAAqAAAABAAAACB8Z9JwXur42ZzX6halit1AAAAAASAAACgAAAAEAAAAOEYsvo/5+hjvIbPZyNCnuJQAAAAX2I4plVTbvzMwFA8E20NXBaIGsNvRC9UWq8eSs83t3b119Ve9UPqxguYd5U8XtH5n1taqA2gwkkqE1MzLWvoVAWy6QQ5CZmJPeaPg1iG0TcUAAAA3pPIaseq/ABgy3SDfic4D7GB0wA=,last_synced_time:13025155170442800,passwords:true,preferences:true,priority_preferences:true,search_engines:true,session_sync_guid:session_sync//dPiUzO6Mkr003vgCZRRA==,sessions:true,suppress_start:false,tabs:true,themes:true,typed_urls:true},sync_promo:{show_ntp_bubble:false,startup_count:1,user_skipped:true,view_count:1},translate_accepted_count:{ko:0,ru:1},translate_blocked_languages:[en],translate_denied_count:{ko:1,ru:0}} dhogjnnleghndloamdkljhnhdchpcijl:
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.2_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhbbmmgbnjalccamlaefhepnajfmgopb\10.24.3.3_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhbbmmgbnjalccamlaefhepnajfmgopb\10.24.3.3_0\nativeMessaging\nmHost
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogcbkkjhojimpkmhbpndncicbcfigid\1.0_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: PassShow = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/11 17:57:53 | 000,001,161 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 forum.alcohol-soft.com
O1 - Hosts: 127.0.0.1 support.alcohol-soft.com
O1 - Hosts: 127.0.0.1 users.alcohol-soft.com
O1 - Hosts: 127.0.0.1 shop.alcohol-soft.com
O1 - Hosts: 127.0.0.1 vodka.alcohol-soft.com
O1 - Hosts: 127.0.0.1 *.alcohol-soft.com
O1 - Hosts: 127.0.0.1 *.alcohol-soft.*
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll (AVG Secure Search)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000..\Run: [URmedia] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0819543E-146D-4416-8CDE-A68597624A77}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C8DA66C-C24A-49EF-B3BB-7F784FC0114A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B72DD6A-D65E-4A6A-A9E0-50489A711B2A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/10 08:11:44 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0981f7da-6a65-11e3-bf63-00269e1d9082}\Shell - "" = AutoRun
O33 - MountPoints2\{0981f7da-6a65-11e3-bf63-00269e1d9082}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{44229e24-6ac8-11e1-8a5e-001eecf4b2ed}\Shell - "" = AutoRun
O33 - MountPoints2\{4b2a77ef-c0f9-11e2-8ae5-001eecf4b2ed}\Shell - "" = AutoRun
O33 - MountPoints2\{4b2a77ef-c0f9-11e2-8ae5-001eecf4b2ed}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{cc973cc0-02d5-11e3-93df-806e6f6e6963}\Shell\setup\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/01 09:47:05 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/01/01 06:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\PassShow
[2014/01/01 06:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts
[2014/01/01 06:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
[2014/01/01 06:42:11 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/12/31 22:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/12/31 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/12/31 22:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2013/12/31 21:34:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVG2013
[2013/12/31 21:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/12/31 21:26:33 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/12/31 21:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/12/31 21:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/12/31 21:06:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\SearchProtect
[2013/12/31 21:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/12/31 21:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/12/31 21:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/12/31 21:05:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\NativeMessaging
[2013/12/31 21:05:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\CRE
[2013/12/21 23:50:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\WarThunder
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013/12/21 16:13:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\URmedia
[2013/12/16 20:28:08 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller.exe
[2013/12/14 17:09:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\CyberLink
[2013/12/12 10:36:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/12 10:36:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/12 10:36:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/12 10:36:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/12 10:36:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/12 10:36:44 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/12 10:36:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/12 10:36:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/12 01:32:20 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Avg2013
[2013/12/12 01:09:55 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\AVG Secure Search
[2013/12/12 01:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/12/12 01:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013/12/12 01:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2013/12/12 01:05:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\TuneUp Software
[2013/12/11 14:06:27 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/11 14:06:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/11 14:06:25 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 14:06:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/11 14:06:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 14:06:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/12/07 21:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2013/12/07 21:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013/12/07 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2013/12/07 20:55:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2013/12/06 21:39:33 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\OpenOffice
[2013/12/06 21:37:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
[2013/12/06 21:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2013/12/06 21:35:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/01 14:34:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000UA.job
[2014/01/01 14:20:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 14:20:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 14:20:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/01 14:20:01 | 3218,280,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/01 11:27:34 | 000,008,944 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/01 10:56:26 | 000,000,115 | ---- | M] () -- C:\Windows\wininit.ini
[2014/01/01 10:34:14 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000Core.job
[2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/01/01 07:14:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/01 07:08:00 | 000,000,104 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/31 22:47:45 | 000,001,039 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/12/31 22:47:45 | 000,001,015 | ---- | M] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk
[2013/12/31 21:30:09 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/12/22 14:19:31 | 000,008,516 | ---- | M] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/21 19:31:57 | 000,608,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/21 19:31:57 | 000,105,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/16 20:28:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Chris\Desktop\tdsskiller.exe
[2013/12/14 17:09:58 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2013/12/13 19:30:36 | 000,018,195 | ---- | M] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/12 11:01:32 | 000,430,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/12/11 11:14:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/11 11:14:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/08 18:52:21 | 269,701,115 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/07 21:25:23 | 000,000,922 | ---- | M] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2013/12/06 21:48:20 | 000,015,215 | ---- | M] () -- C:\Users\Chris\Documents\cwabcaiks.odt
[2013/12/06 21:37:59 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2013/12/06 00:32:52 | 000,002,044 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/12/06 00:32:52 | 000,002,042 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2013/12/03 13:41:59 | 000,305,258 | ---- | M] () -- C:\Users\Chris\Desktop\fbpoke.png
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/01 14:20:01 | 3218,280,448 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2014/01/01 07:08:00 | 000,000,104 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/31 22:47:45 | 000,001,039 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2013/12/31 22:47:45 | 000,001,015 | ---- | C] () -- C:\Users\Chris\Desktop\Spybot - Search & Destroy.lnk
[2013/12/31 21:30:09 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/12/22 14:19:30 | 000,008,516 | ---- | C] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/13 19:11:43 | 000,018,195 | ---- | C] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/07 21:25:23 | 000,000,922 | ---- | C] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2013/12/06 21:48:18 | 000,015,215 | ---- | C] () -- C:\Users\Chris\Documents\cwabcaiks.odt
[2013/12/06 21:37:59 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
[2013/12/03 13:42:18 | 000,305,258 | ---- | C] () -- C:\Users\Chris\Desktop\fbpoke.png
[2013/11/30 07:02:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/11/29 21:26:00 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/27 12:28:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/25 01:23:39 | 000,000,552 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d8caps.dat
[2013/11/24 14:11:42 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2013/09/29 16:38:11 | 000,000,495 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/05/19 22:15:01 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2013/04/18 17:25:16 | 000,188,468 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/05/25 18:17:09 | 000,034,814 | ---- | C] () -- C:\Users\Chris\AppData\Local\dt.dat
[2012/01/28 11:19:31 | 000,008,944 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2011/11/14 00:28:17 | 000,071,168 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/08 10:09:37 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/11/08 10:09:32 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


EXTRAS.TXT
OTL Extras logfile created on: 1/1/2014 2:34:02 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 35.12% Memory free
6.22 Gb Paging File | 3.93 Gb Available in Paging File | 63.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 105.10 Gb Free Space | 47.24% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.58% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B86FA71-254F-497F-9722-A25C49D28E11}" = rport=137 | protocol=17 | dir=out | app=system |
"{43688AB0-5026-4109-BD35-C9F94C453FB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{4D463317-8AA1-42EB-AAAA-46FB45DC961D}" = lport=3351 | protocol=6 | dir=in | name=pervasive dbengine |
"{5A4CB45D-0259-4C82-9946-CA1380D42EB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{866D77D3-8AA2-4318-9874-31E4C1A231B7}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A048E29-75EC-4132-B07E-A99D60547B10}" = lport=445 | protocol=6 | dir=in | app=system |
"{8E599228-5F36-4B01-9782-CDAF7A7DF85D}" = lport=1583 | protocol=6 | dir=in | name=pervasive dbengine |
"{9F3C8C1B-6DA2-4F0D-A981-57594F0D6604}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{BFF9B835-B75B-4BE6-9705-0C23AE776AE0}" = lport=139 | protocol=6 | dir=in | app=system |
"{E3BE076D-61DD-4A6A-80A5-333CF65D0B6A}" = rport=445 | protocol=6 | dir=out | app=system |
"{E50F9893-D461-4BE7-A960-869C3F1DB807}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EA01412C-D37A-4237-8C2E-247030DB62A5}" = rport=139 | protocol=6 | dir=out | app=system |
"{EFF98E92-7B6F-4782-BDDF-F331AEFABB92}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0263DABF-EF77-48CB-B81B-61C269F641F2}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{086EBDD0-D2A4-4115-9E7D-D5620F6F92C0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{0EE63860-31B4-4363-9C13-37DDF7128868}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{11ADFC12-38B0-4667-82AC-93306FE52F0B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{16ACDFE2-0220-4AFE-B2BD-324C0E801201}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{1F45569F-AD63-4282-BEC9-25051AEBA05B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{28F749D7-7D30-42DC-B172-A82150B263EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{2B901E9E-38BB-4139-827E-A9A773D1BD74}" = protocol=58 | dir=out | [email protected],-28546 |
"{350756F3-25FB-4811-AA84-2CE1D3349BAF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{3C1CE542-FA9F-407A-8EF9-3C008766CBC5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4077636B-AD4F-4DC4-A72C-F678C34CA0A7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{414219F8-DCFA-480C-9BAD-F39C217768ED}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{4360F3DF-8D98-4686-B86A-828DED02CAE7}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{43B98980-EB95-4614-A4D6-99AFE53ADBC4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{453DCC76-D754-45D0-BD36-A98A97DE4C5A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{4FD1363D-CFA8-4B8C-824B-D93F3EB9B515}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50B3F0CC-9A59-4C98-BAAD-3C25B1DA0F65}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50E9D66C-209C-4C4A-B27B-BC36B3ED0E16}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{51EE844F-74E0-45C8-84FB-73AC69CE33C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5D2C68F0-030E-4C92-9B6E-C1204C19C9F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DF1C42E-E752-4E4E-A0C0-C68872DD16D5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{67DDD819-4658-46C6-8051-CA0937EE2D06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68848B8E-D9C2-4D2D-BB26-0C7FBA815CF4}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{6FC9820B-9A1F-4F8A-958D-C95885E390BE}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{7345A150-1395-4A82-BB80-146E30A17F40}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{73D0D9AD-862A-451A-A487-0A86A3A776C5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{777C8CC4-F17C-4A6D-8F55-DCE99749F8F4}" = protocol=6 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{7FBFF7C6-7B40-4F7D-8D01-5BD55DA6C83F}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{81B48244-E124-41CB-A0DF-885063DC350D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{84688B25-7D8D-4393-9CBC-D87794CAC412}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{877F6D89-DE63-41DE-9296-C17D2197C6E9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8AB0B066-2698-4A91-B5FE-31B1E791F208}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{91FB66D6-4CCC-4096-8685-5862BC7E4385}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{93092660-9A0C-4FD5-8676-C8D07A169EA6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{97E906B3-2FF3-4D20-AFC3-DC3D17F13F53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B0EDE9EB-A8AC-4ABF-81D9-B42F20C3FB5F}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{BEEA257F-30E6-4739-9C7F-4663398B59F5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C72728E7-4B98-4F7C-AA7E-6B0E88A99CA5}" = protocol=1 | dir=out | [email protected],-28544 |
"{CAC52DD3-2A0A-4526-863D-3CF90F8A3295}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D07DB96B-7551-4F3B-A6F5-B47BA7AAD6B1}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{D2F34EAA-121E-4F0F-BF1E-9D3C7EDE4428}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{D6AF57C8-6443-4C2D-82DB-629C14CE0156}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D7788BDD-2654-4E24-9453-68119D2E3AE2}" = protocol=58 | dir=in | [email protected],-28545 |
"{DCCA4B59-4F01-4826-9089-935BE4339170}" = protocol=1 | dir=in | [email protected],-28543 |
"{E0FE72CF-E914-4B70-AD17-8AEEBF7948EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{E124605C-BD1D-416C-A87C-AEB0E0FF81FC}" = protocol=17 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{E6140F30-5818-4775-BEE4-85A093C259F4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{ECB83D74-BFDB-47E0-B5BE-F43AA0957F30}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{F1F1FB7D-3FB8-4B9A-84B1-32D852E8092D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{F694C544-F243-4383-83AB-7A89256CB6D8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{8127EB56-444C-4340-9EB1-1DFF3E3DF79A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{8CCD8902-F275-4BAC-A60C-91886DB6D8C3}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"TCP Query User{D707EFCC-9309-44B4-A8EC-DF46AA6A3406}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
"TCP Query User{D7AC601B-8D94-49D2-8350-FF61539E730B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{05D726A8-536F-4D2E-A4B1-CC1A0AB24701}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{45F3E2A8-5D77-43D8-AD1A-9A19BEDC61E1}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{6967F8AB-F2CF-4FA6-BFEE-000CE2281739}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"UDP Query User{7D6D596E-3F40-4A30-B75D-56E7B3D4B305}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1CC677FA-C65A-0767-9AE4-370A233D8366}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F579925-2652-6934-2E6C-EE652CD807E3}" = Catalyst Control Center Core Implementation
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{23CCE784-A812-4647-AEFF-1DCCD4E57478}" = HP Support Solutions Framework
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{264A668E-A999-031C-9779-50A56C83ADF2}" = Catalyst Control Center Graphics Full Existing
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{49603CBF-8861-4D94-AD85-E4854AD366CA}" = AVG 2013
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CB16960-2A17-C313-5C52-00D5612627AB}" = ccc-core-static
"{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"{5A4D9E13-4E96-5CD5-FC03-8431277A97F6}" = Catalyst Control Center Graphics Full New
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66F0EA94-483A-82CB-B9FC-38329A3014F2}" = Catalyst Control Center Graphics Previews Vista
"{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center
"{6EBF4CF2-651F-C168-6C4F-F86BF000E55B}" = Catalyst Control Center InstallProxy
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}" = Snagit 11
"{81FAD5EA-19B2-4A06-89EC-D65CD23AAD55}" = AVG 2013
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms
"{8EBAB2D3-C17D-1070-015A-800180C303E8}" = Skins
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F78DBE6-95C1-ADEC-796A-E76DD4CDB4E8}" = Catalyst Control Center Graphics Light
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B8169E45-8E23-430B-91D1-EC64540C8ED0}" = HP User Guides 0103
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C25E9B95-8000-8985-EF20-9FF4DCEA41BA}" = CCC Help English
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}" = iTunes
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8C3CF7A-9E8F-4C5D-8EC7-FF5A495E178C}" = VitalSource Bookshelf
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FA44DB7C-5158-A2DE-8672-D7C7E13E10A3}" = Catalyst Control Center Graphics Previews Common
"{FD6FAE16-DD20-EDBF-AB50-FAC87EB197D1}" = ccc-utility
"7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AVG" = AVG 2013
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"AVG Secure Search" = AVG Security Toolbar
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Integration Services" = Sage Integration Services
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Pervasive PSQL v10 SP2 Workgroup (32-bit)" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1" = Age of Empires II HD © Microsoft Studios version 1
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam" = Steam
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 236390" = War Thunder
"Steam App 440" = Team Fortress 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/1/2014 7:41:36 AM | Computer Name = Chris-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 1/1/2014 7:42:22 AM | Computer Name = Chris-PC | Source = CltMngSvc | ID = 1000
Description =

Error - 1/1/2014 7:46:24 AM | Computer Name = Chris-PC | Source = CltMngSvc | ID = 1000
Description =

Error - 1/1/2014 7:56:45 AM | Computer Name = Chris-PC | Source = CltMngSvc | ID = 1000
Description =

Error - 1/1/2014 7:57:12 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/1/2014 10:45:06 AM | Computer Name = Chris-PC | Source = EventSystem | ID = 4609
Description =

Error - 1/1/2014 10:46:02 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/1/2014 11:29:20 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/1/2014 11:39:31 AM | Computer Name = Chris-PC | Source = EventSystem | ID = 4609
Description =

Error - 1/1/2014 11:40:26 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

Error - 11/27/2013 7:40:38 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.

Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: XmlParser::invokeParser File: .\Xml\XmlParser.cpp Line: 182
Invoked
Function: ISAXXMLReader::parse Return Code: -2146697210 (0x800C0006) Description:
WINDOWS_ERROR_CODE

Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::LoadSettingsFromXmlFile File: ..\PhoneHomeAgent.cpp
Line:
603 Invoked Function: XmlParser::parseFile Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED

Error - 11/27/2013 7:45:41 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

Error - 11/27/2013 8:31:01 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.

[ System Events ]
Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:19:23 PM | Computer Name = Chris-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.

Error - 1/1/2014 3:20:52 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/1/2014 3:20:52 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/1/2014 3:22:22 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/1/2014 3:22:23 PM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >
  • 0

#44
DonnaB
Posted 01 January 2014 - 02:43 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts

Thanks again for such a quick reply! You're such a big help! :D

Awww, shucks. Posted Image Thank you! And you're most welcome. :happy:

A couple of nosy questions if I may.....

Is AVG the free version? How long have you had AVG installed?

Do you recall where you got the Spybot S&D download from?

Whilst I review the OTL and Extras more thoroughly:

Please download Junkware Removal Tool to your desktop.

  • Disable your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next:

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click AdwCleaner.exe to run the tool.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button.
  • AdwCleaner will begin. Be patient as the scan may take some time to complete.
  • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

In your next reply please post the following logs:

JRT.txt
AdwCleaner[R0].txt

Thank you,
Donna :)
  • 0

#45
CZ2761
Posted 01 January 2014 - 03:05 PM

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
It's the free version, and I just downloaded it yesterday (had previously uninstalled it when we fixed the laptop the first time).

I want to say I downloaded it from cnet.com, it linked to safer-networking.org. When I went to reinstall spybot, it took me to that site again, and when I went back a page, it took me to cnet. It's odd :/

I'm about to run those scans, it may take a while as this computer is going super slow.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP