Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 not holding updated drivers/fingerprint scanner not working


  • Please log in to reply

#1
Brian Brown 103

Brian Brown 103

    New Member

  • Member
  • Pip
  • 7 posts
Hello,

I hope this is the correct area to start this thread. I have an HP Pavillion dv7 laptop running Windows 7 and McAfee All Access Total protection. I also have Driver Detective installed. Recently the laptop has been unable to load any updated drivers (shows the driver updates are loading but never holds them) as well as the fingerprint scanner on the hardware itself has stopped. As a matter of fact the scanner portion of the printer that was attached also stopped working. It seems neither scanner can be recognized. What needs to be done to start to triage this information? Please bear with me as I an entering this on a tablet. I will connect with the computer itself later today.

Any help will be GREATLY appreciated!

Thank you!
Brian Brown


OTL logfile created on: 12/16/2013 5:41:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 36.73% Memory free
10.96 Gb Paging File | 7.19 Gb Available in Paging File | 65.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.54 Gb Total Space | 206.30 Gb Free Space | 35.66% Space Free | Partition Type: NTFS
Drive D: | 17.33 Gb Total Space | 1.89 Gb Free Space | 10.93% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 91.20 Mb Free Space | 91.81% Space Free | Partition Type: FAT32

Computer Name: BRIAN-HP | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/16 17:40:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Downloads\OTL.exe
PRC - [2013/12/06 09:25:04 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/11/06 11:42:36 | 000,778,792 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2013/09/22 05:57:32 | 003,470,624 | ---- | M] (Conduit) -- C:\Users\Brian\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/09/15 15:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/05 08:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/06/05 02:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/24 18:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Brian\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/06 21:08:08 | 000,107,520 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/08/05 10:55:44 | 001,193,176 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/02/23 16:57:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2012/02/23 16:57:34 | 001,885,088 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2012/02/23 16:57:30 | 007,029,664 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2012/01/19 16:15:07 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011/08/25 06:30:52 | 000,260,424 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/08/25 06:30:34 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/08/25 06:30:08 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/08/19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/11 15:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/23 12:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/30 15:01:10 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/11/20 21:24:03 | 001,169,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/03 20:48:04 | 000,399,312 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 20:48:03 | 013,586,896 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/03 20:48:02 | 004,055,504 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 20:47:11 | 000,702,416 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 20:47:11 | 000,099,792 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 20:47:08 | 001,619,408 | ---- | M] () -- C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/09/14 02:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 02:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/03/13 14:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/29 15:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/11/13 17:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/08/05 10:55:44 | 001,193,176 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/05/11 22:44:30 | 002,914,128 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-785400332-2552216715-2852522720-1001\MSPRindiv02.key
MOD - [2012/02/23 16:57:38 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2012/02/23 16:19:16 | 000,669,696 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/22 21:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 21:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 21:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 21:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 20:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/04 16:46:16 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/11/04 16:41:02 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/09/24 17:07:30 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/20 10:46:36 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/02 18:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/01/19 16:09:28 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/01/19 16:09:27 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/15 19:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 19:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/12/10 15:39:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/05 08:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/08/28 15:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/06 21:08:08 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Brian\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2013/04/11 08:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/02/23 16:57:36 | 000,563,104 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/08/25 06:30:52 | 000,260,424 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 12:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/07 18:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/24 22:34:42 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/11/26 08:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2013/11/04 16:51:44 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/11/04 16:46:34 | 000,343,696 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/11/04 16:43:04 | 000,782,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/11/04 16:41:22 | 000,519,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/11/04 16:40:00 | 000,311,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/11/04 16:39:20 | 000,179,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/09/23 14:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/20 10:38:14 | 000,095,984 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/09/20 10:37:56 | 000,390,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/09/09 12:11:58 | 000,074,560 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/19 16:09:28 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/19 17:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV:64bit: - [2011/12/19 17:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV:64bit: - [2011/12/19 17:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV:64bit: - [2011/12/19 17:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV:64bit: - [2011/12/19 17:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV:64bit: - [2011/10/01 02:16:50 | 000,393,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/15 19:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 18:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/29 18:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 18:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/08/01 16:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/07/19 11:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/13 19:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 19:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/15 15:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 15:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 18:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/17 23:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 23:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 11:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 10:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D7A3613A-371A-4646-A32D-CBE03F96DD57}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {7C85CC5B-CF48-4977-AF81-0B9A3F9BD32E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D7A3613A-371A-4646-A32D-CBE03F96DD57}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...20-BC0EA6418A0A
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {90075C6E-F622-4540-AA5B-D824E321F002}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00060d8190bf4ad
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{346D57AD-B978-42D0-9012-7CA7F34E38CC}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{68859E90-CA31-461A-AE64-2F3070F6A075}: "URL" = http://websearch.ask...B9-371D37495554
IE - HKCU\..\SearchScopes\{7C85CC5B-CF48-4977-AF81-0B9A3F9BD32E}: "URL" = http://search.condui...9426030826&UM=2
IE - HKCU\..\SearchScopes\{90075C6E-F622-4540-AA5B-D824E321F002}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-07-13 18:14:07&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...t=kwd&qsrc=2869
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D7A3613A-371A-4646-A32D-CBE03F96DD57}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brian\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/11/22 08:34:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/11/21 20:53:32 | 000,000,000 | ---D | M]

[2012/03/06 10:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: McAfee (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef\1.0_0\npwebsitelogon.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\Brian\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
CHR - plugin: Windows Live? Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Bejeweled = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Word Search Puzzle = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl\1.4_0\
CHR - Extension: Google Drive = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Photo Zoom for Facebook = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1312.1.2_0\
CHR - Extension: SiteAdvisor = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_0\
CHR - Extension: Full Screen Weather = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: Planetarium = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0\
CHR - Extension: RadioRage = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjngjhikmffiafannjcjkdediacimkmk\5.53.2.56344_0\
CHR - Extension: StumbleUpon = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\5.12.2.3_0\
CHR - Extension: Google Wallet = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: LogMeIn = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon\1.0.0.1037_0\
CHR - Extension: Gmail = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Brian\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Brian\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Related Searches) - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Brian\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll (Search Results)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Jump Desktop] C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe autorun File not found
O4 - HKCU..\Run: [SearchProtect] C:\Users\Brian\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Brian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: SafeKey Fill Forms - file://C:\Users\Brian\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: SafeKey Fill Forms - file://C:\Users\Brian\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F6EA22-69F4-4510-94B4-12F4E85C2D97}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C2C8D46-2832-4DE3-913F-6D597789CEC8}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1bc88b67-9521-11e1-8270-101f741dbd19}\Shell - "" = AutoRun
O33 - MountPoints2\{1bc88b67-9521-11e1-8270-101f741dbd19}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/16 10:41:29 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{106F72FB-4452-4FBD-93B4-8D3E65D52787}
[2013/12/16 10:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/15 17:48:36 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{F13A2EA1-1CDC-4703-994A-D10221DA6EB5}
[2013/12/15 15:28:51 | 000,000,000 | ---D | C] -- C:\42ec1081ee4f8bd4d668d6
[2013/12/14 17:24:02 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{8BE6D97B-A926-45CB-BA7D-CB1953A8D6A7}
[2013/12/12 11:03:36 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1BEC7077-51DC-4CD7-A44E-4B9747A1CA6F}
[2013/12/11 10:47:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{CF1EC87D-8825-460D-88F4-49311D8596A9}
[2013/12/10 11:23:14 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{51E70095-F36F-4920-8F19-D209B757488B}
[2013/12/09 06:15:35 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\SearchProtect
[2013/12/08 12:18:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{A59F3A68-32DC-45A7-B28E-103DE38703BE}
[2013/12/05 09:02:49 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0CB28142-DDB5-4D1E-9FA6-E4B94FDB70AE}
[2013/12/04 08:50:42 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4EFBBCD5-EBBB-400C-AF01-359E63BF6AE7}
[2013/12/03 14:36:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0968F001-7D8B-43E4-B03F-18960E3E0FE9}
[2013/12/02 08:46:22 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{49735DC7-9246-4378-8608-0ED48B367148}
[2013/11/27 07:40:09 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{F0062895-EB56-4C86-B31C-AEF02742D95E}
[2013/11/26 12:21:28 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{27F08802-82EB-47B2-BE0C-F49B86158AC8}
[2013/11/25 13:45:44 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{081D5C80-5539-4C4D-B214-4CA4A4991C2B}
[2013/11/24 22:25:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{DB7B4E01-3D06-4A4D-A583-4A46700DC6BF}
[2013/11/24 10:25:26 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{8548B83B-1F30-489F-9618-2421AB8C1176}
[2013/11/23 14:22:29 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{3812EE21-2119-481A-8B54-78E6FC6E296D}
[2013/11/22 19:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/11/22 19:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/11/22 19:52:13 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/11/22 17:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
[2013/11/22 11:03:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\IsolatedStorage
[2013/11/22 11:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
[2013/11/22 11:03:19 | 000,000,000 | ---D | C] -- C:\Program Files\Earth Networks
[2013/11/22 11:02:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5110CCCD-0D73-4D00-A20F-77B527D5FE21}
[2013/11/22 08:41:10 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B48D3352-F5B4-4DF6-88DD-B3009361D556}
[2013/11/21 20:53:43 | 026,838,560 | ---- | C] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013/11/21 20:53:17 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2013/11/21 20:52:40 | 000,074,560 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\McPvDrv.sys
[2013/11/21 20:52:40 | 000,000,000 | R-SD | C] -- C:\Users\Brian\Documents\McAfee Vaults
[2013/11/21 20:52:39 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\McAfee File Lock
[2013/11/21 20:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/11/21 20:52:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2013/11/21 20:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013/11/21 20:51:12 | 000,182,752 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2013/11/21 20:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/11/21 20:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/11/21 20:50:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2013/11/21 20:07:49 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C06B7843-29DE-4DD9-9702-3FBDC18729F5}
[2013/11/20 08:33:11 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9CBA33B5-3EF2-4E3D-A310-08B3CDE3A757}
[2013/11/17 07:14:00 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{04EC3E07-D676-4EB9-A9D7-A670BB8F06EA}
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Brian\*.tmp files -> C:\Users\Brian\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/16 18:00:50 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/16 18:00:50 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/16 17:47:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-785400332-2552216715-2852522720-1001UA.job
[2013/12/16 17:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/16 17:30:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/16 14:47:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-785400332-2552216715-2852522720-1001Core.job
[2013/12/16 10:22:21 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/16 10:14:42 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/12/16 10:08:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/15 15:28:07 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBRIAN-HP$.job
[2013/12/14 14:30:42 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBrian.job
[2013/12/13 11:49:12 | 000,000,258 | RHS- | M] () -- C:\Users\Brian\ntuser.pol
[2013/12/12 11:41:18 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/12 11:41:18 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/12 11:41:18 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/12 11:34:31 | 000,441,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/12 11:33:25 | 117,624,831 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/25 10:53:17 | 026,838,560 | ---- | M] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013/11/22 20:18:36 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/22 20:18:35 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/22 19:47:37 | 000,000,963 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013/11/22 19:42:56 | 000,000,831 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013/11/22 17:48:54 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2013/11/22 17:30:55 | 000,001,855 | ---- | M] () -- C:\Users\Brian\Desktop\WeatherBug®.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Brian\*.tmp files -> C:\Users\Brian\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/16 10:14:41 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/11/22 20:18:36 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/22 20:18:35 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/22 20:08:08 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/11/22 17:48:54 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2013/11/22 11:03:25 | 000,001,855 | ---- | C] () -- C:\Users\Brian\Desktop\WeatherBug®.lnk
[2013/11/21 20:53:17 | 000,002,641 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencrk.inf
[2013/11/21 20:53:06 | 000,002,951 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencbdc.inf
[2013/05/06 21:08:12 | 000,000,258 | RHS- | C] () -- C:\Users\Brian\ntuser.pol
[2013/01/22 19:17:50 | 000,000,017 | ---- | C] () -- C:\Users\Brian\AppData\Local\resmon.resmoncfg
[2012/09/22 19:11:32 | 000,000,529 | ---- | C] () -- C:\Windows\eReg.dat
[2012/09/22 18:38:59 | 000,000,095 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/09/22 18:29:06 | 000,229,376 | ---- | C] () -- C:\Windows\SysWow64\EAREMOVE.EXE
[2012/08/03 16:06:58 | 000,511,488 | ---- | C] () -- C:\Windows\lame_enc.dll
[2012/06/01 21:54:10 | 000,000,016 | ---- | C] () -- C:\Users\Brian\persistent_state
[2012/03/08 17:23:50 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012/01/19 15:33:03 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/01/13 07:22:13 | 000,152,368 | ---- | C] () -- C:\Windows\SysWow64\WIN2PDFS.DLL
[2012/01/13 07:22:13 | 000,000,310 | ---- | C] () -- C:\Windows\1way.ini
[2012/01/12 23:26:53 | 000,000,340 | ---- | C] () -- C:\Windows\EReg072.dat

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/03 22:30:30 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Audacity
[2012/01/18 15:05:40 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Babylon
[2012/01/26 22:36:17 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Blio
[2012/03/05 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
[2012/12/26 11:48:40 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Costco Photo Viewer US
[2013/05/06 21:08:08 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\DefaultTab
[2012/01/19 22:41:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\DriverCure
[2013/12/16 10:09:07 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Dropbox
[2012/07/30 21:32:48 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\DVDVideoSoft
[2013/01/23 09:33:20 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\FileZilla
[2012/01/13 21:59:18 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Firaxis Games
[2012/08/03 16:33:40 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Free Sound Recorder
[2012/01/28 20:46:25 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\GameFly
[2013/11/03 22:45:20 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Hemera
[2012/01/20 22:45:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\ICAClient
[2012/01/11 23:43:21 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\IDT
[2012/06/06 20:00:58 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\ImgBurn
[2012/01/19 23:43:53 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Leadertech
[2012/05/20 21:18:43 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\MusicNet
[2012/07/31 09:41:08 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\My Games
[2012/07/30 21:34:01 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\OpenCandy
[2012/02/24 13:08:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Origin
[2012/02/24 14:09:58 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\PACE Anti-Piracy
[2013/04/28 19:51:52 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\PCCUStubInstaller
[2012/04/08 12:14:00 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Phase Five Systems
[2013/05/09 13:28:49 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SearchProtect
[2013/09/21 20:33:19 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SoftGrid Client
[2012/01/19 22:41:15 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SpeedyPC Software
[2012/08/22 21:52:31 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Spotify
[2012/03/13 22:20:54 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Stardock
[2012/06/23 22:19:30 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Stella
[2012/01/11 20:26:44 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Synaptics
[2013/06/30 17:29:51 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SyncTunesDesktop
[2012/02/17 11:49:33 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TP
[2013/12/16 12:31:52 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TuneUpMedia
[2012/03/23 22:26:45 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Ulead Systems
[2013/12/02 08:55:17 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\uTorrent
[2012/01/19 21:14:08 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WebApp
[2012/01/12 20:49:18 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Windows Live Writer
[2012/03/15 09:42:53 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 160 bytes -> C:\ProgramData\Temp:06C5B98F

< End of report >

Edited by Brian Brown 103, 16 December 2013 - 08:16 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP