Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IDMcache.exe error? [Solved]


  • This topic is locked This topic is locked

#1
battison10

battison10

    Member

  • Member
  • PipPip
  • 81 posts
Every time I boot up my pc it comes up with this error (see picture) I was advised from another section to post in here as it may be a malware problem :(


This is the log from the OTL quick scan.
OTL logfile created on: 11/01/2014 18:25:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Scott\Desktop
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 44.53% Memory free
4.56 Gb Paging File | 2.13 Gb Available in Paging File | 46.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.82 Gb Total Space | 143.96 Gb Free Space | 30.90% Space Free | Partition Type: NTFS
Drive E: | 465.30 Gb Total Space | 465.11 Gb Free Space | 99.96% Space Free | Partition Type: NTFS
Drive Z: | 931.51 Gb Total Space | 767.54 Gb Free Space | 82.40% Space Free | Partition Type: NTFS

Computer Name: SCOTT-PC | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/11 18:24:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
PRC - [2014/01/09 21:47:48 | 003,821,136 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2014/01/03 00:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/05 20:59:10 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/12/02 18:59:50 | 002,484,504 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/12/02 18:59:50 | 001,444,120 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/11/29 09:27:50 | 000,473,496 | ---- | M] (TomTom) -- C:\Program Files\MyDrive Connect\MyDriveConnect.exe
PRC - [2013/11/20 15:43:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/11/20 13:19:25 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe\livecomm.exe
PRC - [2013/11/05 13:57:39 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SettingSyncHost.exe
PRC - [2013/10/22 06:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2013/10/08 12:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
PRC - [2013/10/06 03:27:28 | 000,129,424 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
PRC - [2013/09/26 17:22:14 | 000,480,768 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2013/09/26 17:22:14 | 000,209,408 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2013/09/14 02:27:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
PRC - [2013/09/06 19:53:00 | 020,394,144 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
PRC - [2013/08/22 05:30:48 | 000,066,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2013/08/22 05:30:48 | 000,064,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/08/22 05:21:42 | 000,029,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2013/08/22 05:19:12 | 000,194,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2013/08/22 03:40:37 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
PRC - [2013/08/22 02:45:10 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2013/06/17 20:41:42 | 000,196,616 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/28 21:29:22 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2013/01/30 20:35:37 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe
PRC - [2012/11/01 11:44:56 | 005,029,744 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodtray.exe
PRC - [2012/11/01 11:44:50 | 002,021,744 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2012/09/20 07:44:16 | 000,296,392 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/09/17 05:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012/07/04 19:10:06 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2011/08/24 16:30:58 | 000,651,832 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2011/08/24 16:30:58 | 000,430,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2011/07/12 19:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2010/09/28 09:18:32 | 000,254,004 | ---- | M] (ZF Electronics GmbH) -- C:\Program Files\Cherry\KeyMan\KeyMan.exe
PRC - [2010/08/25 14:09:24 | 000,577,582 | ---- | M] (ZF Electronics GmbH) -- C:\Program Files\Cherry\CDI\cdi.exe
PRC - [2010/01/21 00:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 00:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/12/03 00:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/08/19 11:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/07 04:05:53 | 000,399,640 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
MOD - [2014/01/07 04:05:52 | 013,615,896 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll
MOD - [2014/01/07 04:05:49 | 004,055,320 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
MOD - [2014/01/07 04:04:47 | 000,715,544 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
MOD - [2014/01/07 04:04:46 | 000,100,120 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
MOD - [2014/01/07 04:04:42 | 001,634,584 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll
MOD - [2014/01/03 00:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/11/29 09:29:40 | 000,026,520 | ---- | M] () -- C:\Program Files\MyDrive Connect\DeviceDetection.dll
MOD - [2013/11/29 09:28:34 | 000,344,984 | ---- | M] () -- C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
MOD - [2013/11/29 09:28:12 | 000,082,840 | ---- | M] () -- C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
MOD - [2013/10/21 19:41:58 | 001,127,152 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2013/10/18 23:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/06/17 20:41:58 | 000,481,288 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_xrc_vc_pro8.dll
MOD - [2013/06/17 20:41:56 | 002,673,672 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_core_vc_pro8.dll
MOD - [2013/06/17 20:41:56 | 000,682,504 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_adv_vc_pro8.dll
MOD - [2013/06/17 20:41:56 | 000,450,056 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxmsw28u_html_vc_pro8.dll
MOD - [2013/06/17 20:41:56 | 000,123,400 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_xml_vc_pro8.dll
MOD - [2013/06/17 20:41:54 | 001,145,864 | ---- | M] () -- C:\Program Files\Nitro\Pro 8\wxbase28u_vc_pro8.dll
MOD - [2013/03/28 21:29:40 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012/06/27 14:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006/02/22 14:47:44 | 000,073,728 | R--- | M] () -- C:\Program Files\Cherry\KeyMan\zlib1.dll
MOD - [2006/02/22 14:47:16 | 000,114,688 | R--- | M] () -- C:\Program Files\Cherry\KeyMan\libpng13.dll


========== Services (SafeList) ==========

SRV - [2013/12/02 18:59:50 | 001,444,120 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/11/08 03:30:03 | 001,128,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2013/10/22 01:40:33 | 001,210,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2013/10/19 04:43:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/18 18:29:20 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013/10/18 18:29:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013/10/18 18:29:18 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013/10/18 18:29:18 | 000,475,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2013/10/10 14:52:58 | 002,872,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2013/10/08 12:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013/10/06 03:27:28 | 000,129,424 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe -- (NCO)
SRV - [2013/10/04 08:00:53 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2013/09/30 04:05:05 | 001,198,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013/09/30 04:05:05 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/30 04:05:05 | 000,301,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2013/09/30 04:05:05 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013/09/30 03:53:38 | 000,075,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV - [2013/09/30 03:53:34 | 001,778,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2013/09/30 03:53:29 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2013/09/26 17:22:14 | 000,209,408 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/08/22 05:18:20 | 000,278,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2013/08/22 05:18:20 | 000,022,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013/08/22 05:17:49 | 002,407,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:03:29 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2013/08/22 04:03:12 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2013/08/22 03:56:08 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:54:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2013/08/22 03:50:48 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2013/08/22 03:10:39 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2013/08/22 03:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2013/08/22 02:50:12 | 000,197,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013/08/22 02:49:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2013/08/22 02:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2013/08/22 02:45:36 | 000,173,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013/08/22 02:44:38 | 000,415,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013/08/22 02:41:55 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2013/08/22 02:39:05 | 000,196,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2013/08/22 02:38:43 | 000,306,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2013/08/22 02:37:53 | 000,173,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2013/08/22 02:36:04 | 000,614,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2013/08/22 02:31:45 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2013/08/22 02:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2013/06/17 20:41:42 | 000,196,616 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/28 21:29:22 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013/01/30 20:35:37 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe -- (ScsiAccess)
SRV - [2012/11/01 11:44:50 | 002,021,744 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2012/09/17 05:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012/09/06 01:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/04 19:10:06 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011/08/24 16:30:58 | 000,430,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011/07/12 19:51:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2010/09/27 08:37:24 | 004,180,576 | ---- | M] (SafeNet Inc.) [Disabled | Stopped] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2010/08/25 14:09:24 | 000,577,582 | ---- | M] (ZF Electronics GmbH) [On_Demand | Running] -- C:\Program Files\Cherry\CDI\cdi.exe -- (Cherry Device Interface)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/21 00:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/21 00:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/19 11:56:38 | 000,090,112 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2014/01/07 10:47:58 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140110.017\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/01/07 10:47:58 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/01/07 10:47:58 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140110.017\NAVENG.SYS -- (NAVENG)
DRV - [2013/12/18 00:32:11 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131218.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/12/13 14:01:57 | 000,394,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140110.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/12/02 19:00:04 | 000,155,704 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/12/02 19:00:04 | 000,107,256 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/12/02 19:00:02 | 000,228,888 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/11/28 00:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/11/21 13:27:46 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/11/11 00:50:33 | 000,036,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\intelpep.sys -- (intelpep)
DRV - [2013/11/09 20:11:13 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/11/09 10:54:52 | 000,261,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013/11/01 10:17:26 | 000,077,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013/10/26 20:28:41 | 000,120,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx2.sys -- (SerCx2)
DRV - [2013/10/21 19:41:57 | 000,340,432 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys -- (RapportCerberus_59849)
DRV - [2013/10/18 18:29:18 | 000,131,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mqac.sys -- (MQAC)
DRV - [2013/10/13 00:45:41 | 000,069,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2013/10/05 12:30:03 | 000,047,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\stornvme.sys -- (stornvme)
DRV - [2013/10/05 12:30:02 | 000,321,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013/09/30 04:05:05 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013/09/30 04:05:05 | 000,142,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2013/09/30 03:53:41 | 000,019,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\kbldfltr.sys -- (kbldfltr)
DRV - [2013/09/30 03:53:38 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2013/09/30 03:53:23 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2013/09/27 19:23:30 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NST\7DE06000.01B\ccSetx86.sys -- (ccSet_NST)
DRV - [2013/09/27 03:18:30 | 000,935,512 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\SymEFA.sys -- (SymEFA)
DRV - [2013/09/27 02:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\Ironx86.sys -- (SymIRON)
DRV - [2013/09/27 02:26:03 | 000,651,352 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\srtsp.sys -- (SRTSP)
DRV - [2013/09/26 17:22:14 | 010,926,080 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmdag.sys -- (amdkmdag)
DRV - [2013/09/26 17:22:14 | 000,495,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\atikmpag.sys -- (amdkmdap)
DRV - [2013/09/26 03:28:00 | 000,446,552 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\symnets.sys -- (SymNetS)
DRV - [2013/09/26 02:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\ccSetx86.sys -- (ccSet_NIS)
DRV - [2013/09/10 02:47:38 | 000,021,520 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\NIS\1501000.012\SymELAM.sys -- (SymELAM)
DRV - [2013/09/10 02:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\SymDS.sys -- (SymDS)
DRV - [2013/09/10 01:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1501000.012\srtspx.sys -- (SRTSPX)
DRV - [2013/08/22 06:13:53 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2013/08/22 05:35:21 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2013/08/22 05:35:20 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2013/08/22 05:34:52 | 000,133,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013/08/22 05:33:32 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2013/08/22 05:33:31 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2013/08/22 05:33:30 | 000,122,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2013/08/22 05:33:30 | 000,068,960 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV - [2013/08/22 05:33:29 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2013/08/22 05:33:26 | 000,086,368 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2013/08/22 05:33:25 | 000,773,472 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\adp80xx.sys -- (ADP80XX)
DRV - [2013/08/22 05:33:25 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2013/08/22 05:33:24 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2013/08/22 05:33:01 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2013/08/22 05:32:57 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013/08/22 05:32:57 | 000,090,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013/08/22 05:32:57 | 000,064,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2013/08/22 05:32:57 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2013/08/22 05:32:57 | 000,058,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2013/08/22 05:32:57 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2013/08/22 05:32:38 | 000,031,584 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2013/08/22 05:25:38 | 000,046,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2013/08/22 05:25:37 | 000,284,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2013/08/22 05:24:56 | 000,023,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uefi.sys -- (UEFI)
DRV - [2013/08/22 05:24:36 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2013/08/22 05:20:49 | 000,093,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2013/08/22 05:20:48 | 000,214,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013/08/22 05:20:22 | 000,093,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2013/08/22 05:20:22 | 000,045,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2013/08/22 05:20:22 | 000,042,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2013/08/22 05:17:00 | 000,029,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013/08/22 04:11:37 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2013/08/22 04:11:29 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ahcache.sys -- (ahcache)
DRV - [2013/08/22 04:11:26 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WSDScan.sys -- (WSDScan)
DRV - [2013/08/22 04:11:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2013/08/22 04:10:58 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2013/08/22 04:10:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2013/08/22 04:10:37 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2013/08/22 04:10:28 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2013/08/22 04:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2013/08/22 04:10:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2013/08/22 04:10:01 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013/08/22 04:09:59 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2013/08/22 04:09:57 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2013/08/22 04:09:50 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2013/08/22 04:09:37 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2013/08/22 04:09:23 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb)
DRV - [2013/08/22 04:09:15 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2013/08/22 04:09:10 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2013/08/22 04:09:09 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2013/08/22 04:09:03 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/08/22 04:09:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2013/08/22 04:09:01 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2013/08/22 04:08:37 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2013/08/22 04:08:18 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\netvsc63.sys -- (netvsc)
DRV - [2013/08/22 04:08:06 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2013/08/22 04:07:57 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2013/08/22 04:07:55 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2013/08/22 04:07:53 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp)
DRV - [2013/08/22 04:07:19 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2013/08/22 01:58:35 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2013/08/12 23:25:32 | 000,016,088 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2013/08/10 00:39:44 | 000,524,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2013/07/23 21:18:30 | 000,061,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaioi2c.sys -- (iaioi2c)
DRV - [2013/07/23 21:18:30 | 000,022,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaiogpio.sys -- (GPIO)
DRV - [2013/06/18 12:23:05 | 000,291,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvmf6232.sys -- (NVNET)
DRV - [2013/05/17 10:13:26 | 000,016,256 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ASACPI.sys -- (MTsensor)
DRV - [2013/04/23 11:38:16 | 000,086,624 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AtihdW83.sys -- (AtiHDAudioService)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/09/23 02:17:20 | 000,015,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\amdkmafd.sys -- (amdkmafd)
DRV - [2012/04/09 09:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012/04/09 09:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011/07/12 19:51:38 | 001,810,032 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010/09/27 13:24:50 | 000,356,864 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\aksfridge.sys -- (aksfridge)
DRV - [2009/12/09 21:27:18 | 000,588,800 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\hardlock.sys -- (hardlock)
DRV - [2009/11/04 17:32:39 | 000,104,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/04 15:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/08/04 02:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\Drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/06 02:48:02 | 000,011,448 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\Drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2008/07/26 14:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 14:25:48 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 14:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008/07/26 14:22:22 | 000,013,848 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\lv302af.sys -- (pepifilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 CD 75 87 1E B1 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.0.2
FF - prefs.js..extensions.enabledAddons: mozilla_c[email protected]:7.3.40


FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Scott\AppData\Local\Roblox\Versions\version-759151294bb84441\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013/11/09 20:12:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014/01/11 17:24:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/14 14:34:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/10 19:13:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5 [2014/01/09 21:45:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5 [2014/01/09 21:45:33 | 000,000,000 | ---D | M]

[2012/10/05 05:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\mozilla\Extensions
[2013/10/16 19:34:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\mozilla\Firefox\Profiles\0rdtqlta.default\extensions
[2013/02/21 15:21:33 | 000,000,000 | ---D | M] ("Star Stable Online") -- C:\Users\Scott\AppData\Roaming\mozilla\Firefox\Profiles\0rdtqlta.default\extensions\[email protected]
[2012/10/05 05:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/01/09 21:45:33 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SCOTT\APPDATA\ROAMING\IDM\IDMMZCC5
[2012/09/06 01:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/06 01:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/06 01:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.co.uk/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Photodex Presenter Plugin (Enabled) = C:\Program Files\Photodex Presenter\npPxPlay.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Photo Uploader (Enabled) = C:\Users\Scott\AppData\Local\Facebook\PhotoUploader\1.0.0.2003\npFacebookPhotoUploader.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Scott\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Scott\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: WGT Golf Challenge = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
CHR - Extension: iCloud Bookmarks = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0\
CHR - Extension: IDM Integration Module = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.8_0\
CHR - Extension: Into The Mist = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0\
CHR - Extension: Norton Identity Protection = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0\
CHR - Extension: Range Rover Evoque | SUV | Land Rover UK = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbihhjgpobhhbidhlfkclkjllkgoicbj\2012.7.6.45832_0\
CHR - Extension: Google Wallet = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: My Chrome Theme = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: YouTube = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: WGT Golf Challenge = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
CHR - Extension: iCloud Bookmarks = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0\
CHR - Extension: IDM Integration Module = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.8_0\
CHR - Extension: Into The Mist = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0\
CHR - Extension: Norton Identity Protection = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0\
CHR - Extension: Range Rover Evoque | SUV | Land Rover UK = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbihhjgpobhhbidhlfkclkjllkgoicbj\2012.7.6.45832_0\
CHR - Extension: Google Wallet = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: My Chrome Theme = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\

O1 HOSTS File: ([2012/05/17 20:22:05 | 000,000,888 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CherryKeyMan] C:\Program Files\Cherry\KeyMan\KeyMan.exe (ZF Electronics GmbH)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Adobe] C:\Users\Scott\AppData\Roaming\Adobe\Flash Player\BrowserCache\IDMcache.vbs ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [CAHeadless] C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Epson Stylus SX620FW(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON575477 (Epson Stylus SX620FW)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions ™)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe (TomTom)
O4 - Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEF2ABDC-B8F8-49CC-8EFB-922B98295054}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE78630B-CE79-41DF-B049-8B42208E9605}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/11 18:24:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2014/01/09 21:45:19 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Video
[2014/01/09 21:45:19 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Music
[2014/01/09 21:45:19 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\IDM
[2014/01/09 21:45:19 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Documents
[2014/01/09 21:45:19 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Compressed
[2014/01/09 21:44:57 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/09 21:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/09 21:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2014/01/09 21:43:40 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Internet Download Manager 6.18 build 11 Final Retail [ChingLiu]
[2014/01/09 18:22:54 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\Adobe
[2014/01/07 23:30:18 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Melia Sharm - Egypt 2013-14
[2013/12/21 21:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/12/17 16:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/15 09:43:44 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\drivers\idmwfp.sys
[2013/12/15 09:00:37 | 000,000,000 | ---D | C] -- C:\Users\Scott\Desktop\Kennedy scan pictures
[2013/12/13 13:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/08/07 11:02:36 | 009,452,704 | ---- | C] (SurfRight B.V.) -- C:\Users\Scott\AppData\Roaming\HitmanPro.exe
[2013/06/26 15:56:37 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Scott\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/01/11 18:24:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Desktop\OTL.exe
[2014/01/11 18:04:29 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/11 17:48:36 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000UA.job
[2014/01/11 17:26:10 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/11 17:24:18 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/11 17:24:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/11 17:24:08 | 2576,326,656 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/11 17:24:08 | 000,891,924 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2014/01/10 06:46:51 | 000,001,099 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/09 21:45:06 | 000,000,995 | ---- | M] () -- C:\Users\Scott\Desktop\Internet Download Manager.lnk
[2014/01/09 21:06:04 | 000,033,430 | ---- | M] () -- C:\Users\Scott\Desktop\windows error.jpg
[2014/01/09 20:48:01 | 000,000,856 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000Core.job
[2014/01/09 06:30:15 | 000,816,012 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/01/09 06:30:15 | 000,167,630 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/01/08 16:35:03 | 000,048,128 | ---- | M] () -- C:\Users\Scott\Documents\09.01.14.axe
[2013/12/21 21:32:54 | 009,452,704 | ---- | M] (SurfRight B.V.) -- C:\Users\Scott\AppData\Roaming\HitmanPro.exe
[2013/12/17 16:09:52 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2014/01/09 21:45:05 | 000,000,995 | ---- | C] () -- C:\Users\Scott\Desktop\Internet Download Manager.lnk
[2014/01/09 21:06:03 | 000,033,430 | ---- | C] () -- C:\Users\Scott\Desktop\windows error.jpg
[2014/01/08 15:30:32 | 000,048,128 | ---- | C] () -- C:\Users\Scott\Documents\09.01.14.axe
[2013/12/17 16:09:45 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/10/18 18:31:16 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/18 17:35:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/09/26 17:22:30 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\clinfo.exe
[2013/09/26 17:22:20 | 000,233,652 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik.dat
[2013/09/26 17:22:20 | 000,231,984 | ---- | C] () -- C:\WINDOWS\System32\ativvaxy_cik_nd.dat
[2013/09/26 17:22:20 | 000,204,952 | ---- | C] () -- C:\WINDOWS\System32\ativvsvl.dat
[2013/09/26 17:22:20 | 000,157,144 | ---- | C] () -- C:\WINDOWS\System32\ativvsva.dat
[2013/09/26 17:22:20 | 000,082,416 | ---- | C] () -- C:\WINDOWS\System32\ativce02.dat
[2013/09/26 17:22:16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\System32\atipblag.dat
[2013/09/26 17:22:14 | 000,716,208 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013/09/26 17:22:12 | 000,798,734 | ---- | C] () -- C:\WINDOWS\System32\amdocl_ld32.exe
[2013/09/26 17:22:10 | 000,995,342 | ---- | C] () -- C:\WINDOWS\System32\amdocl_as32.exe
[2013/09/26 17:22:08 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\amdmiracast.dll
[2013/09/26 17:22:08 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\amdhdl32.dll
[2013/09/21 12:15:47 | 000,037,843 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\Comma Separated Values (Windows).ADR
[2013/09/12 14:01:05 | 000,000,132 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/08/22 08:19:09 | 000,816,012 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/22 08:19:09 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/08/22 08:19:09 | 000,167,630 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/22 08:19:09 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/08/22 08:17:31 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\AutoWorkplace.exe.config
[2013/08/22 08:17:30 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/08/22 08:17:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2013/08/22 07:24:03 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 07:22:45 | 006,232,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/22 03:33:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2013/08/22 03:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2013/08/21 23:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/08/21 23:52:35 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2013/08/21 23:52:35 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2013/08/21 23:50:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2013/08/21 23:48:14 | 000,049,963 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
[2013/06/26 15:57:41 | 000,001,041 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\vso_ts_preview.xml
[2013/06/26 15:56:37 | 000,087,608 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\inst.exe
[2013/06/26 15:56:37 | 000,007,887 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\pcouffin.cat
[2013/06/26 15:56:37 | 000,001,144 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\pcouffin.inf
[2013/05/17 10:13:26 | 000,016,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2013/04/05 17:28:08 | 000,013,961 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp DSP Effects.dat
[2013/04/05 17:27:53 | 000,017,993 | ---- | C] () -- C:\WINDOWS\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2012/11/27 00:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\kdbsdk32.dll
[2012/10/31 20:04:52 | 000,000,022 | ---- | C] () -- C:\WINDOWS\cmm.dat
[2012/10/27 15:11:56 | 000,021,412 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/10/22 13:17:08 | 000,000,071 | ---- | C] () -- C:\WINDOWS\PrintCD.INI
[2012/09/16 18:24:31 | 000,007,604 | ---- | C] () -- C:\Users\Scott\AppData\Local\Resmon.ResmonCfg
[2012/06/04 15:53:30 | 000,000,048 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012/06/02 09:09:50 | 000,001,660 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012/05/23 17:49:32 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/05/23 17:49:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/05/23 17:49:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/05/23 17:49:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/11/14 19:21:13 | 000,000,459 | ---- | C] () -- C:\Users\Scott\AppData\Local\Images.fl
[2010/12/27 08:19:50 | 000,000,151 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\default.rss
[2010/12/27 07:39:02 | 000,000,000 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\chrtmp
[2010/12/27 07:38:34 | 000,057,652 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\SQLite3.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/05 18:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013/08/22 02:42:12 | 000,390,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/01/08 13:06:54 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\.minecraft
[2011/12/14 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\2020 Fusion
[2011/09/10 06:57:11 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Anthropics
[2012/11/21 20:33:21 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Auslogics
[2012/04/07 16:41:22 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Azureus
[2012/06/09 18:16:37 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\calibre
[2012/01/18 18:39:04 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/26 15:55:36 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Cherry
[2012/06/02 14:53:43 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/17 19:02:35 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\dBpoweramp
[2014/01/10 22:35:40 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\DMCache
[2013/10/09 19:55:18 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Downloaded Installations
[2014/01/11 17:25:40 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Dropbox
[2013/05/18 14:02:58 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\DxO Labs
[2013/04/11 16:08:39 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Epson
[2013/10/09 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FileOpen
[2012/10/05 06:02:30 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\FileZilla
[2013/02/21 17:44:11 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Fox Dgital Copy
[2013/08/03 07:28:20 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\HandBrake
[2012/11/24 10:12:57 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\HDRsoft
[2014/01/11 18:25:01 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\IDM
[2012/11/25 12:45:30 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Imagenomic
[2012/06/17 10:02:19 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Jaran Nilsen
[2013/09/19 12:59:18 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\jdast
[2012/07/04 06:04:55 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\jdnetmon
[2013/09/27 15:15:39 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\JRT Studio
[2011/09/23 19:26:03 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Leadertech
[2011/06/17 21:55:23 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\MAGIX
[2010/12/23 15:12:09 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Netscape
[2013/10/09 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Nitro
[2012/06/17 18:56:43 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Notpod
[2013/10/30 14:10:18 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Oracle
[2013/11/23 12:38:53 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Origin
[2013/05/27 11:20:31 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Pavtube
[2010/12/23 15:11:40 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Photodex
[2013/09/28 15:25:19 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Samsung
[2010/12/27 11:01:13 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\SoundSpectrum
[2012/06/03 10:39:47 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/05/12 11:40:21 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\SystemRequirementsLab
[2012/06/14 16:35:54 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Temp
[2011/08/27 08:33:00 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Trusteer
[2012/05/02 16:07:10 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Unity
[2010/12/30 10:50:09 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\URSoft
[2013/12/17 16:25:23 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\uTorrent
[2013/08/09 17:29:04 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\VSO
[2010/12/23 18:50:37 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Windows Live Writer
[2012/06/04 16:32:19 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Xilisoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Scott\SkyDrive.old:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Scott\SkyDrive:ms-properties
@Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:1CE11B51
@Alternate Data Stream - 143 bytes -> C:\Users\Scott\AppData\Roaming\default.rss:OECustomProperty

< End of report >

Attached Thumbnails

  • windows error.jpg

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello battison10,

Welcome to the Malware Forum.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
Hi, this is the results from the scan.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-01-2014 01
Ran by Scott (administrator) on SCOTT-PC on 13-01-2014 06:33:49
Running from C:\Users\Scott\Desktop\New folder (3)
Microsoft Windows 8.1 Pro with Media Center (X86) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
() C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(ZF Electronics GmbH) C:\Program Files\Cherry\KeyMan\KeyMan.exe
(ZF Electronics GmbH) C:\Program Files\Cherry\CDI\cdi.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Dropbox, Inc.) C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PMBVolumeWatcher] - C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [FUFAXSTM] - C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CherryKeyMan] - C:\Program Files\Cherry\KeyMan\KeyMan.exe [254004 2010-09-28] (ZF Electronics GmbH)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [5029744 2012-11-01] (O&O Software GmbH)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-06] (Google Inc.)
HKCU\...\Run: [CAHeadless] - C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [545872 2012-09-17] (Adobe Systems Incorporated)
HKCU\...\Run: [EPSON575477 (Epson Stylus SX620FW)] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Epson Stylus SX620FW(Network)] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [FreeRAM XP] - C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe [1591808 2006-03-22] (YourWare Solutions ™)
HKCU\...\Run: [iCloudServices] - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKCU\...\Run: [Adobe] - C:\Users\Scott\AppData\Roaming\Adobe\Flash Player\BrowserCache\IDMcache.bat [313 2013-07-25] ()
HKU\DefaultAppPool.IIS APPPOOL.067\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2013-08-22] (Microsoft Corporation)
HKU\LogMeInRemoteUser.Scott-PC.000\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\LogMeInRemoteUser.Scott-PC.000\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\Mcx1-SCOTT-PC\...\Run: [AnyDVD] - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [ 2009-11-04] (SlySoft, Inc.)
HKU\Mcx1-SCOTT-PC\...\Run: [Google Update] - C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-07-06] (Google Inc.)
HKU\Mcx1-SCOTT-PC\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00CD75871EB1CD01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default
FF user.js: detected! => C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default\user.js
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin: @photodex.com/PhotodexPresenter - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Scott\AppData\Local\Roblox\Versions\version-759151294bb84441\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Star Stable Online - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default\Extensions\[email protected] [2013-02-21]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5 [2014-01-09]
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Scott\AppData\Roaming\IDM\idmmzcc5 [2014-01-09]

Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Java™ Platform SE 7 U4) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Photo Uploader) - C:\Users\Scott\AppData\Local\Facebook\PhotoUploader\1.0.0.2003\npFacebookPhotoUploader.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Scott\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Users\Scott\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-11]
CHR Extension: (WGT Golf Challenge) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0 [2012-12-02]
CHR Extension: (iCloud Bookmarks) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0 [2013-12-10]
CHR Extension: (The Camelizer - Amazon Price Tracker) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0 [2013-12-16]
CHR Extension: (IDM Integration Module) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.8_0 [2014-01-09]
CHR Extension: (Into The Mist) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0 [2012-11-20]
CHR Extension: (Norton Identity Protection) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0 [2013-12-10]
CHR Extension: (Range Rover Evoque | SUV | Land Rover UK) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbihhjgpobhhbidhlfkclkjllkgoicbj\2012.7.6.45832_0 [2012-07-06]
CHR Extension: (Google Wallet) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-08]
CHR Extension: (My Chrome Theme) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0 [2013-02-01]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-12-15]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [2013-12-10]
CHR StartMenuInternet: Google Chrome - C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
R3 Cherry Device Interface; C:\Program Files\Cherry\CDI\cdi.exe [577582 2010-08-25] (ZF Electronics GmbH)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
S4 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2013-10-18] (Microsoft Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-06-17] (Nitro PDF Software)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2021744 2012-11-01] (O&O Software GmbH)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-01-30] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [66560 2013-10-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [356864 2010-09-27] (SafeNet Inc.)
R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [15528 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [104512 2009-11-04] (SlySoft, Inc.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11448 2009-07-06] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW83.sys [86624 2013-04-23] (Advanced Micro Devices)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131218.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE06000.01B\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-01-07] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25768 2009-09-26] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140110.001\IDSvix86.sys [394456 2013-12-13] (Symantec Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-11] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [131072 2013-10-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [16256 2013-05-17] ()
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140111.005\NAVENG.SYS [93272 2014-01-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140111.005\NAVEX15.SYS [1612376 2014-01-07] (Symantec Corporation)
R3 pepifilter; C:\Windows\system32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\Windows\system32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-10-21] ()
R1 SRTSP; C:\Windows\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NIS\1501000.012\SYMELAM.SYS [21520 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-11-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NIS\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation)
R3 VIAHdAudAddService; C:\Windows\system32\drivers\viahduaa.sys [1810032 2011-07-12] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
S3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-13 06:33 - 2014-01-13 06:33 - 00000000 ____D C:\FRST
2014-01-13 06:31 - 2014-01-13 06:33 - 00000000 ____D C:\Users\Scott\Desktop\New folder (3)
2014-01-12 20:34 - 2014-01-12 21:02 - 00000000 ____D C:\Users\Scott\Downloads\Ministry of Sound House Party 2014 (2013) (320kbps) (AciDToX8)
2014-01-12 20:33 - 2014-01-12 20:34 - 00000000 ____D C:\Users\Scott\Downloads\Ministry of Sound The Sound of Trap (2013)[Mp3][www.lokotorrents.com]
2014-01-11 19:48 - 2014-01-11 19:49 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-11 18:37 - 2014-01-11 18:37 - 00068646 _____ C:\Users\Scott\Desktop\Extras.Txt
2014-01-11 18:36 - 2014-01-11 18:36 - 00156954 _____ C:\Users\Scott\Desktop\OTL.Txt
2014-01-11 18:24 - 2014-01-11 18:24 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Desktop\OTL.exe
2014-01-09 21:45 - 2014-01-11 18:25 - 00000000 ____D C:\Users\Scott\AppData\Roaming\IDM
2014-01-09 21:45 - 2014-01-09 21:45 - 00000995 _____ C:\Users\Scott\Desktop\Internet Download Manager.lnk
2014-01-09 21:45 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\Desktop\Video
2014-01-09 21:45 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\Desktop\Compressed
2014-01-09 21:44 - 2014-01-09 21:48 - 00000000 ____D C:\Program Files\Internet Download Manager
2014-01-09 21:44 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-01-09 21:43 - 2013-12-16 10:03 - 00000000 ____D C:\Users\Scott\Desktop\Internet Download Manager 6.18 build 11 Final Retail [ChingLiu]
2014-01-09 21:41 - 2014-01-09 21:43 - 06088436 _____ C:\Users\Scott\Downloads\Internet_Download_Manager_6.18_build_11_Final_Retail_[ChingLiu].rar
2014-01-09 18:22 - 2014-01-13 06:33 - 00000000 ____D C:\Users\Scott\AppData\Local\Adobe
2014-01-08 15:30 - 2014-01-08 16:35 - 00048128 _____ C:\Users\Scott\Documents\09.01.14.axe
2014-01-07 23:30 - 2014-01-12 21:22 - 00000000 ____D C:\Users\Scott\Desktop\Melia Sharm - Egypt 2013-14
2013-12-21 21:32 - 2013-12-21 21:34 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-17 16:09 - 2013-12-17 16:09 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-15 09:43 - 2013-11-28 00:24 - 00108000 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

2014-01-13 06:33 - 2014-01-13 06:33 - 00000000 ____D C:\FRST
2014-01-13 06:33 - 2014-01-13 06:31 - 00000000 ____D C:\Users\Scott\Desktop\New folder (3)
2014-01-13 06:33 - 2014-01-09 18:22 - 00000000 ____D C:\Users\Scott\AppData\Local\Adobe
2014-01-13 06:31 - 2013-10-18 17:41 - 01874115 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-13 06:24 - 2011-06-16 21:22 - 00000000 ___RD C:\Users\Scott\Desktop\Dropbox
2014-01-13 06:24 - 2011-06-16 21:11 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Dropbox
2014-01-13 06:23 - 2013-11-17 11:35 - 00000000 __RDO C:\Users\Scott\SkyDrive
2014-01-13 06:23 - 2013-08-22 07:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-13 06:23 - 2013-04-30 21:32 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 06:23 - 2013-01-09 16:18 - 00895752 _____ C:\WINDOWS\system32\oodbs.lor
2014-01-13 06:23 - 2010-12-27 08:58 - 00000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
2014-01-12 21:43 - 2013-08-22 06:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-12 21:36 - 2010-12-23 15:00 - 00000000 ____D C:\Users\Scott\AppData\Roaming\uTorrent
2014-01-12 21:22 - 2014-01-07 23:30 - 00000000 ____D C:\Users\Scott\Desktop\Melia Sharm - Egypt 2013-14
2014-01-12 21:04 - 2013-04-30 21:32 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 21:02 - 2014-01-12 20:34 - 00000000 ____D C:\Users\Scott\Downloads\Ministry of Sound House Party 2014 (2013) (320kbps) (AciDToX8)
2014-01-12 21:02 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-12 20:48 - 2011-07-06 18:54 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000UA.job
2014-01-12 20:48 - 2011-07-06 18:53 - 00000856 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000Core.job
2014-01-12 20:34 - 2014-01-12 20:33 - 00000000 ____D C:\Users\Scott\Downloads\Ministry of Sound The Sound of Trap (2013)[Mp3][www.lokotorrents.com]
2014-01-12 20:11 - 2010-12-23 06:04 - 00000000 ____D C:\Users\Scott\AppData\Local\VirtualStore
2014-01-12 18:28 - 2013-04-02 19:11 - 01094944 _____ C:\Users\Scott\Desktop\Apr2014 Instructions by Agent.xlsx
2014-01-12 17:44 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-12 06:27 - 2013-04-10 20:41 - 00000000 ____D C:\Users\Scott\Desktop\DAILY ROUTES
2014-01-11 19:49 - 2014-01-11 19:48 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-11 19:49 - 2010-12-23 15:13 - 00000000 ____D C:\Users\Scott\AppData\Roaming\DMCache
2014-01-11 19:46 - 2013-09-12 14:07 - 00000000 ____D C:\AdwCleaner
2014-01-11 18:37 - 2014-01-11 18:37 - 00068646 _____ C:\Users\Scott\Desktop\Extras.Txt
2014-01-11 18:36 - 2014-01-11 18:36 - 00156954 _____ C:\Users\Scott\Desktop\OTL.Txt
2014-01-11 18:25 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\AppData\Roaming\IDM
2014-01-11 18:24 - 2014-01-11 18:24 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Desktop\OTL.exe
2014-01-10 22:18 - 2011-05-04 18:32 - 00000000 ____D C:\Users\Scott\Documents\Outlook Files
2014-01-10 06:46 - 2011-06-16 21:14 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 21:56 - 2013-09-29 19:58 - 01220932 _____ C:\WINDOWS\PFRO.log
2014-01-09 21:48 - 2014-01-09 21:44 - 00000000 ____D C:\Program Files\Internet Download Manager
2014-01-09 21:45 - 2014-01-09 21:45 - 00000995 _____ C:\Users\Scott\Desktop\Internet Download Manager.lnk
2014-01-09 21:45 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\Desktop\Video
2014-01-09 21:45 - 2014-01-09 21:45 - 00000000 ____D C:\Users\Scott\Desktop\Compressed
2014-01-09 21:45 - 2014-01-09 21:44 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-01-09 21:43 - 2014-01-09 21:41 - 06088436 _____ C:\Users\Scott\Downloads\Internet_Download_Manager_6.18_build_11_Final_Retail_[ChingLiu].rar
2014-01-09 17:08 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-09 06:30 - 2013-09-30 04:06 - 00976620 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-08 17:20 - 2012-12-14 12:30 - 00000000 ____D C:\Users\Scott\Desktop\New folder
2014-01-08 16:35 - 2014-01-08 15:30 - 00048128 _____ C:\Users\Scott\Documents\09.01.14.axe
2014-01-08 13:06 - 2013-10-12 16:20 - 00000000 ____D C:\Users\Scott\AppData\Roaming\.minecraft
2014-01-08 00:05 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-07 23:28 - 2013-08-22 06:13 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-21 21:34 - 2013-12-21 21:32 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-21 21:32 - 2013-08-07 11:02 - 09452704 _____ (SurfRight B.V.) C:\Users\Scott\AppData\Roaming\HitmanPro.exe
2013-12-18 15:01 - 2013-08-04 09:35 - 00000000 ____D C:\Users\Scott\Desktop\Holiday
2013-12-17 16:09 - 2013-12-17 16:09 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-17 16:08 - 2013-04-30 21:32 - 00000000 ____D C:\Program Files\Google
2013-12-17 16:01 - 2013-11-22 18:43 - 00000000 ____D C:\Users\Scott\Downloads\VA - Ministry Of Sound The Annual 2014
2013-12-16 10:03 - 2014-01-09 21:43 - 00000000 ____D C:\Users\Scott\Desktop\Internet Download Manager 6.18 build 11 Final Retail [ChingLiu]
2013-12-15 10:01 - 2013-10-18 17:40 - 00000000 ____D C:\Users\Scott

Some content of TEMP:
====================
C:\Users\Scott\AppData\Local\Temp\7za.exe
C:\Users\Scott\AppData\Local\Temp\HitmanPro.exe
C:\Users\Scott\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Scott\AppData\Local\Temp\setup-retail.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2013-11-16 11:13] - [2013-10-22 06:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-12 17:42

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-01-2014 01
Ran by Scott at 2014-01-13 06:35:36
Running from C:\Users\Scott\Desktop\New folder (3)
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

µTorrent (Version: 3.3.2.30303 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe DNG Codec (Version: 1.1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.8) (Version: 10.1.8 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
AnyDVD (Version: - SlySoft)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ArtiCAD 14.0 Build 20 (Version: 14.0 Build 20 - ArtiCAD Ltd)
ASUSUpdate (Version: 7.18.03 - ASUSTeK Computer Inc.)
Auslogics Registry Cleaner (Version: 2.4 - Auslogics Software Pty Ltd)
BenVista PhotoZoom Pro 4.1 (Version: 4.1 - BenVista Ltd.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
calibre (Version: 0.8.55 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.)
CloneDVD2 (Version: - Elaborate Bytes)
CloneDVDmobile (Version: - SlySoft)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322 - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp DSP Effects (Version: Release 9 - Illustrate)
dBpoweramp Music Converter (Version: Release 14.4 - Illustrate)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
DHTML Editing Component (Version: 6.02.0001 - Microsoft Corporation)
DolbyFiles (Version: 2.0 - Nero AG) Hidden
Dropbox (Version: 2.4.11 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (Version: - )
DVD Shrink 3.2 (Version: - DVD Shrink)
DxO Optics Pro 8 (Version: 8.1.3 - DxO Labs)
Elements 11 Organizer (Version: 11.0 - Adobe Systems Incorporated) Hidden
Epson Easy Photo Print 2 (Version: 2.2.3.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (Version: - )
EPSON PhotoQuicker3.5 (Version: - )
Epson Print CD (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (Version: - SEIKO EPSON Corporation)
EPSON Scan (Version: - Seiko Epson Corporation)
EPSON SX620FW Series Manual (Version: - )
EPSON SX620FW Series Network Guide (Version: - )
EPSON SX620FW Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EpsonNet Print (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (Version: 3.3a - SEIKO EPSON CORPORATION)
Facebook Photo Uploader (Version: 1.0.0.2003 - Facebook)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287 - Skype Limited)
Google Chrome (Version: 32.0.1700.72 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HandBrake 0.9.9 (Version: 0.9.9 - )
iCloud (Version: 3.1.0.40 - Apple Inc.)
Imagenomic Noiseware 4.2 Professional Plug-in (build 4205) (Version: - )
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Internet Download Manager (Version: - Tonec Inc.)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
JDs Auto Speed Tester (Version: - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeyMan V4.0 Build 6 (Version: 4.0.0.6 - ZF Friedrichshafen AG)
K-Lite Codec Pack 9.6.5 (Basic) (Version: 9.6.5 - )
Logitech Vid HD (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (Version: 12.10.1113 - Logitech Inc.)
Macromedia Extension Manager (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medieval CUE Splitter (Version: 1.2.0 - Medieval Software)
Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft AutoRoute 2013 (Version: 19.0.21.0500 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
MioMore Desktop 7.50 (Version: 7.50.0107.120 - Mio Technology)
Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 15.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (Version: 3.3.0.1342 - TomTom)
MyFreeCodec (Version: - )
Nero 9 (Version: - Nero AG)
Nero BurningROM (Version: 9.0.0.0 - Nero AG) Hidden
Nero ControlCenter (Version: 0.0.0.1 - Nero AG) Hidden
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero Express (Version: 9.0.0.0 - Nero AG) Hidden
Nero Installer (Version: 2.0.0.1 - Nero AG) Hidden
NeroBurningROM (Version: 9.0.9.100 - Nero AG) Hidden
NeroExpress (Version: 9.0.9.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Nitro Pro 8 (Version: 8.5.5.2 - Nitro)
Norton Identity Safe (Version: 2014.6.0.27 - Symantec Corporation)
Norton Internet Security (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA PhysX (Version: 9.09.0203 - NVIDIA Corporation)
O&O Defrag Professional (Version: 16.0.183 - O&O Software GmbH)
OpenAL (Version: - )
Origin (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (Version: - Photodex Corporation)
Photomatix Pro version 4.2.5 (Version: 4.2.5 - HDRsoft Ltd)
Platform (Version: 1.36 - VIA Technologies, Inc.) Hidden
PMB (Version: 5.8.02.10270 - Sony Corporation)
Power Packet Utility (Version: 1.0.7 - Intellon)
PRE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
ProShow Producer (Version: - Photodex Corporation)
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (Version: 1.5.24.0 - Ralink)
Rapport (Version: 3.5.1304.29 - Trusteer) Hidden
RescuePRO Deluxe 5.1.2.7 (Version: 5.1.2.7 - LC Technology International, Inc.)
ROBLOX Player for Scott (Version: - ROBLOX Corporation)
SDFormatter (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Sky Go Desktop (Version: - go.sky.com)
Sony Image Data Suite (Version: 3.2.00.19080 - Sony Corporation)
Sony RAW Driver (Version: 2.0.00.08130 - Sony Corporation)
System Requirements Lab CYRI (Version: 4.5.1.0 - Husdawg, LLC)
Text-To-Speech-Runtime (Version: 1.0.0.0 - Magix Development GmbH)
The Sims™ 3 (Version: 1.63.5 - Electronic Arts)
The Sims™ 3 Pets (Version: 10.0.96 - Electronic Arts)
Topaz Adjust 4 (Version: 4.0.0 - Topaz Labs)
Trusteer Endpoint Protection (Version: 3.5.1304.29 - Trusteer)
Turbo Lister 2 (Version: 2.00.0000 - eBay Inc.)
Ultimate Reference Suite (Version: 2013.0.0.0 - Encyclopaedia Britannica, Inc.)
Unity Web Player (Version: - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (Version: 1.36 - VIA Technologies, Inc.)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN)
VSO Image Resizer 4.0.3.6 (Version: 4.0.3.6 - VSO-Software)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-bit) (Version: 4.01.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (Version: 7.3.0.20120529 - Xilisoft)
Your Uninstaller! 7 (Version: 7.5.2013.2 - URSoft, Inc.)

==================== Restore Points =========================

10-12-2013 20:11:33 Installed Rapport
17-12-2013 22:00:13 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-14 02:04 - 2012-05-17 20:22 - 00000888 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {01C84230-C58E-4BD9-88AE-495BC89650DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {1E144E9D-BCC6-4E38-AA7B-B26671B74457} - System32\Tasks\AdobeAAMUpdater-1.0-Scott-PC-Scott => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {20CEA0AF-4671-467C-B424-031ACD097FFA} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {2E2E106D-3DD4-4127-8ACA-847D8EF4622B} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {307E6374-EA28-4814-875C-21BEF882AD48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4540E2D8-2D81-4BAF-8220-4E481D29813A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {4D5B143C-ED52-4F1E-8C05-1FE36EA08650} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {596B3132-26C5-4D8A-82DA-750742A65199} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-06] (Google Inc.)
Task: {5C3EA04C-CE98-4F7B-BFEB-4EA48DE67871} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {5D29DCF6-A6CE-41C3-9AD2-3379C547AA65} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-SCOTT-PC => C:\Windows\ehome\McxTask.exe [2013-09-30] (Microsoft Corporation)
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {831030FD-34A3-4C30-80EF-0346C7EAFBC5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {890D4007-9ACF-4529-AB9A-4652C242EEA6} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {8AA30F92-6FDD-4C3D-9BF7-4B6A0CE9A1E4} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {8BA231F8-7C02-4A25-AB7A-6FFDA93BF3A0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {9E85725E-3F15-4886-8562-8637AF740AE5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {C11ECB76-D609-4F0B-9EFA-E68D7101EFB5} - System32\Tasks\[email protected] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {D545BD73-B0DF-4AAB-B7CB-90F02DCB2653} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2013-12-11] (Microsoft Corporation)
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {DE25B209-850E-44B2-9A52-E9A7FE635481} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {E6833800-B7BF-4000-882D-78E7AFCB61A3} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {F632B970-7809-4C1C-A225-73914E0DF7AF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {FDE27317-74B8-4D08-A42A-1372B296FF89} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-27 14:09 - 2012-06-27 14:09 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2012-05-03 22:27 - 2013-10-21 19:41 - 01127152 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2011-06-18 16:06 - 2011-05-28 21:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-08-21 23:55 - 2013-06-18 12:17 - 00364544 _____ () C:\Windows\System32\msjetoledb40.dll
2006-02-22 14:47 - 2006-02-22 14:47 - 00073728 ____R () C:\Program Files\Cherry\KeyMan\zlib1.dll
2006-02-22 14:47 - 2006-02-22 14:47 - 00114688 ____R () C:\Program Files\Cherry\KeyMan\libpng13.dll
2013-03-28 21:29 - 2013-03-28 21:29 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2013-11-29 09:29 - 2013-11-29 09:29 - 00026520 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2013-11-29 09:28 - 2013-11-29 09:28 - 00082840 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 09:28 - 2013-11-29 09:28 - 00344984 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2013-10-18 23:55 - 2013-10-18 23:55 - 25100288 _____ () C:\Users\Scott\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-07 23:37 - 2014-01-07 04:04 - 00715544 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
2014-01-07 23:36 - 2014-01-07 04:04 - 00100120 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
2014-01-07 23:37 - 2014-01-07 04:05 - 04055320 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
2014-01-07 23:37 - 2014-01-07 04:05 - 00399640 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
2014-01-07 23:36 - 2014-01-07 04:04 - 01634584 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\Users\Scott\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Scott\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Scott\AppData\Roaming\default.rss:OECustomProperty

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Edimax 802.11n PCI Card
Description: Edimax 802.11n PCI Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Edimax Technology Co., Ltd
Service: netr28
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2014 06:23:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1b10
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/12/2014 08:09:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1874
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/12/2014 04:51:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.16441, time stamp: 0x5265d8f5
Faulting module name: ntdll.dll, version: 6.3.9600.16408, time stamp: 0x523d45f1
Exception code: 0xc0000005
Fault offset: 0x0001d4fe
Faulting process ID: 0x874
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report ID: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5

Error: (01/12/2014 04:46:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1cf8
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/12/2014 06:17:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1bcc
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/11/2014 05:24:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1ad4
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/11/2014 06:09:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0xbe8
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/10/2014 09:24:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1f08
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/10/2014 09:16:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1b14
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5

Error: (01/10/2014 06:44:46 AM) (Source: Application Error) (User: )
Description: Faulting application name: ApplePhotoStreams.exe, version: 7.13.13.5, time stamp: 0x516e136b
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16408, time stamp: 0x523d45f2
Exception code: 0xe06d7363
Fault offset: 0x00011aa0
Faulting process ID: 0x1d40
Faulting application start time: 0xApplePhotoStreams.exe0
Faulting application path: ApplePhotoStreams.exe1
Faulting module path: ApplePhotoStreams.exe2
Report ID: ApplePhotoStreams.exe3
Faulting package full name: ApplePhotoStreams.exe4
Faulting package-relative application ID: ApplePhotoStreams.exe5


System errors:
=============
Error: (01/13/2014 06:23:24 AM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2 service failed to start due to the following error:
%%2

Error: (01/12/2014 04:46:21 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:21 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:21 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:21 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:20 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:20 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:20 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:20 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/12/2014 04:46:20 PM) (Source: DCOM) (User: SCOTT-PC)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Scott-PCScottS-1-5-21-1423471140-3236196863-1363927929-1000LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (01/13/2014 06:23:55 AM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01b1001cf102808822f40C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll470c9d02-7c1b-11e3-b28f-20cf3081f7c8

Error: (01/12/2014 08:09:50 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa0187401cf0fd23ceeaf9bC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll7d49e132-7bc5-11e3-b28e-20cf3081f7c8

Error: (01/12/2014 04:51:14 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9600.164415265d8f5ntdll.dll6.3.9600.16408523d45f1c00000050001d4fe87401cf0fb5ca2cb760C:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\ntdll.dllbebc9158-7ba9-11e3-b28e-20cf3081f7c8

Error: (01/12/2014 04:46:39 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01cf801cf0fb5dcac172aC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll1b3b4980-7ba9-11e3-b28e-20cf3081f7c8

Error: (01/12/2014 06:17:45 AM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01bcc01cf0f5e0112ad07C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll3fa9066b-7b51-11e3-b28d-20cf3081f7c8

Error: (01/11/2014 05:24:58 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01ad401cf0ef20bb5765bC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll4b3a3adf-7ae5-11e3-b28c-20cf3081f7c8

Error: (01/11/2014 06:09:36 AM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa0be801cf0e93a8ab267fC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dllf2354d52-7a86-11e3-b28b-20cf3081f7c8

Error: (01/10/2014 09:24:56 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01f0801cf0e4a66dced5cC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dlla663ec80-7a3d-11e3-b28a-20cf3081f7c8

Error: (01/10/2014 09:16:56 PM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01b1401cf0e4949e922eeC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dll882e6c48-7a3c-11e3-b28a-20cf3081f7c8

Error: (01/10/2014 06:44:46 AM) (Source: Application Error)(User: )
Description: ApplePhotoStreams.exe7.13.13.5516e136bKERNELBASE.dll6.3.9600.16408523d45f2e06d736300011aa01d4001cf0dcf7270136bC:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exeC:\WINDOWS\system32\KERNELBASE.dllb101a814-79c2-11e3-b289-20cf3081f7c8


CodeIntegrity Errors:
===================================
Date: 2013-12-11 18:40:33.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:32.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:32.596
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:30.158
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:30.065
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:29.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:25.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2013-12-11 18:40:20.971
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2013-11-18 21:49:55.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2013-11-18 21:49:55.077
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 3071.22 MB
Available physical RAM: 1491.02 MB
Total Pagefile: 4671.22 MB
Available Pagefile: 2652.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1857.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.82 GB) (Free:141.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:465.3 GB) (Free:465.11 GB) NTFS
Drive z: (2nd Hard Disc) (Fixed) (Total:931.51 GB) (Free:767.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 68546BD0)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B5CAE923)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello battison10,

Your log shows evidence of a "cracked" (Pirate version) of Adobe software on your machine.

We do not assist people using illegal programs.

Use of illegal software is contrary to our Terms of Use see here and in particular item p.
  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hello again battison10,

Thank you for your PM telling me that the machine is a third party machine and asking what can be done.

Here is what you can do:

Uninstall the Adobe software

Run a script I will give you to remove changes made to the machine to hide the crack

Run diagnostic programs that I will give you to further check the machine

Now

After you have uninstalled the Adobe programs do this:

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

Please run the MGA Diagnostic Tool and post back the report it produces:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
Finally in this post

  • Please download WVCheck by Artellos from one of the mirrors below;

    Artellos.com (exe)
    Artellos.com (zip)

  • After the download, run WVCheck.exe
  • As indicated by the prompt, This program can take a while depending on your hard drive space.
  • Once the program is done, copy the contents of the notepad file as a reply.
So when you return please post
  • Fixlog.txt
  • MGA Diagnostic Report
  • WVCheck report

  • 0

#6
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
OK here goes,

Step 1
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-01-2014 02
Ran by Scott at 2014-01-13 20:38:23 Run:1
Running from C:\Users\Scott\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Step 2 is coming up with an error and will not let me copy contents - please see picture

Step 3

Windows Validation Check
Version: 1.9.12.5
Log Created On: 2058_13-01-2014
-----------------------

Windows Information
-----------------------
Windows Mode: Normal
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2014-01-13 06:24:15
Last Success Time for Update Download: 2013-12-21 20:49:38
Last Success Time for Update Installation: 2013-12-11 15:19:08


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
C:\Windows\System32\slwga.dll
Size: 75776 bytes
Creation; 22/8/2013 5:1:40
Modification; 22/8/2013 5:1:16
MD5; 5008a32404245a18464703c745b5f4e4
Matched: slwga.dll
-----------------------
C:\Windows\WinSxS\x86_microsoft-windows-security-spp-wga_31bf3856ad364e35_6.3.9600.16384_none_93f14e89beef0852\slwga.dll
Size: 75776 bytes
Creation; 22/8/2013 5:1:40
Modification; 22/8/2013 5:1:16
MD5; 5008a32404245a18464703c745b5f4e4
Matched: slwga.dll
-----------------------


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's MBAM Quarantine Check
-----------------------
There were no bad files quarantined by MBAM.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - cac777bad7b0e57d3378cdd8fddb117c


-------- End of File, program close at 2103_13-01-2014 --------

Attached Thumbnails

  • mgadiag error.jpg

  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts

Step 2 is coming up with an error and will not let me copy contents - please see picture


Check you clipboard, a log may still have been created. Copy to Notepad, then copy and paste back here.
  • 0

#8
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
As if by magic!!

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Validation unsupported OS
Validation Code: 6
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-DTHWX-RHBCM-PRYRQ
Windows Product Key Hash: docFsJ6gaCcFxVYEV8M4tWslXMQ=
Windows Product ID: 00181-00007-04454-AB569
Windows Product ID Type: 0
Windows License Type: Unknown
Windows OS version: 6.3.9600.2.00010100.0.0.103
ID: {66D00923-3EC9-41E6-B004-6A1ED7991447}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 8.1 Pro with Media Center
Architecture: 0x00000000
Build lab: 9600.winblue_gdr.131030-1505
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 111 Unsupported OS
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics:

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\WINDOWS\system32\licdll.dll[Hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.bin[Hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.dat[Hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.sig[Hr = 0x80070002]

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{66D00923-3EC9-41E6-B004-6A1ED7991447}</UGUID><Version>1.9.0027.0</Version><OS>6.3.9600.2.00010100.0.0.103</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-PRYRQ</PKey><PID>00181-00007-04454-AB569</PID><PIDType>0</PIDType><SID>S-1-5-21-1423471140-3236196863-1363927929</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0706 </Version><SMBIOSVersion major="2" minor="5"/><Date>20100409000000.000000+000</Date></BIOS><HWID>3EEA3B07018400F6</HWID><UserLCID>0809</UserLCID><SystemLCID>0809</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>111</Result><Products/><Applications><App Id="00" Version="10" Result="7265004"/><App Id="01" Version="10" Result="2006424134"/><App Id="02" Version="10" Result="72"/><App Id="04" Version="10" Result="7265712"/><App Id="06" Version="10" Result="34078782"/><App Id="07" Version="10" Result="260"/><App Id="08" Version="10" Result="9319472"/><App Id="09" Version="10" Result="2"/><App Id="0A" Version="10" Result="10"/><App Id="0B" Version="10" Result="31"/><App Id="0D" Version="10" Result="80"/><App Id="0E" Version="10" Result="3"/><App Id="0F" Version="10" Result="31"/><App Id="10" Version="10" Result="62"/><App Id="13" Version="10" Result="27010963"/><App Id="15" Version="10" Result="62"/><App Id="16" Version="10" Result="34078782"/><App Id="17" Version="10" Result="7265104"/><App Id="18" Version="10" Result="1"/><App Id="19" Version="10" Result="7265052"/><App Id="1A" Version="10" Result="2006463443"/><App Id="1B" Version="10" Result="489577934"/><App Id="1D" Version="10" Result="489577510"/><App Id="1E" Version="10" Result="7269992"/><App Id="1F" Version="10" Result="2006732803"/><App Id="20" Version="10" Result="1793228022"/><App Id="21" Version="10" Result="7265712"/><App Id="22" Version="10" Result="62"/><App Id="23" Version="10" Result="7265632"/><App Id="24" Version="10" Result="2006439366"/><App Id="25" Version="10" Result="9319480"/><App Id="26" Version="10" Result="7265104"/><App Id="27" Version="10" Result="62"/><App Id="29" Version="10" Result="9359048"/><App Id="2A" Version="10" Result="2006439489"/><App Id="2B" Version="10" Result="536804777"/><App Id="2C" Version="10" Result="7265104"/><App Id="2D" Version="10" Result="2006261712"/><App Id="2E" Version="10" Result="121868"/><App Id="30" Version="10" Result="34078782"/><App Id="31" Version="10" Result="7265104"/><App Id="32" Version="10" Result="7209022"/><App Id="33" Version="10" Result="8"/><App Id="35" Version="10" Result="9319480"/><App Id="36" Version="10" Result="1969882797"/><App Id="38" Version="10" Result="7265728"/><App Id="39" Version="10" Result="7265752"/><App Id="3A" Version="10" Result="2"/><App Id="3C" Version="10" Result="3801155"/><App Id="3D" Version="10" Result="5701724"/><App Id="3E" Version="10" Result="5111881"/><App Id="3F" Version="10" Result="5177412"/><App Id="40" Version="10" Result="5439575"/><App Id="41" Version="10" Result="7536732"/><App Id="42" Version="10" Result="7536761"/><App Id="43" Version="10" Result="6619252"/><App Id="44" Version="10" Result="3342445"/><App Id="45" Version="10" Result="6029362"/><App Id="46" Version="10" Result="4653143"/><App Id="47" Version="10" Result="5505089"/><App Id="48" Version="10" Result="7536741"/><App Id="49" Version="10" Result="3014772"/><App Id="4A" Version="10" Result="6357091"/><App Id="4B" Version="10" Result="98"/><App Id="BA" Version="10" Result="2006704804"/><App Id="BB" Version="10" Result="-1073741809"/><App Id="BC" Version="10" Result="7208960"/><App Id="BE" Version="10" Result="21"/><App Id="BF" Version="10" Result="9355040"/><App Id="C0" Version="10" Result="489577130"/><App Id="C1" Version="10" Result="2006704804"/><App Id="C2" Version="10" Result="-1073741809"/><App Id="C3" Version="10" Result="7208960"/><App Id="C4" Version="10" Result="9317752"/><App Id="C5" Version="10" Result="7265632"/><App Id="C7" Version="10" Result="7269992"/><App Id="C8" Version="10" Result="2006732803"/><App Id="C9" Version="10" Result="1793295262"/><App Id="CA" Version="10" Result="-2"/><App Id="CB" Version="10" Result="7266424"/><App Id="CC" Version="10" Result="1969870283"/><App Id="CD" Version="10" Result="2"/><App Id="CE" Version="10" Result="-1073741809"/><App Id="CF" Version="10" Result="1969905097"/><App Id="D2" Version="10" Result="1969905117"/><App Id="D3" Version="10" Result="7265744"/><App Id="D4" Version="10" Result="3145776"/><App Id="D5" Version="10" Result="9319472"/><App Id="D6" Version="10" Result="548"/><App Id="D7" Version="10" Result="1441814"/><App Id="D8" Version="10" Result="9319520"/><App Id="D9" Version="10" Result="9319472"/><App Id="DB" Version="10" Result="7266496"/><App Id="DC" Version="10" Result="7265772"/><App Id="DD" Version="10" Result="2006722395"/><App Id="DE" Version="10" Result="7265836"/><App Id="DF" Version="10" Result="7274748"/><App Id="E0" Version="10" Result="9"/><App Id="E1" Version="10" Result="7274496"/><App Id="E2" Version="10" Result="1"/><App Id="E3" Version="10" Result="7265860"/><App Id="E4" Version="10" Result="2006463443"/><App Id="E5" Version="10" Result="7265836"/><App Id="E6" Version="10" Result="2"/><App Id="E7" Version="10" Result="7274748"/><App Id="E8" Version="10" Result="16"/><App Id="E9" Version="10" Result="2006574378"/><App Id="EA" Version="10" Result="1204"/><App Id="EC" Version="10" Result="2006463849"/><App Id="ED" Version="10" Result="7281648"/><App Id="EE" Version="10" Result="7281608"/><App Id="EF" Version="10" Result="4"/><App Id="F0" Version="10" Result="2"/><App Id="F1" Version="10" Result="1980215297"/><App Id="F2" Version="10" Result="236"/><App Id="F3" Version="10" Result="2"/><App Id="F4" Version="10" Result="7266112"/><App Id="F5" Version="10" Result="1204"/><App Id="F6" Version="10" Result="-194488364"/><App Id="F7" Version="10" Result="4"/><App Id="F8" Version="10" Result="16899680"/><App Id="F9" Version="10" Result="7265904"/><App Id="FA" Version="10" Result="2006463034"/><App Id="FB" Version="10" Result="2"/><App Id="FC" Version="10" Result="7265940"/><App Id="FD" Version="10" Result="2"/><App Id="FE" Version="10" Result="1204"/><App Id="00" Version="11" Result="7280460"/><App Id="01" Version="11" Result="7265940"/><App Id="02" Version="11" Result="2141188096"/><App Id="03" Version="11" Result="2141163520"/><App Id="04" Version="11" Result="7265988"/><App Id="05" Version="11" Result="2006462691"/><App Id="06" Version="11" Result="7265936"/><App Id="07" Version="11" Result="7265948"/><App Id="08" Version="11" Result="7266316"/><App Id="09" Version="11" Result="7266216"/><App Id="0A" Version="11" Result="7266256"/><App Id="0C" Version="11" Result="1204"/><App Id="0D" Version="11" Result="7280460"/><App Id="10" Version="11" Result="-194488364"/><App Id="11" Version="11" Result="1"/><App Id="12" Version="11" Result="24"/><App Id="13" Version="11" Result="3"/><App Id="15" Version="11" Result="2"/><App Id="16" Version="11" Result="3"/><App Id="17" Version="11" Result="2"/><App Id="19" Version="11" Result="7266180"/><App Id="1A" Version="11" Result="2006460557"/><App Id="1B" Version="11" Result="3"/><App Id="1D" Version="11" Result="2"/><App Id="1E" Version="11" Result="7266112"/><App Id="1F" Version="11" Result="7266032"/><App Id="20" Version="11" Result="7266684"/><App Id="22" Version="11" Result="2006460650"/><App Id="24" Version="11" Result="64"/><App Id="30" Version="11" Result="7266692"/><App Id="34" Version="11" Result="7266256"/><App Id="35" Version="11" Result="1"/><App Id="37" Version="11" Result="1980064488"/><App Id="38" Version="11" Result="1310738"/><App Id="39" Version="11" Result="9266296"/><App Id="3A" Version="11" Result="9109504"/><App Id="3E" Version="11" Result="7266692"/><App Id="3F" Version="11" Result="9115584"/><App Id="43" Version="11" Result="7266212"/><App

Spsys.log Content: 0x80070002

Licensing Data-->
N/A, hr = 0x80070424

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: NAAAAAEAAgABAAEAAgADAAAAAQABAAEAeqh6jU51IhWSAC4dAMcQAt5ZHm1iPXF6Ds8C0A==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
FACP 040910 FACP2050
SRAT AMD FAM_F_10
APIC 040910 APIC2050
HPET 040910 OEMHPET0
MCFG 040910 OEMMCFG
OEMB 040910 OEMB2050
SSDT A M I POWERNOW
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Sorry about the delay in posting back; had to do some research to find the appropriate information as it applies to Win 8.

Now

I am not a Microsoft techie so what I say now is only my thoughts which may not be exactly right but here goes:

Firstly, here is a link that, although not a personal situation has the same Validation report.

http://social.techne...alidation-error

Your machine is showing validation errors. It is reporting as unsupported OS and there are some other indications of markers missing or possiby corruption.

BIOS valid for OA 2.0: yes, but no SLIC table


In my understanding OA 2.0 is for Windows Vista or Windows Server 2008. I think it should be OA 3.0 for Windows 8.1

Could be, you purchased an upgrade or a computer that doesn't qualify for support as the proper licensing hasn't been purchased.

You need to take this up with Microsoft. You could try the link below to see if you can follow the steps to validate the OS.

https://www.microsof.../servicecenter/

Or this might be an easier option if it works for your machine:

Right click the left hand corner of the Windows 8 screen click Run and type slui.exe 4 (note the space... it should be there), Enter. Select an activation centre near you, call, speak with a real person and explain how this came about.
  • 0

#10
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
try again :)

Diagnostic Report (1.9.0019.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine (WGA unsupported OS)
Validation Code: 6

Cached Validation Code: 0x0
Windows Product Key: *****-*****-DTHWX-RHBCM-PRYRQ
Windows Product Key Hash: docFsJ6gaCcFxVYEV8M4tWslXMQ=
Windows Product ID: 00181-00007-04454-AB569
Windows Product ID Type: 0
Windows License Type: Unknown
Windows OS version: 6.3.9600.2.00010100.0.0.103
ID: {66D00923-3EC9-41E6-B004-6A1ED7991447}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 8.1 Pro with Media Center
Architecture: 0x00000000
Build lab: 9600.winblue_gdr.131030-1505
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

WGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 111 Unsupported OS
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics:

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\WINDOWS\system32\licdll.dll[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.bin[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.dat[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.sig[hr = 0x80070002]

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{66D00923-3EC9-41E6-B004-6A1ED7991447}</UGUID><Version>1.9.0019.0</Version><OS>6.3.9600.2.00010100.0.0.103</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-PRYRQ</PKey><PID>00181-00007-04454-AB569</PID><PIDType>0</PIDType><SID>S-1-5-21-1423471140-3236196863-1363927929</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0706 </Version><SMBIOSVersion major="2" minor="5"/><Date>20100409000000.000000+000</Date></BIOS><HWID>3EEA3B07018400F6</HWID><UserLCID>0809</UserLCID><SystemLCID>0809</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>111</Result><Products/><Applications><App Id="00" Version="10" Result="4643020"/><App Id="01" Version="10" Result="2008652358"/><App Id="02" Version="10" Result="72"/><App Id="04" Version="10" Result="4643728"/><App Id="06" Version="10" Result="34078782"/><App Id="07" Version="10" Result="260"/><App Id="08" Version="10" Result="6686800"/><App Id="09" Version="10" Result="2"/><App Id="0A" Version="10" Result="10"/><App Id="0B" Version="10" Result="31"/><App Id="0D" Version="10" Result="80"/><App Id="0E" Version="10" Result="3"/><App Id="0F" Version="10" Result="31"/><App Id="10" Version="10" Result="62"/><App Id="13" Version="10" Result="29239187"/><App Id="15" Version="10" Result="62"/><App Id="16" Version="10" Result="34078782"/><App Id="17" Version="10" Result="4643120"/><App Id="18" Version="10" Result="1"/><App Id="19" Version="10" Result="4643068"/><App Id="1A" Version="10" Result="2008691667"/><App Id="1B" Version="10" Result="-1817557250"/><App Id="1D" Version="10" Result="-1817557290"/><App Id="1E" Version="10" Result="4648008"/><App Id="1F" Version="10" Result="2008961027"/><App Id="20" Version="10" Result="-467114522"/><App Id="21" Version="10" Result="4643728"/><App Id="22" Version="10" Result="62"/><App Id="23" Version="10" Result="4643648"/><App Id="24" Version="10" Result="2008667590"/><App Id="25" Version="10" Result="6686808"/><App Id="26" Version="10" Result="4643120"/><App Id="27" Version="10" Result="62"/><App Id="29" Version="10" Result="6668168"/><App Id="2A" Version="10" Result="2008667713"/><App Id="2B" Version="10" Result="-1847429320"/><App Id="2C" Version="10" Result="4643120"/><App Id="2D" Version="10" Result="2008489936"/><App Id="2E" Version="10" Result="121324"/><App Id="30" Version="10" Result="34078782"/><App Id="31" Version="10" Result="4643120"/><App Id="32" Version="10" Result="4587582"/><App Id="33" Version="10" Result="8"/><App Id="35" Version="10" Result="6686808"/><App Id="36" Version="10" Result="1971586733"/><App Id="38" Version="10" Result="4643744"/><App Id="39" Version="10" Result="4643768"/><App Id="3A" Version="10" Result="2"/><App Id="3C" Version="10" Result="3801155"/><App Id="3D" Version="10" Result="5701724"/><App Id="3E" Version="10" Result="5111881"/><App Id="3F" Version="10" Result="5177412"/><App Id="40" Version="10" Result="5439575"/><App Id="41" Version="10" Result="7536732"/><App Id="42" Version="10" Result="7536761"/><App Id="43" Version="10" Result="6619252"/><App Id="44" Version="10" Result="3342445"/><App Id="45" Version="10" Result="6029362"/><App Id="46" Version="10" Result="4653143"/><App Id="47" Version="10" Result="5505089"/><App Id="48" Version="10" Result="7536741"/><App Id="49" Version="10" Result="3014772"/><App Id="4A" Version="10" Result="6357091"/><App Id="4B" Version="10" Result="98"/><App Id="BA" Version="10" Result="2008933028"/><App Id="BB" Version="10" Result="-1073741809"/><App Id="BC" Version="10" Result="4587520"/><App Id="BE" Version="10" Result="44"/><App Id="BF" Version="10" Result="6641936"/><App Id="C0" Version="10" Result="-1817557670"/><App Id="C1" Version="10" Result="2008933028"/><App Id="C2" Version="10" Result="-1073741809"/><App Id="C3" Version="10" Result="4587520"/><App Id="C4" Version="10" Result="6683232"/><App Id="C5" Version="10" Result="4643648"/><App Id="C7" Version="10" Result="4648008"/><App Id="C8" Version="10" Result="2008961027"/><App Id="C9" Version="10" Result="-467035506"/><App Id="CA" Version="10" Result="-2"/><App Id="CB" Version="10" Result="4644440"/><App Id="CC" Version="10" Result="1971574219"/><App Id="CD" Version="10" Result="2"/><App Id="CE" Version="10" Result="-1073741809"/><App Id="CF" Version="10" Result="1971609033"/><App Id="D2" Version="10" Result="1971609053"/><App Id="D3" Version="10" Result="4643760"/><App Id="D4" Version="10" Result="3145776"/><App Id="D5" Version="10" Result="6686800"/><App Id="D6" Version="10" Result="548"/><App Id="D7" Version="10" Result="1441814"/><App Id="D8" Version="10" Result="6686848"/><App Id="D9" Version="10" Result="6686800"/><App Id="DB" Version="10" Result="4644512"/><App Id="DC" Version="10" Result="4643788"/><App Id="DD" Version="10" Result="2008950619"/><App Id="DE" Version="10" Result="4643852"/><App Id="DF" Version="10" Result="4653308"/><App Id="E0" Version="10" Result="9"/><App Id="E1" Version="10" Result="4653056"/><App Id="E2" Version="10" Result="1"/><App Id="E3" Version="10" Result="4643876"/><App Id="E4" Version="10" Result="2008691667"/><App Id="E5" Version="10" Result="4643852"/><App Id="E6" Version="10" Result="2"/><App Id="E7" Version="10" Result="4653308"/><App Id="E8" Version="10" Result="16"/><App Id="E9" Version="10" Result="2008802602"/><App Id="EA" Version="10" Result="1204"/><App Id="EC" Version="10" Result="2008692073"/><App Id="ED" Version="10" Result="4660208"/><App Id="EE" Version="10" Result="4660168"/><App Id="EF" Version="10" Result="4"/><App Id="F0" Version="10" Result="2"/><App Id="F1" Version="10" Result="2004856833"/><App Id="F2" Version="10" Result="236"/><App Id="F3" Version="10" Result="2"/><App Id="F4" Version="10" Result="4644128"/><App Id="F5" Version="10" Result="1204"/><App Id="F6" Version="10" Result="-194488364"/><App Id="F7" Version="10" Result="4"/><App Id="F8" Version="10" Result="16899136"/><App Id="F9" Version="10" Result="4643920"/><App Id="FA" Version="10" Result="2008691258"/><App Id="FB" Version="10" Result="2"/><App Id="FC" Version="10" Result="4643956"/><App Id="FD" Version="10" Result="2"/><App Id="FE" Version="10" Result="1204"/><App Id="00" Version="11" Result="4659020"/><App Id="01" Version="11" Result="4643956"/><App Id="02" Version="11" Result="2146234368"/><App Id="03" Version="11" Result="2146197504"/><App Id="04" Version="11" Result="4644004"/><App Id="05" Version="11" Result="2008690915"/><App Id="06" Version="11" Result="4643952"/><App Id="07" Version="11" Result="4643964"/><App Id="08" Version="11" Result="4644332"/><App Id="09" Version="11" Result="4644232"/><App Id="0A" Version="11" Result="4644272"/><App Id="0C" Version="11" Result="1204"/><App Id="0D" Version="11" Result="4659020"/><App Id="10" Version="11" Result="-194488364"/><App Id="11" Version="11" Result="1"/><App Id="12" Version="11" Result="24"/><App Id="13" Version="11" Result="3"/><App Id="15" Version="11" Result="2"/><App Id="16" Version="11" Result="3"/><App Id="17" Version="11" Result="2"/><App Id="19" Version="11" Result="4644196"/><App Id="1A" Version="11" Result="2008688781"/><App Id="1B" Version="11" Result="3"/><App Id="1D" Version="11" Result="2"/><App Id="1E" Version="11" Result="4644128"/><App Id="1F" Version="11" Result="4644048"/><App Id="20" Version="11" Result="4644700"/><App Id="22" Version="11" Result="2008688874"/><App Id="24" Version="11" Result="64"/><App Id="30" Version="11" Result="4644708"/><App Id="34" Version="11" Result="4644272"/><App Id="35" Version="11" Result="1"/><App Id="37" Version="11" Result="2004706024"/><App Id="38" Version="11" Result="1310738"/><App Id="39" Version="11" Result="6659136"/><App Id="3A" Version="11" Result="6422528"/><App Id="3E" Version="11" Result="4644708"/><App Id="3F" Version="11" Result="6428712"/><App Id="43" Version="11" Result="4644228

Spsys.log Content: 0x80070002

Licensing Data-->
N/A, hr = 0x80070424

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: NAAAAAEAAgABAAEAAgADAAAAAQABAAEAeqh6jU51IhWSAC4dAMcQAt5ZHm1iPXF6Ds8C0A==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
FACP 040910 FACP2050
SRAT AMD FAM_F_10
APIC 040910 APIC2050
HPET 040910 OEMHPET0
MCFG 040910 OEMMCFG
OEMB 040910 OEMB2050
SSDT A M I POWERNOW
  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Hi battison10,

Well it says it's genuine but you still have a problem with it not being supported and this:

File Mismatch: C:\WINDOWS\system32\licdll.dll[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.bin[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.dat[hr = 0x80070002]
File Mismatch: C:\WINDOWS\system32\oembios.sig[hr = 0x80070002]


Did you talk to the Microsoft Validation people?

See a similar one here.

Turning to your Flash problem.

Please do this:

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:


    :Files
    ipconfig /flushdns /c

    :Commands
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
After that

Please run FRST again and post back the log it generates.

Also - can you reinstall Flash now, and does it work.

So when you return please

  • tell me if you spoke with Microsoft Validation?
  • post the OTL fix log
  • post the FRST.txt log
  • tell me if Flash reinstalled successfully

  • 0

#12
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
Hi, I did an online chat this morning with microsoft technical who confirmed that my copy of windows was genuine - I originally had windows 7 installed then did a windows 8 anytime upgrade, but i will contact them again to see if i can sort out the errors! Just about to run the other instructions you have posted :)
  • 0

#13
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
OTL scan

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Scott\Desktop\cmd.bat deleted successfully.
C:\Users\Scott\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: DefaultAppPool

User: DefaultAppPool.IIS APPPOOL

User: DefaultAppPool.IIS APPPOOL.000

User: DefaultAppPool.IIS APPPOOL.001

User: DefaultAppPool.IIS APPPOOL.002

User: DefaultAppPool.IIS APPPOOL.003

User: DefaultAppPool.IIS APPPOOL.004

User: DefaultAppPool.IIS APPPOOL.005

User: DefaultAppPool.IIS APPPOOL.006

User: DefaultAppPool.IIS APPPOOL.007

User: DefaultAppPool.IIS APPPOOL.008

User: DefaultAppPool.IIS APPPOOL.009

User: DefaultAppPool.IIS APPPOOL.010

User: DefaultAppPool.IIS APPPOOL.011

User: DefaultAppPool.IIS APPPOOL.012

User: DefaultAppPool.IIS APPPOOL.013

User: DefaultAppPool.IIS APPPOOL.014

User: DefaultAppPool.IIS APPPOOL.015

User: DefaultAppPool.IIS APPPOOL.016

User: DefaultAppPool.IIS APPPOOL.017

User: DefaultAppPool.IIS APPPOOL.018

User: DefaultAppPool.IIS APPPOOL.019

User: DefaultAppPool.IIS APPPOOL.020

User: DefaultAppPool.IIS APPPOOL.021

User: DefaultAppPool.IIS APPPOOL.022

User: DefaultAppPool.IIS APPPOOL.023

User: DefaultAppPool.IIS APPPOOL.024

User: DefaultAppPool.IIS APPPOOL.025

User: DefaultAppPool.IIS APPPOOL.026

User: DefaultAppPool.IIS APPPOOL.027

User: DefaultAppPool.IIS APPPOOL.028

User: DefaultAppPool.IIS APPPOOL.029

User: DefaultAppPool.IIS APPPOOL.030

User: DefaultAppPool.IIS APPPOOL.031

User: DefaultAppPool.IIS APPPOOL.032

User: DefaultAppPool.IIS APPPOOL.033

User: DefaultAppPool.IIS APPPOOL.034

User: DefaultAppPool.IIS APPPOOL.035

User: DefaultAppPool.IIS APPPOOL.036

User: DefaultAppPool.IIS APPPOOL.037

User: DefaultAppPool.IIS APPPOOL.038

User: DefaultAppPool.IIS APPPOOL.039

User: DefaultAppPool.IIS APPPOOL.040

User: DefaultAppPool.IIS APPPOOL.041

User: DefaultAppPool.IIS APPPOOL.042

User: DefaultAppPool.IIS APPPOOL.043

User: DefaultAppPool.IIS APPPOOL.044

User: DefaultAppPool.IIS APPPOOL.045

User: DefaultAppPool.IIS APPPOOL.046

User: DefaultAppPool.IIS APPPOOL.047

User: DefaultAppPool.IIS APPPOOL.048

User: DefaultAppPool.IIS APPPOOL.049

User: DefaultAppPool.IIS APPPOOL.050

User: DefaultAppPool.IIS APPPOOL.051

User: DefaultAppPool.IIS APPPOOL.052

User: DefaultAppPool.IIS APPPOOL.053

User: DefaultAppPool.IIS APPPOOL.054

User: DefaultAppPool.IIS APPPOOL.055

User: DefaultAppPool.IIS APPPOOL.056

User: DefaultAppPool.IIS APPPOOL.057

User: DefaultAppPool.IIS APPPOOL.058

User: DefaultAppPool.IIS APPPOOL.059

User: DefaultAppPool.IIS APPPOOL.060

User: DefaultAppPool.IIS APPPOOL.061

User: DefaultAppPool.IIS APPPOOL.062

User: DefaultAppPool.IIS APPPOOL.063

User: DefaultAppPool.IIS APPPOOL.064

User: DefaultAppPool.IIS APPPOOL.065

User: DefaultAppPool.IIS APPPOOL.066

User: DefaultAppPool.IIS APPPOOL.067
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: LogMeInRemoteUser

User: LogMeInRemoteUser.Scott-PC

User: LogMeInRemoteUser.Scott-PC.000
->Temp folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Mcx1-SCOTT-PC
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Scott
->Temp folder emptied: 2762441532 bytes
->Temporary Internet Files folder emptied: 102293116 bytes
->Java cache emptied: 2377213 bytes
->FireFox cache emptied: 369519435 bytes
->Google Chrome cache emptied: 90202439 bytes
->Flash cache emptied: 16231 bytes

User: TEMP

User: TEMP.IIS APPPOOL

User: TEMP.IIS APPPOOL.000

User: TEMP.IIS APPPOOL.001

User: TEMP.IIS APPPOOL.002

User: TEMP.IIS APPPOOL.003

User: TEMP.IIS APPPOOL.004

User: TEMP.IIS APPPOOL.005

User: TEMP.IIS APPPOOL.006

User: TEMP.IIS APPPOOL.007

User: TEMP.IIS APPPOOL.008

User: TEMP.IIS APPPOOL.009

User: TEMP.IIS APPPOOL.010

User: TEMP.IIS APPPOOL.011

User: TEMP.IIS APPPOOL.012

User: TEMP.IIS APPPOOL.013

User: TEMP.IIS APPPOOL.014

User: TEMP.IIS APPPOOL.015

User: TEMP.IIS APPPOOL.016

User: TEMP.IIS APPPOOL.017

User: TEMP.IIS APPPOOL.018

User: TEMP.IIS APPPOOL.019

User: TEMP.IIS APPPOOL.020

User: TEMP.IIS APPPOOL.021

User: TEMP.IIS APPPOOL.022

User: TEMP.IIS APPPOOL.023

User: TEMP.IIS APPPOOL.024

User: TEMP.IIS APPPOOL.025

User: TEMP.IIS APPPOOL.026

User: TEMP.IIS APPPOOL.027

User: TEMP.IIS APPPOOL.028

User: TEMP.IIS APPPOOL.029

User: TEMP.IIS APPPOOL.030

User: TEMP.IIS APPPOOL.031

User: TEMP.IIS APPPOOL.032

User: TEMP.IIS APPPOOL.033

User: TEMP.IIS APPPOOL.034

User: TEMP.IIS APPPOOL.035

User: TEMP.IIS APPPOOL.036

User: TEMP.IIS APPPOOL.037

User: TEMP.IIS APPPOOL.038

User: TEMP.IIS APPPOOL.039

User: TEMP.IIS APPPOOL.040

User: TEMP.IIS APPPOOL.041

User: TEMP.IIS APPPOOL.042

User: TEMP.IIS APPPOOL.043

User: TEMP.IIS APPPOOL.044

User: TEMP.IIS APPPOOL.045

User: TEMP.IIS APPPOOL.046

User: TEMP.IIS APPPOOL.047

User: TEMP.IIS APPPOOL.048

User: TEMP.IIS APPPOOL.049

User: TEMP.IIS APPPOOL.050

User: TEMP.IIS APPPOOL.051

User: TEMP.IIS APPPOOL.052

User: TEMP.IIS APPPOOL.053

User: TEMP.IIS APPPOOL.054

User: TEMP.IIS APPPOOL.055

User: TEMP.IIS APPPOOL.056

User: TEMP.IIS APPPOOL.057

User: TEMP.IIS APPPOOL.058

User: TEMP.IIS APPPOOL.059

User: TEMP.IIS APPPOOL.060

User: TEMP.IIS APPPOOL.061

User: TEMP.IIS APPPOOL.062

User: TEMP.IIS APPPOOL.063

User: TEMP.IIS APPPOOL.064

User: TEMP.IIS APPPOOL.065

User: TEMP.IIS APPPOOL.066

User: TEMP.IIS APPPOOL.067

User: TEMP.Scott-PC

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 352743864 bytes
RecycleBin emptied: 995 bytes

Total Files Cleaned = 3,509.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01142014_202859

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


FRST scan

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-01-2014 02
Ran by Scott (administrator) on SCOTT-PC on 14-01-2014 20:37:24
Running from C:\Users\Scott\Desktop
Microsoft Windows 8.1 Pro with Media Center (X86) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal

The only official downoad link fo FRST:
Farbar Recovery Scan Tool Download Link Download Now 32-Bit Version
Farbar Recovery Scan Tool Download Link Download Now 32-Bit Version
Any other download link is unpermitted or outdated.
The tutorial for FRST can be find here: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) ===================

(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
() C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(ZF Electronics GmbH) C:\Program Files\Cherry\KeyMan\KeyMan.exe
(ZF Electronics GmbH) C:\Program Files\Cherry\CDI\cdi.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Google Inc.) C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PMBVolumeWatcher] - C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM\...\Run: [FUFAXSTM] - C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CherryKeyMan] - C:\Program Files\Cherry\KeyMan\KeyMan.exe [254004 2010-09-28] (ZF Electronics GmbH)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-06] (Google Inc.)
HKCU\...\Run: [CAHeadless] - C:\Program Files\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
HKCU\...\Run: [EPSON575477 (Epson Stylus SX620FW)] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Epson Stylus SX620FW(Network)] - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIGBE.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [FreeRAM XP] - C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe [1591808 2006-03-22] (YourWare Solutions ™)
HKCU\...\Run: [iCloudServices] - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKCU\...\Run: [Adobe] - C:\Users\Scott\AppData\Roaming\Adobe\Flash Player\BrowserCache\IDMcache.bat [313 2013-07-25] ()
HKU\DefaultAppPool.IIS APPPOOL.067\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2013-08-22] (Microsoft Corporation)
HKU\LogMeInRemoteUser.Scott-PC.000\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\LogMeInRemoteUser.Scott-PC.000\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\Mcx1-SCOTT-PC\...\Run: [AnyDVD] - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [ 2009-11-04] (SlySoft, Inc.)
HKU\Mcx1-SCOTT-PC\...\Run: [Google Update] - C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-07-06] (Google Inc.)
HKU\Mcx1-SCOTT-PC\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00CD75871EB1CD01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default
FF user.js: detected! => C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default\user.js
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @photodex.com/PhotodexPresenter - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Scott\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Star Stable Online - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\0rdtqlta.default\Extensions\[email protected] [2013-02-21]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Scott\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Java™ Platform SE 7 U4) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.40.255) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Scott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Photo Uploader) - C:\Users\Scott\AppData\Local\Facebook\PhotoUploader\1.0.0.2003\npFacebookPhotoUploader.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Scott\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Users\Scott\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-11]
CHR Extension: (WGT Golf Challenge) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0 [2012-12-02]
CHR Extension: (iCloud Bookmarks) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0 [2013-12-10]
CHR Extension: (The Camelizer - Amazon Price Tracker) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0 [2013-12-16]
CHR Extension: (IDM Integration Module) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.8_0 [2014-01-09]
CHR Extension: (Into The Mist) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh\1_0 [2012-11-20]
CHR Extension: (Norton Identity Protection) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0 [2013-12-10]
CHR Extension: (Range Rover Evoque | SUV | Land Rover UK) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbihhjgpobhhbidhlfkclkjllkgoicbj\2012.7.6.45832_0 [2012-07-06]
CHR Extension: (Google Wallet) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-08]
CHR Extension: (My Chrome Theme) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0 [2013-02-01]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - [2013-12-10]
CHR StartMenuInternet: Google Chrome - C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
R3 Cherry Device Interface; C:\Program Files\Cherry\CDI\cdi.exe [577582 2010-08-25] (ZF Electronics GmbH)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] ()
S4 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2013-10-18] (Microsoft Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] ()
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [186760 2013-01-30] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [66560 2013-10-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [356864 2010-09-27] (SafeNet Inc.)
R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [15528 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [104512 2009-11-04] (SlySoft, Inc.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11448 2009-07-06] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW83.sys [86624 2013-04-23] (Advanced Micro Devices)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE06000.01B\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-01-07] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [25768 2009-09-26] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140113.001\IDSvix86.sys [394456 2013-12-13] (Symantec Corporation)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-11] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [131072 2013-10-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [16256 2013-05-17] ()
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140114.002\NAVENG.SYS [93272 2014-01-07] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140114.002\NAVEX15.SYS [1612376 2014-01-07] (Symantec Corporation)
R3 pepifilter; C:\Windows\system32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\Windows\system32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2013-10-21] ()
R1 SRTSP; C:\Windows\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NIS\1501000.012\SYMELAM.SYS [21520 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-11-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NIS\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation)
R3 VIAHdAudAddService; C:\Windows\system32\drivers\viahduaa.sys [1810032 2011-07-12] (VIA Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
S3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
U3 idsvc;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-14 20:37 - 2014-01-14 20:37 - 00027629 _____ C:\Users\Scott\Desktop\FRST.txt
2014-01-14 20:37 - 2014-01-14 20:37 - 00000000 ____D C:\Users\Scott\Desktop\FRST-OlderVersion
2014-01-14 20:36 - 2014-01-14 20:36 - 01220608 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-01-14 20:35 - 2014-01-14 20:35 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-01-14 20:28 - 2014-01-14 20:28 - 00000000 ____D C:\_OTL
2014-01-14 20:27 - 2014-01-14 20:27 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Desktop\OTL.exe
2014-01-14 07:31 - 2014-01-14 07:31 - 01607032 _____ (Microsoft Corporation) C:\Users\Scott\Downloads\MGADiag.exe
2014-01-13 21:03 - 2014-01-13 21:03 - 00001802 _____ C:\Users\Scott\Desktop\WVCheck_2103_13-01-2014.txt
2014-01-13 20:45 - 2014-01-13 20:45 - 01528184 _____ (Microsoft Corporation) C:\Users\Scott\Desktop\GenuineCheck.exe
2014-01-13 20:39 - 2014-01-13 20:39 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2014-01-13 20:31 - 2014-01-14 20:37 - 01220608 _____ (Farbar) C:\Users\Scott\Desktop\FRST.exe
2014-01-13 20:27 - 2014-01-13 20:27 - 03514358 _____ C:\Users\Scott\Desktop\WVCheck.exe
2014-01-13 20:27 - 2014-01-13 20:27 - 00000133 _____ C:\Users\Scott\Downloads\fixlist.txt
2014-01-13 20:26 - 2014-01-13 20:26 - 02031992 _____ (Microsoft Corporation) C:\Users\Scott\Desktop\MGADiag.exe
2014-01-13 06:44 - 2014-01-13 07:08 - 00014848 _____ C:\Users\Scott\Documents\13.01.14.axe
2014-01-13 06:33 - 2014-01-14 20:37 - 00000000 ____D C:\FRST
2014-01-11 19:48 - 2014-01-11 19:49 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-09 18:22 - 2014-01-13 20:34 - 00000000 ____D C:\Users\Scott\AppData\Local\Adobe
2014-01-08 15:30 - 2014-01-08 16:35 - 00048128 _____ C:\Users\Scott\Documents\09.01.14.axe
2014-01-07 23:30 - 2014-01-12 21:22 - 00000000 ____D C:\Users\Scott\Desktop\Melia Sharm - Egypt 2013-14
2013-12-21 22:56 - 2013-12-21 22:56 - 00107256 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2013-12-21 21:32 - 2013-12-21 21:34 - 00000000 ____D C:\ProgramData\HitmanPro

==================== One Month Modified Files and Folders =======

2014-01-14 20:38 - 2014-01-14 20:37 - 00027629 _____ C:\Users\Scott\Desktop\FRST.txt
2014-01-14 20:37 - 2014-01-14 20:37 - 00000000 ____D C:\Users\Scott\Desktop\FRST-OlderVersion
2014-01-14 20:37 - 2014-01-13 20:31 - 01220608 _____ (Farbar) C:\Users\Scott\Desktop\FRST.exe
2014-01-14 20:37 - 2014-01-13 06:33 - 00000000 ____D C:\FRST
2014-01-14 20:36 - 2014-01-14 20:36 - 01220608 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-01-14 20:35 - 2014-01-14 20:35 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-01-14 20:35 - 2011-06-16 21:22 - 00000000 ___RD C:\Users\Scott\Desktop\Dropbox
2014-01-14 20:35 - 2011-06-16 21:11 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Dropbox
2014-01-14 20:34 - 2013-11-17 11:35 - 00000000 __RDO C:\Users\Scott\SkyDrive
2014-01-14 20:34 - 2013-10-18 17:41 - 02025307 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-14 20:34 - 2013-08-22 07:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-14 20:34 - 2013-04-30 21:32 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 20:34 - 2013-01-09 16:18 - 00904196 _____ C:\WINDOWS\system32\oodbs.lor
2014-01-14 20:34 - 2010-12-27 08:58 - 00000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
2014-01-14 20:32 - 2013-08-22 06:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-14 20:28 - 2014-01-14 20:28 - 00000000 ____D C:\_OTL
2014-01-14 20:27 - 2014-01-14 20:27 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Desktop\OTL.exe
2014-01-14 20:04 - 2013-04-30 21:32 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 20:02 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-14 19:48 - 2011-07-06 18:54 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000UA.job
2014-01-14 07:31 - 2014-01-14 07:31 - 01607032 _____ (Microsoft Corporation) C:\Users\Scott\Downloads\MGADiag.exe
2014-01-14 06:35 - 2013-04-10 20:41 - 00000000 ____D C:\Users\Scott\Desktop\DAILY ROUTES
2014-01-14 06:24 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-13 21:49 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-13 21:34 - 2013-09-29 19:58 - 01264934 _____ C:\WINDOWS\PFRO.log
2014-01-13 21:03 - 2014-01-13 21:03 - 00001802 _____ C:\Users\Scott\Desktop\WVCheck_2103_13-01-2014.txt
2014-01-13 20:57 - 2013-10-10 14:43 - 00000000 ____D C:\Program Files\Britannica 13.0
2014-01-13 20:54 - 2010-12-23 15:13 - 00000000 ____D C:\Users\Scott\AppData\Roaming\DMCache
2014-01-13 20:48 - 2011-07-06 18:53 - 00000856 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1423471140-3236196863-1363927929-1000Core.job
2014-01-13 20:48 - 2011-04-26 09:40 - 00000000 ____D C:\Program Files\Handbrake
2014-01-13 20:45 - 2014-01-13 20:45 - 01528184 _____ (Microsoft Corporation) C:\Users\Scott\Desktop\GenuineCheck.exe
2014-01-13 20:39 - 2014-01-13 20:39 - 00000000 ____D C:\ProgramData\Office Genuine Advantage
2014-01-13 20:36 - 2012-06-02 14:53 - 00000000 ____D C:\Program Files\Adobe Download Assistant
2014-01-13 20:36 - 2010-12-23 16:21 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2014-01-13 20:34 - 2014-01-09 18:22 - 00000000 ____D C:\Users\Scott\AppData\Local\Adobe
2014-01-13 20:34 - 2010-12-23 16:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-13 20:33 - 2010-12-23 16:21 - 00000000 ____D C:\Program Files\Adobe
2014-01-13 20:32 - 2011-01-14 20:33 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2014-01-13 20:30 - 2010-12-23 16:24 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-13 20:28 - 2010-12-23 16:21 - 00000000 ____D C:\ProgramData\Adobe
2014-01-13 20:27 - 2014-01-13 20:27 - 03514358 _____ C:\Users\Scott\Desktop\WVCheck.exe
2014-01-13 20:27 - 2014-01-13 20:27 - 00000133 _____ C:\Users\Scott\Downloads\fixlist.txt
2014-01-13 20:26 - 2014-01-13 20:26 - 02031992 _____ (Microsoft Corporation) C:\Users\Scott\Desktop\MGADiag.exe
2014-01-13 20:20 - 2013-08-22 07:22 - 05988632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-13 14:17 - 2013-07-12 20:39 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Adobe
2014-01-13 13:55 - 2011-05-04 18:32 - 00000000 ____D C:\Users\Scott\Documents\Outlook Files
2014-01-13 13:44 - 2013-04-02 19:11 - 01096187 _____ C:\Users\Scott\Desktop\Apr2014 Instructions by Agent.xlsx
2014-01-13 07:08 - 2014-01-13 06:44 - 00014848 _____ C:\Users\Scott\Documents\13.01.14.axe
2014-01-12 21:36 - 2010-12-23 15:00 - 00000000 ____D C:\Users\Scott\AppData\Roaming\uTorrent
2014-01-12 21:22 - 2014-01-07 23:30 - 00000000 ____D C:\Users\Scott\Desktop\Melia Sharm - Egypt 2013-14
2014-01-12 20:11 - 2010-12-23 06:04 - 00000000 ____D C:\Users\Scott\AppData\Local\VirtualStore
2014-01-11 19:49 - 2014-01-11 19:48 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-11 19:46 - 2013-09-12 14:07 - 00000000 ____D C:\AdwCleaner
2014-01-10 06:46 - 2011-06-16 21:14 - 00000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 06:30 - 2013-09-30 04:06 - 00976620 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-08 17:20 - 2012-12-14 12:30 - 00000000 ____D C:\Users\Scott\Desktop\New folder
2014-01-08 16:35 - 2014-01-08 15:30 - 00048128 _____ C:\Users\Scott\Documents\09.01.14.axe
2014-01-08 13:06 - 2013-10-12 16:20 - 00000000 ____D C:\Users\Scott\AppData\Roaming\.minecraft
2014-01-08 00:05 - 2013-08-22 08:17 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-07 23:28 - 2013-08-22 06:13 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-21 22:56 - 2013-12-21 22:56 - 00107256 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2013-12-21 21:34 - 2013-12-21 21:32 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-21 21:32 - 2013-08-07 11:02 - 09452704 _____ (SurfRight B.V.) C:\Users\Scott\AppData\Roaming\HitmanPro.exe
2013-12-17 16:08 - 2013-04-30 21:32 - 00000000 ____D C:\Program Files\Google
2013-12-15 10:01 - 2013-10-18 17:40 - 00000000 ____D C:\Users\Scott

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2013-11-16 11:13] - [2013-10-22 06:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 21:47

==================== End Of Log ============================

Have just installed flash player and it says installation complete but not 100% sure how to test it!!
  • 0

#14
battison10

battison10

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
Just found out how to test it and yes it is working fine :)
  • 0

#15
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,990 posts
Sounds good. :thumbsup:

One final check and after that, all going well, we will remove the tools we have been using and you will be finished here.

Now

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP