Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unknown issue but laptop is off it's mark.

Started by Triskelion , Jun 24 2014 09:14 AM

  • Please log in to reply

#31
zep516
Posted 21 July 2014 - 04:26 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic

  • 0

Advertisements

#32
Triskelion
Posted 21 July 2014 - 05:55 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Thanks Joe

 

HijackThis Report:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:54:47 PM, on 2014-07-21
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)

FIREFOX: 30.0 (en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Users\Calgary\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ÿþ
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe
O4 - HKLM\..\Run: [TelusSecurityAdvisor] "C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [DSFMAJAutoService] C:\Desjardins\Accueil\DesjardinsMajAutoFusion.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Calgary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DiamondView] "C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FA631E094BF4279435CE920E853E56FF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://www.avdlext.com/dwa7W.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Unknown owner - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem9.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: TELUS security advisor Service (ServicepointService8) - Radialpoint SafeCare Inc. - C:\Program Files (x86)\Telus\security advisor\5.5.12.650\Telus_ServicepointService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: TELUS security services Desktop Update Service (UPDATESRV) - TELUS security services - C:\Program Files\TELUS security services\TELUS security services\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: TELUS security services Virus Shield (VSSERV) - TELUS security services - C:\Program Files\TELUS security services\TELUS security services\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12860 bytes
 


  • 0

#33
zep516
Posted 21 July 2014 - 06:18 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

This is an optional fix, we are stopping the programs from starting when you boot windows, we are not removing anything. If you need/ want a program to start up don't place a check in it.



Close all browser windows

This time do a Systen scan only.
Place a check mark in the following entries All the programs are starting up when you boot windows

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Calgary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DiamondView] "C:\Program Files (x86)\Manulife Financial\Diamond View\Diamondview.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_FA631E094BF4279435CE920E853E56FF] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Dropbox.lnk = Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: vpngui.exe.lnk = ?

1-Click Fix checked
2-Close Hijackthis
3-Reboot

Thanks
Joe :)
  • 0

#34
Triskelion
Posted 21 July 2014 - 06:36 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Done


  • 0

#35
zep516
Posted 21 July 2014 - 06:41 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Let it run for a day, I'll review the logs again and see what other ideas we can go after. Then we will clean up, Ill give instruction for that.

Thanks
Joe :)
  • 0

#36
zep516
Posted 23 July 2014 - 08:27 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
That's the best I can do. How are things ?

Joe
  • 0

#37
Triskelion
Posted 24 July 2014 - 09:42 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Sounds good Joe.. Should we run maybe one more OTL and see if there is anything lingering?


  • 0

#38
zep516
Posted 24 July 2014 - 03:49 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Certainly post a fresh OTL

Thanks
Joe :)
  • 0

#39
Triskelion
Posted 24 July 2014 - 08:23 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Thanks again Joe!

 

OTL logfile created on: 2014-07-24 8:10:36 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Calgary\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
 
7.19 Gb Total Physical Memory | 2.83 Gb Available Physical Memory | 39.30% Memory free
9.32 Gb Paging File | 3.51 Gb Available in Paging File | 37.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903.81 Gb Total Space | 840.24 Gb Free Space | 92.97% Space Free | Partition Type: NTFS
Drive D: | 26.59 Gb Total Space | 2.64 Gb Free Space | 9.91% Space Free | Partition Type: NTFS
 
Computer Name: CALGARYSHEPARD | User Name: Calgary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-07-21 15:02:50 | 035,464,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014-07-15 03:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014-07-08 21:03:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
PRC - [2014-06-23 11:58:09 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-06-10 02:39:39 | 018,938,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
PRC - [2014-06-03 02:42:06 | 000,079,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
PRC - [2014-04-14 14:30:02 | 007,157,824 | ---- | M] (Foxit Corporation) -- C:\Users\Calgary\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
PRC - [2014-03-26 15:35:26 | 000,469,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2014-03-07 02:02:08 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2014-01-27 19:15:18 | 000,227,904 | ---- | M] (WildTangent) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
PRC - [2013-08-21 22:17:05 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2013-08-05 01:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012-11-05 17:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2012-11-02 15:00:44 | 013,836,984 | ---- | M] (Telus) -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe
PRC - [2012-11-02 14:58:32 | 012,575,752 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\Telus_ServicepointService.exe
PRC - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007-11-20 20:11:05 | 003,289,088 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-07-24 14:32:47 | 000,043,008 | ---- | M] () -- c:\users\calgary\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpblwmd2.dll
MOD - [2014-07-21 14:53:38 | 003,610,624 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014-07-15 03:24:48 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
MOD - [2014-07-15 03:24:46 | 014,664,008 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
MOD - [2014-07-15 03:24:44 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
MOD - [2014-07-15 03:24:38 | 000,718,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
MOD - [2014-07-15 03:24:36 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
MOD - [2014-07-15 03:24:35 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
MOD - [2014-06-23 11:58:07 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-06-17 08:54:54 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
MOD - [2014-06-17 08:51:16 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014-06-03 02:41:54 | 001,032,360 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\ADDINS\umoutlookaddin.dll
MOD - [2014-05-23 10:30:24 | 000,321,704 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\msfad.dll
MOD - [2014-05-20 04:11:16 | 008,892,072 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll
MOD - [2013-10-18 17:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013-08-05 16:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013-08-05 01:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012-05-22 16:57:24 | 020,758,016 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libcef.dll
MOD - [2012-05-22 16:57:24 | 001,094,158 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avcodec-53.dll
MOD - [2012-05-22 16:57:24 | 000,622,080 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libGLESv2.dll
MOD - [2012-05-22 16:57:24 | 000,183,822 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avformat-53.dll
MOD - [2012-05-22 16:57:24 | 000,117,262 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\avutil-51.dll
MOD - [2012-05-22 16:57:24 | 000,111,616 | ---- | M] () -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\libEGL.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-06-19 03:56:34 | 002,356,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014-04-06 05:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014-04-02 20:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014-03-23 20:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014-03-23 20:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014-03-14 00:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014-03-07 23:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014-03-06 01:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014-02-22 09:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014-02-22 03:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014-02-22 03:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014-02-22 03:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014-02-22 03:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014-02-22 03:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014-02-06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-01-08 23:39:39 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013-12-13 11:23:32 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013-12-10 01:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013-11-22 22:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013-10-09 16:52:30 | 001,645,256 | ---- | M] (TELUS security services) [Auto | Running] -- C:\Program Files\TELUS security services\TELUS security services\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013-10-09 16:52:30 | 000,069,392 | ---- | M] (TELUS security services) [Disabled | Stopped] -- C:\Program Files\TELUS security services\TELUS security services\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2013-10-09 16:52:30 | 000,067,320 | ---- | M] (TELUS security services) [Auto | Running] -- C:\Program Files\TELUS security services\TELUS security services\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013-08-22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013-08-22 05:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013-08-22 05:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013-08-22 05:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013-08-22 05:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013-08-22 05:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013-08-22 04:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013-08-22 04:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013-08-22 04:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013-08-22 03:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013-08-22 03:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013-08-22 03:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013-08-22 03:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013-08-22 03:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013-08-22 03:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013-08-22 03:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013-08-22 03:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013-03-01 16:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2013-02-26 01:31:30 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013-02-19 23:10:00 | 000,239,176 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV:64bit: - [2009-11-17 20:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014-07-08 10:34:30 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-23 11:58:08 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-03-26 15:35:26 | 000,469,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2014-03-14 00:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014-01-27 19:15:18 | 000,227,904 | ---- | M] (WildTangent) [Auto | Running] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014-01-08 23:39:40 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2014-01-08 23:39:39 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2014-01-08 23:39:38 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013-08-22 06:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013-08-21 21:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013-08-21 20:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012-11-02 14:58:32 | 012,575,752 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files (x86)\Telus\security advisor\5.5.12.650\Telus_ServicepointService.exe -- (ServicepointService8)
SRV - [2012-09-27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010-10-12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014-05-01 07:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014-04-01 00:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014-03-29 14:18:04 | 002,510,536 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2014-03-23 20:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014-03-23 20:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014-03-23 20:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014-03-19 21:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014-03-13 06:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014-03-08 14:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014-03-08 14:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014-02-22 10:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014-02-22 09:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014-02-22 09:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014-02-22 09:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014-02-22 09:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014-02-22 09:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014-02-22 06:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014-02-11 19:00:15 | 000,290,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2014-02-11 18:57:31 | 000,830,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014-01-27 21:58:37 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2014-01-08 23:42:43 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014-01-08 23:42:43 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014-01-08 23:42:43 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013-12-13 11:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013-12-13 11:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013-12-04 12:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013-12-02 10:42:14 | 001,204,424 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2013-11-14 01:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013-11-14 01:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013-11-14 01:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013-11-14 01:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013-09-08 21:04:56 | 000,023,568 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bdelam.sys -- (bdelam)
DRV:64bit: - [2013-08-23 14:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013-08-22 07:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013-08-22 07:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013-08-22 06:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013-08-22 06:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013-08-22 06:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013-08-22 06:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013-08-22 06:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013-08-22 06:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013-08-22 06:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013-08-22 06:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013-08-22 06:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013-08-22 06:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013-08-22 06:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013-08-22 06:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013-08-22 06:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013-08-22 06:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013-08-22 06:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013-08-22 06:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013-08-22 06:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013-08-22 06:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013-08-22 06:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013-08-22 06:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013-08-22 06:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013-08-22 06:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013-08-22 06:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013-08-22 06:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013-08-22 06:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013-08-22 06:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013-08-22 06:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013-08-22 05:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013-08-22 05:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013-08-22 05:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013-08-22 05:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013-08-22 05:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013-08-22 05:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013-08-22 05:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013-08-22 05:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013-08-22 05:38:30 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthA2DP.sys -- (BthA2DP)
DRV:64bit: - [2013-08-22 05:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013-08-22 05:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013-08-22 05:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013-08-22 05:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013-08-22 05:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013-08-22 05:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013-08-22 05:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013-08-22 05:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013-08-22 05:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013-08-22 05:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013-08-22 05:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013-08-22 05:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013-08-22 05:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013-08-22 05:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013-08-22 05:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013-08-22 02:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013-08-12 17:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013-08-09 18:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013-08-07 14:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013-07-30 12:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013-07-29 17:45:27 | 000,107,008 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\TELUS security services\TELUS security services Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2013-07-25 13:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013-07-24 19:19:21 | 000,098,768 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\TELUS security services\TELUS security services Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2013-07-23 17:50:57 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013-07-19 19:08:08 | 000,601,360 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013-07-19 19:04:54 | 000,727,592 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013-03-18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013-03-05 13:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013-03-01 16:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2013-03-01 16:40:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2013-02-14 21:41:14 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013-02-05 22:54:18 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013-02-05 22:54:16 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013-02-05 22:54:16 | 000,028,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012-11-30 03:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012-11-30 03:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012-08-31 10:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012-08-28 09:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-04-09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2011-03-04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010-02-08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2008-11-16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{3BABA3F4-18AB-461F-BDCB-030F621C999E}: "URL" = http://www.amazon.ca...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{053A6642-1AB0-40ED-A2A6-4ECC2A1A76A3}: "URL" = http://search.yahoo....petb&type=10803
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...0TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{6566C40D-EF72-4B49-B3AC-7E936B478530}: "URL" = http://search.findwi...k={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...56705-11896-0/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: trustmyweb.addons.firefox%40hotmail.com:1.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA_8,version=1: C:\Program Files (x86)\Telus\security advisor\5.5.12.650\nprpspa.dll (Telus)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA_8,version=1: C:\Program Files (x86)\Telus\security advisor\5.5.12.650\nprpspa.dll (Telus)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Calgary\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Calgary\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Calgary\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Calgary\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Calgary\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\hp.com/HPDetect: C:\Users\Calgary\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\TELUS SECURITY SERVICES\TELUS SECURITY SERVICES\BDTBEXT [2013-10-10 15:28:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\TELUS security services\TELUS security services\bdtbext [2013-10-10 15:28:31 | 000,000,000 | ---D | M]
 
[2014-06-10 09:50:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\Extensions
[2014-07-16 22:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\Firefox\Profiles\swkfz2xp.default\extensions
[2014-07-09 14:09:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Calgary\AppData\Roaming\mozilla\Firefox\Profiles\swkfz2xp.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014-07-09 14:09:19 | 000,022,470 | ---- | M] () (No name found) -- C:\Users\Calgary\AppData\Roaming\mozilla\firefox\profiles\swkfz2xp.default\extensions\[email protected]
[2014-04-30 11:12:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014-06-23 11:58:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.ca/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: WOT = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.15_0\
CHR - Extension: WOT = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.16_0\
CHR - Extension: YouTube = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IE Tab Multi (Enhance) = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnfnbeppfinmnjnjhedifcfllpcfgeea\1.0.2.1_0\
CHR - Extension: Hola Better Internet = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.3.883_0\
CHR - Extension: Hola Better Internet = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.4.165_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.8.3.1_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.8.3_0\
CHR - Extension: TweetDeck by Twitter = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.8.4_0\
CHR - Extension: Favicon Changer = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\1.0.3_0\
CHR - Extension: Boomerang for Gmail = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll\1.2.4_0\
CHR - Extension: Hangouts = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.710.434.3_0\
CHR - Extension: Google Wallet = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: video2mp3 = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\oljlcbniifdjapjocdfamhlnmpkojdkm\1.0.4_1\
CHR - Extension: OneClick Cleaner for Chrome = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh\0.9.0.9_0\
CHR - Extension: Gmail = C:\Users\Calgary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014-07-08 19:39:10 | 000,000,002 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\TELUS security services\TELUS security services\bdagent.exe (TELUS security services)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [DSFMAJAutoService] C:\Desjardins\Accueil\DesjardinsMajAutoFusion.exe (DJSFC)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TelusSecurityAdvisor] C:\Program Files (x86)\Telus\security advisor\5.5.12.650\TelusSecurityAdvisor.exe (Telus)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_FA631E094BF4279435CE920E853E56FF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Calgary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://www.avdlext.com/dwa7W.cab (Domino Web Access 7 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 75.153.176.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23BBA13D-658C-4B98-90BC-CE58CAD114D1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{905D83DC-1F93-46CB-BF84-5CEA204B8E3F}: DhcpNameServer = 192.168.1.254 75.153.176.9
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-07-21 18:31:16 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\backups
[2014-07-21 17:48:25 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Calgary\Desktop\HijackThis.exe
[2014-07-20 21:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014-07-20 21:03:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014-07-20 21:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014-07-20 21:03:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014-07-20 21:03:20 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014-07-20 21:00:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014-07-18 01:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
[2014-07-18 01:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2014-07-16 11:17:12 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\IE Tab
[2014-07-13 22:04:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\CompatTel
[2014-07-12 23:37:04 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\ElevatedDiagnostics
[2014-07-08 21:03:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
[2014-07-08 19:31:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-07-08 13:54:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014-07-08 13:32:56 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014-07-08 13:32:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014-07-08 13:29:41 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Calgary\Desktop\JRT.exe
[2014-07-02 20:53:30 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\DFS
[2014-07-02 20:49:58 | 000,000,000 | ---D | C] -- C:\Users\Calgary\Desktop\ISI
[2014-06-29 22:29:22 | 000,000,000 | ---D | C] -- C:\Users\Calgary\AppData\Local\Foxit PhantomPDF
 
========== Files - Modified Within 30 Days ==========
 
[2014-07-24 20:18:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002UA1cf8fe8c3cd5081.job
[2014-07-24 20:12:03 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002UA.job
[2014-07-24 19:54:00 | 000,000,604 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-3432463877-1759428120-2468046901-1002.job
[2014-07-24 19:48:11 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014-07-24 19:48:01 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014-07-24 19:33:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014-07-24 18:47:23 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-07-24 14:33:00 | 000,001,115 | ---- | M] () -- C:\Users\Calgary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014-07-24 14:32:32 | 000,001,087 | ---- | M] () -- C:\Users\Calgary\Desktop\Dropbox.lnk
[2014-07-24 14:18:00 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002Core1cf8fe8bfefb087.job
[2014-07-24 10:12:46 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3432463877-1759428120-2468046901-1002Core.job
[2014-07-23 15:05:41 | 000,026,467 | ---- | M] () -- C:\Users\Calgary\Desktop\Redistribution remittance slips - FINAL - refounding-2.pdf
[2014-07-22 11:47:49 | 000,800,408 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014-07-22 11:47:48 | 000,956,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014-07-22 11:47:48 | 000,165,436 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014-07-22 11:36:12 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForCalgary.job
[2014-07-21 17:52:30 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Calgary\Desktop\HijackThis.exe
[2014-07-20 13:40:12 | 000,000,083 | ---- | M] () -- C:\WINDOWS\SysNative\checkdnsid.xml
[2014-07-18 01:14:57 | 000,001,854 | ---- | M] () -- C:\Users\Calgary\Desktop\Foxit PhantomPDF.exe - Shortcut.lnk
[2014-07-18 00:33:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014-07-18 00:33:24 | 1884,295,167 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-16 22:01:14 | 000,746,450 | ---- | M] () -- C:\Users\Calgary\Desktop\Cam Davies Endorsement.pdf
[2014-07-15 17:49:30 | 000,190,968 | ---- | M] () -- C:\Users\Calgary\Desktop\but60Rc.jpg
[2014-07-15 11:17:15 | 000,009,857 | ---- | M] () -- C:\Users\Calgary\Desktop\Obrien Ribbon.jpg
[2014-07-13 22:08:55 | 000,489,896 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014-07-11 10:57:11 | 000,276,732 | ---- | M] () -- C:\Users\Calgary\Desktop\SupplementaryVerificationOfIdentityForm.pdf
[2014-07-08 21:03:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Calgary\Desktop\OTL.exe
[2014-07-08 19:39:10 | 000,000,002 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2014-07-08 13:29:50 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Calgary\Desktop\JRT.exe
[2014-07-08 13:26:19 | 001,346,519 | ---- | M] () -- C:\Users\Calgary\Desktop\adwcleaner_3.214.exe
[2014-07-08 10:09:56 | 001,180,255 | ---- | M] () -- C:\Users\Calgary\Desktop\CDN - Complete Mapped Application  - Calgary Shepard Conservative Association.pdf
[2014-06-25 18:00:59 | 000,286,551 | ---- | M] () -- C:\Users\Calgary\Desktop\Shane005.pdf
[2014-06-25 17:59:20 | 000,289,898 | ---- | M] () -- C:\Users\Calgary\Desktop\Richard004.pdf
[2014-06-25 17:57:03 | 000,264,752 | ---- | M] () -- C:\Users\Calgary\Desktop\Evangeline003.pdf
 
========== Files Created - No Company Name ==========
 
[2014-07-23 15:05:40 | 000,026,467 | ---- | C] () -- C:\Users\Calgary\Desktop\Redistribution remittance slips - FINAL - refounding-2.pdf
[2014-07-20 13:40:12 | 000,000,083 | ---- | C] () -- C:\WINDOWS\SysNative\checkdnsid.xml
[2014-07-18 01:14:57 | 000,001,854 | ---- | C] () -- C:\Users\Calgary\Desktop\Foxit PhantomPDF.exe - Shortcut.lnk
[2014-07-16 22:01:12 | 000,746,450 | ---- | C] () -- C:\Users\Calgary\Desktop\Cam Davies Endorsement.pdf
[2014-07-15 17:49:30 | 000,190,968 | ---- | C] () -- C:\Users\Calgary\Desktop\but60Rc.jpg
[2014-07-15 11:17:15 | 000,009,857 | ---- | C] () -- C:\Users\Calgary\Desktop\Obrien Ribbon.jpg
[2014-07-12 23:37:07 | 000,000,370 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForCalgary.job
[2014-07-10 13:28:22 | 000,276,732 | ---- | C] () -- C:\Users\Calgary\Desktop\SupplementaryVerificationOfIdentityForm.pdf
[2014-07-08 13:26:08 | 001,346,519 | ---- | C] () -- C:\Users\Calgary\Desktop\adwcleaner_3.214.exe
[2014-07-08 10:09:56 | 001,180,255 | ---- | C] () -- C:\Users\Calgary\Desktop\CDN - Complete Mapped Application  - Calgary Shepard Conservative Association.pdf
[2014-06-25 18:00:58 | 000,286,551 | ---- | C] () -- C:\Users\Calgary\Desktop\Shane005.pdf
[2014-06-25 17:59:20 | 000,289,898 | ---- | C] () -- C:\Users\Calgary\Desktop\Richard004.pdf
[2014-06-25 17:57:03 | 000,264,752 | ---- | C] () -- C:\Users\Calgary\Desktop\Evangeline003.pdf
[2014-06-23 11:58:10 | 000,000,030 | ---- | C] () -- C:\WINDOWS\MaritimeLife.ini
[2014-06-17 14:35:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iireport53.INI
[2014-06-17 14:33:55 | 000,149,504 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2014-06-17 14:33:55 | 000,000,156 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2014-06-17 14:33:36 | 000,010,912 | ---- | C] () -- C:\WINDOWS\SHARE.EXE
[2014-06-17 14:33:21 | 000,022,776 | ---- | C] () -- C:\WINDOWS\SysWow64\FDPTOOLS.DLL
[2014-06-17 14:33:21 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Implode.dll
[2014-06-17 14:33:20 | 000,000,097 | ---- | C] () -- C:\WINDOWS\fdpxld.ini
[2014-06-17 14:33:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\IIREPO~1.INI
[2014-06-17 14:32:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\efgtemp.ini
[2014-06-17 12:30:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\MLI.INI
[2014-05-21 09:22:18 | 000,002,491 | ---- | C] () -- C:\ProgramData\regid.2012-05.ca.repsource_EC596C15-1BA5-4A0F-8804-4CC5BB52F1EE.swidtag
[2014-04-15 20:46:44 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014-03-17 16:41:59 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014-03-03 20:46:15 | 002,436,794 | ---- | C] () -- C:\ProgramData\1393900866.bdinstall.bin
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresfr.dll
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsreses.dll
[2014-02-24 09:05:32 | 000,065,928 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresde.dll
[2014-02-24 09:05:32 | 000,056,200 | ---- | C] () -- C:\WINDOWS\SysWow64\bgsresen.dll
[2014-01-08 22:50:48 | 000,930,400 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014-01-08 22:47:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013-12-13 11:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013-12-13 11:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013-12-13 11:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013-12-13 11:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013-12-13 11:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013-12-13 11:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013-10-07 20:40:42 | 000,369,624 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\FW7650.bin
[2013-10-07 20:40:42 | 000,000,313 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCheckBTDev.ini
[2013-08-22 09:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013-08-22 09:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013-08-22 08:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013-08-22 01:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013-08-21 21:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013-08-21 17:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013-08-21 17:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012-11-27 01:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012-07-25 14:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012-07-25 14:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012-07-25 14:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
 
========== ZeroAccess Check ==========
 
[2014-01-14 18:15:45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-04-06 10:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-04-06 09:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 03:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-21 20:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 03:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014-01-02 22:09:54 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014-04-24 19:01:04 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\CrystalIdea Software
[2014-07-24 14:33:19 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Dropbox
[2014-04-08 22:45:40 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\EPSON
[2014-06-10 09:57:49 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Foxit Software
[2014-02-18 16:31:45 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\HewlettPackard
[2014-01-02 23:37:11 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\PDAppFlex
[2014-03-03 20:41:45 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\QuickScan
[2014-06-17 13:35:05 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\RBC Illustrations
[2014-05-17 11:01:50 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\SketchUp
[2013-12-30 20:51:38 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Synaptics
[2014-03-03 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\Telus
[2014-03-03 20:44:44 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\TELUS security services
[2014-02-05 23:52:08 | 000,000,000 | ---D | M] -- C:\Users\Calgary\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Calgary\SkyDrive:ms-properties

< End of report >
 


  • 0

#40
zep516
Posted 25 July 2014 - 01:29 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello Log is clean.


Next

Since your log reports are clean and free of malware, lets clean up after ourselves.


OTL Clean-Up

Right click on the OTLicon.jpg icon on your desktop and choose Run as administrator to open the main window.

Next click on the CleanUpButtonOTL.jpg button.

Once clean up is complete you will be prompted to reboot your computer. Please do so.

This will remove most of the programs we have used including itself.


Next

Double-click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
Right click on the JRT Icon and select delete.
If there are any left over tools or logs on your computer please delete them now.


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here

Thanks
Joe :)
  • 0

Advertisements

#41
Triskelion
Posted 26 July 2014 - 02:04 AM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Cheers Joe..

 

Thanks a bunch


  • 0

#42
Triskelion
Posted 30 July 2014 - 03:25 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

Hey Joe.

 

Not sure what has happened but suddenly my Microsoft Office is not working.

When I open a file in Excel or Word, I keep getting the message...

 

"The operating system is not presently configured to run this application."


  • 0

#43
zep516
Posted 30 July 2014 - 04:00 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

What version of office is that ?
  • 0

#44
Triskelion
Posted 30 July 2014 - 05:28 PM

Triskelion

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 663 posts

2013


  • 0

#45
zep516
Posted 30 July 2014 - 05:37 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,

Try to do a repair of office 2013 as outlined Here.

Let us know.

Joe
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP